diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/__init__.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/__init__.py new file mode 100644 index 000000000000..59c5d0a0e375 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/__init__.py @@ -0,0 +1,18 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .security_insights import SecurityInsights +from .version import VERSION + +__all__ = ['SecurityInsights'] + +__version__ = VERSION + diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py new file mode 100644 index 000000000000..51418beb18fc --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py @@ -0,0 +1,369 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +try: + from .alerts_data_type_of_data_connector_alerts_py3 import AlertsDataTypeOfDataConnectorAlerts + from .alerts_data_type_of_data_connector_py3 import AlertsDataTypeOfDataConnector + from .aad_data_connector_py3 import AADDataConnector + from .aatp_data_connector_py3 import AATPDataConnector + from .asc_data_connector_py3 import ASCDataConnector + from .account_entity_py3 import AccountEntity + from .action_request_py3 import ActionRequest + from .action_response_py3 import ActionResponse + from .aggregations_py3 import Aggregations + from .aggregations_kind1_py3 import AggregationsKind1 + from .alert_rule_py3 import AlertRule + from .alert_rule_kind1_py3 import AlertRuleKind1 + from .alert_rule_template_py3 import AlertRuleTemplate + from .data_connector_status_py3 import DataConnectorStatus + from .alert_rule_template_properties_base_py3 import AlertRuleTemplatePropertiesBase + from .aws_cloud_trail_data_connector_data_types_logs_py3 import AwsCloudTrailDataConnectorDataTypesLogs + from .aws_cloud_trail_data_connector_data_types_py3 import AwsCloudTrailDataConnectorDataTypes + from .aws_cloud_trail_data_connector_py3 import AwsCloudTrailDataConnector + from .azure_resource_entity_py3 import AzureResourceEntity + from .relation_base_py3 import RelationBase + from .case_relation_py3 import CaseRelation + from .bookmark_relation_py3 import BookmarkRelation + from .relation_node_py3 import RelationNode + from .relations_model_input_py3 import RelationsModelInput + from .user_info_py3 import UserInfo + from .bookmark_py3 import Bookmark + from .case_py3 import Case + from .case_comment_py3 import CaseComment + from .cases_aggregation_by_severity_properties_py3 import CasesAggregationBySeverityProperties + from .cases_aggregation_by_status_properties_py3 import CasesAggregationByStatusProperties + from .cases_aggregation_py3 import CasesAggregation + from .cloud_application_entity_py3 import CloudApplicationEntity + from .data_connector_py3 import DataConnector + from .data_connector_data_type_common_py3 import DataConnectorDataTypeCommon + from .data_connector_kind1_py3 import DataConnectorKind1 + from .data_connector_tenant_id_py3 import DataConnectorTenantId + from .data_connector_with_alerts_properties_py3 import DataConnectorWithAlertsProperties + from .dns_entity_py3 import DnsEntity + from .entity_py3 import Entity + from .entity_common_properties_py3 import EntityCommonProperties + from .entity_expand_parameters_py3 import EntityExpandParameters + from .expansion_result_aggregation_py3 import ExpansionResultAggregation + from .expansion_results_metadata_py3 import ExpansionResultsMetadata + from .entity_expand_response_value_py3 import EntityExpandResponseValue + from .entity_expand_response_py3 import EntityExpandResponse + from .entity_kind1_py3 import EntityKind1 + from .entity_query_py3 import EntityQuery + from .file_entity_py3 import FileEntity + from .file_hash_entity_py3 import FileHashEntity + from .fusion_alert_rule_py3 import FusionAlertRule + from .fusion_alert_rule_template_py3 import FusionAlertRuleTemplate + from .geo_location_py3 import GeoLocation + from .host_entity_py3 import HostEntity + from .threat_intelligence_py3 import ThreatIntelligence + from .ip_entity_py3 import IpEntity + from .mcas_data_connector_data_types_discovery_logs_py3 import MCASDataConnectorDataTypesDiscoveryLogs + from .mcas_data_connector_data_types_py3 import MCASDataConnectorDataTypes + from .mcas_data_connector_py3 import MCASDataConnector + from .mdatp_data_connector_py3 import MDATPDataConnector + from .malware_entity_py3 import MalwareEntity + from .microsoft_security_incident_creation_alert_rule_py3 import MicrosoftSecurityIncidentCreationAlertRule + from .microsoft_security_incident_creation_alert_rule_common_properties_py3 import MicrosoftSecurityIncidentCreationAlertRuleCommonProperties + from .microsoft_security_incident_creation_alert_rule_template_py3 import MicrosoftSecurityIncidentCreationAlertRuleTemplate + from .office_consent_py3 import OfficeConsent + from .office_data_connector_data_types_exchange_py3 import OfficeDataConnectorDataTypesExchange + from .office_data_connector_data_types_share_point_py3 import OfficeDataConnectorDataTypesSharePoint + from .office_data_connector_data_types_py3 import OfficeDataConnectorDataTypes + from .office_data_connector_py3 import OfficeDataConnector + from .operation_display_py3 import OperationDisplay + from .operation_py3 import Operation + from .process_entity_py3 import ProcessEntity + from .registry_key_entity_py3 import RegistryKeyEntity + from .registry_value_entity_py3 import RegistryValueEntity + from .resource_py3 import Resource + from .resource_with_etag_py3 import ResourceWithEtag + from .scheduled_alert_rule_py3 import ScheduledAlertRule + from .scheduled_alert_rule_common_properties_py3 import ScheduledAlertRuleCommonProperties + from .scheduled_alert_rule_template_py3 import ScheduledAlertRuleTemplate + from .security_alert_properties_confidence_reasons_item_py3 import SecurityAlertPropertiesConfidenceReasonsItem + from .security_alert_py3 import SecurityAlert + from .security_group_entity_py3 import SecurityGroupEntity + from .settings_py3 import Settings + from .settings_kind_py3 import SettingsKind + from .ti_data_connector_data_types_indicators_py3 import TIDataConnectorDataTypesIndicators + from .ti_data_connector_data_types_py3 import TIDataConnectorDataTypes + from .ti_data_connector_py3 import TIDataConnector + from .toggle_settings_py3 import ToggleSettings + from .ueba_settings_py3 import UebaSettings + from .url_entity_py3 import UrlEntity +except (SyntaxError, ImportError): + from .alerts_data_type_of_data_connector_alerts import AlertsDataTypeOfDataConnectorAlerts + from .alerts_data_type_of_data_connector import AlertsDataTypeOfDataConnector + from .aad_data_connector import AADDataConnector + from .aatp_data_connector import AATPDataConnector + from .asc_data_connector import ASCDataConnector + from .account_entity import AccountEntity + from .action_request import ActionRequest + from .action_response import ActionResponse + from .aggregations import Aggregations + from .aggregations_kind1 import AggregationsKind1 + from .alert_rule import AlertRule + from .alert_rule_kind1 import AlertRuleKind1 + from .alert_rule_template import AlertRuleTemplate + from .data_connector_status import DataConnectorStatus + from .alert_rule_template_properties_base import AlertRuleTemplatePropertiesBase + from .aws_cloud_trail_data_connector_data_types_logs import AwsCloudTrailDataConnectorDataTypesLogs + from .aws_cloud_trail_data_connector_data_types import AwsCloudTrailDataConnectorDataTypes + from .aws_cloud_trail_data_connector import AwsCloudTrailDataConnector + from .azure_resource_entity import AzureResourceEntity + from .relation_base import RelationBase + from .case_relation import CaseRelation + from .bookmark_relation import BookmarkRelation + from .relation_node import RelationNode + from .relations_model_input import RelationsModelInput + from .user_info import UserInfo + from .bookmark import Bookmark + from .case import Case + from .case_comment import CaseComment + from .cases_aggregation_by_severity_properties import CasesAggregationBySeverityProperties + from .cases_aggregation_by_status_properties import CasesAggregationByStatusProperties + from .cases_aggregation import CasesAggregation + from .cloud_application_entity import CloudApplicationEntity + from .data_connector import DataConnector + from .data_connector_data_type_common import DataConnectorDataTypeCommon + from .data_connector_kind1 import DataConnectorKind1 + from .data_connector_tenant_id import DataConnectorTenantId + from .data_connector_with_alerts_properties import DataConnectorWithAlertsProperties + from .dns_entity import DnsEntity + from .entity import Entity + from .entity_common_properties import EntityCommonProperties + from .entity_expand_parameters import EntityExpandParameters + from .expansion_result_aggregation import ExpansionResultAggregation + from .expansion_results_metadata import ExpansionResultsMetadata + from .entity_expand_response_value import EntityExpandResponseValue + from .entity_expand_response import EntityExpandResponse + from .entity_kind1 import EntityKind1 + from .entity_query import EntityQuery + from .file_entity import FileEntity + from .file_hash_entity import FileHashEntity + from .fusion_alert_rule import FusionAlertRule + from .fusion_alert_rule_template import FusionAlertRuleTemplate + from .geo_location import GeoLocation + from .host_entity import HostEntity + from .threat_intelligence import ThreatIntelligence + from .ip_entity import IpEntity + from .mcas_data_connector_data_types_discovery_logs import MCASDataConnectorDataTypesDiscoveryLogs + from .mcas_data_connector_data_types import MCASDataConnectorDataTypes + from .mcas_data_connector import MCASDataConnector + from .mdatp_data_connector import MDATPDataConnector + from .malware_entity import MalwareEntity + from .microsoft_security_incident_creation_alert_rule import MicrosoftSecurityIncidentCreationAlertRule + from .microsoft_security_incident_creation_alert_rule_common_properties import MicrosoftSecurityIncidentCreationAlertRuleCommonProperties + from .microsoft_security_incident_creation_alert_rule_template import MicrosoftSecurityIncidentCreationAlertRuleTemplate + from .office_consent import OfficeConsent + from .office_data_connector_data_types_exchange import OfficeDataConnectorDataTypesExchange + from .office_data_connector_data_types_share_point import OfficeDataConnectorDataTypesSharePoint + from .office_data_connector_data_types import OfficeDataConnectorDataTypes + from .office_data_connector import OfficeDataConnector + from .operation_display import OperationDisplay + from .operation import Operation + from .process_entity import ProcessEntity + from .registry_key_entity import RegistryKeyEntity + from .registry_value_entity import RegistryValueEntity + from .resource import Resource + from .resource_with_etag import ResourceWithEtag + from .scheduled_alert_rule import ScheduledAlertRule + from .scheduled_alert_rule_common_properties import ScheduledAlertRuleCommonProperties + from .scheduled_alert_rule_template import ScheduledAlertRuleTemplate + from .security_alert_properties_confidence_reasons_item import SecurityAlertPropertiesConfidenceReasonsItem + from .security_alert import SecurityAlert + from .security_group_entity import SecurityGroupEntity + from .settings import Settings + from .settings_kind import SettingsKind + from .ti_data_connector_data_types_indicators import TIDataConnectorDataTypesIndicators + from .ti_data_connector_data_types import TIDataConnectorDataTypes + from .ti_data_connector import TIDataConnector + from .toggle_settings import ToggleSettings + from .ueba_settings import UebaSettings + from .url_entity import UrlEntity +from .operation_paged import OperationPaged +from .alert_rule_paged import AlertRulePaged +from .action_response_paged import ActionResponsePaged +from .alert_rule_template_paged import AlertRuleTemplatePaged +from .case_paged import CasePaged +from .case_comment_paged import CaseCommentPaged +from .bookmark_paged import BookmarkPaged +from .case_relation_paged import CaseRelationPaged +from .bookmark_relation_paged import BookmarkRelationPaged +from .data_connector_paged import DataConnectorPaged +from .entity_paged import EntityPaged +from .office_consent_paged import OfficeConsentPaged +from .entity_query_paged import EntityQueryPaged +from .security_insights_enums import ( + AggregationsKind, + AlertRuleKind, + DataTypeStatus, + TemplateStatus, + AttackTactic, + TriggerOperator, + AlertSeverity, + RelationTypes, + RelationNodeKind, + CloseReason, + CaseSeverity, + CaseStatus, + DataTypeState, + DataConnectorKind, + EntityKind, + EntityType, + FileHashAlgorithm, + OSFamily, + MicrosoftSecurityProductName, + ElevationToken, + RegistryHive, + RegistryValueKind, + ConfidenceLevel, + ConfidenceScoreStatus, + KillChainIntent, + AlertStatus, + SettingKind, + LicenseStatus, + StatusInMcas, +) + +__all__ = [ + 'AlertsDataTypeOfDataConnectorAlerts', + 'AlertsDataTypeOfDataConnector', + 'AADDataConnector', + 'AATPDataConnector', + 'ASCDataConnector', + 'AccountEntity', + 'ActionRequest', + 'ActionResponse', + 'Aggregations', + 'AggregationsKind1', + 'AlertRule', + 'AlertRuleKind1', + 'AlertRuleTemplate', + 'DataConnectorStatus', + 'AlertRuleTemplatePropertiesBase', + 'AwsCloudTrailDataConnectorDataTypesLogs', + 'AwsCloudTrailDataConnectorDataTypes', + 'AwsCloudTrailDataConnector', + 'AzureResourceEntity', + 'RelationBase', + 'CaseRelation', + 'BookmarkRelation', + 'RelationNode', + 'RelationsModelInput', + 'UserInfo', + 'Bookmark', + 'Case', + 'CaseComment', + 'CasesAggregationBySeverityProperties', + 'CasesAggregationByStatusProperties', + 'CasesAggregation', + 'CloudApplicationEntity', + 'DataConnector', + 'DataConnectorDataTypeCommon', + 'DataConnectorKind1', + 'DataConnectorTenantId', + 'DataConnectorWithAlertsProperties', + 'DnsEntity', + 'Entity', + 'EntityCommonProperties', + 'EntityExpandParameters', + 'ExpansionResultAggregation', + 'ExpansionResultsMetadata', + 'EntityExpandResponseValue', + 'EntityExpandResponse', + 'EntityKind1', + 'EntityQuery', + 'FileEntity', + 'FileHashEntity', + 'FusionAlertRule', + 'FusionAlertRuleTemplate', + 'GeoLocation', + 'HostEntity', + 'ThreatIntelligence', + 'IpEntity', + 'MCASDataConnectorDataTypesDiscoveryLogs', + 'MCASDataConnectorDataTypes', + 'MCASDataConnector', + 'MDATPDataConnector', + 'MalwareEntity', + 'MicrosoftSecurityIncidentCreationAlertRule', + 'MicrosoftSecurityIncidentCreationAlertRuleCommonProperties', + 'MicrosoftSecurityIncidentCreationAlertRuleTemplate', + 'OfficeConsent', + 'OfficeDataConnectorDataTypesExchange', + 'OfficeDataConnectorDataTypesSharePoint', + 'OfficeDataConnectorDataTypes', + 'OfficeDataConnector', + 'OperationDisplay', + 'Operation', + 'ProcessEntity', + 'RegistryKeyEntity', + 'RegistryValueEntity', + 'Resource', + 'ResourceWithEtag', + 'ScheduledAlertRule', + 'ScheduledAlertRuleCommonProperties', + 'ScheduledAlertRuleTemplate', + 'SecurityAlertPropertiesConfidenceReasonsItem', + 'SecurityAlert', + 'SecurityGroupEntity', + 'Settings', + 'SettingsKind', + 'TIDataConnectorDataTypesIndicators', + 'TIDataConnectorDataTypes', + 'TIDataConnector', + 'ToggleSettings', + 'UebaSettings', + 'UrlEntity', + 'OperationPaged', + 'AlertRulePaged', + 'ActionResponsePaged', + 'AlertRuleTemplatePaged', + 'CasePaged', + 'CaseCommentPaged', + 'BookmarkPaged', + 'CaseRelationPaged', + 'BookmarkRelationPaged', + 'DataConnectorPaged', + 'EntityPaged', + 'OfficeConsentPaged', + 'EntityQueryPaged', + 'AggregationsKind', + 'AlertRuleKind', + 'DataTypeStatus', + 'TemplateStatus', + 'AttackTactic', + 'TriggerOperator', + 'AlertSeverity', + 'RelationTypes', + 'RelationNodeKind', + 'CloseReason', + 'CaseSeverity', + 'CaseStatus', + 'DataTypeState', + 'DataConnectorKind', + 'EntityKind', + 'EntityType', + 'FileHashAlgorithm', + 'OSFamily', + 'MicrosoftSecurityProductName', + 'ElevationToken', + 'RegistryHive', + 'RegistryValueKind', + 'ConfidenceLevel', + 'ConfidenceScoreStatus', + 'KillChainIntent', + 'AlertStatus', + 'SettingKind', + 'LicenseStatus', + 'StatusInMcas', +] diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aad_data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aad_data_connector.py new file mode 100644 index 000000000000..ae814ea5ca08 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aad_data_connector.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector import DataConnector + + +class AADDataConnector(DataConnector): + """Represents AAD (Azure Active Directory) data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AlertsDataTypeOfDataConnector'}, + } + + def __init__(self, **kwargs): + super(AADDataConnector, self).__init__(**kwargs) + self.tenant_id = kwargs.get('tenant_id', None) + self.data_types = kwargs.get('data_types', None) + self.kind = 'AzureActiveDirectory' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aad_data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aad_data_connector_py3.py new file mode 100644 index 000000000000..3e6e6fbdbd5a --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aad_data_connector_py3.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_py3 import DataConnector + + +class AADDataConnector(DataConnector): + """Represents AAD (Azure Active Directory) data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AlertsDataTypeOfDataConnector'}, + } + + def __init__(self, *, etag: str=None, tenant_id: str=None, data_types=None, **kwargs) -> None: + super(AADDataConnector, self).__init__(etag=etag, **kwargs) + self.tenant_id = tenant_id + self.data_types = data_types + self.kind = 'AzureActiveDirectory' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aatp_data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aatp_data_connector.py new file mode 100644 index 000000000000..4b3fea5f2199 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aatp_data_connector.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector import DataConnector + + +class AATPDataConnector(DataConnector): + """Represents AATP (Azure Advanced Threat Protection) data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AlertsDataTypeOfDataConnector'}, + } + + def __init__(self, **kwargs): + super(AATPDataConnector, self).__init__(**kwargs) + self.tenant_id = kwargs.get('tenant_id', None) + self.data_types = kwargs.get('data_types', None) + self.kind = 'AzureAdvancedThreatProtection' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aatp_data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aatp_data_connector_py3.py new file mode 100644 index 000000000000..7cacc566c796 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aatp_data_connector_py3.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_py3 import DataConnector + + +class AATPDataConnector(DataConnector): + """Represents AATP (Azure Advanced Threat Protection) data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AlertsDataTypeOfDataConnector'}, + } + + def __init__(self, *, etag: str=None, tenant_id: str=None, data_types=None, **kwargs) -> None: + super(AATPDataConnector, self).__init__(etag=etag, **kwargs) + self.tenant_id = tenant_id + self.data_types = data_types + self.kind = 'AzureAdvancedThreatProtection' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/account_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/account_entity.py new file mode 100644 index 000000000000..bcf081c29112 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/account_entity.py @@ -0,0 +1,123 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class AccountEntity(Entity): + """Represents an account entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar aad_tenant_id: The Azure Active Directory tenant id. + :vartype aad_tenant_id: str + :ivar aad_user_id: The Azure Active Directory user id. + :vartype aad_user_id: str + :ivar account_name: The name of the account. This field should hold only + the name without any domain added to it, i.e. administrator. + :vartype account_name: str + :ivar display_name: The display name of the account. + :vartype display_name: str + :ivar host_entity_id: The Host entity id that contains the account in case + it is a local account (not domain joined) + :vartype host_entity_id: str + :ivar is_domain_joined: Determines whether this is a domain account. + :vartype is_domain_joined: bool + :ivar nt_domain: The NetBIOS domain name as it appears in the alert format + – domain\\username. Examples: NT AUTHORITY. + :vartype nt_domain: str + :ivar object_guid: The objectGUID attribute is a single-value attribute + that is the unique identifier for the object, assigned by active + directory. + :vartype object_guid: str + :ivar puid: The Azure Active Directory Passport User ID. + :vartype puid: str + :ivar sid: The account security identifier, e.g. S-1-5-18. + :vartype sid: str + :ivar upn_suffix: The user principal name suffix for the account, in some + cases it is also the domain name. Examples: contoso.com. + :vartype upn_suffix: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'aad_tenant_id': {'readonly': True}, + 'aad_user_id': {'readonly': True}, + 'account_name': {'readonly': True}, + 'display_name': {'readonly': True}, + 'host_entity_id': {'readonly': True}, + 'is_domain_joined': {'readonly': True}, + 'nt_domain': {'readonly': True}, + 'object_guid': {'readonly': True}, + 'puid': {'readonly': True}, + 'sid': {'readonly': True}, + 'upn_suffix': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'aad_tenant_id': {'key': 'properties.aadTenantId', 'type': 'str'}, + 'aad_user_id': {'key': 'properties.aadUserId', 'type': 'str'}, + 'account_name': {'key': 'properties.accountName', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'host_entity_id': {'key': 'properties.hostEntityId', 'type': 'str'}, + 'is_domain_joined': {'key': 'properties.isDomainJoined', 'type': 'bool'}, + 'nt_domain': {'key': 'properties.ntDomain', 'type': 'str'}, + 'object_guid': {'key': 'properties.objectGuid', 'type': 'str'}, + 'puid': {'key': 'properties.puid', 'type': 'str'}, + 'sid': {'key': 'properties.sid', 'type': 'str'}, + 'upn_suffix': {'key': 'properties.upnSuffix', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AccountEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.aad_tenant_id = None + self.aad_user_id = None + self.account_name = None + self.display_name = None + self.host_entity_id = None + self.is_domain_joined = None + self.nt_domain = None + self.object_guid = None + self.puid = None + self.sid = None + self.upn_suffix = None + self.kind = 'Account' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/account_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/account_entity_py3.py new file mode 100644 index 000000000000..474677488b0c --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/account_entity_py3.py @@ -0,0 +1,123 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class AccountEntity(Entity): + """Represents an account entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar aad_tenant_id: The Azure Active Directory tenant id. + :vartype aad_tenant_id: str + :ivar aad_user_id: The Azure Active Directory user id. + :vartype aad_user_id: str + :ivar account_name: The name of the account. This field should hold only + the name without any domain added to it, i.e. administrator. + :vartype account_name: str + :ivar display_name: The display name of the account. + :vartype display_name: str + :ivar host_entity_id: The Host entity id that contains the account in case + it is a local account (not domain joined) + :vartype host_entity_id: str + :ivar is_domain_joined: Determines whether this is a domain account. + :vartype is_domain_joined: bool + :ivar nt_domain: The NetBIOS domain name as it appears in the alert format + – domain\\username. Examples: NT AUTHORITY. + :vartype nt_domain: str + :ivar object_guid: The objectGUID attribute is a single-value attribute + that is the unique identifier for the object, assigned by active + directory. + :vartype object_guid: str + :ivar puid: The Azure Active Directory Passport User ID. + :vartype puid: str + :ivar sid: The account security identifier, e.g. S-1-5-18. + :vartype sid: str + :ivar upn_suffix: The user principal name suffix for the account, in some + cases it is also the domain name. Examples: contoso.com. + :vartype upn_suffix: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'aad_tenant_id': {'readonly': True}, + 'aad_user_id': {'readonly': True}, + 'account_name': {'readonly': True}, + 'display_name': {'readonly': True}, + 'host_entity_id': {'readonly': True}, + 'is_domain_joined': {'readonly': True}, + 'nt_domain': {'readonly': True}, + 'object_guid': {'readonly': True}, + 'puid': {'readonly': True}, + 'sid': {'readonly': True}, + 'upn_suffix': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'aad_tenant_id': {'key': 'properties.aadTenantId', 'type': 'str'}, + 'aad_user_id': {'key': 'properties.aadUserId', 'type': 'str'}, + 'account_name': {'key': 'properties.accountName', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'host_entity_id': {'key': 'properties.hostEntityId', 'type': 'str'}, + 'is_domain_joined': {'key': 'properties.isDomainJoined', 'type': 'bool'}, + 'nt_domain': {'key': 'properties.ntDomain', 'type': 'str'}, + 'object_guid': {'key': 'properties.objectGuid', 'type': 'str'}, + 'puid': {'key': 'properties.puid', 'type': 'str'}, + 'sid': {'key': 'properties.sid', 'type': 'str'}, + 'upn_suffix': {'key': 'properties.upnSuffix', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(AccountEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.aad_tenant_id = None + self.aad_user_id = None + self.account_name = None + self.display_name = None + self.host_entity_id = None + self.is_domain_joined = None + self.nt_domain = None + self.object_guid = None + self.puid = None + self.sid = None + self.upn_suffix = None + self.kind = 'Account' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_request.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_request.py new file mode 100644 index 000000000000..d3fde90d37ec --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_request.py @@ -0,0 +1,49 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_with_etag import ResourceWithEtag + + +class ActionRequest(ResourceWithEtag): + """Action for alert rule. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param trigger_uri: Logic App Callback URL for this specific workflow. + :type trigger_uri: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'trigger_uri': {'key': 'properties.triggerUri', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ActionRequest, self).__init__(**kwargs) + self.trigger_uri = kwargs.get('trigger_uri', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_request_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_request_py3.py new file mode 100644 index 000000000000..36514032253e --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_request_py3.py @@ -0,0 +1,49 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_with_etag_py3 import ResourceWithEtag + + +class ActionRequest(ResourceWithEtag): + """Action for alert rule. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param trigger_uri: Logic App Callback URL for this specific workflow. + :type trigger_uri: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'trigger_uri': {'key': 'properties.triggerUri', 'type': 'str'}, + } + + def __init__(self, *, etag: str=None, trigger_uri: str=None, **kwargs) -> None: + super(ActionRequest, self).__init__(etag=etag, **kwargs) + self.trigger_uri = trigger_uri diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_response.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_response.py new file mode 100644 index 000000000000..d40b0f4f7c9b --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_response.py @@ -0,0 +1,50 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource import Resource + + +class ActionResponse(Resource): + """Action for alert rule. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the action. + :type etag: str + :param workflow_id: The name of the logic app's workflow. + :type workflow_id: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'workflow_id': {'key': 'properties.workflowId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ActionResponse, self).__init__(**kwargs) + self.etag = kwargs.get('etag', None) + self.workflow_id = kwargs.get('workflow_id', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_response_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_response_paged.py new file mode 100644 index 000000000000..4bf2cad55601 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_response_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class ActionResponsePaged(Paged): + """ + A paging container for iterating over a list of :class:`ActionResponse ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[ActionResponse]'} + } + + def __init__(self, *args, **kwargs): + + super(ActionResponsePaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_response_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_response_py3.py new file mode 100644 index 000000000000..eb05d08d5e40 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/action_response_py3.py @@ -0,0 +1,50 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_py3 import Resource + + +class ActionResponse(Resource): + """Action for alert rule. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the action. + :type etag: str + :param workflow_id: The name of the logic app's workflow. + :type workflow_id: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'workflow_id': {'key': 'properties.workflowId', 'type': 'str'}, + } + + def __init__(self, *, etag: str=None, workflow_id: str=None, **kwargs) -> None: + super(ActionResponse, self).__init__(**kwargs) + self.etag = etag + self.workflow_id = workflow_id diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations.py new file mode 100644 index 000000000000..cbb0248bb1f6 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations.py @@ -0,0 +1,59 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Aggregations(Model): + """The aggregation. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: CasesAggregation + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'CasesAggregation': 'CasesAggregation'} + } + + def __init__(self, **kwargs): + super(Aggregations, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_kind1.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_kind1.py new file mode 100644 index 000000000000..8af6327111f3 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_kind1.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AggregationsKind1(Model): + """Describes an Azure resource with kind. + + :param kind: The kind of the setting. Possible values include: + 'CasesAggregation' + :type kind: str or ~azure.mgmt.securityinsight.models.AggregationsKind + """ + + _attribute_map = { + 'kind': {'key': 'kind', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AggregationsKind1, self).__init__(**kwargs) + self.kind = kwargs.get('kind', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_kind1_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_kind1_py3.py new file mode 100644 index 000000000000..13fe73cf6168 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_kind1_py3.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AggregationsKind1(Model): + """Describes an Azure resource with kind. + + :param kind: The kind of the setting. Possible values include: + 'CasesAggregation' + :type kind: str or ~azure.mgmt.securityinsight.models.AggregationsKind + """ + + _attribute_map = { + 'kind': {'key': 'kind', 'type': 'str'}, + } + + def __init__(self, *, kind=None, **kwargs) -> None: + super(AggregationsKind1, self).__init__(**kwargs) + self.kind = kind diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_py3.py new file mode 100644 index 000000000000..d4c5f6a13f5e --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_py3.py @@ -0,0 +1,59 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Aggregations(Model): + """The aggregation. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: CasesAggregation + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'CasesAggregation': 'CasesAggregation'} + } + + def __init__(self, **kwargs) -> None: + super(Aggregations, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule.py new file mode 100644 index 000000000000..d6385014cfd8 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule.py @@ -0,0 +1,64 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AlertRule(Model): + """Alert rule. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: FusionAlertRule, + MicrosoftSecurityIncidentCreationAlertRule, ScheduledAlertRule + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'Fusion': 'FusionAlertRule', 'MicrosoftSecurityIncidentCreation': 'MicrosoftSecurityIncidentCreationAlertRule', 'Scheduled': 'ScheduledAlertRule'} + } + + def __init__(self, **kwargs): + super(AlertRule, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.etag = kwargs.get('etag', None) + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_kind1.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_kind1.py new file mode 100644 index 000000000000..48e8f32ddd63 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_kind1.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AlertRuleKind1(Model): + """Describes an Azure resource with kind. + + :param kind: The kind of the alert rule. Possible values include: + 'Scheduled', 'MicrosoftSecurityIncidentCreation', 'Fusion' + :type kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind + """ + + _attribute_map = { + 'kind': {'key': 'kind', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AlertRuleKind1, self).__init__(**kwargs) + self.kind = kwargs.get('kind', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_kind1_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_kind1_py3.py new file mode 100644 index 000000000000..791ade71fbec --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_kind1_py3.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AlertRuleKind1(Model): + """Describes an Azure resource with kind. + + :param kind: The kind of the alert rule. Possible values include: + 'Scheduled', 'MicrosoftSecurityIncidentCreation', 'Fusion' + :type kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind + """ + + _attribute_map = { + 'kind': {'key': 'kind', 'type': 'str'}, + } + + def __init__(self, *, kind=None, **kwargs) -> None: + super(AlertRuleKind1, self).__init__(**kwargs) + self.kind = kind diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_paged.py new file mode 100644 index 000000000000..765456eff7ec --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class AlertRulePaged(Paged): + """ + A paging container for iterating over a list of :class:`AlertRule ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[AlertRule]'} + } + + def __init__(self, *args, **kwargs): + + super(AlertRulePaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_py3.py new file mode 100644 index 000000000000..5f2a8225350a --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_py3.py @@ -0,0 +1,64 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AlertRule(Model): + """Alert rule. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: FusionAlertRule, + MicrosoftSecurityIncidentCreationAlertRule, ScheduledAlertRule + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'Fusion': 'FusionAlertRule', 'MicrosoftSecurityIncidentCreation': 'MicrosoftSecurityIncidentCreationAlertRule', 'Scheduled': 'ScheduledAlertRule'} + } + + def __init__(self, *, etag: str=None, **kwargs) -> None: + super(AlertRule, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.etag = etag + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template.py new file mode 100644 index 000000000000..c909aec1d6b0 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AlertRuleTemplate(Model): + """Alert rule template. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: FusionAlertRuleTemplate, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + ScheduledAlertRuleTemplate + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'Fusion': 'FusionAlertRuleTemplate', 'MicrosoftSecurityIncidentCreation': 'MicrosoftSecurityIncidentCreationAlertRuleTemplate', 'Scheduled': 'ScheduledAlertRuleTemplate'} + } + + def __init__(self, **kwargs): + super(AlertRuleTemplate, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_paged.py new file mode 100644 index 000000000000..84b81e65f6a2 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class AlertRuleTemplatePaged(Paged): + """ + A paging container for iterating over a list of :class:`AlertRuleTemplate ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[AlertRuleTemplate]'} + } + + def __init__(self, *args, **kwargs): + + super(AlertRuleTemplatePaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_properties_base.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_properties_base.py new file mode 100644 index 000000000000..bc3dfe196187 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_properties_base.py @@ -0,0 +1,65 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AlertRuleTemplatePropertiesBase(Model): + """Base alert rule template property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :param alert_rules_created_by_template_count: the number of alert rules + that were created by this template + :type alert_rules_created_by_template_count: int + :ivar created_date_utc: The time that this alert rule template has been + added. + :vartype created_date_utc: datetime + :param description: The description of the alert rule template. + :type description: str + :param display_name: The display name for alert rule template. + :type display_name: str + :param required_data_connectors: The required data connectors for this + template + :type required_data_connectors: + list[~azure.mgmt.securityinsight.models.DataConnectorStatus] + :param status: The alert rule template status. Possible values include: + 'Installed', 'Available', 'NotAvailable' + :type status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :param tactics: The tactics of the alert rule template + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + """ + + _validation = { + 'created_date_utc': {'readonly': True}, + } + + _attribute_map = { + 'alert_rules_created_by_template_count': {'key': 'alertRulesCreatedByTemplateCount', 'type': 'int'}, + 'created_date_utc': {'key': 'createdDateUTC', 'type': 'iso-8601'}, + 'description': {'key': 'description', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'required_data_connectors': {'key': 'requiredDataConnectors', 'type': '[DataConnectorStatus]'}, + 'status': {'key': 'status', 'type': 'str'}, + 'tactics': {'key': 'tactics', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(AlertRuleTemplatePropertiesBase, self).__init__(**kwargs) + self.alert_rules_created_by_template_count = kwargs.get('alert_rules_created_by_template_count', None) + self.created_date_utc = None + self.description = kwargs.get('description', None) + self.display_name = kwargs.get('display_name', None) + self.required_data_connectors = kwargs.get('required_data_connectors', None) + self.status = kwargs.get('status', None) + self.tactics = kwargs.get('tactics', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_properties_base_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_properties_base_py3.py new file mode 100644 index 000000000000..c0f509e28256 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_properties_base_py3.py @@ -0,0 +1,65 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AlertRuleTemplatePropertiesBase(Model): + """Base alert rule template property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :param alert_rules_created_by_template_count: the number of alert rules + that were created by this template + :type alert_rules_created_by_template_count: int + :ivar created_date_utc: The time that this alert rule template has been + added. + :vartype created_date_utc: datetime + :param description: The description of the alert rule template. + :type description: str + :param display_name: The display name for alert rule template. + :type display_name: str + :param required_data_connectors: The required data connectors for this + template + :type required_data_connectors: + list[~azure.mgmt.securityinsight.models.DataConnectorStatus] + :param status: The alert rule template status. Possible values include: + 'Installed', 'Available', 'NotAvailable' + :type status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :param tactics: The tactics of the alert rule template + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + """ + + _validation = { + 'created_date_utc': {'readonly': True}, + } + + _attribute_map = { + 'alert_rules_created_by_template_count': {'key': 'alertRulesCreatedByTemplateCount', 'type': 'int'}, + 'created_date_utc': {'key': 'createdDateUTC', 'type': 'iso-8601'}, + 'description': {'key': 'description', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'required_data_connectors': {'key': 'requiredDataConnectors', 'type': '[DataConnectorStatus]'}, + 'status': {'key': 'status', 'type': 'str'}, + 'tactics': {'key': 'tactics', 'type': '[str]'}, + } + + def __init__(self, *, alert_rules_created_by_template_count: int=None, description: str=None, display_name: str=None, required_data_connectors=None, status=None, tactics=None, **kwargs) -> None: + super(AlertRuleTemplatePropertiesBase, self).__init__(**kwargs) + self.alert_rules_created_by_template_count = alert_rules_created_by_template_count + self.created_date_utc = None + self.description = description + self.display_name = display_name + self.required_data_connectors = required_data_connectors + self.status = status + self.tactics = tactics diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_py3.py new file mode 100644 index 000000000000..1f62c61eecb2 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alert_rule_template_py3.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AlertRuleTemplate(Model): + """Alert rule template. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: FusionAlertRuleTemplate, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + ScheduledAlertRuleTemplate + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'Fusion': 'FusionAlertRuleTemplate', 'MicrosoftSecurityIncidentCreation': 'MicrosoftSecurityIncidentCreationAlertRuleTemplate', 'Scheduled': 'ScheduledAlertRuleTemplate'} + } + + def __init__(self, **kwargs) -> None: + super(AlertRuleTemplate, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector.py new file mode 100644 index 000000000000..36a5e58a48ad --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AlertsDataTypeOfDataConnector(Model): + """Alerts data type for data connectors. + + :param alerts: Alerts data type connection. + :type alerts: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnectorAlerts + """ + + _attribute_map = { + 'alerts': {'key': 'alerts', 'type': 'AlertsDataTypeOfDataConnectorAlerts'}, + } + + def __init__(self, **kwargs): + super(AlertsDataTypeOfDataConnector, self).__init__(**kwargs) + self.alerts = kwargs.get('alerts', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector_alerts.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector_alerts.py new file mode 100644 index 000000000000..534735b5faef --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector_alerts.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common import DataConnectorDataTypeCommon + + +class AlertsDataTypeOfDataConnectorAlerts(DataConnectorDataTypeCommon): + """Alerts data type connection. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AlertsDataTypeOfDataConnectorAlerts, self).__init__(**kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector_alerts_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector_alerts_py3.py new file mode 100644 index 000000000000..9ab513e28b34 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector_alerts_py3.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common_py3 import DataConnectorDataTypeCommon + + +class AlertsDataTypeOfDataConnectorAlerts(DataConnectorDataTypeCommon): + """Alerts data type connection. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, *, state=None, **kwargs) -> None: + super(AlertsDataTypeOfDataConnectorAlerts, self).__init__(state=state, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector_py3.py new file mode 100644 index 000000000000..df40d726ad58 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/alerts_data_type_of_data_connector_py3.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AlertsDataTypeOfDataConnector(Model): + """Alerts data type for data connectors. + + :param alerts: Alerts data type connection. + :type alerts: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnectorAlerts + """ + + _attribute_map = { + 'alerts': {'key': 'alerts', 'type': 'AlertsDataTypeOfDataConnectorAlerts'}, + } + + def __init__(self, *, alerts=None, **kwargs) -> None: + super(AlertsDataTypeOfDataConnector, self).__init__(**kwargs) + self.alerts = alerts diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/asc_data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/asc_data_connector.py new file mode 100644 index 000000000000..2b5903b81cc2 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/asc_data_connector.py @@ -0,0 +1,62 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector import DataConnector + + +class ASCDataConnector(DataConnector): + """Represents ASC (Azure Security Center) data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + :param subscription_id: The subscription id to connect to, and get the + data from. + :type subscription_id: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AlertsDataTypeOfDataConnector'}, + 'subscription_id': {'key': 'properties.subscriptionId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ASCDataConnector, self).__init__(**kwargs) + self.data_types = kwargs.get('data_types', None) + self.subscription_id = kwargs.get('subscription_id', None) + self.kind = 'AzureSecurityCenter' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/asc_data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/asc_data_connector_py3.py new file mode 100644 index 000000000000..c6b7fdaea4d1 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/asc_data_connector_py3.py @@ -0,0 +1,62 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_py3 import DataConnector + + +class ASCDataConnector(DataConnector): + """Represents ASC (Azure Security Center) data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + :param subscription_id: The subscription id to connect to, and get the + data from. + :type subscription_id: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AlertsDataTypeOfDataConnector'}, + 'subscription_id': {'key': 'properties.subscriptionId', 'type': 'str'}, + } + + def __init__(self, *, etag: str=None, data_types=None, subscription_id: str=None, **kwargs) -> None: + super(ASCDataConnector, self).__init__(etag=etag, **kwargs) + self.data_types = data_types + self.subscription_id = subscription_id + self.kind = 'AzureSecurityCenter' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector.py new file mode 100644 index 000000000000..1694a5e0bcdd --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector.py @@ -0,0 +1,62 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector import DataConnector + + +class AwsCloudTrailDataConnector(DataConnector): + """Represents Amazon Web Services CloudTrail data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param aws_role_arn: The Aws Role Arn (with CloudTrailReadOnly policy) + that is used to access the Aws account. + :type aws_role_arn: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AwsCloudTrailDataConnectorDataTypes + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'aws_role_arn': {'key': 'properties.awsRoleArn', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AwsCloudTrailDataConnectorDataTypes'}, + } + + def __init__(self, **kwargs): + super(AwsCloudTrailDataConnector, self).__init__(**kwargs) + self.aws_role_arn = kwargs.get('aws_role_arn', None) + self.data_types = kwargs.get('data_types', None) + self.kind = 'AmazonWebServicesCloudTrail' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types.py new file mode 100644 index 000000000000..9da075bd2307 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AwsCloudTrailDataConnectorDataTypes(Model): + """The available data types for Amazon Web Services CloudTrail data connector. + + :param logs: Logs data type. + :type logs: + ~azure.mgmt.securityinsight.models.AwsCloudTrailDataConnectorDataTypesLogs + """ + + _attribute_map = { + 'logs': {'key': 'logs', 'type': 'AwsCloudTrailDataConnectorDataTypesLogs'}, + } + + def __init__(self, **kwargs): + super(AwsCloudTrailDataConnectorDataTypes, self).__init__(**kwargs) + self.logs = kwargs.get('logs', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs.py new file mode 100644 index 000000000000..7f467596af3d --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common import DataConnectorDataTypeCommon + + +class AwsCloudTrailDataConnectorDataTypesLogs(DataConnectorDataTypeCommon): + """Logs data type. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AwsCloudTrailDataConnectorDataTypesLogs, self).__init__(**kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs_py3.py new file mode 100644 index 000000000000..6e45193f2e55 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs_py3.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common_py3 import DataConnectorDataTypeCommon + + +class AwsCloudTrailDataConnectorDataTypesLogs(DataConnectorDataTypeCommon): + """Logs data type. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, *, state=None, **kwargs) -> None: + super(AwsCloudTrailDataConnectorDataTypesLogs, self).__init__(state=state, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_py3.py new file mode 100644 index 000000000000..14ff8517eba9 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_py3.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AwsCloudTrailDataConnectorDataTypes(Model): + """The available data types for Amazon Web Services CloudTrail data connector. + + :param logs: Logs data type. + :type logs: + ~azure.mgmt.securityinsight.models.AwsCloudTrailDataConnectorDataTypesLogs + """ + + _attribute_map = { + 'logs': {'key': 'logs', 'type': 'AwsCloudTrailDataConnectorDataTypesLogs'}, + } + + def __init__(self, *, logs=None, **kwargs) -> None: + super(AwsCloudTrailDataConnectorDataTypes, self).__init__(**kwargs) + self.logs = logs diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_py3.py new file mode 100644 index 000000000000..8fc96cd3871f --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_py3.py @@ -0,0 +1,62 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_py3 import DataConnector + + +class AwsCloudTrailDataConnector(DataConnector): + """Represents Amazon Web Services CloudTrail data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param aws_role_arn: The Aws Role Arn (with CloudTrailReadOnly policy) + that is used to access the Aws account. + :type aws_role_arn: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AwsCloudTrailDataConnectorDataTypes + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'aws_role_arn': {'key': 'properties.awsRoleArn', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AwsCloudTrailDataConnectorDataTypes'}, + } + + def __init__(self, *, etag: str=None, aws_role_arn: str=None, data_types=None, **kwargs) -> None: + super(AwsCloudTrailDataConnector, self).__init__(etag=etag, **kwargs) + self.aws_role_arn = aws_role_arn + self.data_types = data_types + self.kind = 'AmazonWebServicesCloudTrail' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/azure_resource_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/azure_resource_entity.py new file mode 100644 index 000000000000..20edaad51b69 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/azure_resource_entity.py @@ -0,0 +1,67 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class AzureResourceEntity(Entity): + """Represents an azure resource entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar resource_id: The azure resource id of the resource + :vartype resource_id: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'resource_id': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'resource_id': {'key': 'properties.resourceId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AzureResourceEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.resource_id = None + self.kind = 'AzureResource' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/azure_resource_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/azure_resource_entity_py3.py new file mode 100644 index 000000000000..34165669f174 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/azure_resource_entity_py3.py @@ -0,0 +1,67 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class AzureResourceEntity(Entity): + """Represents an azure resource entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar resource_id: The azure resource id of the resource + :vartype resource_id: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'resource_id': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'resource_id': {'key': 'properties.resourceId', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(AzureResourceEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.resource_id = None + self.kind = 'AzureResource' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark.py new file mode 100644 index 000000000000..b297f9718572 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark.py @@ -0,0 +1,85 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_with_etag import ResourceWithEtag + + +class Bookmark(ResourceWithEtag): + """Represents a bookmark in Azure Security Insights. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param created: The time the bookmark was created + :type created: datetime + :param created_by: Describes a user that created the bookmark + :type created_by: ~azure.mgmt.securityinsight.models.UserInfo + :param display_name: Required. The display name of the bookmark + :type display_name: str + :param labels: List of labels relevant to this bookmark + :type labels: list[str] + :param notes: The notes of the bookmark + :type notes: str + :param query: Required. The query of the bookmark. + :type query: str + :param query_result: The query result of the bookmark. + :type query_result: str + :param updated: The last time the bookmark was updated + :type updated: datetime + :param updated_by: Describes a user that updated the bookmark + :type updated_by: ~azure.mgmt.securityinsight.models.UserInfo + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'display_name': {'required': True}, + 'query': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'created': {'key': 'properties.created', 'type': 'iso-8601'}, + 'created_by': {'key': 'properties.createdBy', 'type': 'UserInfo'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'labels': {'key': 'properties.labels', 'type': '[str]'}, + 'notes': {'key': 'properties.notes', 'type': 'str'}, + 'query': {'key': 'properties.query', 'type': 'str'}, + 'query_result': {'key': 'properties.queryResult', 'type': 'str'}, + 'updated': {'key': 'properties.updated', 'type': 'iso-8601'}, + 'updated_by': {'key': 'properties.updatedBy', 'type': 'UserInfo'}, + } + + def __init__(self, **kwargs): + super(Bookmark, self).__init__(**kwargs) + self.created = kwargs.get('created', None) + self.created_by = kwargs.get('created_by', None) + self.display_name = kwargs.get('display_name', None) + self.labels = kwargs.get('labels', None) + self.notes = kwargs.get('notes', None) + self.query = kwargs.get('query', None) + self.query_result = kwargs.get('query_result', None) + self.updated = kwargs.get('updated', None) + self.updated_by = kwargs.get('updated_by', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_paged.py new file mode 100644 index 000000000000..cc150beecede --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class BookmarkPaged(Paged): + """ + A paging container for iterating over a list of :class:`Bookmark ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[Bookmark]'} + } + + def __init__(self, *args, **kwargs): + + super(BookmarkPaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_py3.py new file mode 100644 index 000000000000..26e131894091 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_py3.py @@ -0,0 +1,85 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_with_etag_py3 import ResourceWithEtag + + +class Bookmark(ResourceWithEtag): + """Represents a bookmark in Azure Security Insights. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param created: The time the bookmark was created + :type created: datetime + :param created_by: Describes a user that created the bookmark + :type created_by: ~azure.mgmt.securityinsight.models.UserInfo + :param display_name: Required. The display name of the bookmark + :type display_name: str + :param labels: List of labels relevant to this bookmark + :type labels: list[str] + :param notes: The notes of the bookmark + :type notes: str + :param query: Required. The query of the bookmark. + :type query: str + :param query_result: The query result of the bookmark. + :type query_result: str + :param updated: The last time the bookmark was updated + :type updated: datetime + :param updated_by: Describes a user that updated the bookmark + :type updated_by: ~azure.mgmt.securityinsight.models.UserInfo + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'display_name': {'required': True}, + 'query': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'created': {'key': 'properties.created', 'type': 'iso-8601'}, + 'created_by': {'key': 'properties.createdBy', 'type': 'UserInfo'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'labels': {'key': 'properties.labels', 'type': '[str]'}, + 'notes': {'key': 'properties.notes', 'type': 'str'}, + 'query': {'key': 'properties.query', 'type': 'str'}, + 'query_result': {'key': 'properties.queryResult', 'type': 'str'}, + 'updated': {'key': 'properties.updated', 'type': 'iso-8601'}, + 'updated_by': {'key': 'properties.updatedBy', 'type': 'UserInfo'}, + } + + def __init__(self, *, display_name: str, query: str, etag: str=None, created=None, created_by=None, labels=None, notes: str=None, query_result: str=None, updated=None, updated_by=None, **kwargs) -> None: + super(Bookmark, self).__init__(etag=etag, **kwargs) + self.created = created + self.created_by = created_by + self.display_name = display_name + self.labels = labels + self.notes = notes + self.query = query + self.query_result = query_result + self.updated = updated + self.updated_by = updated_by diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_relation.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_relation.py new file mode 100644 index 000000000000..0ef238de56fd --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_relation.py @@ -0,0 +1,75 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .relation_base import RelationBase + + +class BookmarkRelation(RelationBase): + """Represents a bookmark relation. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :ivar kind: The type of relation node. Possible values include: + 'CasesToBookmarks' + :vartype kind: str or ~azure.mgmt.securityinsight.models.RelationTypes + :param etag: ETag for relation + :type etag: str + :param relation_name: Required. Name of relation + :type relation_name: str + :param bookmark_id: Required. The case related bookmark id + :type bookmark_id: str + :param case_identifier: Required. The case identifier + :type case_identifier: str + :param case_title: The case title + :type case_title: str + :param case_severity: The case severity + :type case_severity: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'readonly': True}, + 'relation_name': {'required': True}, + 'bookmark_id': {'required': True}, + 'case_identifier': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'relation_name': {'key': 'properties.relationName', 'type': 'str'}, + 'bookmark_id': {'key': 'properties.bookmarkId', 'type': 'str'}, + 'case_identifier': {'key': 'properties.caseIdentifier', 'type': 'str'}, + 'case_title': {'key': 'properties.caseTitle', 'type': 'str'}, + 'case_severity': {'key': 'properties.caseSeverity', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(BookmarkRelation, self).__init__(**kwargs) + self.relation_name = kwargs.get('relation_name', None) + self.bookmark_id = kwargs.get('bookmark_id', None) + self.case_identifier = kwargs.get('case_identifier', None) + self.case_title = kwargs.get('case_title', None) + self.case_severity = kwargs.get('case_severity', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_relation_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_relation_paged.py new file mode 100644 index 000000000000..4b1c83dc0e22 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_relation_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class BookmarkRelationPaged(Paged): + """ + A paging container for iterating over a list of :class:`BookmarkRelation ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[BookmarkRelation]'} + } + + def __init__(self, *args, **kwargs): + + super(BookmarkRelationPaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_relation_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_relation_py3.py new file mode 100644 index 000000000000..b83c8889f34b --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/bookmark_relation_py3.py @@ -0,0 +1,75 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .relation_base_py3 import RelationBase + + +class BookmarkRelation(RelationBase): + """Represents a bookmark relation. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :ivar kind: The type of relation node. Possible values include: + 'CasesToBookmarks' + :vartype kind: str or ~azure.mgmt.securityinsight.models.RelationTypes + :param etag: ETag for relation + :type etag: str + :param relation_name: Required. Name of relation + :type relation_name: str + :param bookmark_id: Required. The case related bookmark id + :type bookmark_id: str + :param case_identifier: Required. The case identifier + :type case_identifier: str + :param case_title: The case title + :type case_title: str + :param case_severity: The case severity + :type case_severity: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'readonly': True}, + 'relation_name': {'required': True}, + 'bookmark_id': {'required': True}, + 'case_identifier': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'relation_name': {'key': 'properties.relationName', 'type': 'str'}, + 'bookmark_id': {'key': 'properties.bookmarkId', 'type': 'str'}, + 'case_identifier': {'key': 'properties.caseIdentifier', 'type': 'str'}, + 'case_title': {'key': 'properties.caseTitle', 'type': 'str'}, + 'case_severity': {'key': 'properties.caseSeverity', 'type': 'str'}, + } + + def __init__(self, *, relation_name: str, bookmark_id: str, case_identifier: str, etag: str=None, case_title: str=None, case_severity: str=None, **kwargs) -> None: + super(BookmarkRelation, self).__init__(etag=etag, **kwargs) + self.relation_name = relation_name + self.bookmark_id = bookmark_id + self.case_identifier = case_identifier + self.case_title = case_title + self.case_severity = case_severity diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case.py new file mode 100644 index 000000000000..380c8b38a098 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case.py @@ -0,0 +1,124 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_with_etag import ResourceWithEtag + + +class Case(ResourceWithEtag): + """Represents a case in Azure Security Insights. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :ivar case_number: a sequential number + :vartype case_number: int + :param close_reason: The reason the case was closed. Possible values + include: 'Resolved', 'Dismissed', 'TruePositive', 'FalsePositive', 'Other' + :type close_reason: str or ~azure.mgmt.securityinsight.models.CloseReason + :param closed_reason_text: the case close reason details + :type closed_reason_text: str + :ivar created_time_utc: The time the case was created + :vartype created_time_utc: datetime + :param description: The description of the case + :type description: str + :param end_time_utc: The end time of the case + :type end_time_utc: datetime + :param labels: List of labels relevant to this case + :type labels: list[str] + :ivar last_comment: the last comment in the case + :vartype last_comment: str + :ivar last_updated_time_utc: The last time the case was updated + :vartype last_updated_time_utc: datetime + :param owner: Describes a user that the case is assigned to + :type owner: ~azure.mgmt.securityinsight.models.UserInfo + :ivar related_alert_ids: List of related alert identifiers + :vartype related_alert_ids: list[str] + :param severity: Required. The severity of the case. Possible values + include: 'Critical', 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.CaseSeverity + :param start_time_utc: Required. The start time of the case + :type start_time_utc: datetime + :param status: Required. The status of the case. Possible values include: + 'Draft', 'New', 'InProgress', 'Closed' + :type status: str or ~azure.mgmt.securityinsight.models.CaseStatus + :param title: Required. The title of the case + :type title: str + :ivar total_comments: the number of total comments in the case + :vartype total_comments: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'case_number': {'readonly': True}, + 'created_time_utc': {'readonly': True}, + 'last_comment': {'readonly': True}, + 'last_updated_time_utc': {'readonly': True}, + 'related_alert_ids': {'readonly': True}, + 'severity': {'required': True}, + 'start_time_utc': {'required': True}, + 'status': {'required': True}, + 'title': {'required': True}, + 'total_comments': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'case_number': {'key': 'properties.caseNumber', 'type': 'int'}, + 'close_reason': {'key': 'properties.closeReason', 'type': 'str'}, + 'closed_reason_text': {'key': 'properties.closedReasonText', 'type': 'str'}, + 'created_time_utc': {'key': 'properties.createdTimeUtc', 'type': 'iso-8601'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'end_time_utc': {'key': 'properties.endTimeUtc', 'type': 'iso-8601'}, + 'labels': {'key': 'properties.labels', 'type': '[str]'}, + 'last_comment': {'key': 'properties.lastComment', 'type': 'str'}, + 'last_updated_time_utc': {'key': 'properties.lastUpdatedTimeUtc', 'type': 'iso-8601'}, + 'owner': {'key': 'properties.owner', 'type': 'UserInfo'}, + 'related_alert_ids': {'key': 'properties.relatedAlertIds', 'type': '[str]'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'start_time_utc': {'key': 'properties.startTimeUtc', 'type': 'iso-8601'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'title': {'key': 'properties.title', 'type': 'str'}, + 'total_comments': {'key': 'properties.totalComments', 'type': 'int'}, + } + + def __init__(self, **kwargs): + super(Case, self).__init__(**kwargs) + self.case_number = None + self.close_reason = kwargs.get('close_reason', None) + self.closed_reason_text = kwargs.get('closed_reason_text', None) + self.created_time_utc = None + self.description = kwargs.get('description', None) + self.end_time_utc = kwargs.get('end_time_utc', None) + self.labels = kwargs.get('labels', None) + self.last_comment = None + self.last_updated_time_utc = None + self.owner = kwargs.get('owner', None) + self.related_alert_ids = None + self.severity = kwargs.get('severity', None) + self.start_time_utc = kwargs.get('start_time_utc', None) + self.status = kwargs.get('status', None) + self.title = kwargs.get('title', None) + self.total_comments = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_comment.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_comment.py new file mode 100644 index 000000000000..b1931f1eb8d1 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_comment.py @@ -0,0 +1,59 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource import Resource + + +class CaseComment(Resource): + """Represents a case comment. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :ivar created_time_utc: The time the comment was created + :vartype created_time_utc: datetime + :param message: Required. The comment message + :type message: str + :ivar user_info: Describes the user that created the comment + :vartype user_info: ~azure.mgmt.securityinsight.models.UserInfo + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'created_time_utc': {'readonly': True}, + 'message': {'required': True}, + 'user_info': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'created_time_utc': {'key': 'properties.createdTimeUtc', 'type': 'iso-8601'}, + 'message': {'key': 'properties.message', 'type': 'str'}, + 'user_info': {'key': 'properties.userInfo', 'type': 'UserInfo'}, + } + + def __init__(self, **kwargs): + super(CaseComment, self).__init__(**kwargs) + self.created_time_utc = None + self.message = kwargs.get('message', None) + self.user_info = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_comment_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_comment_paged.py new file mode 100644 index 000000000000..7e30766c3bdc --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_comment_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class CaseCommentPaged(Paged): + """ + A paging container for iterating over a list of :class:`CaseComment ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[CaseComment]'} + } + + def __init__(self, *args, **kwargs): + + super(CaseCommentPaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_comment_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_comment_py3.py new file mode 100644 index 000000000000..c552b25dd795 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_comment_py3.py @@ -0,0 +1,59 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_py3 import Resource + + +class CaseComment(Resource): + """Represents a case comment. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :ivar created_time_utc: The time the comment was created + :vartype created_time_utc: datetime + :param message: Required. The comment message + :type message: str + :ivar user_info: Describes the user that created the comment + :vartype user_info: ~azure.mgmt.securityinsight.models.UserInfo + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'created_time_utc': {'readonly': True}, + 'message': {'required': True}, + 'user_info': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'created_time_utc': {'key': 'properties.createdTimeUtc', 'type': 'iso-8601'}, + 'message': {'key': 'properties.message', 'type': 'str'}, + 'user_info': {'key': 'properties.userInfo', 'type': 'UserInfo'}, + } + + def __init__(self, *, message: str, **kwargs) -> None: + super(CaseComment, self).__init__(**kwargs) + self.created_time_utc = None + self.message = message + self.user_info = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_paged.py new file mode 100644 index 000000000000..bf2bf64e9a7f --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class CasePaged(Paged): + """ + A paging container for iterating over a list of :class:`Case ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[Case]'} + } + + def __init__(self, *args, **kwargs): + + super(CasePaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_py3.py new file mode 100644 index 000000000000..fc1f2e99889d --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_py3.py @@ -0,0 +1,124 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_with_etag_py3 import ResourceWithEtag + + +class Case(ResourceWithEtag): + """Represents a case in Azure Security Insights. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :ivar case_number: a sequential number + :vartype case_number: int + :param close_reason: The reason the case was closed. Possible values + include: 'Resolved', 'Dismissed', 'TruePositive', 'FalsePositive', 'Other' + :type close_reason: str or ~azure.mgmt.securityinsight.models.CloseReason + :param closed_reason_text: the case close reason details + :type closed_reason_text: str + :ivar created_time_utc: The time the case was created + :vartype created_time_utc: datetime + :param description: The description of the case + :type description: str + :param end_time_utc: The end time of the case + :type end_time_utc: datetime + :param labels: List of labels relevant to this case + :type labels: list[str] + :ivar last_comment: the last comment in the case + :vartype last_comment: str + :ivar last_updated_time_utc: The last time the case was updated + :vartype last_updated_time_utc: datetime + :param owner: Describes a user that the case is assigned to + :type owner: ~azure.mgmt.securityinsight.models.UserInfo + :ivar related_alert_ids: List of related alert identifiers + :vartype related_alert_ids: list[str] + :param severity: Required. The severity of the case. Possible values + include: 'Critical', 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.CaseSeverity + :param start_time_utc: Required. The start time of the case + :type start_time_utc: datetime + :param status: Required. The status of the case. Possible values include: + 'Draft', 'New', 'InProgress', 'Closed' + :type status: str or ~azure.mgmt.securityinsight.models.CaseStatus + :param title: Required. The title of the case + :type title: str + :ivar total_comments: the number of total comments in the case + :vartype total_comments: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'case_number': {'readonly': True}, + 'created_time_utc': {'readonly': True}, + 'last_comment': {'readonly': True}, + 'last_updated_time_utc': {'readonly': True}, + 'related_alert_ids': {'readonly': True}, + 'severity': {'required': True}, + 'start_time_utc': {'required': True}, + 'status': {'required': True}, + 'title': {'required': True}, + 'total_comments': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'case_number': {'key': 'properties.caseNumber', 'type': 'int'}, + 'close_reason': {'key': 'properties.closeReason', 'type': 'str'}, + 'closed_reason_text': {'key': 'properties.closedReasonText', 'type': 'str'}, + 'created_time_utc': {'key': 'properties.createdTimeUtc', 'type': 'iso-8601'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'end_time_utc': {'key': 'properties.endTimeUtc', 'type': 'iso-8601'}, + 'labels': {'key': 'properties.labels', 'type': '[str]'}, + 'last_comment': {'key': 'properties.lastComment', 'type': 'str'}, + 'last_updated_time_utc': {'key': 'properties.lastUpdatedTimeUtc', 'type': 'iso-8601'}, + 'owner': {'key': 'properties.owner', 'type': 'UserInfo'}, + 'related_alert_ids': {'key': 'properties.relatedAlertIds', 'type': '[str]'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'start_time_utc': {'key': 'properties.startTimeUtc', 'type': 'iso-8601'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'title': {'key': 'properties.title', 'type': 'str'}, + 'total_comments': {'key': 'properties.totalComments', 'type': 'int'}, + } + + def __init__(self, *, severity, start_time_utc, status, title: str, etag: str=None, close_reason=None, closed_reason_text: str=None, description: str=None, end_time_utc=None, labels=None, owner=None, **kwargs) -> None: + super(Case, self).__init__(etag=etag, **kwargs) + self.case_number = None + self.close_reason = close_reason + self.closed_reason_text = closed_reason_text + self.created_time_utc = None + self.description = description + self.end_time_utc = end_time_utc + self.labels = labels + self.last_comment = None + self.last_updated_time_utc = None + self.owner = owner + self.related_alert_ids = None + self.severity = severity + self.start_time_utc = start_time_utc + self.status = status + self.title = title + self.total_comments = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_relation.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_relation.py new file mode 100644 index 000000000000..a74688bf44ef --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_relation.py @@ -0,0 +1,71 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .relation_base import RelationBase + + +class CaseRelation(RelationBase): + """Represents a case relation. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :ivar kind: The type of relation node. Possible values include: + 'CasesToBookmarks' + :vartype kind: str or ~azure.mgmt.securityinsight.models.RelationTypes + :param etag: ETag for relation + :type etag: str + :param relation_name: Required. Name of relation + :type relation_name: str + :param bookmark_id: Required. The case related bookmark id + :type bookmark_id: str + :param case_identifier: Required. The case identifier + :type case_identifier: str + :param bookmark_name: The case related bookmark name + :type bookmark_name: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'readonly': True}, + 'relation_name': {'required': True}, + 'bookmark_id': {'required': True}, + 'case_identifier': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'relation_name': {'key': 'properties.relationName', 'type': 'str'}, + 'bookmark_id': {'key': 'properties.bookmarkId', 'type': 'str'}, + 'case_identifier': {'key': 'properties.caseIdentifier', 'type': 'str'}, + 'bookmark_name': {'key': 'properties.bookmarkName', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(CaseRelation, self).__init__(**kwargs) + self.relation_name = kwargs.get('relation_name', None) + self.bookmark_id = kwargs.get('bookmark_id', None) + self.case_identifier = kwargs.get('case_identifier', None) + self.bookmark_name = kwargs.get('bookmark_name', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_relation_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_relation_paged.py new file mode 100644 index 000000000000..acdf4d2b3de5 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_relation_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class CaseRelationPaged(Paged): + """ + A paging container for iterating over a list of :class:`CaseRelation ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[CaseRelation]'} + } + + def __init__(self, *args, **kwargs): + + super(CaseRelationPaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_relation_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_relation_py3.py new file mode 100644 index 000000000000..6176ba85bfa2 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_relation_py3.py @@ -0,0 +1,71 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .relation_base_py3 import RelationBase + + +class CaseRelation(RelationBase): + """Represents a case relation. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :ivar kind: The type of relation node. Possible values include: + 'CasesToBookmarks' + :vartype kind: str or ~azure.mgmt.securityinsight.models.RelationTypes + :param etag: ETag for relation + :type etag: str + :param relation_name: Required. Name of relation + :type relation_name: str + :param bookmark_id: Required. The case related bookmark id + :type bookmark_id: str + :param case_identifier: Required. The case identifier + :type case_identifier: str + :param bookmark_name: The case related bookmark name + :type bookmark_name: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'readonly': True}, + 'relation_name': {'required': True}, + 'bookmark_id': {'required': True}, + 'case_identifier': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'relation_name': {'key': 'properties.relationName', 'type': 'str'}, + 'bookmark_id': {'key': 'properties.bookmarkId', 'type': 'str'}, + 'case_identifier': {'key': 'properties.caseIdentifier', 'type': 'str'}, + 'bookmark_name': {'key': 'properties.bookmarkName', 'type': 'str'}, + } + + def __init__(self, *, relation_name: str, bookmark_id: str, case_identifier: str, etag: str=None, bookmark_name: str=None, **kwargs) -> None: + super(CaseRelation, self).__init__(etag=etag, **kwargs) + self.relation_name = relation_name + self.bookmark_id = bookmark_id + self.case_identifier = case_identifier + self.bookmark_name = bookmark_name diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation.py new file mode 100644 index 000000000000..08b3d706ad59 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation.py @@ -0,0 +1,59 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .aggregations import Aggregations + + +class CasesAggregation(Aggregations): + """Represents aggregations results for cases. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :param aggregation_by_severity: Aggregations results by case severity. + :type aggregation_by_severity: + ~azure.mgmt.securityinsight.models.CasesAggregationBySeverityProperties + :param aggregation_by_status: Aggregations results by case status. + :type aggregation_by_status: + ~azure.mgmt.securityinsight.models.CasesAggregationByStatusProperties + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'aggregation_by_severity': {'key': 'properties.aggregationBySeverity', 'type': 'CasesAggregationBySeverityProperties'}, + 'aggregation_by_status': {'key': 'properties.aggregationByStatus', 'type': 'CasesAggregationByStatusProperties'}, + } + + def __init__(self, **kwargs): + super(CasesAggregation, self).__init__(**kwargs) + self.aggregation_by_severity = kwargs.get('aggregation_by_severity', None) + self.aggregation_by_status = kwargs.get('aggregation_by_status', None) + self.kind = 'CasesAggregation' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties.py new file mode 100644 index 000000000000..e761fece0328 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties.py @@ -0,0 +1,58 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class CasesAggregationBySeverityProperties(Model): + """Aggregative results of cases by severity property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar total_critical_severity: Total amount of open cases with severity + Critical + :vartype total_critical_severity: int + :ivar total_high_severity: Total amount of open cases with severity High + :vartype total_high_severity: int + :ivar total_informational_severity: Total amount of open cases with + severity Informational + :vartype total_informational_severity: int + :ivar total_low_severity: Total amount of open cases with severity Low + :vartype total_low_severity: int + :ivar total_medium_severity: Total amount of open cases with severity + medium + :vartype total_medium_severity: int + """ + + _validation = { + 'total_critical_severity': {'readonly': True}, + 'total_high_severity': {'readonly': True}, + 'total_informational_severity': {'readonly': True}, + 'total_low_severity': {'readonly': True}, + 'total_medium_severity': {'readonly': True}, + } + + _attribute_map = { + 'total_critical_severity': {'key': 'totalCriticalSeverity', 'type': 'int'}, + 'total_high_severity': {'key': 'totalHighSeverity', 'type': 'int'}, + 'total_informational_severity': {'key': 'totalInformationalSeverity', 'type': 'int'}, + 'total_low_severity': {'key': 'totalLowSeverity', 'type': 'int'}, + 'total_medium_severity': {'key': 'totalMediumSeverity', 'type': 'int'}, + } + + def __init__(self, **kwargs): + super(CasesAggregationBySeverityProperties, self).__init__(**kwargs) + self.total_critical_severity = None + self.total_high_severity = None + self.total_informational_severity = None + self.total_low_severity = None + self.total_medium_severity = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties_py3.py new file mode 100644 index 000000000000..c0887d586fb7 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties_py3.py @@ -0,0 +1,58 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class CasesAggregationBySeverityProperties(Model): + """Aggregative results of cases by severity property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar total_critical_severity: Total amount of open cases with severity + Critical + :vartype total_critical_severity: int + :ivar total_high_severity: Total amount of open cases with severity High + :vartype total_high_severity: int + :ivar total_informational_severity: Total amount of open cases with + severity Informational + :vartype total_informational_severity: int + :ivar total_low_severity: Total amount of open cases with severity Low + :vartype total_low_severity: int + :ivar total_medium_severity: Total amount of open cases with severity + medium + :vartype total_medium_severity: int + """ + + _validation = { + 'total_critical_severity': {'readonly': True}, + 'total_high_severity': {'readonly': True}, + 'total_informational_severity': {'readonly': True}, + 'total_low_severity': {'readonly': True}, + 'total_medium_severity': {'readonly': True}, + } + + _attribute_map = { + 'total_critical_severity': {'key': 'totalCriticalSeverity', 'type': 'int'}, + 'total_high_severity': {'key': 'totalHighSeverity', 'type': 'int'}, + 'total_informational_severity': {'key': 'totalInformationalSeverity', 'type': 'int'}, + 'total_low_severity': {'key': 'totalLowSeverity', 'type': 'int'}, + 'total_medium_severity': {'key': 'totalMediumSeverity', 'type': 'int'}, + } + + def __init__(self, **kwargs) -> None: + super(CasesAggregationBySeverityProperties, self).__init__(**kwargs) + self.total_critical_severity = None + self.total_high_severity = None + self.total_informational_severity = None + self.total_low_severity = None + self.total_medium_severity = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties.py new file mode 100644 index 000000000000..0e4f00ca9b96 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties.py @@ -0,0 +1,53 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class CasesAggregationByStatusProperties(Model): + """Aggregative results of cases by status property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar total_dismissed_status: Total amount of open cases with status + Dismissed + :vartype total_dismissed_status: int + :ivar total_in_progress_status: Total amount of open cases with status + InProgress + :vartype total_in_progress_status: int + :ivar total_new_status: Total amount of open cases with status New + :vartype total_new_status: int + :ivar total_resolved_status: Total amount of open cases with status + Resolved + :vartype total_resolved_status: int + """ + + _validation = { + 'total_dismissed_status': {'readonly': True}, + 'total_in_progress_status': {'readonly': True}, + 'total_new_status': {'readonly': True}, + 'total_resolved_status': {'readonly': True}, + } + + _attribute_map = { + 'total_dismissed_status': {'key': 'totalDismissedStatus', 'type': 'int'}, + 'total_in_progress_status': {'key': 'totalInProgressStatus', 'type': 'int'}, + 'total_new_status': {'key': 'totalNewStatus', 'type': 'int'}, + 'total_resolved_status': {'key': 'totalResolvedStatus', 'type': 'int'}, + } + + def __init__(self, **kwargs): + super(CasesAggregationByStatusProperties, self).__init__(**kwargs) + self.total_dismissed_status = None + self.total_in_progress_status = None + self.total_new_status = None + self.total_resolved_status = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties_py3.py new file mode 100644 index 000000000000..a71fbff72acf --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties_py3.py @@ -0,0 +1,53 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class CasesAggregationByStatusProperties(Model): + """Aggregative results of cases by status property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar total_dismissed_status: Total amount of open cases with status + Dismissed + :vartype total_dismissed_status: int + :ivar total_in_progress_status: Total amount of open cases with status + InProgress + :vartype total_in_progress_status: int + :ivar total_new_status: Total amount of open cases with status New + :vartype total_new_status: int + :ivar total_resolved_status: Total amount of open cases with status + Resolved + :vartype total_resolved_status: int + """ + + _validation = { + 'total_dismissed_status': {'readonly': True}, + 'total_in_progress_status': {'readonly': True}, + 'total_new_status': {'readonly': True}, + 'total_resolved_status': {'readonly': True}, + } + + _attribute_map = { + 'total_dismissed_status': {'key': 'totalDismissedStatus', 'type': 'int'}, + 'total_in_progress_status': {'key': 'totalInProgressStatus', 'type': 'int'}, + 'total_new_status': {'key': 'totalNewStatus', 'type': 'int'}, + 'total_resolved_status': {'key': 'totalResolvedStatus', 'type': 'int'}, + } + + def __init__(self, **kwargs) -> None: + super(CasesAggregationByStatusProperties, self).__init__(**kwargs) + self.total_dismissed_status = None + self.total_in_progress_status = None + self.total_new_status = None + self.total_resolved_status = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_py3.py new file mode 100644 index 000000000000..742d5fd0ef76 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_py3.py @@ -0,0 +1,59 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .aggregations_py3 import Aggregations + + +class CasesAggregation(Aggregations): + """Represents aggregations results for cases. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :param aggregation_by_severity: Aggregations results by case severity. + :type aggregation_by_severity: + ~azure.mgmt.securityinsight.models.CasesAggregationBySeverityProperties + :param aggregation_by_status: Aggregations results by case status. + :type aggregation_by_status: + ~azure.mgmt.securityinsight.models.CasesAggregationByStatusProperties + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'aggregation_by_severity': {'key': 'properties.aggregationBySeverity', 'type': 'CasesAggregationBySeverityProperties'}, + 'aggregation_by_status': {'key': 'properties.aggregationByStatus', 'type': 'CasesAggregationByStatusProperties'}, + } + + def __init__(self, *, aggregation_by_severity=None, aggregation_by_status=None, **kwargs) -> None: + super(CasesAggregation, self).__init__(**kwargs) + self.aggregation_by_severity = aggregation_by_severity + self.aggregation_by_status = aggregation_by_status + self.kind = 'CasesAggregation' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cloud_application_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cloud_application_entity.py new file mode 100644 index 000000000000..796fd829a8ef --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cloud_application_entity.py @@ -0,0 +1,79 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class CloudApplicationEntity(Entity): + """Represents a cloud application entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar app_id: The technical identifier of the application. + :vartype app_id: int + :ivar app_name: The name of the related cloud application. + :vartype app_name: str + :ivar instance_name: The user defined instance name of the cloud + application. It is often used to distinguish between several applications + of the same type that a customer has. + :vartype instance_name: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'app_id': {'readonly': True}, + 'app_name': {'readonly': True}, + 'instance_name': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'app_id': {'key': 'properties.appId', 'type': 'int'}, + 'app_name': {'key': 'properties.appName', 'type': 'str'}, + 'instance_name': {'key': 'properties.instanceName', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(CloudApplicationEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.app_id = None + self.app_name = None + self.instance_name = None + self.kind = 'CloudApplication' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cloud_application_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cloud_application_entity_py3.py new file mode 100644 index 000000000000..096c464787d5 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cloud_application_entity_py3.py @@ -0,0 +1,79 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class CloudApplicationEntity(Entity): + """Represents a cloud application entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar app_id: The technical identifier of the application. + :vartype app_id: int + :ivar app_name: The name of the related cloud application. + :vartype app_name: str + :ivar instance_name: The user defined instance name of the cloud + application. It is often used to distinguish between several applications + of the same type that a customer has. + :vartype instance_name: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'app_id': {'readonly': True}, + 'app_name': {'readonly': True}, + 'instance_name': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'app_id': {'key': 'properties.appId', 'type': 'int'}, + 'app_name': {'key': 'properties.appName', 'type': 'str'}, + 'instance_name': {'key': 'properties.instanceName', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(CloudApplicationEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.app_id = None + self.app_name = None + self.instance_name = None + self.kind = 'CloudApplication' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector.py new file mode 100644 index 000000000000..da8121507c94 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector.py @@ -0,0 +1,65 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnector(Model): + """Data connector. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: AADDataConnector, AATPDataConnector, ASCDataConnector, + AwsCloudTrailDataConnector, MCASDataConnector, MDATPDataConnector, + OfficeDataConnector, TIDataConnector + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'AzureActiveDirectory': 'AADDataConnector', 'AzureAdvancedThreatProtection': 'AATPDataConnector', 'AzureSecurityCenter': 'ASCDataConnector', 'AmazonWebServicesCloudTrail': 'AwsCloudTrailDataConnector', 'MicrosoftCloudAppSecurity': 'MCASDataConnector', 'MicrosoftDefenderAdvancedThreatProtection': 'MDATPDataConnector', 'Office365': 'OfficeDataConnector', 'ThreatIntelligence': 'TIDataConnector'} + } + + def __init__(self, **kwargs): + super(DataConnector, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.etag = kwargs.get('etag', None) + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_data_type_common.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_data_type_common.py new file mode 100644 index 000000000000..91c0a49613f9 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_data_type_common.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnectorDataTypeCommon(Model): + """Common field for data type in data connectors. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(DataConnectorDataTypeCommon, self).__init__(**kwargs) + self.state = kwargs.get('state', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_data_type_common_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_data_type_common_py3.py new file mode 100644 index 000000000000..33866464f222 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_data_type_common_py3.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnectorDataTypeCommon(Model): + """Common field for data type in data connectors. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, *, state=None, **kwargs) -> None: + super(DataConnectorDataTypeCommon, self).__init__(**kwargs) + self.state = state diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1.py new file mode 100644 index 000000000000..b9875672c8c4 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1.py @@ -0,0 +1,32 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnectorKind1(Model): + """Describes an Azure resource with kind. + + :param kind: The kind of the data connector. Possible values include: + 'AzureActiveDirectory', 'AzureSecurityCenter', + 'MicrosoftCloudAppSecurity', 'ThreatIntelligence', 'Office365', + 'AmazonWebServicesCloudTrail', 'AzureAdvancedThreatProtection', + 'MicrosoftDefenderAdvancedThreatProtection' + :type kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + """ + + _attribute_map = { + 'kind': {'key': 'kind', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(DataConnectorKind1, self).__init__(**kwargs) + self.kind = kwargs.get('kind', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1_py3.py new file mode 100644 index 000000000000..fa1b41531db9 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1_py3.py @@ -0,0 +1,32 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnectorKind1(Model): + """Describes an Azure resource with kind. + + :param kind: The kind of the data connector. Possible values include: + 'AzureActiveDirectory', 'AzureSecurityCenter', + 'MicrosoftCloudAppSecurity', 'ThreatIntelligence', 'Office365', + 'AmazonWebServicesCloudTrail', 'AzureAdvancedThreatProtection', + 'MicrosoftDefenderAdvancedThreatProtection' + :type kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + """ + + _attribute_map = { + 'kind': {'key': 'kind', 'type': 'str'}, + } + + def __init__(self, *, kind=None, **kwargs) -> None: + super(DataConnectorKind1, self).__init__(**kwargs) + self.kind = kind diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_paged.py new file mode 100644 index 000000000000..b3929c84ac01 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class DataConnectorPaged(Paged): + """ + A paging container for iterating over a list of :class:`DataConnector ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[DataConnector]'} + } + + def __init__(self, *args, **kwargs): + + super(DataConnectorPaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_py3.py new file mode 100644 index 000000000000..0ec58112cc80 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_py3.py @@ -0,0 +1,65 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnector(Model): + """Data connector. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: AADDataConnector, AATPDataConnector, ASCDataConnector, + AwsCloudTrailDataConnector, MCASDataConnector, MDATPDataConnector, + OfficeDataConnector, TIDataConnector + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'AzureActiveDirectory': 'AADDataConnector', 'AzureAdvancedThreatProtection': 'AATPDataConnector', 'AzureSecurityCenter': 'ASCDataConnector', 'AmazonWebServicesCloudTrail': 'AwsCloudTrailDataConnector', 'MicrosoftCloudAppSecurity': 'MCASDataConnector', 'MicrosoftDefenderAdvancedThreatProtection': 'MDATPDataConnector', 'Office365': 'OfficeDataConnector', 'ThreatIntelligence': 'TIDataConnector'} + } + + def __init__(self, *, etag: str=None, **kwargs) -> None: + super(DataConnector, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.etag = etag + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_status.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_status.py new file mode 100644 index 000000000000..d9c3ff2d4af4 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_status.py @@ -0,0 +1,33 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnectorStatus(Model): + """alert rule template data connector status. + + :param connector_id: the connector id + :type connector_id: str + :param data_types: The data types availability map + :type data_types: dict[str, str or + ~azure.mgmt.securityinsight.models.DataTypeStatus] + """ + + _attribute_map = { + 'connector_id': {'key': 'connectorId', 'type': 'str'}, + 'data_types': {'key': 'dataTypes', 'type': '{str}'}, + } + + def __init__(self, **kwargs): + super(DataConnectorStatus, self).__init__(**kwargs) + self.connector_id = kwargs.get('connector_id', None) + self.data_types = kwargs.get('data_types', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_status_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_status_py3.py new file mode 100644 index 000000000000..355389270c9f --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_status_py3.py @@ -0,0 +1,33 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnectorStatus(Model): + """alert rule template data connector status. + + :param connector_id: the connector id + :type connector_id: str + :param data_types: The data types availability map + :type data_types: dict[str, str or + ~azure.mgmt.securityinsight.models.DataTypeStatus] + """ + + _attribute_map = { + 'connector_id': {'key': 'connectorId', 'type': 'str'}, + 'data_types': {'key': 'dataTypes', 'type': '{str}'}, + } + + def __init__(self, *, connector_id: str=None, data_types=None, **kwargs) -> None: + super(DataConnectorStatus, self).__init__(**kwargs) + self.connector_id = connector_id + self.data_types = data_types diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_tenant_id.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_tenant_id.py new file mode 100644 index 000000000000..66b07808b6aa --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_tenant_id.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnectorTenantId(Model): + """Properties data connector on tenant level. + + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + """ + + _attribute_map = { + 'tenant_id': {'key': 'tenantId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(DataConnectorTenantId, self).__init__(**kwargs) + self.tenant_id = kwargs.get('tenant_id', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_tenant_id_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_tenant_id_py3.py new file mode 100644 index 000000000000..27997416eb33 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_tenant_id_py3.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnectorTenantId(Model): + """Properties data connector on tenant level. + + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + """ + + _attribute_map = { + 'tenant_id': {'key': 'tenantId', 'type': 'str'}, + } + + def __init__(self, *, tenant_id: str=None, **kwargs) -> None: + super(DataConnectorTenantId, self).__init__(**kwargs) + self.tenant_id = tenant_id diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_with_alerts_properties.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_with_alerts_properties.py new file mode 100644 index 000000000000..a38001750f3f --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_with_alerts_properties.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnectorWithAlertsProperties(Model): + """Data connector properties. + + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + """ + + _attribute_map = { + 'data_types': {'key': 'dataTypes', 'type': 'AlertsDataTypeOfDataConnector'}, + } + + def __init__(self, **kwargs): + super(DataConnectorWithAlertsProperties, self).__init__(**kwargs) + self.data_types = kwargs.get('data_types', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_with_alerts_properties_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_with_alerts_properties_py3.py new file mode 100644 index 000000000000..e2234f75d9b3 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_with_alerts_properties_py3.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class DataConnectorWithAlertsProperties(Model): + """Data connector properties. + + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + """ + + _attribute_map = { + 'data_types': {'key': 'dataTypes', 'type': 'AlertsDataTypeOfDataConnector'}, + } + + def __init__(self, *, data_types=None, **kwargs) -> None: + super(DataConnectorWithAlertsProperties, self).__init__(**kwargs) + self.data_types = data_types diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/dns_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/dns_entity.py new file mode 100644 index 000000000000..1b3158c7ec94 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/dns_entity.py @@ -0,0 +1,85 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class DnsEntity(Entity): + """Represents a dns entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar dns_server_ip_entity_id: An ip entity id for the dns server + resolving the request + :vartype dns_server_ip_entity_id: str + :ivar domain_name: The name of the dns record associated with the alert + :vartype domain_name: str + :ivar host_ip_address_entity_id: An ip entity id for the dns request + client + :vartype host_ip_address_entity_id: str + :ivar ip_address_entity_ids: Ip entity identifiers for the resolved ip + address. + :vartype ip_address_entity_ids: list[str] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'dns_server_ip_entity_id': {'readonly': True}, + 'domain_name': {'readonly': True}, + 'host_ip_address_entity_id': {'readonly': True}, + 'ip_address_entity_ids': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'dns_server_ip_entity_id': {'key': 'properties.dnsServerIpEntityId', 'type': 'str'}, + 'domain_name': {'key': 'properties.domainName', 'type': 'str'}, + 'host_ip_address_entity_id': {'key': 'properties.hostIpAddressEntityId', 'type': 'str'}, + 'ip_address_entity_ids': {'key': 'properties.ipAddressEntityIds', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(DnsEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.dns_server_ip_entity_id = None + self.domain_name = None + self.host_ip_address_entity_id = None + self.ip_address_entity_ids = None + self.kind = 'DnsResolution' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/dns_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/dns_entity_py3.py new file mode 100644 index 000000000000..a652e883b787 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/dns_entity_py3.py @@ -0,0 +1,85 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class DnsEntity(Entity): + """Represents a dns entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar dns_server_ip_entity_id: An ip entity id for the dns server + resolving the request + :vartype dns_server_ip_entity_id: str + :ivar domain_name: The name of the dns record associated with the alert + :vartype domain_name: str + :ivar host_ip_address_entity_id: An ip entity id for the dns request + client + :vartype host_ip_address_entity_id: str + :ivar ip_address_entity_ids: Ip entity identifiers for the resolved ip + address. + :vartype ip_address_entity_ids: list[str] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'dns_server_ip_entity_id': {'readonly': True}, + 'domain_name': {'readonly': True}, + 'host_ip_address_entity_id': {'readonly': True}, + 'ip_address_entity_ids': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'dns_server_ip_entity_id': {'key': 'properties.dnsServerIpEntityId', 'type': 'str'}, + 'domain_name': {'key': 'properties.domainName', 'type': 'str'}, + 'host_ip_address_entity_id': {'key': 'properties.hostIpAddressEntityId', 'type': 'str'}, + 'ip_address_entity_ids': {'key': 'properties.ipAddressEntityIds', 'type': '[str]'}, + } + + def __init__(self, **kwargs) -> None: + super(DnsEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.dns_server_ip_entity_id = None + self.domain_name = None + self.host_ip_address_entity_id = None + self.ip_address_entity_ids = None + self.kind = 'DnsResolution' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity.py new file mode 100644 index 000000000000..60fdd2150b55 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity.py @@ -0,0 +1,62 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Entity(Model): + """Specific entity. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: AccountEntity, AzureResourceEntity, + CloudApplicationEntity, DnsEntity, FileEntity, FileHashEntity, HostEntity, + IpEntity, MalwareEntity, ProcessEntity, RegistryKeyEntity, + RegistryValueEntity, SecurityAlert, SecurityGroupEntity, UrlEntity + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'Account': 'AccountEntity', 'AzureResource': 'AzureResourceEntity', 'CloudApplication': 'CloudApplicationEntity', 'DnsResolution': 'DnsEntity', 'File': 'FileEntity', 'FileHash': 'FileHashEntity', 'Host': 'HostEntity', 'Ip': 'IpEntity', 'Malware': 'MalwareEntity', 'Process': 'ProcessEntity', 'RegistryKey': 'RegistryKeyEntity', 'RegistryValue': 'RegistryValueEntity', 'SecurityAlert': 'SecurityAlert', 'SecurityGroup': 'SecurityGroupEntity', 'Url': 'UrlEntity'} + } + + def __init__(self, **kwargs): + super(Entity, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_common_properties.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_common_properties.py new file mode 100644 index 000000000000..2050abb56478 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_common_properties.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class EntityCommonProperties(Model): + """Entity common property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + """ + + _validation = { + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + } + + _attribute_map = { + 'additional_data': {'key': 'additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'friendlyName', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(EntityCommonProperties, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_common_properties_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_common_properties_py3.py new file mode 100644 index 000000000000..67feec151fad --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_common_properties_py3.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class EntityCommonProperties(Model): + """Entity common property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + """ + + _validation = { + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + } + + _attribute_map = { + 'additional_data': {'key': 'additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'friendlyName', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(EntityCommonProperties, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_parameters.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_parameters.py new file mode 100644 index 000000000000..aa996ea7d1b0 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_parameters.py @@ -0,0 +1,38 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class EntityExpandParameters(Model): + """The parameters required to execute an expand operation on the given entity. + + :param end_time: The end date filter, so the only expansion results + returned are before this date. + :type end_time: datetime + :param expansion_id: The Id of the expansion to perform. + :type expansion_id: str + :param start_time: The start date filter, so the only expansion results + returned are after this date. + :type start_time: datetime + """ + + _attribute_map = { + 'end_time': {'key': 'endTime', 'type': 'iso-8601'}, + 'expansion_id': {'key': 'expansionId', 'type': 'str'}, + 'start_time': {'key': 'startTime', 'type': 'iso-8601'}, + } + + def __init__(self, **kwargs): + super(EntityExpandParameters, self).__init__(**kwargs) + self.end_time = kwargs.get('end_time', None) + self.expansion_id = kwargs.get('expansion_id', None) + self.start_time = kwargs.get('start_time', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_parameters_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_parameters_py3.py new file mode 100644 index 000000000000..f107e4455c9f --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_parameters_py3.py @@ -0,0 +1,38 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class EntityExpandParameters(Model): + """The parameters required to execute an expand operation on the given entity. + + :param end_time: The end date filter, so the only expansion results + returned are before this date. + :type end_time: datetime + :param expansion_id: The Id of the expansion to perform. + :type expansion_id: str + :param start_time: The start date filter, so the only expansion results + returned are after this date. + :type start_time: datetime + """ + + _attribute_map = { + 'end_time': {'key': 'endTime', 'type': 'iso-8601'}, + 'expansion_id': {'key': 'expansionId', 'type': 'str'}, + 'start_time': {'key': 'startTime', 'type': 'iso-8601'}, + } + + def __init__(self, *, end_time=None, expansion_id: str=None, start_time=None, **kwargs) -> None: + super(EntityExpandParameters, self).__init__(**kwargs) + self.end_time = end_time + self.expansion_id = expansion_id + self.start_time = start_time diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response.py new file mode 100644 index 000000000000..544e43037d04 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response.py @@ -0,0 +1,33 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class EntityExpandResponse(Model): + """The entity expansion result operation response. + + :param meta_data: The metadata from the expansion operation results. + :type meta_data: + ~azure.mgmt.securityinsight.models.ExpansionResultsMetadata + :param value: The expansion result values. + :type value: ~azure.mgmt.securityinsight.models.EntityExpandResponseValue + """ + + _attribute_map = { + 'meta_data': {'key': 'metaData', 'type': 'ExpansionResultsMetadata'}, + 'value': {'key': 'value', 'type': 'EntityExpandResponseValue'}, + } + + def __init__(self, **kwargs): + super(EntityExpandResponse, self).__init__(**kwargs) + self.meta_data = kwargs.get('meta_data', None) + self.value = kwargs.get('value', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response_py3.py new file mode 100644 index 000000000000..d931c364a79e --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response_py3.py @@ -0,0 +1,33 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class EntityExpandResponse(Model): + """The entity expansion result operation response. + + :param meta_data: The metadata from the expansion operation results. + :type meta_data: + ~azure.mgmt.securityinsight.models.ExpansionResultsMetadata + :param value: The expansion result values. + :type value: ~azure.mgmt.securityinsight.models.EntityExpandResponseValue + """ + + _attribute_map = { + 'meta_data': {'key': 'metaData', 'type': 'ExpansionResultsMetadata'}, + 'value': {'key': 'value', 'type': 'EntityExpandResponseValue'}, + } + + def __init__(self, *, meta_data=None, value=None, **kwargs) -> None: + super(EntityExpandResponse, self).__init__(**kwargs) + self.meta_data = meta_data + self.value = value diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response_value.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response_value.py new file mode 100644 index 000000000000..c7114cddbf64 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response_value.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class EntityExpandResponseValue(Model): + """The expansion result values. + + :param entities: Array of the expansion result entities. + :type entities: list[~azure.mgmt.securityinsight.models.Entity] + """ + + _attribute_map = { + 'entities': {'key': 'entities', 'type': '[Entity]'}, + } + + def __init__(self, **kwargs): + super(EntityExpandResponseValue, self).__init__(**kwargs) + self.entities = kwargs.get('entities', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response_value_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response_value_py3.py new file mode 100644 index 000000000000..6c08ddd3c527 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_expand_response_value_py3.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class EntityExpandResponseValue(Model): + """The expansion result values. + + :param entities: Array of the expansion result entities. + :type entities: list[~azure.mgmt.securityinsight.models.Entity] + """ + + _attribute_map = { + 'entities': {'key': 'entities', 'type': '[Entity]'}, + } + + def __init__(self, *, entities=None, **kwargs) -> None: + super(EntityExpandResponseValue, self).__init__(**kwargs) + self.entities = entities diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_kind1.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_kind1.py new file mode 100644 index 000000000000..5a090ae17e6f --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_kind1.py @@ -0,0 +1,31 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class EntityKind1(Model): + """Describes an entity with kind. + + :param kind: The kind of the entity. Possible values include: 'Account', + 'Host', 'File', 'AzureResource', 'CloudApplication', 'DnsResolution', + 'FileHash', 'Ip', 'Malware', 'Process', 'RegistryKey', 'RegistryValue', + 'SecurityGroup', 'Url', 'SecurityAlert', 'Bookmark' + :type kind: str or ~azure.mgmt.securityinsight.models.EntityKind + """ + + _attribute_map = { + 'kind': {'key': 'kind', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(EntityKind1, self).__init__(**kwargs) + self.kind = kwargs.get('kind', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_kind1_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_kind1_py3.py new file mode 100644 index 000000000000..baa858bbd278 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_kind1_py3.py @@ -0,0 +1,31 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class EntityKind1(Model): + """Describes an entity with kind. + + :param kind: The kind of the entity. Possible values include: 'Account', + 'Host', 'File', 'AzureResource', 'CloudApplication', 'DnsResolution', + 'FileHash', 'Ip', 'Malware', 'Process', 'RegistryKey', 'RegistryValue', + 'SecurityGroup', 'Url', 'SecurityAlert', 'Bookmark' + :type kind: str or ~azure.mgmt.securityinsight.models.EntityKind + """ + + _attribute_map = { + 'kind': {'key': 'kind', 'type': 'str'}, + } + + def __init__(self, *, kind=None, **kwargs) -> None: + super(EntityKind1, self).__init__(**kwargs) + self.kind = kind diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_paged.py new file mode 100644 index 000000000000..1cc3027ddd60 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class EntityPaged(Paged): + """ + A paging container for iterating over a list of :class:`Entity ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[Entity]'} + } + + def __init__(self, *args, **kwargs): + + super(EntityPaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_py3.py new file mode 100644 index 000000000000..ae7259dcf315 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_py3.py @@ -0,0 +1,62 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Entity(Model): + """Specific entity. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: AccountEntity, AzureResourceEntity, + CloudApplicationEntity, DnsEntity, FileEntity, FileHashEntity, HostEntity, + IpEntity, MalwareEntity, ProcessEntity, RegistryKeyEntity, + RegistryValueEntity, SecurityAlert, SecurityGroupEntity, UrlEntity + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'Account': 'AccountEntity', 'AzureResource': 'AzureResourceEntity', 'CloudApplication': 'CloudApplicationEntity', 'DnsResolution': 'DnsEntity', 'File': 'FileEntity', 'FileHash': 'FileHashEntity', 'Host': 'HostEntity', 'Ip': 'IpEntity', 'Malware': 'MalwareEntity', 'Process': 'ProcessEntity', 'RegistryKey': 'RegistryKeyEntity', 'RegistryValue': 'RegistryValueEntity', 'SecurityAlert': 'SecurityAlert', 'SecurityGroup': 'SecurityGroupEntity', 'Url': 'UrlEntity'} + } + + def __init__(self, **kwargs) -> None: + super(Entity, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query.py new file mode 100644 index 000000000000..c3218539abf7 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query.py @@ -0,0 +1,76 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource import Resource + + +class EntityQuery(Resource): + """Specific entity query. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param data_sources: List of the data sources that are required to run the + query + :type data_sources: list[str] + :param display_name: The query display name + :type display_name: str + :param input_entity_type: The type of the query's source entity. Possible + values include: 'Account', 'Host', 'File', 'AzureResource', + 'CloudApplication', 'DNS', 'FileHash', 'IP', 'Malware', 'Process', + 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'URL', 'SecurityAlert', + 'HuntingBookmark' + :type input_entity_type: str or + ~azure.mgmt.securityinsight.models.EntityType + :param input_fields: List of the fields of the source entity that are + required to run the query + :type input_fields: list[str] + :param output_entity_types: List of the desired output types to be + constructed from the result + :type output_entity_types: list[str or + ~azure.mgmt.securityinsight.models.EntityType] + :param query_template: The template query string to be parsed and + formatted + :type query_template: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'data_sources': {'key': 'properties.dataSources', 'type': '[str]'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'input_entity_type': {'key': 'properties.inputEntityType', 'type': 'str'}, + 'input_fields': {'key': 'properties.inputFields', 'type': '[str]'}, + 'output_entity_types': {'key': 'properties.outputEntityTypes', 'type': '[str]'}, + 'query_template': {'key': 'properties.queryTemplate', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(EntityQuery, self).__init__(**kwargs) + self.data_sources = kwargs.get('data_sources', None) + self.display_name = kwargs.get('display_name', None) + self.input_entity_type = kwargs.get('input_entity_type', None) + self.input_fields = kwargs.get('input_fields', None) + self.output_entity_types = kwargs.get('output_entity_types', None) + self.query_template = kwargs.get('query_template', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_paged.py new file mode 100644 index 000000000000..164d6070e862 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class EntityQueryPaged(Paged): + """ + A paging container for iterating over a list of :class:`EntityQuery ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[EntityQuery]'} + } + + def __init__(self, *args, **kwargs): + + super(EntityQueryPaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_py3.py new file mode 100644 index 000000000000..2ab3256e8ae1 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_py3.py @@ -0,0 +1,76 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_py3 import Resource + + +class EntityQuery(Resource): + """Specific entity query. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param data_sources: List of the data sources that are required to run the + query + :type data_sources: list[str] + :param display_name: The query display name + :type display_name: str + :param input_entity_type: The type of the query's source entity. Possible + values include: 'Account', 'Host', 'File', 'AzureResource', + 'CloudApplication', 'DNS', 'FileHash', 'IP', 'Malware', 'Process', + 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'URL', 'SecurityAlert', + 'HuntingBookmark' + :type input_entity_type: str or + ~azure.mgmt.securityinsight.models.EntityType + :param input_fields: List of the fields of the source entity that are + required to run the query + :type input_fields: list[str] + :param output_entity_types: List of the desired output types to be + constructed from the result + :type output_entity_types: list[str or + ~azure.mgmt.securityinsight.models.EntityType] + :param query_template: The template query string to be parsed and + formatted + :type query_template: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'data_sources': {'key': 'properties.dataSources', 'type': '[str]'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'input_entity_type': {'key': 'properties.inputEntityType', 'type': 'str'}, + 'input_fields': {'key': 'properties.inputFields', 'type': '[str]'}, + 'output_entity_types': {'key': 'properties.outputEntityTypes', 'type': '[str]'}, + 'query_template': {'key': 'properties.queryTemplate', 'type': 'str'}, + } + + def __init__(self, *, data_sources=None, display_name: str=None, input_entity_type=None, input_fields=None, output_entity_types=None, query_template: str=None, **kwargs) -> None: + super(EntityQuery, self).__init__(**kwargs) + self.data_sources = data_sources + self.display_name = display_name + self.input_entity_type = input_entity_type + self.input_fields = input_fields + self.output_entity_types = output_entity_types + self.query_template = query_template diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_result_aggregation.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_result_aggregation.py new file mode 100644 index 000000000000..084e23060526 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_result_aggregation.py @@ -0,0 +1,53 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ExpansionResultAggregation(Model): + """Information of a specific aggregation in the expansion result. + + All required parameters must be populated in order to send to Azure. + + :param aggregation_type: The common type of the aggregation. (for e.g. + entity field name) + :type aggregation_type: str + :param count: Required. Total number of aggregations of the given kind + (and aggregationType if given) in the expansion result. + :type count: int + :param display_name: The display name of the aggregation by type. + :type display_name: str + :param entity_kind: Required. The kind of the aggregated entity. Possible + values include: 'Account', 'Host', 'File', 'AzureResource', + 'CloudApplication', 'DnsResolution', 'FileHash', 'Ip', 'Malware', + 'Process', 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'Url', + 'SecurityAlert', 'Bookmark' + :type entity_kind: str or ~azure.mgmt.securityinsight.models.EntityKind + """ + + _validation = { + 'count': {'required': True}, + 'entity_kind': {'required': True}, + } + + _attribute_map = { + 'aggregation_type': {'key': 'aggregationType', 'type': 'str'}, + 'count': {'key': 'count', 'type': 'int'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'entity_kind': {'key': 'entityKind', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ExpansionResultAggregation, self).__init__(**kwargs) + self.aggregation_type = kwargs.get('aggregation_type', None) + self.count = kwargs.get('count', None) + self.display_name = kwargs.get('display_name', None) + self.entity_kind = kwargs.get('entity_kind', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_result_aggregation_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_result_aggregation_py3.py new file mode 100644 index 000000000000..305fb7aa507d --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_result_aggregation_py3.py @@ -0,0 +1,53 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ExpansionResultAggregation(Model): + """Information of a specific aggregation in the expansion result. + + All required parameters must be populated in order to send to Azure. + + :param aggregation_type: The common type of the aggregation. (for e.g. + entity field name) + :type aggregation_type: str + :param count: Required. Total number of aggregations of the given kind + (and aggregationType if given) in the expansion result. + :type count: int + :param display_name: The display name of the aggregation by type. + :type display_name: str + :param entity_kind: Required. The kind of the aggregated entity. Possible + values include: 'Account', 'Host', 'File', 'AzureResource', + 'CloudApplication', 'DnsResolution', 'FileHash', 'Ip', 'Malware', + 'Process', 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'Url', + 'SecurityAlert', 'Bookmark' + :type entity_kind: str or ~azure.mgmt.securityinsight.models.EntityKind + """ + + _validation = { + 'count': {'required': True}, + 'entity_kind': {'required': True}, + } + + _attribute_map = { + 'aggregation_type': {'key': 'aggregationType', 'type': 'str'}, + 'count': {'key': 'count', 'type': 'int'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'entity_kind': {'key': 'entityKind', 'type': 'str'}, + } + + def __init__(self, *, count: int, entity_kind, aggregation_type: str=None, display_name: str=None, **kwargs) -> None: + super(ExpansionResultAggregation, self).__init__(**kwargs) + self.aggregation_type = aggregation_type + self.count = count + self.display_name = display_name + self.entity_kind = entity_kind diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_results_metadata.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_results_metadata.py new file mode 100644 index 000000000000..bf844b843a6b --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_results_metadata.py @@ -0,0 +1,30 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ExpansionResultsMetadata(Model): + """Expansion result metadata. + + :param aggregations: Information of the aggregated nodes in the expansion + result. + :type aggregations: + list[~azure.mgmt.securityinsight.models.ExpansionResultAggregation] + """ + + _attribute_map = { + 'aggregations': {'key': 'aggregations', 'type': '[ExpansionResultAggregation]'}, + } + + def __init__(self, **kwargs): + super(ExpansionResultsMetadata, self).__init__(**kwargs) + self.aggregations = kwargs.get('aggregations', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_results_metadata_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_results_metadata_py3.py new file mode 100644 index 000000000000..07318fa8ea45 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/expansion_results_metadata_py3.py @@ -0,0 +1,30 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ExpansionResultsMetadata(Model): + """Expansion result metadata. + + :param aggregations: Information of the aggregated nodes in the expansion + result. + :type aggregations: + list[~azure.mgmt.securityinsight.models.ExpansionResultAggregation] + """ + + _attribute_map = { + 'aggregations': {'key': 'aggregations', 'type': '[ExpansionResultAggregation]'}, + } + + def __init__(self, *, aggregations=None, **kwargs) -> None: + super(ExpansionResultsMetadata, self).__init__(**kwargs) + self.aggregations = aggregations diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_entity.py new file mode 100644 index 000000000000..11bd65d0ad5a --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_entity.py @@ -0,0 +1,84 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class FileEntity(Entity): + """Represents a file entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar directory: The full path to the file. + :vartype directory: str + :ivar file_hash_entity_ids: The file hash entity identifiers associated + with this file + :vartype file_hash_entity_ids: list[str] + :ivar file_name: The file name without path (some alerts might not include + path). + :vartype file_name: str + :ivar host_entity_id: The Host entity id which the file belongs to + :vartype host_entity_id: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'directory': {'readonly': True}, + 'file_hash_entity_ids': {'readonly': True}, + 'file_name': {'readonly': True}, + 'host_entity_id': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'directory': {'key': 'properties.directory', 'type': 'str'}, + 'file_hash_entity_ids': {'key': 'properties.fileHashEntityIds', 'type': '[str]'}, + 'file_name': {'key': 'properties.fileName', 'type': 'str'}, + 'host_entity_id': {'key': 'properties.hostEntityId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(FileEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.directory = None + self.file_hash_entity_ids = None + self.file_name = None + self.host_entity_id = None + self.kind = 'File' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_entity_py3.py new file mode 100644 index 000000000000..8443af4b2481 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_entity_py3.py @@ -0,0 +1,84 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class FileEntity(Entity): + """Represents a file entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar directory: The full path to the file. + :vartype directory: str + :ivar file_hash_entity_ids: The file hash entity identifiers associated + with this file + :vartype file_hash_entity_ids: list[str] + :ivar file_name: The file name without path (some alerts might not include + path). + :vartype file_name: str + :ivar host_entity_id: The Host entity id which the file belongs to + :vartype host_entity_id: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'directory': {'readonly': True}, + 'file_hash_entity_ids': {'readonly': True}, + 'file_name': {'readonly': True}, + 'host_entity_id': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'directory': {'key': 'properties.directory', 'type': 'str'}, + 'file_hash_entity_ids': {'key': 'properties.fileHashEntityIds', 'type': '[str]'}, + 'file_name': {'key': 'properties.fileName', 'type': 'str'}, + 'host_entity_id': {'key': 'properties.hostEntityId', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(FileEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.directory = None + self.file_hash_entity_ids = None + self.file_name = None + self.host_entity_id = None + self.kind = 'File' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_hash_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_hash_entity.py new file mode 100644 index 000000000000..1dd6cd77ffb9 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_hash_entity.py @@ -0,0 +1,74 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class FileHashEntity(Entity): + """Represents a file hash entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar algorithm: The hash algorithm type. Possible values include: + 'Unknown', 'MD5', 'SHA1', 'SHA256', 'SHA256AC' + :vartype algorithm: str or + ~azure.mgmt.securityinsight.models.FileHashAlgorithm + :ivar hash_value: The file hash value. + :vartype hash_value: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'algorithm': {'readonly': True}, + 'hash_value': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'algorithm': {'key': 'properties.algorithm', 'type': 'str'}, + 'hash_value': {'key': 'properties.hashValue', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(FileHashEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.algorithm = None + self.hash_value = None + self.kind = 'FileHash' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_hash_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_hash_entity_py3.py new file mode 100644 index 000000000000..b6723121584a --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/file_hash_entity_py3.py @@ -0,0 +1,74 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class FileHashEntity(Entity): + """Represents a file hash entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar algorithm: The hash algorithm type. Possible values include: + 'Unknown', 'MD5', 'SHA1', 'SHA256', 'SHA256AC' + :vartype algorithm: str or + ~azure.mgmt.securityinsight.models.FileHashAlgorithm + :ivar hash_value: The file hash value. + :vartype hash_value: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'algorithm': {'readonly': True}, + 'hash_value': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'algorithm': {'key': 'properties.algorithm', 'type': 'str'}, + 'hash_value': {'key': 'properties.hashValue', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(FileHashEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.algorithm = None + self.hash_value = None + self.kind = 'FileHash' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule.py new file mode 100644 index 000000000000..5e0cdd28f415 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule.py @@ -0,0 +1,92 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule import AlertRule + + +class FusionAlertRule(AlertRule): + """Represents Fusion alert rule. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param alert_rule_template_name: Required. The Name of the alert rule + template used to create this rule. + :type alert_rule_template_name: str + :ivar description: The description of the alert rule. + :vartype description: str + :ivar display_name: The display name for alerts created by this alert + rule. + :vartype display_name: str + :param enabled: Required. Determines whether this alert rule is enabled or + disabled. + :type enabled: bool + :ivar last_modified_utc: The last time that this alert has been modified. + :vartype last_modified_utc: datetime + :ivar severity: The severity for alerts created by this alert rule. + Possible values include: 'High', 'Medium', 'Low', 'Informational' + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar tactics: The tactics of the alert rule + :vartype tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'alert_rule_template_name': {'required': True}, + 'description': {'readonly': True}, + 'display_name': {'readonly': True}, + 'enabled': {'required': True}, + 'last_modified_utc': {'readonly': True}, + 'severity': {'readonly': True}, + 'tactics': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'alert_rule_template_name': {'key': 'properties.alertRuleTemplateName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'enabled': {'key': 'properties.enabled', 'type': 'bool'}, + 'last_modified_utc': {'key': 'properties.lastModifiedUtc', 'type': 'iso-8601'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(FusionAlertRule, self).__init__(**kwargs) + self.alert_rule_template_name = kwargs.get('alert_rule_template_name', None) + self.description = None + self.display_name = None + self.enabled = kwargs.get('enabled', None) + self.last_modified_utc = None + self.severity = None + self.tactics = None + self.kind = 'Fusion' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule_py3.py new file mode 100644 index 000000000000..6b48b063b450 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule_py3.py @@ -0,0 +1,92 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule_py3 import AlertRule + + +class FusionAlertRule(AlertRule): + """Represents Fusion alert rule. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param alert_rule_template_name: Required. The Name of the alert rule + template used to create this rule. + :type alert_rule_template_name: str + :ivar description: The description of the alert rule. + :vartype description: str + :ivar display_name: The display name for alerts created by this alert + rule. + :vartype display_name: str + :param enabled: Required. Determines whether this alert rule is enabled or + disabled. + :type enabled: bool + :ivar last_modified_utc: The last time that this alert has been modified. + :vartype last_modified_utc: datetime + :ivar severity: The severity for alerts created by this alert rule. + Possible values include: 'High', 'Medium', 'Low', 'Informational' + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar tactics: The tactics of the alert rule + :vartype tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'alert_rule_template_name': {'required': True}, + 'description': {'readonly': True}, + 'display_name': {'readonly': True}, + 'enabled': {'required': True}, + 'last_modified_utc': {'readonly': True}, + 'severity': {'readonly': True}, + 'tactics': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'alert_rule_template_name': {'key': 'properties.alertRuleTemplateName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'enabled': {'key': 'properties.enabled', 'type': 'bool'}, + 'last_modified_utc': {'key': 'properties.lastModifiedUtc', 'type': 'iso-8601'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + } + + def __init__(self, *, alert_rule_template_name: str, enabled: bool, etag: str=None, **kwargs) -> None: + super(FusionAlertRule, self).__init__(etag=etag, **kwargs) + self.alert_rule_template_name = alert_rule_template_name + self.description = None + self.display_name = None + self.enabled = enabled + self.last_modified_utc = None + self.severity = None + self.tactics = None + self.kind = 'Fusion' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule_template.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule_template.py new file mode 100644 index 000000000000..c2e60a40f4a2 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule_template.py @@ -0,0 +1,90 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule_template import AlertRuleTemplate + + +class FusionAlertRuleTemplate(AlertRuleTemplate): + """Represents Fusion alert rule template. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :param alert_rules_created_by_template_count: the number of alert rules + that were created by this template + :type alert_rules_created_by_template_count: int + :ivar created_date_utc: The time that this alert rule template has been + added. + :vartype created_date_utc: datetime + :param description: The description of the alert rule template. + :type description: str + :param display_name: The display name for alert rule template. + :type display_name: str + :param required_data_connectors: The required data connectors for this + template + :type required_data_connectors: + list[~azure.mgmt.securityinsight.models.DataConnectorStatus] + :param status: The alert rule template status. Possible values include: + 'Installed', 'Available', 'NotAvailable' + :type status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :param tactics: The tactics of the alert rule template + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + :param severity: Required. The severity for alerts created by this alert + rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'created_date_utc': {'readonly': True}, + 'severity': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'alert_rules_created_by_template_count': {'key': 'properties.alertRulesCreatedByTemplateCount', 'type': 'int'}, + 'created_date_utc': {'key': 'properties.createdDateUTC', 'type': 'iso-8601'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'required_data_connectors': {'key': 'properties.requiredDataConnectors', 'type': '[DataConnectorStatus]'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(FusionAlertRuleTemplate, self).__init__(**kwargs) + self.alert_rules_created_by_template_count = kwargs.get('alert_rules_created_by_template_count', None) + self.created_date_utc = None + self.description = kwargs.get('description', None) + self.display_name = kwargs.get('display_name', None) + self.required_data_connectors = kwargs.get('required_data_connectors', None) + self.status = kwargs.get('status', None) + self.tactics = kwargs.get('tactics', None) + self.severity = kwargs.get('severity', None) + self.kind = 'Fusion' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule_template_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule_template_py3.py new file mode 100644 index 000000000000..60cc7cf330f5 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/fusion_alert_rule_template_py3.py @@ -0,0 +1,90 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule_template_py3 import AlertRuleTemplate + + +class FusionAlertRuleTemplate(AlertRuleTemplate): + """Represents Fusion alert rule template. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :param alert_rules_created_by_template_count: the number of alert rules + that were created by this template + :type alert_rules_created_by_template_count: int + :ivar created_date_utc: The time that this alert rule template has been + added. + :vartype created_date_utc: datetime + :param description: The description of the alert rule template. + :type description: str + :param display_name: The display name for alert rule template. + :type display_name: str + :param required_data_connectors: The required data connectors for this + template + :type required_data_connectors: + list[~azure.mgmt.securityinsight.models.DataConnectorStatus] + :param status: The alert rule template status. Possible values include: + 'Installed', 'Available', 'NotAvailable' + :type status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :param tactics: The tactics of the alert rule template + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + :param severity: Required. The severity for alerts created by this alert + rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'created_date_utc': {'readonly': True}, + 'severity': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'alert_rules_created_by_template_count': {'key': 'properties.alertRulesCreatedByTemplateCount', 'type': 'int'}, + 'created_date_utc': {'key': 'properties.createdDateUTC', 'type': 'iso-8601'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'required_data_connectors': {'key': 'properties.requiredDataConnectors', 'type': '[DataConnectorStatus]'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + } + + def __init__(self, *, severity, alert_rules_created_by_template_count: int=None, description: str=None, display_name: str=None, required_data_connectors=None, status=None, tactics=None, **kwargs) -> None: + super(FusionAlertRuleTemplate, self).__init__(**kwargs) + self.alert_rules_created_by_template_count = alert_rules_created_by_template_count + self.created_date_utc = None + self.description = description + self.display_name = display_name + self.required_data_connectors = required_data_connectors + self.status = status + self.tactics = tactics + self.severity = severity + self.kind = 'Fusion' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/geo_location.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/geo_location.py new file mode 100644 index 000000000000..b8c7bac5d948 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/geo_location.py @@ -0,0 +1,72 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class GeoLocation(Model): + """The geo-location context attached to the ip entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar asn: Autonomous System Number + :vartype asn: int + :ivar city: City name + :vartype city: str + :ivar country_code: The country code according to ISO 3166 format + :vartype country_code: str + :ivar country_name: Country name according to ISO 3166 Alpha 2: the + lowercase of the English Short Name + :vartype country_name: str + :ivar latitude: The longitude of the identified location, expressed as a + floating point number with range of -180 to 180, with positive numbers + representing East and negative numbers representing West. Latitude and + longitude are derived from the city or postal code. + :vartype latitude: float + :ivar longitude: The latitude of the identified location, expressed as a + floating point number with range of - 90 to 90, with positive numbers + representing North and negative numbers representing South. Latitude and + longitude are derived from the city or postal code. + :vartype longitude: float + :ivar state: State name + :vartype state: str + """ + + _validation = { + 'asn': {'readonly': True}, + 'city': {'readonly': True}, + 'country_code': {'readonly': True}, + 'country_name': {'readonly': True}, + 'latitude': {'readonly': True}, + 'longitude': {'readonly': True}, + 'state': {'readonly': True}, + } + + _attribute_map = { + 'asn': {'key': 'asn', 'type': 'int'}, + 'city': {'key': 'city', 'type': 'str'}, + 'country_code': {'key': 'countryCode', 'type': 'str'}, + 'country_name': {'key': 'countryName', 'type': 'str'}, + 'latitude': {'key': 'latitude', 'type': 'float'}, + 'longitude': {'key': 'longitude', 'type': 'float'}, + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(GeoLocation, self).__init__(**kwargs) + self.asn = None + self.city = None + self.country_code = None + self.country_name = None + self.latitude = None + self.longitude = None + self.state = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/geo_location_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/geo_location_py3.py new file mode 100644 index 000000000000..733a9e2fde1b --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/geo_location_py3.py @@ -0,0 +1,72 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class GeoLocation(Model): + """The geo-location context attached to the ip entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar asn: Autonomous System Number + :vartype asn: int + :ivar city: City name + :vartype city: str + :ivar country_code: The country code according to ISO 3166 format + :vartype country_code: str + :ivar country_name: Country name according to ISO 3166 Alpha 2: the + lowercase of the English Short Name + :vartype country_name: str + :ivar latitude: The longitude of the identified location, expressed as a + floating point number with range of -180 to 180, with positive numbers + representing East and negative numbers representing West. Latitude and + longitude are derived from the city or postal code. + :vartype latitude: float + :ivar longitude: The latitude of the identified location, expressed as a + floating point number with range of - 90 to 90, with positive numbers + representing North and negative numbers representing South. Latitude and + longitude are derived from the city or postal code. + :vartype longitude: float + :ivar state: State name + :vartype state: str + """ + + _validation = { + 'asn': {'readonly': True}, + 'city': {'readonly': True}, + 'country_code': {'readonly': True}, + 'country_name': {'readonly': True}, + 'latitude': {'readonly': True}, + 'longitude': {'readonly': True}, + 'state': {'readonly': True}, + } + + _attribute_map = { + 'asn': {'key': 'asn', 'type': 'int'}, + 'city': {'key': 'city', 'type': 'str'}, + 'country_code': {'key': 'countryCode', 'type': 'str'}, + 'country_name': {'key': 'countryName', 'type': 'str'}, + 'latitude': {'key': 'latitude', 'type': 'float'}, + 'longitude': {'key': 'longitude', 'type': 'float'}, + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(GeoLocation, self).__init__(**kwargs) + self.asn = None + self.city = None + self.country_code = None + self.country_name = None + self.latitude = None + self.longitude = None + self.state = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/host_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/host_entity.py new file mode 100644 index 000000000000..512024f97631 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/host_entity.py @@ -0,0 +1,110 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class HostEntity(Entity): + """Represents a host entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar azure_id: The azure resource id of the VM. + :vartype azure_id: str + :ivar dns_domain: The DNS domain that this host belongs to. Should contain + the compete DNS suffix for the domain + :vartype dns_domain: str + :ivar host_name: The hostname without the domain suffix. + :vartype host_name: str + :ivar is_domain_joined: Determines whether this host belongs to a domain. + :vartype is_domain_joined: bool + :ivar net_bios_name: The host name (pre-windows2000). + :vartype net_bios_name: str + :ivar nt_domain: The NT domain that this host belongs to. + :vartype nt_domain: str + :ivar oms_agent_id: The OMS agent id, if the host has OMS agent installed. + :vartype oms_agent_id: str + :param os_family: The operating system type. Possible values include: + 'Linux', 'Windows', 'Android', 'IOS' + :type os_family: str or ~azure.mgmt.securityinsight.models.OSFamily + :ivar os_version: A free text representation of the operating system. This + field is meant to hold specific versions the are more fine grained than + OSFamily or future values not supported by OSFamily enumeration + :vartype os_version: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'azure_id': {'readonly': True}, + 'dns_domain': {'readonly': True}, + 'host_name': {'readonly': True}, + 'is_domain_joined': {'readonly': True}, + 'net_bios_name': {'readonly': True}, + 'nt_domain': {'readonly': True}, + 'oms_agent_id': {'readonly': True}, + 'os_version': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'azure_id': {'key': 'properties.azureID', 'type': 'str'}, + 'dns_domain': {'key': 'properties.dnsDomain', 'type': 'str'}, + 'host_name': {'key': 'properties.hostName', 'type': 'str'}, + 'is_domain_joined': {'key': 'properties.isDomainJoined', 'type': 'bool'}, + 'net_bios_name': {'key': 'properties.netBiosName', 'type': 'str'}, + 'nt_domain': {'key': 'properties.ntDomain', 'type': 'str'}, + 'oms_agent_id': {'key': 'properties.omsAgentID', 'type': 'str'}, + 'os_family': {'key': 'properties.osFamily', 'type': 'OSFamily'}, + 'os_version': {'key': 'properties.osVersion', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(HostEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.azure_id = None + self.dns_domain = None + self.host_name = None + self.is_domain_joined = None + self.net_bios_name = None + self.nt_domain = None + self.oms_agent_id = None + self.os_family = kwargs.get('os_family', None) + self.os_version = None + self.kind = 'Host' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/host_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/host_entity_py3.py new file mode 100644 index 000000000000..3bfc1c4f618e --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/host_entity_py3.py @@ -0,0 +1,110 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class HostEntity(Entity): + """Represents a host entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar azure_id: The azure resource id of the VM. + :vartype azure_id: str + :ivar dns_domain: The DNS domain that this host belongs to. Should contain + the compete DNS suffix for the domain + :vartype dns_domain: str + :ivar host_name: The hostname without the domain suffix. + :vartype host_name: str + :ivar is_domain_joined: Determines whether this host belongs to a domain. + :vartype is_domain_joined: bool + :ivar net_bios_name: The host name (pre-windows2000). + :vartype net_bios_name: str + :ivar nt_domain: The NT domain that this host belongs to. + :vartype nt_domain: str + :ivar oms_agent_id: The OMS agent id, if the host has OMS agent installed. + :vartype oms_agent_id: str + :param os_family: The operating system type. Possible values include: + 'Linux', 'Windows', 'Android', 'IOS' + :type os_family: str or ~azure.mgmt.securityinsight.models.OSFamily + :ivar os_version: A free text representation of the operating system. This + field is meant to hold specific versions the are more fine grained than + OSFamily or future values not supported by OSFamily enumeration + :vartype os_version: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'azure_id': {'readonly': True}, + 'dns_domain': {'readonly': True}, + 'host_name': {'readonly': True}, + 'is_domain_joined': {'readonly': True}, + 'net_bios_name': {'readonly': True}, + 'nt_domain': {'readonly': True}, + 'oms_agent_id': {'readonly': True}, + 'os_version': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'azure_id': {'key': 'properties.azureID', 'type': 'str'}, + 'dns_domain': {'key': 'properties.dnsDomain', 'type': 'str'}, + 'host_name': {'key': 'properties.hostName', 'type': 'str'}, + 'is_domain_joined': {'key': 'properties.isDomainJoined', 'type': 'bool'}, + 'net_bios_name': {'key': 'properties.netBiosName', 'type': 'str'}, + 'nt_domain': {'key': 'properties.ntDomain', 'type': 'str'}, + 'oms_agent_id': {'key': 'properties.omsAgentID', 'type': 'str'}, + 'os_family': {'key': 'properties.osFamily', 'type': 'OSFamily'}, + 'os_version': {'key': 'properties.osVersion', 'type': 'str'}, + } + + def __init__(self, *, os_family=None, **kwargs) -> None: + super(HostEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.azure_id = None + self.dns_domain = None + self.host_name = None + self.is_domain_joined = None + self.net_bios_name = None + self.nt_domain = None + self.oms_agent_id = None + self.os_family = os_family + self.os_version = None + self.kind = 'Host' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ip_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ip_entity.py new file mode 100644 index 000000000000..b7cec5c2af1d --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ip_entity.py @@ -0,0 +1,79 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class IpEntity(Entity): + """Represents an ip entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar address: The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or + Ipv6) + :vartype address: str + :param location: The geo-location context attached to the ip entity + :type location: ~azure.mgmt.securityinsight.models.GeoLocation + :ivar threat_intelligence: A list of TI contexts attached to the ip + entity. + :vartype threat_intelligence: + list[~azure.mgmt.securityinsight.models.ThreatIntelligence] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'address': {'readonly': True}, + 'threat_intelligence': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'address': {'key': 'properties.address', 'type': 'str'}, + 'location': {'key': 'properties.location', 'type': 'GeoLocation'}, + 'threat_intelligence': {'key': 'properties.threatIntelligence', 'type': '[ThreatIntelligence]'}, + } + + def __init__(self, **kwargs): + super(IpEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.address = None + self.location = kwargs.get('location', None) + self.threat_intelligence = None + self.kind = 'Ip' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ip_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ip_entity_py3.py new file mode 100644 index 000000000000..2b717a86dbe0 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ip_entity_py3.py @@ -0,0 +1,79 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class IpEntity(Entity): + """Represents an ip entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar address: The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or + Ipv6) + :vartype address: str + :param location: The geo-location context attached to the ip entity + :type location: ~azure.mgmt.securityinsight.models.GeoLocation + :ivar threat_intelligence: A list of TI contexts attached to the ip + entity. + :vartype threat_intelligence: + list[~azure.mgmt.securityinsight.models.ThreatIntelligence] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'address': {'readonly': True}, + 'threat_intelligence': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'address': {'key': 'properties.address', 'type': 'str'}, + 'location': {'key': 'properties.location', 'type': 'GeoLocation'}, + 'threat_intelligence': {'key': 'properties.threatIntelligence', 'type': '[ThreatIntelligence]'}, + } + + def __init__(self, *, location=None, **kwargs) -> None: + super(IpEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.address = None + self.location = location + self.threat_intelligence = None + self.kind = 'Ip' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/malware_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/malware_entity.py new file mode 100644 index 000000000000..2e2bf7a6e8d5 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/malware_entity.py @@ -0,0 +1,84 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class MalwareEntity(Entity): + """Represents a malware entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar category: The malware category by the vendor, e.g. Trojan + :vartype category: str + :ivar file_entity_ids: List of linked file entity identifiers on which the + malware was found + :vartype file_entity_ids: list[str] + :ivar malware_name: The malware name by the vendor, e.g. Win32/Toga!rfn + :vartype malware_name: str + :ivar process_entity_ids: List of linked process entity identifiers on + which the malware was found. + :vartype process_entity_ids: list[str] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'category': {'readonly': True}, + 'file_entity_ids': {'readonly': True}, + 'malware_name': {'readonly': True}, + 'process_entity_ids': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'category': {'key': 'properties.category', 'type': 'str'}, + 'file_entity_ids': {'key': 'properties.fileEntityIds', 'type': '[str]'}, + 'malware_name': {'key': 'properties.malwareName', 'type': 'str'}, + 'process_entity_ids': {'key': 'properties.processEntityIds', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(MalwareEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.category = None + self.file_entity_ids = None + self.malware_name = None + self.process_entity_ids = None + self.kind = 'Malware' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/malware_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/malware_entity_py3.py new file mode 100644 index 000000000000..4de3ee3629b5 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/malware_entity_py3.py @@ -0,0 +1,84 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class MalwareEntity(Entity): + """Represents a malware entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar category: The malware category by the vendor, e.g. Trojan + :vartype category: str + :ivar file_entity_ids: List of linked file entity identifiers on which the + malware was found + :vartype file_entity_ids: list[str] + :ivar malware_name: The malware name by the vendor, e.g. Win32/Toga!rfn + :vartype malware_name: str + :ivar process_entity_ids: List of linked process entity identifiers on + which the malware was found. + :vartype process_entity_ids: list[str] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'category': {'readonly': True}, + 'file_entity_ids': {'readonly': True}, + 'malware_name': {'readonly': True}, + 'process_entity_ids': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'category': {'key': 'properties.category', 'type': 'str'}, + 'file_entity_ids': {'key': 'properties.fileEntityIds', 'type': '[str]'}, + 'malware_name': {'key': 'properties.malwareName', 'type': 'str'}, + 'process_entity_ids': {'key': 'properties.processEntityIds', 'type': '[str]'}, + } + + def __init__(self, **kwargs) -> None: + super(MalwareEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.category = None + self.file_entity_ids = None + self.malware_name = None + self.process_entity_ids = None + self.kind = 'Malware' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector.py new file mode 100644 index 000000000000..7e30b43c406a --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector import DataConnector + + +class MCASDataConnector(DataConnector): + """Represents MCAS (Microsoft Cloud App Security) data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.MCASDataConnectorDataTypes + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'MCASDataConnectorDataTypes'}, + } + + def __init__(self, **kwargs): + super(MCASDataConnector, self).__init__(**kwargs) + self.tenant_id = kwargs.get('tenant_id', None) + self.data_types = kwargs.get('data_types', None) + self.kind = 'MicrosoftCloudAppSecurity' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types.py new file mode 100644 index 000000000000..169181bd702f --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types.py @@ -0,0 +1,34 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alerts_data_type_of_data_connector import AlertsDataTypeOfDataConnector + + +class MCASDataConnectorDataTypes(AlertsDataTypeOfDataConnector): + """The available data types for MCAS (Microsoft Cloud App Security) data + connector. + + :param alerts: Alerts data type connection. + :type alerts: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnectorAlerts + :param discovery_logs: Discovery log data type connection. + :type discovery_logs: + ~azure.mgmt.securityinsight.models.MCASDataConnectorDataTypesDiscoveryLogs + """ + + _attribute_map = { + 'alerts': {'key': 'alerts', 'type': 'AlertsDataTypeOfDataConnectorAlerts'}, + 'discovery_logs': {'key': 'discoveryLogs', 'type': 'MCASDataConnectorDataTypesDiscoveryLogs'}, + } + + def __init__(self, **kwargs): + super(MCASDataConnectorDataTypes, self).__init__(**kwargs) + self.discovery_logs = kwargs.get('discovery_logs', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types_discovery_logs.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types_discovery_logs.py new file mode 100644 index 000000000000..bde0a81af95c --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types_discovery_logs.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common import DataConnectorDataTypeCommon + + +class MCASDataConnectorDataTypesDiscoveryLogs(DataConnectorDataTypeCommon): + """Discovery log data type connection. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(MCASDataConnectorDataTypesDiscoveryLogs, self).__init__(**kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types_discovery_logs_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types_discovery_logs_py3.py new file mode 100644 index 000000000000..7020e2d332ed --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types_discovery_logs_py3.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common_py3 import DataConnectorDataTypeCommon + + +class MCASDataConnectorDataTypesDiscoveryLogs(DataConnectorDataTypeCommon): + """Discovery log data type connection. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, *, state=None, **kwargs) -> None: + super(MCASDataConnectorDataTypesDiscoveryLogs, self).__init__(state=state, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types_py3.py new file mode 100644 index 000000000000..233ab8ba7cc3 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_data_types_py3.py @@ -0,0 +1,34 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alerts_data_type_of_data_connector_py3 import AlertsDataTypeOfDataConnector + + +class MCASDataConnectorDataTypes(AlertsDataTypeOfDataConnector): + """The available data types for MCAS (Microsoft Cloud App Security) data + connector. + + :param alerts: Alerts data type connection. + :type alerts: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnectorAlerts + :param discovery_logs: Discovery log data type connection. + :type discovery_logs: + ~azure.mgmt.securityinsight.models.MCASDataConnectorDataTypesDiscoveryLogs + """ + + _attribute_map = { + 'alerts': {'key': 'alerts', 'type': 'AlertsDataTypeOfDataConnectorAlerts'}, + 'discovery_logs': {'key': 'discoveryLogs', 'type': 'MCASDataConnectorDataTypesDiscoveryLogs'}, + } + + def __init__(self, *, alerts=None, discovery_logs=None, **kwargs) -> None: + super(MCASDataConnectorDataTypes, self).__init__(alerts=alerts, **kwargs) + self.discovery_logs = discovery_logs diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_py3.py new file mode 100644 index 000000000000..15d314f538bf --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mcas_data_connector_py3.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_py3 import DataConnector + + +class MCASDataConnector(DataConnector): + """Represents MCAS (Microsoft Cloud App Security) data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.MCASDataConnectorDataTypes + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'MCASDataConnectorDataTypes'}, + } + + def __init__(self, *, etag: str=None, tenant_id: str=None, data_types=None, **kwargs) -> None: + super(MCASDataConnector, self).__init__(etag=etag, **kwargs) + self.tenant_id = tenant_id + self.data_types = data_types + self.kind = 'MicrosoftCloudAppSecurity' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mdatp_data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mdatp_data_connector.py new file mode 100644 index 000000000000..95b2591710b0 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mdatp_data_connector.py @@ -0,0 +1,62 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector import DataConnector + + +class MDATPDataConnector(DataConnector): + """Represents MDATP (Microsoft Defender Advanced Threat Protection) data + connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AlertsDataTypeOfDataConnector'}, + } + + def __init__(self, **kwargs): + super(MDATPDataConnector, self).__init__(**kwargs) + self.tenant_id = kwargs.get('tenant_id', None) + self.data_types = kwargs.get('data_types', None) + self.kind = 'MicrosoftDefenderAdvancedThreatProtection' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mdatp_data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mdatp_data_connector_py3.py new file mode 100644 index 000000000000..1a965baab491 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/mdatp_data_connector_py3.py @@ -0,0 +1,62 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_py3 import DataConnector + + +class MDATPDataConnector(DataConnector): + """Represents MDATP (Microsoft Defender Advanced Threat Protection) data + connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AlertsDataTypeOfDataConnector'}, + } + + def __init__(self, *, etag: str=None, tenant_id: str=None, data_types=None, **kwargs) -> None: + super(MDATPDataConnector, self).__init__(etag=etag, **kwargs) + self.tenant_id = tenant_id + self.data_types = data_types + self.kind = 'MicrosoftDefenderAdvancedThreatProtection' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule.py new file mode 100644 index 000000000000..ee698df3d1ce --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule.py @@ -0,0 +1,103 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule import AlertRule + + +class MicrosoftSecurityIncidentCreationAlertRule(AlertRule): + """Represents MicrosoftSecurityIncidentCreation rule. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param display_names_filter: the alerts' displayNames on which the cases + will be generated + :type display_names_filter: list[str] + :param product_filter: Required. The alerts' productName on which the + cases will be generated. Possible values include: 'Microsoft Cloud App + Security', 'Azure Security Center', 'Azure Advanced Threat Protection', + 'Azure Active Directory Identity Protection' + :type product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :param severities_filter: the alerts' severities on which the cases will + be generated + :type severities_filter: list[str or + ~azure.mgmt.securityinsight.models.AlertSeverity] + :param alert_rule_template_name: The Name of the alert rule template used + to create this rule. + :type alert_rule_template_name: str + :param description: The description of the alert rule. + :type description: str + :param display_name: Required. The display name for alerts created by this + alert rule. + :type display_name: str + :param enabled: Required. Determines whether this alert rule is enabled or + disabled. + :type enabled: bool + :ivar last_modified_utc: The last time that this alert has been modified. + :vartype last_modified_utc: datetime + :param tactics: The tactics of the alert rule + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'product_filter': {'required': True}, + 'display_name': {'required': True}, + 'enabled': {'required': True}, + 'last_modified_utc': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'display_names_filter': {'key': 'properties.displayNamesFilter', 'type': '[str]'}, + 'product_filter': {'key': 'properties.productFilter', 'type': 'str'}, + 'severities_filter': {'key': 'properties.severitiesFilter', 'type': '[str]'}, + 'alert_rule_template_name': {'key': 'properties.alertRuleTemplateName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'enabled': {'key': 'properties.enabled', 'type': 'bool'}, + 'last_modified_utc': {'key': 'properties.lastModifiedUtc', 'type': 'iso-8601'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(MicrosoftSecurityIncidentCreationAlertRule, self).__init__(**kwargs) + self.display_names_filter = kwargs.get('display_names_filter', None) + self.product_filter = kwargs.get('product_filter', None) + self.severities_filter = kwargs.get('severities_filter', None) + self.alert_rule_template_name = kwargs.get('alert_rule_template_name', None) + self.description = kwargs.get('description', None) + self.display_name = kwargs.get('display_name', None) + self.enabled = kwargs.get('enabled', None) + self.last_modified_utc = None + self.tactics = kwargs.get('tactics', None) + self.kind = 'MicrosoftSecurityIncidentCreation' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_common_properties.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_common_properties.py new file mode 100644 index 000000000000..94a855df7b8e --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_common_properties.py @@ -0,0 +1,49 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class MicrosoftSecurityIncidentCreationAlertRuleCommonProperties(Model): + """MicrosoftSecurityIncidentCreation rule common property bag. + + All required parameters must be populated in order to send to Azure. + + :param display_names_filter: the alerts' displayNames on which the cases + will be generated + :type display_names_filter: list[str] + :param product_filter: Required. The alerts' productName on which the + cases will be generated. Possible values include: 'Microsoft Cloud App + Security', 'Azure Security Center', 'Azure Advanced Threat Protection', + 'Azure Active Directory Identity Protection' + :type product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :param severities_filter: the alerts' severities on which the cases will + be generated + :type severities_filter: list[str or + ~azure.mgmt.securityinsight.models.AlertSeverity] + """ + + _validation = { + 'product_filter': {'required': True}, + } + + _attribute_map = { + 'display_names_filter': {'key': 'displayNamesFilter', 'type': '[str]'}, + 'product_filter': {'key': 'productFilter', 'type': 'str'}, + 'severities_filter': {'key': 'severitiesFilter', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(MicrosoftSecurityIncidentCreationAlertRuleCommonProperties, self).__init__(**kwargs) + self.display_names_filter = kwargs.get('display_names_filter', None) + self.product_filter = kwargs.get('product_filter', None) + self.severities_filter = kwargs.get('severities_filter', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_common_properties_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_common_properties_py3.py new file mode 100644 index 000000000000..bb573418c9fe --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_common_properties_py3.py @@ -0,0 +1,49 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class MicrosoftSecurityIncidentCreationAlertRuleCommonProperties(Model): + """MicrosoftSecurityIncidentCreation rule common property bag. + + All required parameters must be populated in order to send to Azure. + + :param display_names_filter: the alerts' displayNames on which the cases + will be generated + :type display_names_filter: list[str] + :param product_filter: Required. The alerts' productName on which the + cases will be generated. Possible values include: 'Microsoft Cloud App + Security', 'Azure Security Center', 'Azure Advanced Threat Protection', + 'Azure Active Directory Identity Protection' + :type product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :param severities_filter: the alerts' severities on which the cases will + be generated + :type severities_filter: list[str or + ~azure.mgmt.securityinsight.models.AlertSeverity] + """ + + _validation = { + 'product_filter': {'required': True}, + } + + _attribute_map = { + 'display_names_filter': {'key': 'displayNamesFilter', 'type': '[str]'}, + 'product_filter': {'key': 'productFilter', 'type': 'str'}, + 'severities_filter': {'key': 'severitiesFilter', 'type': '[str]'}, + } + + def __init__(self, *, product_filter, display_names_filter=None, severities_filter=None, **kwargs) -> None: + super(MicrosoftSecurityIncidentCreationAlertRuleCommonProperties, self).__init__(**kwargs) + self.display_names_filter = display_names_filter + self.product_filter = product_filter + self.severities_filter = severities_filter diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_py3.py new file mode 100644 index 000000000000..49305d47a218 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_py3.py @@ -0,0 +1,103 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule_py3 import AlertRule + + +class MicrosoftSecurityIncidentCreationAlertRule(AlertRule): + """Represents MicrosoftSecurityIncidentCreation rule. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param display_names_filter: the alerts' displayNames on which the cases + will be generated + :type display_names_filter: list[str] + :param product_filter: Required. The alerts' productName on which the + cases will be generated. Possible values include: 'Microsoft Cloud App + Security', 'Azure Security Center', 'Azure Advanced Threat Protection', + 'Azure Active Directory Identity Protection' + :type product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :param severities_filter: the alerts' severities on which the cases will + be generated + :type severities_filter: list[str or + ~azure.mgmt.securityinsight.models.AlertSeverity] + :param alert_rule_template_name: The Name of the alert rule template used + to create this rule. + :type alert_rule_template_name: str + :param description: The description of the alert rule. + :type description: str + :param display_name: Required. The display name for alerts created by this + alert rule. + :type display_name: str + :param enabled: Required. Determines whether this alert rule is enabled or + disabled. + :type enabled: bool + :ivar last_modified_utc: The last time that this alert has been modified. + :vartype last_modified_utc: datetime + :param tactics: The tactics of the alert rule + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'product_filter': {'required': True}, + 'display_name': {'required': True}, + 'enabled': {'required': True}, + 'last_modified_utc': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'display_names_filter': {'key': 'properties.displayNamesFilter', 'type': '[str]'}, + 'product_filter': {'key': 'properties.productFilter', 'type': 'str'}, + 'severities_filter': {'key': 'properties.severitiesFilter', 'type': '[str]'}, + 'alert_rule_template_name': {'key': 'properties.alertRuleTemplateName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'enabled': {'key': 'properties.enabled', 'type': 'bool'}, + 'last_modified_utc': {'key': 'properties.lastModifiedUtc', 'type': 'iso-8601'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + } + + def __init__(self, *, product_filter, display_name: str, enabled: bool, etag: str=None, display_names_filter=None, severities_filter=None, alert_rule_template_name: str=None, description: str=None, tactics=None, **kwargs) -> None: + super(MicrosoftSecurityIncidentCreationAlertRule, self).__init__(etag=etag, **kwargs) + self.display_names_filter = display_names_filter + self.product_filter = product_filter + self.severities_filter = severities_filter + self.alert_rule_template_name = alert_rule_template_name + self.description = description + self.display_name = display_name + self.enabled = enabled + self.last_modified_utc = None + self.tactics = tactics + self.kind = 'MicrosoftSecurityIncidentCreation' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_template.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_template.py new file mode 100644 index 000000000000..54ab62b4a465 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_template.py @@ -0,0 +1,108 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule_template import AlertRuleTemplate + + +class MicrosoftSecurityIncidentCreationAlertRuleTemplate(AlertRuleTemplate): + """Represents MicrosoftSecurityIncidentCreation rule template. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :param alert_rules_created_by_template_count: Required. the number of + alert rules that were created by this template + :type alert_rules_created_by_template_count: int + :ivar created_date_utc: Required. The time that this alert rule template + has been added. + :vartype created_date_utc: datetime + :param description: Required. The description of the alert rule template. + :type description: str + :param display_name: Required. The display name for alert rule template. + :type display_name: str + :param required_data_connectors: The required data connectors for this + template + :type required_data_connectors: + list[~azure.mgmt.securityinsight.models.DataConnectorStatus] + :param status: Required. The alert rule template status. Possible values + include: 'Installed', 'Available', 'NotAvailable' + :type status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :param tactics: The tactics of the alert rule template + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + :param display_names_filter: the alerts' displayNames on which the cases + will be generated + :type display_names_filter: list[str] + :param product_filter: Required. The alerts' productName on which the + cases will be generated. Possible values include: 'Microsoft Cloud App + Security', 'Azure Security Center', 'Azure Advanced Threat Protection', + 'Azure Active Directory Identity Protection' + :type product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :param severities_filter: the alerts' severities on which the cases will + be generated + :type severities_filter: list[str or + ~azure.mgmt.securityinsight.models.AlertSeverity] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'alert_rules_created_by_template_count': {'required': True}, + 'created_date_utc': {'required': True, 'readonly': True}, + 'description': {'required': True}, + 'display_name': {'required': True}, + 'status': {'required': True}, + 'product_filter': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'alert_rules_created_by_template_count': {'key': 'properties.alertRulesCreatedByTemplateCount', 'type': 'int'}, + 'created_date_utc': {'key': 'properties.createdDateUTC', 'type': 'iso-8601'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'required_data_connectors': {'key': 'properties.requiredDataConnectors', 'type': '[DataConnectorStatus]'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + 'display_names_filter': {'key': 'properties.displayNamesFilter', 'type': '[str]'}, + 'product_filter': {'key': 'properties.productFilter', 'type': 'str'}, + 'severities_filter': {'key': 'properties.severitiesFilter', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(MicrosoftSecurityIncidentCreationAlertRuleTemplate, self).__init__(**kwargs) + self.alert_rules_created_by_template_count = kwargs.get('alert_rules_created_by_template_count', None) + self.created_date_utc = None + self.description = kwargs.get('description', None) + self.display_name = kwargs.get('display_name', None) + self.required_data_connectors = kwargs.get('required_data_connectors', None) + self.status = kwargs.get('status', None) + self.tactics = kwargs.get('tactics', None) + self.display_names_filter = kwargs.get('display_names_filter', None) + self.product_filter = kwargs.get('product_filter', None) + self.severities_filter = kwargs.get('severities_filter', None) + self.kind = 'MicrosoftSecurityIncidentCreation' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_template_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_template_py3.py new file mode 100644 index 000000000000..abb25078f6fc --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/microsoft_security_incident_creation_alert_rule_template_py3.py @@ -0,0 +1,108 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule_template_py3 import AlertRuleTemplate + + +class MicrosoftSecurityIncidentCreationAlertRuleTemplate(AlertRuleTemplate): + """Represents MicrosoftSecurityIncidentCreation rule template. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :param alert_rules_created_by_template_count: Required. the number of + alert rules that were created by this template + :type alert_rules_created_by_template_count: int + :ivar created_date_utc: Required. The time that this alert rule template + has been added. + :vartype created_date_utc: datetime + :param description: Required. The description of the alert rule template. + :type description: str + :param display_name: Required. The display name for alert rule template. + :type display_name: str + :param required_data_connectors: The required data connectors for this + template + :type required_data_connectors: + list[~azure.mgmt.securityinsight.models.DataConnectorStatus] + :param status: Required. The alert rule template status. Possible values + include: 'Installed', 'Available', 'NotAvailable' + :type status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :param tactics: The tactics of the alert rule template + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + :param display_names_filter: the alerts' displayNames on which the cases + will be generated + :type display_names_filter: list[str] + :param product_filter: Required. The alerts' productName on which the + cases will be generated. Possible values include: 'Microsoft Cloud App + Security', 'Azure Security Center', 'Azure Advanced Threat Protection', + 'Azure Active Directory Identity Protection' + :type product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :param severities_filter: the alerts' severities on which the cases will + be generated + :type severities_filter: list[str or + ~azure.mgmt.securityinsight.models.AlertSeverity] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'alert_rules_created_by_template_count': {'required': True}, + 'created_date_utc': {'required': True, 'readonly': True}, + 'description': {'required': True}, + 'display_name': {'required': True}, + 'status': {'required': True}, + 'product_filter': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'alert_rules_created_by_template_count': {'key': 'properties.alertRulesCreatedByTemplateCount', 'type': 'int'}, + 'created_date_utc': {'key': 'properties.createdDateUTC', 'type': 'iso-8601'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'required_data_connectors': {'key': 'properties.requiredDataConnectors', 'type': '[DataConnectorStatus]'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + 'display_names_filter': {'key': 'properties.displayNamesFilter', 'type': '[str]'}, + 'product_filter': {'key': 'properties.productFilter', 'type': 'str'}, + 'severities_filter': {'key': 'properties.severitiesFilter', 'type': '[str]'}, + } + + def __init__(self, *, alert_rules_created_by_template_count: int, description: str, display_name: str, status, product_filter, required_data_connectors=None, tactics=None, display_names_filter=None, severities_filter=None, **kwargs) -> None: + super(MicrosoftSecurityIncidentCreationAlertRuleTemplate, self).__init__(**kwargs) + self.alert_rules_created_by_template_count = alert_rules_created_by_template_count + self.created_date_utc = None + self.description = description + self.display_name = display_name + self.required_data_connectors = required_data_connectors + self.status = status + self.tactics = tactics + self.display_names_filter = display_names_filter + self.product_filter = product_filter + self.severities_filter = severities_filter + self.kind = 'MicrosoftSecurityIncidentCreation' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_consent.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_consent.py new file mode 100644 index 000000000000..f82f2b7826e4 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_consent.py @@ -0,0 +1,51 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource import Resource + + +class OfficeConsent(Resource): + """Consent for Office365 tenant that already made. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param tenant_id: The tenantId of the Office365 with the consent. + :type tenant_id: str + :ivar tenant_name: The tenant name of the Office365 with the consent. + :vartype tenant_name: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'tenant_name': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'tenant_name': {'key': 'properties.tenantName', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(OfficeConsent, self).__init__(**kwargs) + self.tenant_id = kwargs.get('tenant_id', None) + self.tenant_name = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_consent_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_consent_paged.py new file mode 100644 index 000000000000..18a2869e7abf --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_consent_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class OfficeConsentPaged(Paged): + """ + A paging container for iterating over a list of :class:`OfficeConsent ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[OfficeConsent]'} + } + + def __init__(self, *args, **kwargs): + + super(OfficeConsentPaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_consent_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_consent_py3.py new file mode 100644 index 000000000000..c1ed395daa63 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_consent_py3.py @@ -0,0 +1,51 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_py3 import Resource + + +class OfficeConsent(Resource): + """Consent for Office365 tenant that already made. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param tenant_id: The tenantId of the Office365 with the consent. + :type tenant_id: str + :ivar tenant_name: The tenant name of the Office365 with the consent. + :vartype tenant_name: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'tenant_name': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'tenant_name': {'key': 'properties.tenantName', 'type': 'str'}, + } + + def __init__(self, *, tenant_id: str=None, **kwargs) -> None: + super(OfficeConsent, self).__init__(**kwargs) + self.tenant_id = tenant_id + self.tenant_name = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector.py new file mode 100644 index 000000000000..da61e1f7e33f --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector import DataConnector + + +class OfficeDataConnector(DataConnector): + """Represents office data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypes + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'OfficeDataConnectorDataTypes'}, + } + + def __init__(self, **kwargs): + super(OfficeDataConnector, self).__init__(**kwargs) + self.tenant_id = kwargs.get('tenant_id', None) + self.data_types = kwargs.get('data_types', None) + self.kind = 'Office365' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types.py new file mode 100644 index 000000000000..ff7b2c025197 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types.py @@ -0,0 +1,34 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class OfficeDataConnectorDataTypes(Model): + """The available data types for office data connector. + + :param exchange: Exchange data type connection. + :type exchange: + ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesExchange + :param share_point: SharePoint data type connection. + :type share_point: + ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesSharePoint + """ + + _attribute_map = { + 'exchange': {'key': 'exchange', 'type': 'OfficeDataConnectorDataTypesExchange'}, + 'share_point': {'key': 'sharePoint', 'type': 'OfficeDataConnectorDataTypesSharePoint'}, + } + + def __init__(self, **kwargs): + super(OfficeDataConnectorDataTypes, self).__init__(**kwargs) + self.exchange = kwargs.get('exchange', None) + self.share_point = kwargs.get('share_point', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_exchange.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_exchange.py new file mode 100644 index 000000000000..0f0d4e362449 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_exchange.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common import DataConnectorDataTypeCommon + + +class OfficeDataConnectorDataTypesExchange(DataConnectorDataTypeCommon): + """Exchange data type connection. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(OfficeDataConnectorDataTypesExchange, self).__init__(**kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_exchange_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_exchange_py3.py new file mode 100644 index 000000000000..a538d5111466 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_exchange_py3.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common_py3 import DataConnectorDataTypeCommon + + +class OfficeDataConnectorDataTypesExchange(DataConnectorDataTypeCommon): + """Exchange data type connection. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, *, state=None, **kwargs) -> None: + super(OfficeDataConnectorDataTypesExchange, self).__init__(state=state, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_py3.py new file mode 100644 index 000000000000..008fb6a116bd --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_py3.py @@ -0,0 +1,34 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class OfficeDataConnectorDataTypes(Model): + """The available data types for office data connector. + + :param exchange: Exchange data type connection. + :type exchange: + ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesExchange + :param share_point: SharePoint data type connection. + :type share_point: + ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesSharePoint + """ + + _attribute_map = { + 'exchange': {'key': 'exchange', 'type': 'OfficeDataConnectorDataTypesExchange'}, + 'share_point': {'key': 'sharePoint', 'type': 'OfficeDataConnectorDataTypesSharePoint'}, + } + + def __init__(self, *, exchange=None, share_point=None, **kwargs) -> None: + super(OfficeDataConnectorDataTypes, self).__init__(**kwargs) + self.exchange = exchange + self.share_point = share_point diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_share_point.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_share_point.py new file mode 100644 index 000000000000..55dfd4350ed5 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_share_point.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common import DataConnectorDataTypeCommon + + +class OfficeDataConnectorDataTypesSharePoint(DataConnectorDataTypeCommon): + """SharePoint data type connection. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(OfficeDataConnectorDataTypesSharePoint, self).__init__(**kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_share_point_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_share_point_py3.py new file mode 100644 index 000000000000..5e12e920d2c5 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_data_types_share_point_py3.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common_py3 import DataConnectorDataTypeCommon + + +class OfficeDataConnectorDataTypesSharePoint(DataConnectorDataTypeCommon): + """SharePoint data type connection. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, *, state=None, **kwargs) -> None: + super(OfficeDataConnectorDataTypesSharePoint, self).__init__(state=state, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_py3.py new file mode 100644 index 000000000000..1e39f7f646c9 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/office_data_connector_py3.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_py3 import DataConnector + + +class OfficeDataConnector(DataConnector): + """Represents office data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypes + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'OfficeDataConnectorDataTypes'}, + } + + def __init__(self, *, etag: str=None, tenant_id: str=None, data_types=None, **kwargs) -> None: + super(OfficeDataConnector, self).__init__(etag=etag, **kwargs) + self.tenant_id = tenant_id + self.data_types = data_types + self.kind = 'Office365' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation.py new file mode 100644 index 000000000000..5e18f9416a7a --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation.py @@ -0,0 +1,32 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Operation(Model): + """Operation provided by provider. + + :param display: Properties of the operation + :type display: ~azure.mgmt.securityinsight.models.OperationDisplay + :param name: Name of the operation + :type name: str + """ + + _attribute_map = { + 'display': {'key': 'display', 'type': 'OperationDisplay'}, + 'name': {'key': 'name', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(Operation, self).__init__(**kwargs) + self.display = kwargs.get('display', None) + self.name = kwargs.get('name', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_display.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_display.py new file mode 100644 index 000000000000..7278ab799595 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_display.py @@ -0,0 +1,40 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class OperationDisplay(Model): + """Properties of the operation. + + :param description: Description of the operation + :type description: str + :param operation: Operation name + :type operation: str + :param provider: Provider name + :type provider: str + :param resource: Resource name + :type resource: str + """ + + _attribute_map = { + 'description': {'key': 'description', 'type': 'str'}, + 'operation': {'key': 'operation', 'type': 'str'}, + 'provider': {'key': 'provider', 'type': 'str'}, + 'resource': {'key': 'resource', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(OperationDisplay, self).__init__(**kwargs) + self.description = kwargs.get('description', None) + self.operation = kwargs.get('operation', None) + self.provider = kwargs.get('provider', None) + self.resource = kwargs.get('resource', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_display_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_display_py3.py new file mode 100644 index 000000000000..6765cdef4fa1 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_display_py3.py @@ -0,0 +1,40 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class OperationDisplay(Model): + """Properties of the operation. + + :param description: Description of the operation + :type description: str + :param operation: Operation name + :type operation: str + :param provider: Provider name + :type provider: str + :param resource: Resource name + :type resource: str + """ + + _attribute_map = { + 'description': {'key': 'description', 'type': 'str'}, + 'operation': {'key': 'operation', 'type': 'str'}, + 'provider': {'key': 'provider', 'type': 'str'}, + 'resource': {'key': 'resource', 'type': 'str'}, + } + + def __init__(self, *, description: str=None, operation: str=None, provider: str=None, resource: str=None, **kwargs) -> None: + super(OperationDisplay, self).__init__(**kwargs) + self.description = description + self.operation = operation + self.provider = provider + self.resource = resource diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_paged.py new file mode 100644 index 000000000000..a1b03b8047b8 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class OperationPaged(Paged): + """ + A paging container for iterating over a list of :class:`Operation ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[Operation]'} + } + + def __init__(self, *args, **kwargs): + + super(OperationPaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_py3.py new file mode 100644 index 000000000000..b63fbdec6edd --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/operation_py3.py @@ -0,0 +1,32 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Operation(Model): + """Operation provided by provider. + + :param display: Properties of the operation + :type display: ~azure.mgmt.securityinsight.models.OperationDisplay + :param name: Name of the operation + :type name: str + """ + + _attribute_map = { + 'display': {'key': 'display', 'type': 'OperationDisplay'}, + 'name': {'key': 'name', 'type': 'str'}, + } + + def __init__(self, *, display=None, name: str=None, **kwargs) -> None: + super(Operation, self).__init__(**kwargs) + self.display = display + self.name = name diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/process_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/process_entity.py new file mode 100644 index 000000000000..7deabd5b9908 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/process_entity.py @@ -0,0 +1,109 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class ProcessEntity(Entity): + """Represents a process entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar account_entity_id: The account entity id running the processes. + :vartype account_entity_id: str + :ivar command_line: The command line used to create the process + :vartype command_line: str + :ivar creation_time_utc: The time when the process started to run + :vartype creation_time_utc: datetime + :param elevation_token: The elevation token associated with the process. + Possible values include: 'Default', 'Full', 'Limited' + :type elevation_token: str or + ~azure.mgmt.securityinsight.models.ElevationToken + :ivar host_entity_id: The host entity id on which the process was running + :vartype host_entity_id: str + :ivar host_logon_session_entity_id: The session entity id in which the + process was running + :vartype host_logon_session_entity_id: str + :ivar image_file_entity_id: Image file entity id + :vartype image_file_entity_id: str + :ivar parent_process_entity_id: The parent process entity id. + :vartype parent_process_entity_id: str + :ivar process_id: The process ID + :vartype process_id: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'account_entity_id': {'readonly': True}, + 'command_line': {'readonly': True}, + 'creation_time_utc': {'readonly': True}, + 'host_entity_id': {'readonly': True}, + 'host_logon_session_entity_id': {'readonly': True}, + 'image_file_entity_id': {'readonly': True}, + 'parent_process_entity_id': {'readonly': True}, + 'process_id': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'account_entity_id': {'key': 'properties.accountEntityId', 'type': 'str'}, + 'command_line': {'key': 'properties.commandLine', 'type': 'str'}, + 'creation_time_utc': {'key': 'properties.creationTimeUtc', 'type': 'iso-8601'}, + 'elevation_token': {'key': 'properties.elevationToken', 'type': 'ElevationToken'}, + 'host_entity_id': {'key': 'properties.hostEntityId', 'type': 'str'}, + 'host_logon_session_entity_id': {'key': 'properties.hostLogonSessionEntityId', 'type': 'str'}, + 'image_file_entity_id': {'key': 'properties.imageFileEntityId', 'type': 'str'}, + 'parent_process_entity_id': {'key': 'properties.parentProcessEntityId', 'type': 'str'}, + 'process_id': {'key': 'properties.processId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ProcessEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.account_entity_id = None + self.command_line = None + self.creation_time_utc = None + self.elevation_token = kwargs.get('elevation_token', None) + self.host_entity_id = None + self.host_logon_session_entity_id = None + self.image_file_entity_id = None + self.parent_process_entity_id = None + self.process_id = None + self.kind = 'Process' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/process_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/process_entity_py3.py new file mode 100644 index 000000000000..b8be2290e1f1 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/process_entity_py3.py @@ -0,0 +1,109 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class ProcessEntity(Entity): + """Represents a process entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar account_entity_id: The account entity id running the processes. + :vartype account_entity_id: str + :ivar command_line: The command line used to create the process + :vartype command_line: str + :ivar creation_time_utc: The time when the process started to run + :vartype creation_time_utc: datetime + :param elevation_token: The elevation token associated with the process. + Possible values include: 'Default', 'Full', 'Limited' + :type elevation_token: str or + ~azure.mgmt.securityinsight.models.ElevationToken + :ivar host_entity_id: The host entity id on which the process was running + :vartype host_entity_id: str + :ivar host_logon_session_entity_id: The session entity id in which the + process was running + :vartype host_logon_session_entity_id: str + :ivar image_file_entity_id: Image file entity id + :vartype image_file_entity_id: str + :ivar parent_process_entity_id: The parent process entity id. + :vartype parent_process_entity_id: str + :ivar process_id: The process ID + :vartype process_id: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'account_entity_id': {'readonly': True}, + 'command_line': {'readonly': True}, + 'creation_time_utc': {'readonly': True}, + 'host_entity_id': {'readonly': True}, + 'host_logon_session_entity_id': {'readonly': True}, + 'image_file_entity_id': {'readonly': True}, + 'parent_process_entity_id': {'readonly': True}, + 'process_id': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'account_entity_id': {'key': 'properties.accountEntityId', 'type': 'str'}, + 'command_line': {'key': 'properties.commandLine', 'type': 'str'}, + 'creation_time_utc': {'key': 'properties.creationTimeUtc', 'type': 'iso-8601'}, + 'elevation_token': {'key': 'properties.elevationToken', 'type': 'ElevationToken'}, + 'host_entity_id': {'key': 'properties.hostEntityId', 'type': 'str'}, + 'host_logon_session_entity_id': {'key': 'properties.hostLogonSessionEntityId', 'type': 'str'}, + 'image_file_entity_id': {'key': 'properties.imageFileEntityId', 'type': 'str'}, + 'parent_process_entity_id': {'key': 'properties.parentProcessEntityId', 'type': 'str'}, + 'process_id': {'key': 'properties.processId', 'type': 'str'}, + } + + def __init__(self, *, elevation_token=None, **kwargs) -> None: + super(ProcessEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.account_entity_id = None + self.command_line = None + self.creation_time_utc = None + self.elevation_token = elevation_token + self.host_entity_id = None + self.host_logon_session_entity_id = None + self.image_file_entity_id = None + self.parent_process_entity_id = None + self.process_id = None + self.kind = 'Process' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_key_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_key_entity.py new file mode 100644 index 000000000000..a8d153420e3e --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_key_entity.py @@ -0,0 +1,76 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class RegistryKeyEntity(Entity): + """Represents a registry key entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar hive: the hive that holds the registry key. Possible values include: + 'HKEY_LOCAL_MACHINE', 'HKEY_CLASSES_ROOT', 'HKEY_CURRENT_CONFIG', + 'HKEY_USERS', 'HKEY_CURRENT_USER_LOCAL_SETTINGS', 'HKEY_PERFORMANCE_DATA', + 'HKEY_PERFORMANCE_NLSTEXT', 'HKEY_PERFORMANCE_TEXT', 'HKEY_A', + 'HKEY_CURRENT_USER' + :vartype hive: str or ~azure.mgmt.securityinsight.models.RegistryHive + :ivar key: The registry key path. + :vartype key: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'hive': {'readonly': True}, + 'key': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'hive': {'key': 'properties.hive', 'type': 'str'}, + 'key': {'key': 'properties.key', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(RegistryKeyEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.hive = None + self.key = None + self.kind = 'RegistryKey' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_key_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_key_entity_py3.py new file mode 100644 index 000000000000..ab71d8646365 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_key_entity_py3.py @@ -0,0 +1,76 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class RegistryKeyEntity(Entity): + """Represents a registry key entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar hive: the hive that holds the registry key. Possible values include: + 'HKEY_LOCAL_MACHINE', 'HKEY_CLASSES_ROOT', 'HKEY_CURRENT_CONFIG', + 'HKEY_USERS', 'HKEY_CURRENT_USER_LOCAL_SETTINGS', 'HKEY_PERFORMANCE_DATA', + 'HKEY_PERFORMANCE_NLSTEXT', 'HKEY_PERFORMANCE_TEXT', 'HKEY_A', + 'HKEY_CURRENT_USER' + :vartype hive: str or ~azure.mgmt.securityinsight.models.RegistryHive + :ivar key: The registry key path. + :vartype key: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'hive': {'readonly': True}, + 'key': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'hive': {'key': 'properties.hive', 'type': 'str'}, + 'key': {'key': 'properties.key', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(RegistryKeyEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.hive = None + self.key = None + self.kind = 'RegistryKey' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_value_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_value_entity.py new file mode 100644 index 000000000000..66d3e30f0640 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_value_entity.py @@ -0,0 +1,86 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class RegistryValueEntity(Entity): + """Represents a registry value entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar key_entity_id: The registry key entity id. + :vartype key_entity_id: str + :ivar value_data: String formatted representation of the value data. + :vartype value_data: str + :ivar value_name: The registry value name. + :vartype value_name: str + :ivar value_type: Specifies the data types to use when storing values in + the registry, or identifies the data type of a value in the registry. + Possible values include: 'None', 'Unknown', 'String', 'ExpandString', + 'Binary', 'DWord', 'MultiString', 'QWord' + :vartype value_type: str or + ~azure.mgmt.securityinsight.models.RegistryValueKind + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'key_entity_id': {'readonly': True}, + 'value_data': {'readonly': True}, + 'value_name': {'readonly': True}, + 'value_type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'key_entity_id': {'key': 'properties.keyEntityId', 'type': 'str'}, + 'value_data': {'key': 'properties.valueData', 'type': 'str'}, + 'value_name': {'key': 'properties.valueName', 'type': 'str'}, + 'value_type': {'key': 'properties.valueType', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(RegistryValueEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.key_entity_id = None + self.value_data = None + self.value_name = None + self.value_type = None + self.kind = 'RegistryValue' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_value_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_value_entity_py3.py new file mode 100644 index 000000000000..9db5440a35f3 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/registry_value_entity_py3.py @@ -0,0 +1,86 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class RegistryValueEntity(Entity): + """Represents a registry value entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar key_entity_id: The registry key entity id. + :vartype key_entity_id: str + :ivar value_data: String formatted representation of the value data. + :vartype value_data: str + :ivar value_name: The registry value name. + :vartype value_name: str + :ivar value_type: Specifies the data types to use when storing values in + the registry, or identifies the data type of a value in the registry. + Possible values include: 'None', 'Unknown', 'String', 'ExpandString', + 'Binary', 'DWord', 'MultiString', 'QWord' + :vartype value_type: str or + ~azure.mgmt.securityinsight.models.RegistryValueKind + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'key_entity_id': {'readonly': True}, + 'value_data': {'readonly': True}, + 'value_name': {'readonly': True}, + 'value_type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'key_entity_id': {'key': 'properties.keyEntityId', 'type': 'str'}, + 'value_data': {'key': 'properties.valueData', 'type': 'str'}, + 'value_name': {'key': 'properties.valueName', 'type': 'str'}, + 'value_type': {'key': 'properties.valueType', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(RegistryValueEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.key_entity_id = None + self.value_data = None + self.value_name = None + self.value_type = None + self.kind = 'RegistryValue' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_base.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_base.py new file mode 100644 index 000000000000..90c16c434502 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_base.py @@ -0,0 +1,52 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource import Resource + + +class RelationBase(Resource): + """Represents a relation. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :ivar kind: The type of relation node. Possible values include: + 'CasesToBookmarks' + :vartype kind: str or ~azure.mgmt.securityinsight.models.RelationTypes + :param etag: ETag for relation + :type etag: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(RelationBase, self).__init__(**kwargs) + self.kind = None + self.etag = kwargs.get('etag', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_base_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_base_py3.py new file mode 100644 index 000000000000..dea30f55e6cc --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_base_py3.py @@ -0,0 +1,52 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_py3 import Resource + + +class RelationBase(Resource): + """Represents a relation. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :ivar kind: The type of relation node. Possible values include: + 'CasesToBookmarks' + :vartype kind: str or ~azure.mgmt.securityinsight.models.RelationTypes + :param etag: ETag for relation + :type etag: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + } + + def __init__(self, *, etag: str=None, **kwargs) -> None: + super(RelationBase, self).__init__(**kwargs) + self.kind = None + self.etag = etag diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_node.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_node.py new file mode 100644 index 000000000000..3a97617848eb --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_node.py @@ -0,0 +1,49 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class RelationNode(Model): + """Relation node. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :param relation_node_id: Relation Node Id + :type relation_node_id: str + :ivar relation_node_kind: The type of relation node. Possible values + include: 'Case', 'Bookmark' + :vartype relation_node_kind: str or + ~azure.mgmt.securityinsight.models.RelationNodeKind + :param etag: Etag for relation node + :type etag: str + :param relation_additional_properties: Additional set of properties + :type relation_additional_properties: dict[str, str] + """ + + _validation = { + 'relation_node_kind': {'readonly': True}, + } + + _attribute_map = { + 'relation_node_id': {'key': 'relationNodeId', 'type': 'str'}, + 'relation_node_kind': {'key': 'relationNodeKind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'relation_additional_properties': {'key': 'relationAdditionalProperties', 'type': '{str}'}, + } + + def __init__(self, **kwargs): + super(RelationNode, self).__init__(**kwargs) + self.relation_node_id = kwargs.get('relation_node_id', None) + self.relation_node_kind = None + self.etag = kwargs.get('etag', None) + self.relation_additional_properties = kwargs.get('relation_additional_properties', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_node_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_node_py3.py new file mode 100644 index 000000000000..c1a33561a989 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relation_node_py3.py @@ -0,0 +1,49 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class RelationNode(Model): + """Relation node. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :param relation_node_id: Relation Node Id + :type relation_node_id: str + :ivar relation_node_kind: The type of relation node. Possible values + include: 'Case', 'Bookmark' + :vartype relation_node_kind: str or + ~azure.mgmt.securityinsight.models.RelationNodeKind + :param etag: Etag for relation node + :type etag: str + :param relation_additional_properties: Additional set of properties + :type relation_additional_properties: dict[str, str] + """ + + _validation = { + 'relation_node_kind': {'readonly': True}, + } + + _attribute_map = { + 'relation_node_id': {'key': 'relationNodeId', 'type': 'str'}, + 'relation_node_kind': {'key': 'relationNodeKind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'relation_additional_properties': {'key': 'relationAdditionalProperties', 'type': '{str}'}, + } + + def __init__(self, *, relation_node_id: str=None, etag: str=None, relation_additional_properties=None, **kwargs) -> None: + super(RelationNode, self).__init__(**kwargs) + self.relation_node_id = relation_node_id + self.relation_node_kind = None + self.etag = etag + self.relation_additional_properties = relation_additional_properties diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relations_model_input.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relations_model_input.py new file mode 100644 index 000000000000..aa25bcaf532f --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relations_model_input.py @@ -0,0 +1,64 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .relation_base import RelationBase + + +class RelationsModelInput(RelationBase): + """Relation input model. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :ivar kind: The type of relation node. Possible values include: + 'CasesToBookmarks' + :vartype kind: str or ~azure.mgmt.securityinsight.models.RelationTypes + :param etag: ETag for relation + :type etag: str + :param relation_name: Name of relation + :type relation_name: str + :param source_relation_node: Relation source node + :type source_relation_node: + ~azure.mgmt.securityinsight.models.RelationNode + :param target_relation_node: Relation target node + :type target_relation_node: + ~azure.mgmt.securityinsight.models.RelationNode + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'relation_name': {'key': 'properties.relationName', 'type': 'str'}, + 'source_relation_node': {'key': 'properties.sourceRelationNode', 'type': 'RelationNode'}, + 'target_relation_node': {'key': 'properties.targetRelationNode', 'type': 'RelationNode'}, + } + + def __init__(self, **kwargs): + super(RelationsModelInput, self).__init__(**kwargs) + self.relation_name = kwargs.get('relation_name', None) + self.source_relation_node = kwargs.get('source_relation_node', None) + self.target_relation_node = kwargs.get('target_relation_node', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relations_model_input_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relations_model_input_py3.py new file mode 100644 index 000000000000..8a1850b49b51 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/relations_model_input_py3.py @@ -0,0 +1,64 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .relation_base_py3 import RelationBase + + +class RelationsModelInput(RelationBase): + """Relation input model. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :ivar kind: The type of relation node. Possible values include: + 'CasesToBookmarks' + :vartype kind: str or ~azure.mgmt.securityinsight.models.RelationTypes + :param etag: ETag for relation + :type etag: str + :param relation_name: Name of relation + :type relation_name: str + :param source_relation_node: Relation source node + :type source_relation_node: + ~azure.mgmt.securityinsight.models.RelationNode + :param target_relation_node: Relation target node + :type target_relation_node: + ~azure.mgmt.securityinsight.models.RelationNode + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'relation_name': {'key': 'properties.relationName', 'type': 'str'}, + 'source_relation_node': {'key': 'properties.sourceRelationNode', 'type': 'RelationNode'}, + 'target_relation_node': {'key': 'properties.targetRelationNode', 'type': 'RelationNode'}, + } + + def __init__(self, *, etag: str=None, relation_name: str=None, source_relation_node=None, target_relation_node=None, **kwargs) -> None: + super(RelationsModelInput, self).__init__(etag=etag, **kwargs) + self.relation_name = relation_name + self.source_relation_node = source_relation_node + self.target_relation_node = target_relation_node diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource.py new file mode 100644 index 000000000000..6492dcd5f052 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource.py @@ -0,0 +1,45 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Resource(Model): + """An azure resource object. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(Resource, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource_py3.py new file mode 100644 index 000000000000..98a0ce326156 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource_py3.py @@ -0,0 +1,45 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Resource(Model): + """An azure resource object. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(Resource, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource_with_etag.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource_with_etag.py new file mode 100644 index 000000000000..5132458f5fbb --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource_with_etag.py @@ -0,0 +1,49 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ResourceWithEtag(Model): + """An azure resource object with an Etag property. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ResourceWithEtag, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.etag = kwargs.get('etag', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource_with_etag_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource_with_etag_py3.py new file mode 100644 index 000000000000..fcb83f8d8edd --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/resource_with_etag_py3.py @@ -0,0 +1,49 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ResourceWithEtag(Model): + """An azure resource object with an Etag property. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + } + + def __init__(self, *, etag: str=None, **kwargs) -> None: + super(ResourceWithEtag, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.etag = etag diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule.py new file mode 100644 index 000000000000..f454a1b09517 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule.py @@ -0,0 +1,126 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule import AlertRule + + +class ScheduledAlertRule(AlertRule): + """Represents scheduled alert rule. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param query: The query that creates alerts for this rule. + :type query: str + :param query_frequency: The frequency (in ISO 8601 duration format) for + this alert rule to run. + :type query_frequency: timedelta + :param query_period: The period (in ISO 8601 duration format) that this + alert rule looks at. + :type query_period: timedelta + :param severity: The severity for alerts created by this alert rule. + Possible values include: 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :param trigger_operator: The operation against the threshold that triggers + alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', + 'NotEqual' + :type trigger_operator: str or + ~azure.mgmt.securityinsight.models.TriggerOperator + :param trigger_threshold: The threshold triggers this alert rule. + :type trigger_threshold: int + :param alert_rule_template_name: The Name of the alert rule template used + to create this rule. + :type alert_rule_template_name: str + :param description: The description of the alert rule. + :type description: str + :param display_name: Required. The display name for alerts created by this + alert rule. + :type display_name: str + :param enabled: Required. Determines whether this alert rule is enabled or + disabled. + :type enabled: bool + :ivar last_modified_utc: The last time that this alert rule has been + modified. + :vartype last_modified_utc: datetime + :param suppression_duration: Required. The suppression (in ISO 8601 + duration format) to wait since last time this alert rule been triggered. + :type suppression_duration: timedelta + :param suppression_enabled: Required. Determines whether the suppression + for this alert rule is enabled or disabled. + :type suppression_enabled: bool + :param tactics: The tactics of the alert rule + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'display_name': {'required': True}, + 'enabled': {'required': True}, + 'last_modified_utc': {'readonly': True}, + 'suppression_duration': {'required': True}, + 'suppression_enabled': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'query': {'key': 'properties.query', 'type': 'str'}, + 'query_frequency': {'key': 'properties.queryFrequency', 'type': 'duration'}, + 'query_period': {'key': 'properties.queryPeriod', 'type': 'duration'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'trigger_operator': {'key': 'properties.triggerOperator', 'type': 'TriggerOperator'}, + 'trigger_threshold': {'key': 'properties.triggerThreshold', 'type': 'int'}, + 'alert_rule_template_name': {'key': 'properties.alertRuleTemplateName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'enabled': {'key': 'properties.enabled', 'type': 'bool'}, + 'last_modified_utc': {'key': 'properties.lastModifiedUtc', 'type': 'iso-8601'}, + 'suppression_duration': {'key': 'properties.suppressionDuration', 'type': 'duration'}, + 'suppression_enabled': {'key': 'properties.suppressionEnabled', 'type': 'bool'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(ScheduledAlertRule, self).__init__(**kwargs) + self.query = kwargs.get('query', None) + self.query_frequency = kwargs.get('query_frequency', None) + self.query_period = kwargs.get('query_period', None) + self.severity = kwargs.get('severity', None) + self.trigger_operator = kwargs.get('trigger_operator', None) + self.trigger_threshold = kwargs.get('trigger_threshold', None) + self.alert_rule_template_name = kwargs.get('alert_rule_template_name', None) + self.description = kwargs.get('description', None) + self.display_name = kwargs.get('display_name', None) + self.enabled = kwargs.get('enabled', None) + self.last_modified_utc = None + self.suppression_duration = kwargs.get('suppression_duration', None) + self.suppression_enabled = kwargs.get('suppression_enabled', None) + self.tactics = kwargs.get('tactics', None) + self.kind = 'Scheduled' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_common_properties.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_common_properties.py new file mode 100644 index 000000000000..a294796cfb50 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_common_properties.py @@ -0,0 +1,54 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ScheduledAlertRuleCommonProperties(Model): + """Schedule alert rule template property bag. + + :param query: The query that creates alerts for this rule. + :type query: str + :param query_frequency: The frequency (in ISO 8601 duration format) for + this alert rule to run. + :type query_frequency: timedelta + :param query_period: The period (in ISO 8601 duration format) that this + alert rule looks at. + :type query_period: timedelta + :param severity: The severity for alerts created by this alert rule. + Possible values include: 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :param trigger_operator: The operation against the threshold that triggers + alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', + 'NotEqual' + :type trigger_operator: str or + ~azure.mgmt.securityinsight.models.TriggerOperator + :param trigger_threshold: The threshold triggers this alert rule. + :type trigger_threshold: int + """ + + _attribute_map = { + 'query': {'key': 'query', 'type': 'str'}, + 'query_frequency': {'key': 'queryFrequency', 'type': 'duration'}, + 'query_period': {'key': 'queryPeriod', 'type': 'duration'}, + 'severity': {'key': 'severity', 'type': 'str'}, + 'trigger_operator': {'key': 'triggerOperator', 'type': 'TriggerOperator'}, + 'trigger_threshold': {'key': 'triggerThreshold', 'type': 'int'}, + } + + def __init__(self, **kwargs): + super(ScheduledAlertRuleCommonProperties, self).__init__(**kwargs) + self.query = kwargs.get('query', None) + self.query_frequency = kwargs.get('query_frequency', None) + self.query_period = kwargs.get('query_period', None) + self.severity = kwargs.get('severity', None) + self.trigger_operator = kwargs.get('trigger_operator', None) + self.trigger_threshold = kwargs.get('trigger_threshold', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_common_properties_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_common_properties_py3.py new file mode 100644 index 000000000000..cc8c35f2f34a --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_common_properties_py3.py @@ -0,0 +1,54 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ScheduledAlertRuleCommonProperties(Model): + """Schedule alert rule template property bag. + + :param query: The query that creates alerts for this rule. + :type query: str + :param query_frequency: The frequency (in ISO 8601 duration format) for + this alert rule to run. + :type query_frequency: timedelta + :param query_period: The period (in ISO 8601 duration format) that this + alert rule looks at. + :type query_period: timedelta + :param severity: The severity for alerts created by this alert rule. + Possible values include: 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :param trigger_operator: The operation against the threshold that triggers + alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', + 'NotEqual' + :type trigger_operator: str or + ~azure.mgmt.securityinsight.models.TriggerOperator + :param trigger_threshold: The threshold triggers this alert rule. + :type trigger_threshold: int + """ + + _attribute_map = { + 'query': {'key': 'query', 'type': 'str'}, + 'query_frequency': {'key': 'queryFrequency', 'type': 'duration'}, + 'query_period': {'key': 'queryPeriod', 'type': 'duration'}, + 'severity': {'key': 'severity', 'type': 'str'}, + 'trigger_operator': {'key': 'triggerOperator', 'type': 'TriggerOperator'}, + 'trigger_threshold': {'key': 'triggerThreshold', 'type': 'int'}, + } + + def __init__(self, *, query: str=None, query_frequency=None, query_period=None, severity=None, trigger_operator=None, trigger_threshold: int=None, **kwargs) -> None: + super(ScheduledAlertRuleCommonProperties, self).__init__(**kwargs) + self.query = query + self.query_frequency = query_frequency + self.query_period = query_period + self.severity = severity + self.trigger_operator = trigger_operator + self.trigger_threshold = trigger_threshold diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_py3.py new file mode 100644 index 000000000000..e63f54e51274 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_py3.py @@ -0,0 +1,126 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule_py3 import AlertRule + + +class ScheduledAlertRule(AlertRule): + """Represents scheduled alert rule. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param query: The query that creates alerts for this rule. + :type query: str + :param query_frequency: The frequency (in ISO 8601 duration format) for + this alert rule to run. + :type query_frequency: timedelta + :param query_period: The period (in ISO 8601 duration format) that this + alert rule looks at. + :type query_period: timedelta + :param severity: The severity for alerts created by this alert rule. + Possible values include: 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :param trigger_operator: The operation against the threshold that triggers + alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', + 'NotEqual' + :type trigger_operator: str or + ~azure.mgmt.securityinsight.models.TriggerOperator + :param trigger_threshold: The threshold triggers this alert rule. + :type trigger_threshold: int + :param alert_rule_template_name: The Name of the alert rule template used + to create this rule. + :type alert_rule_template_name: str + :param description: The description of the alert rule. + :type description: str + :param display_name: Required. The display name for alerts created by this + alert rule. + :type display_name: str + :param enabled: Required. Determines whether this alert rule is enabled or + disabled. + :type enabled: bool + :ivar last_modified_utc: The last time that this alert rule has been + modified. + :vartype last_modified_utc: datetime + :param suppression_duration: Required. The suppression (in ISO 8601 + duration format) to wait since last time this alert rule been triggered. + :type suppression_duration: timedelta + :param suppression_enabled: Required. Determines whether the suppression + for this alert rule is enabled or disabled. + :type suppression_enabled: bool + :param tactics: The tactics of the alert rule + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'display_name': {'required': True}, + 'enabled': {'required': True}, + 'last_modified_utc': {'readonly': True}, + 'suppression_duration': {'required': True}, + 'suppression_enabled': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'query': {'key': 'properties.query', 'type': 'str'}, + 'query_frequency': {'key': 'properties.queryFrequency', 'type': 'duration'}, + 'query_period': {'key': 'properties.queryPeriod', 'type': 'duration'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'trigger_operator': {'key': 'properties.triggerOperator', 'type': 'TriggerOperator'}, + 'trigger_threshold': {'key': 'properties.triggerThreshold', 'type': 'int'}, + 'alert_rule_template_name': {'key': 'properties.alertRuleTemplateName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'enabled': {'key': 'properties.enabled', 'type': 'bool'}, + 'last_modified_utc': {'key': 'properties.lastModifiedUtc', 'type': 'iso-8601'}, + 'suppression_duration': {'key': 'properties.suppressionDuration', 'type': 'duration'}, + 'suppression_enabled': {'key': 'properties.suppressionEnabled', 'type': 'bool'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + } + + def __init__(self, *, display_name: str, enabled: bool, suppression_duration, suppression_enabled: bool, etag: str=None, query: str=None, query_frequency=None, query_period=None, severity=None, trigger_operator=None, trigger_threshold: int=None, alert_rule_template_name: str=None, description: str=None, tactics=None, **kwargs) -> None: + super(ScheduledAlertRule, self).__init__(etag=etag, **kwargs) + self.query = query + self.query_frequency = query_frequency + self.query_period = query_period + self.severity = severity + self.trigger_operator = trigger_operator + self.trigger_threshold = trigger_threshold + self.alert_rule_template_name = alert_rule_template_name + self.description = description + self.display_name = display_name + self.enabled = enabled + self.last_modified_utc = None + self.suppression_duration = suppression_duration + self.suppression_enabled = suppression_enabled + self.tactics = tactics + self.kind = 'Scheduled' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_template.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_template.py new file mode 100644 index 000000000000..a9909549ed53 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_template.py @@ -0,0 +1,125 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule_template import AlertRuleTemplate + + +class ScheduledAlertRuleTemplate(AlertRuleTemplate): + """Represents scheduled alert rule template. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :param alert_rules_created_by_template_count: Required. the number of + alert rules that were created by this template + :type alert_rules_created_by_template_count: int + :ivar created_date_utc: The time that this alert rule template has been + added. + :vartype created_date_utc: datetime + :param description: Required. The description of the alert rule template. + :type description: str + :param display_name: Required. The display name for alert rule template. + :type display_name: str + :param required_data_connectors: The required data connectors for this + template + :type required_data_connectors: + list[~azure.mgmt.securityinsight.models.DataConnectorStatus] + :param status: Required. The alert rule template status. Possible values + include: 'Installed', 'Available', 'NotAvailable' + :type status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :param tactics: The tactics of the alert rule template + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + :param query: Required. The query that creates alerts for this rule. + :type query: str + :param query_frequency: Required. The frequency (in ISO 8601 duration + format) for this alert rule to run. + :type query_frequency: timedelta + :param query_period: Required. The period (in ISO 8601 duration format) + that this alert rule looks at. + :type query_period: timedelta + :param severity: Required. The severity for alerts created by this alert + rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :param trigger_operator: Required. The operation against the threshold + that triggers alert rule. Possible values include: 'GreaterThan', + 'LessThan', 'Equal', 'NotEqual' + :type trigger_operator: str or + ~azure.mgmt.securityinsight.models.TriggerOperator + :param trigger_threshold: Required. The threshold triggers this alert + rule. + :type trigger_threshold: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'alert_rules_created_by_template_count': {'required': True}, + 'created_date_utc': {'readonly': True}, + 'description': {'required': True}, + 'display_name': {'required': True}, + 'status': {'required': True}, + 'query': {'required': True}, + 'query_frequency': {'required': True}, + 'query_period': {'required': True}, + 'severity': {'required': True}, + 'trigger_operator': {'required': True}, + 'trigger_threshold': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'alert_rules_created_by_template_count': {'key': 'properties.alertRulesCreatedByTemplateCount', 'type': 'int'}, + 'created_date_utc': {'key': 'properties.createdDateUTC', 'type': 'iso-8601'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'required_data_connectors': {'key': 'properties.requiredDataConnectors', 'type': '[DataConnectorStatus]'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + 'query': {'key': 'properties.query', 'type': 'str'}, + 'query_frequency': {'key': 'properties.queryFrequency', 'type': 'duration'}, + 'query_period': {'key': 'properties.queryPeriod', 'type': 'duration'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'trigger_operator': {'key': 'properties.triggerOperator', 'type': 'TriggerOperator'}, + 'trigger_threshold': {'key': 'properties.triggerThreshold', 'type': 'int'}, + } + + def __init__(self, **kwargs): + super(ScheduledAlertRuleTemplate, self).__init__(**kwargs) + self.alert_rules_created_by_template_count = kwargs.get('alert_rules_created_by_template_count', None) + self.created_date_utc = None + self.description = kwargs.get('description', None) + self.display_name = kwargs.get('display_name', None) + self.required_data_connectors = kwargs.get('required_data_connectors', None) + self.status = kwargs.get('status', None) + self.tactics = kwargs.get('tactics', None) + self.query = kwargs.get('query', None) + self.query_frequency = kwargs.get('query_frequency', None) + self.query_period = kwargs.get('query_period', None) + self.severity = kwargs.get('severity', None) + self.trigger_operator = kwargs.get('trigger_operator', None) + self.trigger_threshold = kwargs.get('trigger_threshold', None) + self.kind = 'Scheduled' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_template_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_template_py3.py new file mode 100644 index 000000000000..0c157a653bf3 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/scheduled_alert_rule_template_py3.py @@ -0,0 +1,125 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .alert_rule_template_py3 import AlertRuleTemplate + + +class ScheduledAlertRuleTemplate(AlertRuleTemplate): + """Represents scheduled alert rule template. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :param alert_rules_created_by_template_count: Required. the number of + alert rules that were created by this template + :type alert_rules_created_by_template_count: int + :ivar created_date_utc: The time that this alert rule template has been + added. + :vartype created_date_utc: datetime + :param description: Required. The description of the alert rule template. + :type description: str + :param display_name: Required. The display name for alert rule template. + :type display_name: str + :param required_data_connectors: The required data connectors for this + template + :type required_data_connectors: + list[~azure.mgmt.securityinsight.models.DataConnectorStatus] + :param status: Required. The alert rule template status. Possible values + include: 'Installed', 'Available', 'NotAvailable' + :type status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :param tactics: The tactics of the alert rule template + :type tactics: list[str or + ~azure.mgmt.securityinsight.models.AttackTactic] + :param query: Required. The query that creates alerts for this rule. + :type query: str + :param query_frequency: Required. The frequency (in ISO 8601 duration + format) for this alert rule to run. + :type query_frequency: timedelta + :param query_period: Required. The period (in ISO 8601 duration format) + that this alert rule looks at. + :type query_period: timedelta + :param severity: Required. The severity for alerts created by this alert + rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :param trigger_operator: Required. The operation against the threshold + that triggers alert rule. Possible values include: 'GreaterThan', + 'LessThan', 'Equal', 'NotEqual' + :type trigger_operator: str or + ~azure.mgmt.securityinsight.models.TriggerOperator + :param trigger_threshold: Required. The threshold triggers this alert + rule. + :type trigger_threshold: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'alert_rules_created_by_template_count': {'required': True}, + 'created_date_utc': {'readonly': True}, + 'description': {'required': True}, + 'display_name': {'required': True}, + 'status': {'required': True}, + 'query': {'required': True}, + 'query_frequency': {'required': True}, + 'query_period': {'required': True}, + 'severity': {'required': True}, + 'trigger_operator': {'required': True}, + 'trigger_threshold': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'alert_rules_created_by_template_count': {'key': 'properties.alertRulesCreatedByTemplateCount', 'type': 'int'}, + 'created_date_utc': {'key': 'properties.createdDateUTC', 'type': 'iso-8601'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'required_data_connectors': {'key': 'properties.requiredDataConnectors', 'type': '[DataConnectorStatus]'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + 'query': {'key': 'properties.query', 'type': 'str'}, + 'query_frequency': {'key': 'properties.queryFrequency', 'type': 'duration'}, + 'query_period': {'key': 'properties.queryPeriod', 'type': 'duration'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'trigger_operator': {'key': 'properties.triggerOperator', 'type': 'TriggerOperator'}, + 'trigger_threshold': {'key': 'properties.triggerThreshold', 'type': 'int'}, + } + + def __init__(self, *, alert_rules_created_by_template_count: int, description: str, display_name: str, status, query: str, query_frequency, query_period, severity, trigger_operator, trigger_threshold: int, required_data_connectors=None, tactics=None, **kwargs) -> None: + super(ScheduledAlertRuleTemplate, self).__init__(**kwargs) + self.alert_rules_created_by_template_count = alert_rules_created_by_template_count + self.created_date_utc = None + self.description = description + self.display_name = display_name + self.required_data_connectors = required_data_connectors + self.status = status + self.tactics = tactics + self.query = query + self.query_frequency = query_frequency + self.query_period = query_period + self.severity = severity + self.trigger_operator = trigger_operator + self.trigger_threshold = trigger_threshold + self.kind = 'Scheduled' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert.py new file mode 100644 index 000000000000..95e4924b16f5 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert.py @@ -0,0 +1,186 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class SecurityAlert(Entity): + """Represents a security alert entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar alert_display_name: The display name of the alert. + :vartype alert_display_name: str + :ivar alert_type: The type name of the alert. + :vartype alert_type: str + :ivar compromised_entity: Display name of the main entity being reported + on. + :vartype compromised_entity: str + :ivar confidence_level: The confidence level of this alert. Possible + values include: 'Unknown', 'Low', 'High' + :vartype confidence_level: str or + ~azure.mgmt.securityinsight.models.ConfidenceLevel + :ivar confidence_reasons: The confidence reasons + :vartype confidence_reasons: + list[~azure.mgmt.securityinsight.models.SecurityAlertPropertiesConfidenceReasonsItem] + :ivar confidence_score: The confidence score of the alert. + :vartype confidence_score: float + :ivar confidence_score_status: The confidence score calculation status, + i.e. indicating if score calculation is pending for this alert, not + applicable or final. Possible values include: 'NotApplicable', + 'InProcess', 'NotFinal', 'Final' + :vartype confidence_score_status: str or + ~azure.mgmt.securityinsight.models.ConfidenceScoreStatus + :ivar description: Alert description. + :vartype description: str + :ivar end_time_utc: The impact end time of the alert (the time of the last + event contributing to the alert). + :vartype end_time_utc: datetime + :ivar intent: Holds the alert intent stage(s) mapping for this alert. + Possible values include: 'Unknown', 'Probing', 'Exploitation', + 'Persistence', 'PrivilegeEscalation', 'DefenseEvasion', + 'CredentialAccess', 'Discovery', 'LateralMovement', 'Execution', + 'Collection', 'Exfiltration', 'CommandAndControl', 'Impact' + :vartype intent: str or ~azure.mgmt.securityinsight.models.KillChainIntent + :ivar processing_end_time: The time the alert was made available for + consumption. + :vartype processing_end_time: datetime + :ivar product_component_name: The name of a component inside the product + which generated the alert. + :vartype product_component_name: str + :ivar product_name: The name of the product which published this alert. + :vartype product_name: str + :ivar product_version: The version of the product generating the alert. + :vartype product_version: str + :ivar remediation_steps: Manual action items to take to remediate the + alert. + :vartype remediation_steps: list[str] + :param severity: The severity of the alert. Possible values include: + 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar start_time_utc: The impact start time of the alert (the time of the + first event contributing to the alert). + :vartype start_time_utc: datetime + :ivar status: The lifecycle status of the alert. Possible values include: + 'Unknown', 'New', 'Resolved', 'Dismissed', 'InProgress' + :vartype status: str or ~azure.mgmt.securityinsight.models.AlertStatus + :ivar system_alert_id: Holds the product identifier of the alert for the + product. + :vartype system_alert_id: str + :ivar time_generated: The time the alert was generated. + :vartype time_generated: datetime + :ivar vendor_name: The name of the vendor that raise the alert. + :vartype vendor_name: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'alert_display_name': {'readonly': True}, + 'alert_type': {'readonly': True}, + 'compromised_entity': {'readonly': True}, + 'confidence_level': {'readonly': True}, + 'confidence_reasons': {'readonly': True}, + 'confidence_score': {'readonly': True}, + 'confidence_score_status': {'readonly': True}, + 'description': {'readonly': True}, + 'end_time_utc': {'readonly': True}, + 'intent': {'readonly': True}, + 'processing_end_time': {'readonly': True}, + 'product_component_name': {'readonly': True}, + 'product_name': {'readonly': True}, + 'product_version': {'readonly': True}, + 'remediation_steps': {'readonly': True}, + 'start_time_utc': {'readonly': True}, + 'status': {'readonly': True}, + 'system_alert_id': {'readonly': True}, + 'time_generated': {'readonly': True}, + 'vendor_name': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'alert_display_name': {'key': 'properties.alertDisplayName', 'type': 'str'}, + 'alert_type': {'key': 'properties.alertType', 'type': 'str'}, + 'compromised_entity': {'key': 'properties.compromisedEntity', 'type': 'str'}, + 'confidence_level': {'key': 'properties.confidenceLevel', 'type': 'str'}, + 'confidence_reasons': {'key': 'properties.confidenceReasons', 'type': '[SecurityAlertPropertiesConfidenceReasonsItem]'}, + 'confidence_score': {'key': 'properties.confidenceScore', 'type': 'float'}, + 'confidence_score_status': {'key': 'properties.confidenceScoreStatus', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'end_time_utc': {'key': 'properties.endTimeUtc', 'type': 'iso-8601'}, + 'intent': {'key': 'properties.intent', 'type': 'str'}, + 'processing_end_time': {'key': 'properties.processingEndTime', 'type': 'iso-8601'}, + 'product_component_name': {'key': 'properties.productComponentName', 'type': 'str'}, + 'product_name': {'key': 'properties.productName', 'type': 'str'}, + 'product_version': {'key': 'properties.productVersion', 'type': 'str'}, + 'remediation_steps': {'key': 'properties.remediationSteps', 'type': '[str]'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'start_time_utc': {'key': 'properties.startTimeUtc', 'type': 'iso-8601'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'system_alert_id': {'key': 'properties.systemAlertId', 'type': 'str'}, + 'time_generated': {'key': 'properties.timeGenerated', 'type': 'iso-8601'}, + 'vendor_name': {'key': 'properties.vendorName', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(SecurityAlert, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.alert_display_name = None + self.alert_type = None + self.compromised_entity = None + self.confidence_level = None + self.confidence_reasons = None + self.confidence_score = None + self.confidence_score_status = None + self.description = None + self.end_time_utc = None + self.intent = None + self.processing_end_time = None + self.product_component_name = None + self.product_name = None + self.product_version = None + self.remediation_steps = None + self.severity = kwargs.get('severity', None) + self.start_time_utc = None + self.status = None + self.system_alert_id = None + self.time_generated = None + self.vendor_name = None + self.kind = 'SecurityAlert' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert_properties_confidence_reasons_item.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert_properties_confidence_reasons_item.py new file mode 100644 index 000000000000..86069bf24aec --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert_properties_confidence_reasons_item.py @@ -0,0 +1,40 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class SecurityAlertPropertiesConfidenceReasonsItem(Model): + """confidence reason item. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar reason: The reason's description + :vartype reason: str + :ivar reason_type: The type (category) of the reason + :vartype reason_type: str + """ + + _validation = { + 'reason': {'readonly': True}, + 'reason_type': {'readonly': True}, + } + + _attribute_map = { + 'reason': {'key': 'reason', 'type': 'str'}, + 'reason_type': {'key': 'reasonType', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(SecurityAlertPropertiesConfidenceReasonsItem, self).__init__(**kwargs) + self.reason = None + self.reason_type = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert_properties_confidence_reasons_item_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert_properties_confidence_reasons_item_py3.py new file mode 100644 index 000000000000..c6e889de97cf --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert_properties_confidence_reasons_item_py3.py @@ -0,0 +1,40 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class SecurityAlertPropertiesConfidenceReasonsItem(Model): + """confidence reason item. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar reason: The reason's description + :vartype reason: str + :ivar reason_type: The type (category) of the reason + :vartype reason_type: str + """ + + _validation = { + 'reason': {'readonly': True}, + 'reason_type': {'readonly': True}, + } + + _attribute_map = { + 'reason': {'key': 'reason', 'type': 'str'}, + 'reason_type': {'key': 'reasonType', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(SecurityAlertPropertiesConfidenceReasonsItem, self).__init__(**kwargs) + self.reason = None + self.reason_type = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert_py3.py new file mode 100644 index 000000000000..14eb65bbe561 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_alert_py3.py @@ -0,0 +1,186 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class SecurityAlert(Entity): + """Represents a security alert entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar alert_display_name: The display name of the alert. + :vartype alert_display_name: str + :ivar alert_type: The type name of the alert. + :vartype alert_type: str + :ivar compromised_entity: Display name of the main entity being reported + on. + :vartype compromised_entity: str + :ivar confidence_level: The confidence level of this alert. Possible + values include: 'Unknown', 'Low', 'High' + :vartype confidence_level: str or + ~azure.mgmt.securityinsight.models.ConfidenceLevel + :ivar confidence_reasons: The confidence reasons + :vartype confidence_reasons: + list[~azure.mgmt.securityinsight.models.SecurityAlertPropertiesConfidenceReasonsItem] + :ivar confidence_score: The confidence score of the alert. + :vartype confidence_score: float + :ivar confidence_score_status: The confidence score calculation status, + i.e. indicating if score calculation is pending for this alert, not + applicable or final. Possible values include: 'NotApplicable', + 'InProcess', 'NotFinal', 'Final' + :vartype confidence_score_status: str or + ~azure.mgmt.securityinsight.models.ConfidenceScoreStatus + :ivar description: Alert description. + :vartype description: str + :ivar end_time_utc: The impact end time of the alert (the time of the last + event contributing to the alert). + :vartype end_time_utc: datetime + :ivar intent: Holds the alert intent stage(s) mapping for this alert. + Possible values include: 'Unknown', 'Probing', 'Exploitation', + 'Persistence', 'PrivilegeEscalation', 'DefenseEvasion', + 'CredentialAccess', 'Discovery', 'LateralMovement', 'Execution', + 'Collection', 'Exfiltration', 'CommandAndControl', 'Impact' + :vartype intent: str or ~azure.mgmt.securityinsight.models.KillChainIntent + :ivar processing_end_time: The time the alert was made available for + consumption. + :vartype processing_end_time: datetime + :ivar product_component_name: The name of a component inside the product + which generated the alert. + :vartype product_component_name: str + :ivar product_name: The name of the product which published this alert. + :vartype product_name: str + :ivar product_version: The version of the product generating the alert. + :vartype product_version: str + :ivar remediation_steps: Manual action items to take to remediate the + alert. + :vartype remediation_steps: list[str] + :param severity: The severity of the alert. Possible values include: + 'High', 'Medium', 'Low', 'Informational' + :type severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar start_time_utc: The impact start time of the alert (the time of the + first event contributing to the alert). + :vartype start_time_utc: datetime + :ivar status: The lifecycle status of the alert. Possible values include: + 'Unknown', 'New', 'Resolved', 'Dismissed', 'InProgress' + :vartype status: str or ~azure.mgmt.securityinsight.models.AlertStatus + :ivar system_alert_id: Holds the product identifier of the alert for the + product. + :vartype system_alert_id: str + :ivar time_generated: The time the alert was generated. + :vartype time_generated: datetime + :ivar vendor_name: The name of the vendor that raise the alert. + :vartype vendor_name: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'alert_display_name': {'readonly': True}, + 'alert_type': {'readonly': True}, + 'compromised_entity': {'readonly': True}, + 'confidence_level': {'readonly': True}, + 'confidence_reasons': {'readonly': True}, + 'confidence_score': {'readonly': True}, + 'confidence_score_status': {'readonly': True}, + 'description': {'readonly': True}, + 'end_time_utc': {'readonly': True}, + 'intent': {'readonly': True}, + 'processing_end_time': {'readonly': True}, + 'product_component_name': {'readonly': True}, + 'product_name': {'readonly': True}, + 'product_version': {'readonly': True}, + 'remediation_steps': {'readonly': True}, + 'start_time_utc': {'readonly': True}, + 'status': {'readonly': True}, + 'system_alert_id': {'readonly': True}, + 'time_generated': {'readonly': True}, + 'vendor_name': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'alert_display_name': {'key': 'properties.alertDisplayName', 'type': 'str'}, + 'alert_type': {'key': 'properties.alertType', 'type': 'str'}, + 'compromised_entity': {'key': 'properties.compromisedEntity', 'type': 'str'}, + 'confidence_level': {'key': 'properties.confidenceLevel', 'type': 'str'}, + 'confidence_reasons': {'key': 'properties.confidenceReasons', 'type': '[SecurityAlertPropertiesConfidenceReasonsItem]'}, + 'confidence_score': {'key': 'properties.confidenceScore', 'type': 'float'}, + 'confidence_score_status': {'key': 'properties.confidenceScoreStatus', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'end_time_utc': {'key': 'properties.endTimeUtc', 'type': 'iso-8601'}, + 'intent': {'key': 'properties.intent', 'type': 'str'}, + 'processing_end_time': {'key': 'properties.processingEndTime', 'type': 'iso-8601'}, + 'product_component_name': {'key': 'properties.productComponentName', 'type': 'str'}, + 'product_name': {'key': 'properties.productName', 'type': 'str'}, + 'product_version': {'key': 'properties.productVersion', 'type': 'str'}, + 'remediation_steps': {'key': 'properties.remediationSteps', 'type': '[str]'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'start_time_utc': {'key': 'properties.startTimeUtc', 'type': 'iso-8601'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'system_alert_id': {'key': 'properties.systemAlertId', 'type': 'str'}, + 'time_generated': {'key': 'properties.timeGenerated', 'type': 'iso-8601'}, + 'vendor_name': {'key': 'properties.vendorName', 'type': 'str'}, + } + + def __init__(self, *, severity=None, **kwargs) -> None: + super(SecurityAlert, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.alert_display_name = None + self.alert_type = None + self.compromised_entity = None + self.confidence_level = None + self.confidence_reasons = None + self.confidence_score = None + self.confidence_score_status = None + self.description = None + self.end_time_utc = None + self.intent = None + self.processing_end_time = None + self.product_component_name = None + self.product_name = None + self.product_version = None + self.remediation_steps = None + self.severity = severity + self.start_time_utc = None + self.status = None + self.system_alert_id = None + self.time_generated = None + self.vendor_name = None + self.kind = 'SecurityAlert' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_group_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_group_entity.py new file mode 100644 index 000000000000..70ff48e34f49 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_group_entity.py @@ -0,0 +1,79 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class SecurityGroupEntity(Entity): + """Represents a security group entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar distinguished_name: The group distinguished name + :vartype distinguished_name: str + :ivar object_guid: A single-value attribute that is the unique identifier + for the object, assigned by active directory. + :vartype object_guid: str + :ivar sid: The SID attribute is a single-value attribute that specifies + the security identifier (SID) of the group + :vartype sid: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'distinguished_name': {'readonly': True}, + 'object_guid': {'readonly': True}, + 'sid': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'distinguished_name': {'key': 'properties.distinguishedName', 'type': 'str'}, + 'object_guid': {'key': 'properties.objectGuid', 'type': 'str'}, + 'sid': {'key': 'properties.sid', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(SecurityGroupEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.distinguished_name = None + self.object_guid = None + self.sid = None + self.kind = 'SecurityGroup' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_group_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_group_entity_py3.py new file mode 100644 index 000000000000..f3380ca1b06c --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_group_entity_py3.py @@ -0,0 +1,79 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class SecurityGroupEntity(Entity): + """Represents a security group entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar distinguished_name: The group distinguished name + :vartype distinguished_name: str + :ivar object_guid: A single-value attribute that is the unique identifier + for the object, assigned by active directory. + :vartype object_guid: str + :ivar sid: The SID attribute is a single-value attribute that specifies + the security identifier (SID) of the group + :vartype sid: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'distinguished_name': {'readonly': True}, + 'object_guid': {'readonly': True}, + 'sid': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'distinguished_name': {'key': 'properties.distinguishedName', 'type': 'str'}, + 'object_guid': {'key': 'properties.objectGuid', 'type': 'str'}, + 'sid': {'key': 'properties.sid', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(SecurityGroupEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.distinguished_name = None + self.object_guid = None + self.sid = None + self.kind = 'SecurityGroup' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_insights_enums.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_insights_enums.py new file mode 100644 index 000000000000..25dc355f5a41 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_insights_enums.py @@ -0,0 +1,282 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from enum import Enum + + +class AggregationsKind(str, Enum): + + cases_aggregation = "CasesAggregation" + + +class AlertRuleKind(str, Enum): + + scheduled = "Scheduled" + microsoft_security_incident_creation = "MicrosoftSecurityIncidentCreation" + fusion = "Fusion" + + +class DataTypeStatus(str, Enum): + + exist = "Exist" + not_exist = "NotExist" + + +class TemplateStatus(str, Enum): + + installed = "Installed" #: Alert rule template installed. and can not use more then once + available = "Available" #: Alert rule template is available. + not_available = "NotAvailable" #: Alert rule template is not available + + +class AttackTactic(str, Enum): + + initial_access = "InitialAccess" + execution = "Execution" + persistence = "Persistence" + privilege_escalation = "PrivilegeEscalation" + defense_evasion = "DefenseEvasion" + credential_access = "CredentialAccess" + discovery = "Discovery" + lateral_movement = "LateralMovement" + collection = "Collection" + exfiltration = "Exfiltration" + command_and_control = "CommandAndControl" + impact = "Impact" + + +class TriggerOperator(str, Enum): + + greater_than = "GreaterThan" + less_than = "LessThan" + equal = "Equal" + not_equal = "NotEqual" + + +class AlertSeverity(str, Enum): + + high = "High" #: High severity + medium = "Medium" #: Medium severity + low = "Low" #: Low severity + informational = "Informational" #: Informational severity + + +class RelationTypes(str, Enum): + + cases_to_bookmarks = "CasesToBookmarks" #: Relations between cases and bookmarks + + +class RelationNodeKind(str, Enum): + + case = "Case" #: Case node part of the relation + bookmark = "Bookmark" #: Bookmark node part of the relation + + +class CloseReason(str, Enum): + + resolved = "Resolved" #: Case was resolved + dismissed = "Dismissed" #: Case was dismissed + true_positive = "TruePositive" #: Case was true positive + false_positive = "FalsePositive" #: Case was false positive + other = "Other" #: Case was closed for another reason + + +class CaseSeverity(str, Enum): + + critical = "Critical" #: Critical severity + high = "High" #: High severity + medium = "Medium" #: Medium severity + low = "Low" #: Low severity + informational = "Informational" #: Informational severity + + +class CaseStatus(str, Enum): + + draft = "Draft" #: Case that wasn't promoted yet to active + new = "New" #: An active case which isn't handled currently + in_progress = "InProgress" #: An active case which is handled + closed = "Closed" #: A non active case + + +class DataTypeState(str, Enum): + + enabled = "Enabled" + disabled = "Disabled" + + +class DataConnectorKind(str, Enum): + + azure_active_directory = "AzureActiveDirectory" + azure_security_center = "AzureSecurityCenter" + microsoft_cloud_app_security = "MicrosoftCloudAppSecurity" + threat_intelligence = "ThreatIntelligence" + office365 = "Office365" + amazon_web_services_cloud_trail = "AmazonWebServicesCloudTrail" + azure_advanced_threat_protection = "AzureAdvancedThreatProtection" + microsoft_defender_advanced_threat_protection = "MicrosoftDefenderAdvancedThreatProtection" + + +class EntityKind(str, Enum): + + account = "Account" #: Entity represents account in the system. + host = "Host" #: Entity represents host in the system. + file = "File" #: Entity represents file in the system. + azure_resource = "AzureResource" #: Entity represents azure resource in the system. + cloud_application = "CloudApplication" #: Entity represents cloud application in the system. + dns_resolution = "DnsResolution" #: Entity represents dns resolution in the system. + file_hash = "FileHash" #: Entity represents file hash in the system. + ip = "Ip" #: Entity represents ip in the system. + malware = "Malware" #: Entity represents malware in the system. + process = "Process" #: Entity represents process in the system. + registry_key = "RegistryKey" #: Entity represents registry key in the system. + registry_value = "RegistryValue" #: Entity represents registry value in the system. + security_group = "SecurityGroup" #: Entity represents security group in the system. + url = "Url" #: Entity represents url in the system. + security_alert = "SecurityAlert" #: Entity represents security alert in the system. + bookmark = "Bookmark" #: Entity represents bookmark in the system. + + +class EntityType(str, Enum): + + account = "Account" #: Entity represents account in the system. + host = "Host" #: Entity represents host in the system. + file = "File" #: Entity represents file in the system. + azure_resource = "AzureResource" #: Entity represents azure resource in the system. + cloud_application = "CloudApplication" #: Entity represents cloud application in the system. + dns = "DNS" #: Entity represents dns in the system. + file_hash = "FileHash" #: Entity represents file hash in the system. + ip = "IP" #: Entity represents ip in the system. + malware = "Malware" #: Entity represents malware in the system. + process = "Process" #: Entity represents process in the system. + registry_key = "RegistryKey" #: Entity represents registry key in the system. + registry_value = "RegistryValue" #: Entity represents registry value in the system. + security_group = "SecurityGroup" #: Entity represents security group in the system. + url = "URL" #: Entity represents url in the system. + security_alert = "SecurityAlert" #: Entity represents security alert in the system. + hunting_bookmark = "HuntingBookmark" #: Entity represents HuntingBookmark in the system. + + +class FileHashAlgorithm(str, Enum): + + unknown = "Unknown" #: Unknown hash algorithm + md5 = "MD5" #: MD5 hash type + sha1 = "SHA1" #: SHA1 hash type + sha256 = "SHA256" #: SHA256 hash type + sha256_ac = "SHA256AC" #: SHA256 Authenticode hash type + + +class OSFamily(str, Enum): + + linux = "Linux" #: Host with Linux operating system. + windows = "Windows" #: Host with Windows operating system. + android = "Android" #: Host with Android operating system. + ios = "IOS" #: Host with IOS operating system. + + +class MicrosoftSecurityProductName(str, Enum): + + microsoft_cloud_app_security = "Microsoft Cloud App Security" + azure_security_center = "Azure Security Center" + azure_advanced_threat_protection = "Azure Advanced Threat Protection" + azure_active_directory_identity_protection = "Azure Active Directory Identity Protection" + + +class ElevationToken(str, Enum): + + default = "Default" #: Default elevation token + full = "Full" #: Full elevation token + limited = "Limited" #: Limited elevation token + + +class RegistryHive(str, Enum): + + hkey_local_machine = "HKEY_LOCAL_MACHINE" #: HKEY_LOCAL_MACHINE + hkey_classes_root = "HKEY_CLASSES_ROOT" #: HKEY_CLASSES_ROOT + hkey_current_config = "HKEY_CURRENT_CONFIG" #: HKEY_CURRENT_CONFIG + hkey_users = "HKEY_USERS" #: HKEY_USERS + hkey_current_user_local_settings = "HKEY_CURRENT_USER_LOCAL_SETTINGS" #: HKEY_CURRENT_USER_LOCAL_SETTINGS + hkey_performance_data = "HKEY_PERFORMANCE_DATA" #: HKEY_PERFORMANCE_DATA + hkey_performance_nlstext = "HKEY_PERFORMANCE_NLSTEXT" #: HKEY_PERFORMANCE_NLSTEXT + hkey_performance_text = "HKEY_PERFORMANCE_TEXT" #: HKEY_PERFORMANCE_TEXT + hkey_a = "HKEY_A" #: HKEY_A + hkey_current_user = "HKEY_CURRENT_USER" #: HKEY_CURRENT_USER + + +class RegistryValueKind(str, Enum): + + none = "None" #: None + unknown = "Unknown" #: Unknown value type + string = "String" #: String value type + expand_string = "ExpandString" #: ExpandString value type + binary = "Binary" #: Binary value type + dword = "DWord" #: DWord value type + multi_string = "MultiString" #: MultiString value type + qword = "QWord" #: QWord value type + + +class ConfidenceLevel(str, Enum): + + unknown = "Unknown" #: Unknown confidence, the is the default value + low = "Low" #: Low confidence, meaning we have some doubts this is indeed malicious or part of an attack + high = "High" #: High confidence that the alert is true positive malicious + + +class ConfidenceScoreStatus(str, Enum): + + not_applicable = "NotApplicable" #: Score will not be calculated for this alert as it is not supported by virtual analyst + in_process = "InProcess" #: No score was set yet and calculation is in progress + not_final = "NotFinal" #: Score is calculated and shown as part of the alert, but may be updated again at a later time following the processing of additional data + final = "Final" #: Final score was calculated and available + + +class KillChainIntent(str, Enum): + + unknown = "Unknown" #: The default value. + probing = "Probing" #: Probing could be an attempt to access a certain resource regardless of a malicious intent or a failed attempt to gain access to a target system to gather information prior to exploitation. This step is usually detected as an attempt originating from outside the network in attempt to scan the target system and find a way in. + exploitation = "Exploitation" #: Exploitation is the stage where an attacker manage to get foothold on the attacked resource. This stage is applicable not only for compute hosts, but also for resources such as user accounts, certificates etc. Adversaries will often be able to control the resource after this stage. + persistence = "Persistence" #: Persistence is any access, action, or configuration change to a system that gives an adversary a persistent presence on that system. Adversaries will often need to maintain access to systems through interruptions such as system restarts, loss of credentials, or other failures that would require a remote access tool to restart or alternate backdoor for them to regain access. + privilege_escalation = "PrivilegeEscalation" #: Privilege escalation is the result of actions that allow an adversary to obtain a higher level of permissions on a system or network. Certain tools or actions require a higher level of privilege to work and are likely necessary at many points throughout an operation. User accounts with permissions to access specific systems or perform specific functions necessary for adversaries to achieve their objective may also be considered an escalation of privilege. + defense_evasion = "DefenseEvasion" #: Defense evasion consists of techniques an adversary may use to evade detection or avoid other defenses. Sometimes these actions are the same as or variations of techniques in other categories that have the added benefit of subverting a particular defense or mitigation. + credential_access = "CredentialAccess" #: Credential access represents techniques resulting in access to or control over system, domain, or service credentials that are used within an enterprise environment. Adversaries will likely attempt to obtain legitimate credentials from users or administrator accounts (local system administrator or domain users with administrator access) to use within the network. With sufficient access within a network, an adversary can create accounts for later use within the environment. + discovery = "Discovery" #: Discovery consists of techniques that allow the adversary to gain knowledge about the system and internal network. When adversaries gain access to a new system, they must orient themselves to what they now have control of and what benefits operating from that system give to their current objective or overall goals during the intrusion. The operating system provides many native tools that aid in this post-compromise information-gathering phase. + lateral_movement = "LateralMovement" #: Lateral movement consists of techniques that enable an adversary to access and control remote systems on a network and could, but does not necessarily, include execution of tools on remote systems. The lateral movement techniques could allow an adversary to gather information from a system without needing additional tools, such as a remote access tool. An adversary can use lateral movement for many purposes, including remote Execution of tools, pivoting to additional systems, access to specific information or files, access to additional credentials, or to cause an effect. + execution = "Execution" #: The execution tactic represents techniques that result in execution of adversary-controlled code on a local or remote system. This tactic is often used in conjunction with lateral movement to expand access to remote systems on a network. + collection = "Collection" #: Collection consists of techniques used to identify and gather information, such as sensitive files, from a target network prior to exfiltration. This category also covers locations on a system or network where the adversary may look for information to exfiltrate. + exfiltration = "Exfiltration" #: Exfiltration refers to techniques and attributes that result or aid in the adversary removing files and information from a target network. This category also covers locations on a system or network where the adversary may look for information to exfiltrate. + command_and_control = "CommandAndControl" #: The command and control tactic represents how adversaries communicate with systems under their control within a target network. + impact = "Impact" #: The impact intent primary objective is to directly reduce the availability or integrity of a system, service, or network; including manipulation of data to impact a business or operational process. This would often refer to techniques such as ransom-ware, defacement, data manipulation and others. + + +class AlertStatus(str, Enum): + + unknown = "Unknown" #: Unknown value + new = "New" #: New alert + resolved = "Resolved" #: Alert closed after handling + dismissed = "Dismissed" #: Alert dismissed as false positive + in_progress = "InProgress" #: Alert is being handled + + +class SettingKind(str, Enum): + + ueba_settings = "UebaSettings" + toggle_settings = "ToggleSettings" + + +class LicenseStatus(str, Enum): + + enabled = "Enabled" + disabled = "Disabled" + + +class StatusInMcas(str, Enum): + + enabled = "Enabled" + disabled = "Disabled" diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings.py new file mode 100644 index 000000000000..52dbb45951ea --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings.py @@ -0,0 +1,63 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Settings(Model): + """The Setting. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: ToggleSettings, UebaSettings + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'ToggleSettings': 'ToggleSettings', 'UebaSettings': 'UebaSettings'} + } + + def __init__(self, **kwargs): + super(Settings, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.etag = kwargs.get('etag', None) + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_kind.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_kind.py new file mode 100644 index 000000000000..05e31e0ea210 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_kind.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class SettingsKind(Model): + """Describes an Azure resource with kind. + + :param kind: The kind of the setting. Possible values include: + 'UebaSettings', 'ToggleSettings' + :type kind: str or ~azure.mgmt.securityinsight.models.SettingKind + """ + + _attribute_map = { + 'kind': {'key': 'kind', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(SettingsKind, self).__init__(**kwargs) + self.kind = kwargs.get('kind', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_kind_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_kind_py3.py new file mode 100644 index 000000000000..a6501e3c7613 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_kind_py3.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class SettingsKind(Model): + """Describes an Azure resource with kind. + + :param kind: The kind of the setting. Possible values include: + 'UebaSettings', 'ToggleSettings' + :type kind: str or ~azure.mgmt.securityinsight.models.SettingKind + """ + + _attribute_map = { + 'kind': {'key': 'kind', 'type': 'str'}, + } + + def __init__(self, *, kind=None, **kwargs) -> None: + super(SettingsKind, self).__init__(**kwargs) + self.kind = kind diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_py3.py new file mode 100644 index 000000000000..a21875854a2c --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_py3.py @@ -0,0 +1,63 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class Settings(Model): + """The Setting. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: ToggleSettings, UebaSettings + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + } + + _subtype_map = { + 'kind': {'ToggleSettings': 'ToggleSettings', 'UebaSettings': 'UebaSettings'} + } + + def __init__(self, *, etag: str=None, **kwargs) -> None: + super(Settings, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.etag = etag + self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/threat_intelligence.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/threat_intelligence.py new file mode 100644 index 000000000000..02c5c3965e90 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/threat_intelligence.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ThreatIntelligence(Model): + """ThreatIntelligence property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar confidence: Confidence (must be between 0 and 1) + :vartype confidence: float + :ivar provider_name: Name of the provider from whom this Threat + Intelligence information was received + :vartype provider_name: str + :ivar report_link: Report link + :vartype report_link: str + :ivar threat_description: Threat description (free text) + :vartype threat_description: str + :ivar threat_name: Threat name (e.g. "Jedobot malware") + :vartype threat_name: str + :ivar threat_type: Threat type (e.g. "Botnet") + :vartype threat_type: str + """ + + _validation = { + 'confidence': {'readonly': True}, + 'provider_name': {'readonly': True}, + 'report_link': {'readonly': True}, + 'threat_description': {'readonly': True}, + 'threat_name': {'readonly': True}, + 'threat_type': {'readonly': True}, + } + + _attribute_map = { + 'confidence': {'key': 'confidence', 'type': 'float'}, + 'provider_name': {'key': 'providerName', 'type': 'str'}, + 'report_link': {'key': 'reportLink', 'type': 'str'}, + 'threat_description': {'key': 'threatDescription', 'type': 'str'}, + 'threat_name': {'key': 'threatName', 'type': 'str'}, + 'threat_type': {'key': 'threatType', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ThreatIntelligence, self).__init__(**kwargs) + self.confidence = None + self.provider_name = None + self.report_link = None + self.threat_description = None + self.threat_name = None + self.threat_type = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/threat_intelligence_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/threat_intelligence_py3.py new file mode 100644 index 000000000000..339c7fd55ee4 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/threat_intelligence_py3.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ThreatIntelligence(Model): + """ThreatIntelligence property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar confidence: Confidence (must be between 0 and 1) + :vartype confidence: float + :ivar provider_name: Name of the provider from whom this Threat + Intelligence information was received + :vartype provider_name: str + :ivar report_link: Report link + :vartype report_link: str + :ivar threat_description: Threat description (free text) + :vartype threat_description: str + :ivar threat_name: Threat name (e.g. "Jedobot malware") + :vartype threat_name: str + :ivar threat_type: Threat type (e.g. "Botnet") + :vartype threat_type: str + """ + + _validation = { + 'confidence': {'readonly': True}, + 'provider_name': {'readonly': True}, + 'report_link': {'readonly': True}, + 'threat_description': {'readonly': True}, + 'threat_name': {'readonly': True}, + 'threat_type': {'readonly': True}, + } + + _attribute_map = { + 'confidence': {'key': 'confidence', 'type': 'float'}, + 'provider_name': {'key': 'providerName', 'type': 'str'}, + 'report_link': {'key': 'reportLink', 'type': 'str'}, + 'threat_description': {'key': 'threatDescription', 'type': 'str'}, + 'threat_name': {'key': 'threatName', 'type': 'str'}, + 'threat_type': {'key': 'threatType', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(ThreatIntelligence, self).__init__(**kwargs) + self.confidence = None + self.provider_name = None + self.report_link = None + self.threat_description = None + self.threat_name = None + self.threat_type = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector.py new file mode 100644 index 000000000000..4cb1fd77dbbd --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector import DataConnector + + +class TIDataConnector(DataConnector): + """Represents threat intelligence data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypes + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'TIDataConnectorDataTypes'}, + } + + def __init__(self, **kwargs): + super(TIDataConnector, self).__init__(**kwargs) + self.tenant_id = kwargs.get('tenant_id', None) + self.data_types = kwargs.get('data_types', None) + self.kind = 'ThreatIntelligence' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types.py new file mode 100644 index 000000000000..fca339c71037 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class TIDataConnectorDataTypes(Model): + """The available data types for TI (Threat Intelligence) data connector. + + :param indicators: Data type for indicators connection. + :type indicators: + ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypesIndicators + """ + + _attribute_map = { + 'indicators': {'key': 'indicators', 'type': 'TIDataConnectorDataTypesIndicators'}, + } + + def __init__(self, **kwargs): + super(TIDataConnectorDataTypes, self).__init__(**kwargs) + self.indicators = kwargs.get('indicators', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types_indicators.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types_indicators.py new file mode 100644 index 000000000000..6208e7113219 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types_indicators.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common import DataConnectorDataTypeCommon + + +class TIDataConnectorDataTypesIndicators(DataConnectorDataTypeCommon): + """Data type for indicators connection. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(TIDataConnectorDataTypesIndicators, self).__init__(**kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types_indicators_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types_indicators_py3.py new file mode 100644 index 000000000000..f53b3e0b2dfd --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types_indicators_py3.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common_py3 import DataConnectorDataTypeCommon + + +class TIDataConnectorDataTypesIndicators(DataConnectorDataTypeCommon): + """Data type for indicators connection. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, *, state=None, **kwargs) -> None: + super(TIDataConnectorDataTypesIndicators, self).__init__(state=state, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types_py3.py new file mode 100644 index 000000000000..0abe983c3ad3 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_data_types_py3.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class TIDataConnectorDataTypes(Model): + """The available data types for TI (Threat Intelligence) data connector. + + :param indicators: Data type for indicators connection. + :type indicators: + ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypesIndicators + """ + + _attribute_map = { + 'indicators': {'key': 'indicators', 'type': 'TIDataConnectorDataTypesIndicators'}, + } + + def __init__(self, *, indicators=None, **kwargs) -> None: + super(TIDataConnectorDataTypes, self).__init__(**kwargs) + self.indicators = indicators diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_py3.py new file mode 100644 index 000000000000..54731b84b747 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ti_data_connector_py3.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_py3 import DataConnector + + +class TIDataConnector(DataConnector): + """Represents threat intelligence data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param tenant_id: The tenant id to connect to, and get the data from. + :type tenant_id: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypes + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'tenant_id': {'key': 'properties.tenantId', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'TIDataConnectorDataTypes'}, + } + + def __init__(self, *, etag: str=None, tenant_id: str=None, data_types=None, **kwargs) -> None: + super(TIDataConnector, self).__init__(etag=etag, **kwargs) + self.tenant_id = tenant_id + self.data_types = data_types + self.kind = 'ThreatIntelligence' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings.py new file mode 100644 index 000000000000..4983c1cbee1f --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings.py @@ -0,0 +1,56 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .settings import Settings + + +class ToggleSettings(Settings): + """Settings with single toggle. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param is_enabled: Determines whether the setting is enable or disabled. + :type is_enabled: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'is_enabled': {'key': 'properties.isEnabled', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(ToggleSettings, self).__init__(**kwargs) + self.is_enabled = kwargs.get('is_enabled', None) + self.kind = 'ToggleSettings' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings_py3.py new file mode 100644 index 000000000000..beb32b979fa1 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings_py3.py @@ -0,0 +1,56 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .settings_py3 import Settings + + +class ToggleSettings(Settings): + """Settings with single toggle. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param is_enabled: Determines whether the setting is enable or disabled. + :type is_enabled: bool + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'is_enabled': {'key': 'properties.isEnabled', 'type': 'bool'}, + } + + def __init__(self, *, etag: str=None, is_enabled: bool=None, **kwargs) -> None: + super(ToggleSettings, self).__init__(etag=etag, **kwargs) + self.is_enabled = is_enabled + self.kind = 'ToggleSettings' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings.py new file mode 100644 index 000000000000..c323bf03917b --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings.py @@ -0,0 +1,72 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .settings import Settings + + +class UebaSettings(Settings): + """Represents settings for User and Entity Behavior Analytics enablement. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar atp_license_status: Determines whether the tenant has ATP (Advanced + Threat Protection) license. Possible values include: 'Enabled', 'Disabled' + :vartype atp_license_status: str or + ~azure.mgmt.securityinsight.models.LicenseStatus + :param is_enabled: Determines whether User and Entity Behavior Analytics + is enabled for this workspace. + :type is_enabled: bool + :ivar status_in_mcas: Determines whether User and Entity Behavior + Analytics is enabled from MCAS (Microsoft Cloud App Security). Possible + values include: 'Enabled', 'Disabled' + :vartype status_in_mcas: str or + ~azure.mgmt.securityinsight.models.StatusInMcas + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'atp_license_status': {'readonly': True}, + 'status_in_mcas': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'atp_license_status': {'key': 'properties.atpLicenseStatus', 'type': 'str'}, + 'is_enabled': {'key': 'properties.isEnabled', 'type': 'bool'}, + 'status_in_mcas': {'key': 'properties.statusInMcas', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(UebaSettings, self).__init__(**kwargs) + self.atp_license_status = None + self.is_enabled = kwargs.get('is_enabled', None) + self.status_in_mcas = None + self.kind = 'UebaSettings' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings_py3.py new file mode 100644 index 000000000000..5e6267682f72 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings_py3.py @@ -0,0 +1,72 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .settings_py3 import Settings + + +class UebaSettings(Settings): + """Represents settings for User and Entity Behavior Analytics enablement. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param etag: Etag of the azure resource + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar atp_license_status: Determines whether the tenant has ATP (Advanced + Threat Protection) license. Possible values include: 'Enabled', 'Disabled' + :vartype atp_license_status: str or + ~azure.mgmt.securityinsight.models.LicenseStatus + :param is_enabled: Determines whether User and Entity Behavior Analytics + is enabled for this workspace. + :type is_enabled: bool + :ivar status_in_mcas: Determines whether User and Entity Behavior + Analytics is enabled from MCAS (Microsoft Cloud App Security). Possible + values include: 'Enabled', 'Disabled' + :vartype status_in_mcas: str or + ~azure.mgmt.securityinsight.models.StatusInMcas + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'atp_license_status': {'readonly': True}, + 'status_in_mcas': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'atp_license_status': {'key': 'properties.atpLicenseStatus', 'type': 'str'}, + 'is_enabled': {'key': 'properties.isEnabled', 'type': 'bool'}, + 'status_in_mcas': {'key': 'properties.statusInMcas', 'type': 'str'}, + } + + def __init__(self, *, etag: str=None, is_enabled: bool=None, **kwargs) -> None: + super(UebaSettings, self).__init__(etag=etag, **kwargs) + self.atp_license_status = None + self.is_enabled = is_enabled + self.status_in_mcas = None + self.kind = 'UebaSettings' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/url_entity.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/url_entity.py new file mode 100644 index 000000000000..324cd30298b0 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/url_entity.py @@ -0,0 +1,67 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity import Entity + + +class UrlEntity(Entity): + """Represents a url entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar url: A full URL the entity points to + :vartype url: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'url': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'url': {'key': 'properties.url', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(UrlEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.url = None + self.kind = 'Url' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/url_entity_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/url_entity_py3.py new file mode 100644 index 000000000000..dec19cfea23e --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/url_entity_py3.py @@ -0,0 +1,67 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .entity_py3 import Entity + + +class UrlEntity(Entity): + """Represents a url entity. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar name: Azure resource name + :vartype name: str + :ivar type: Azure resource type + :vartype type: str + :param kind: Required. Constant filled by server. + :type kind: str + :ivar additional_data: A bag of custom fields that should be part of the + entity and will be presented to the user. + :vartype additional_data: dict[str, object] + :ivar friendly_name: The graph item display name which is a short humanly + readable description of the graph item instance. This property is optional + and might be system generated. + :vartype friendly_name: str + :ivar url: A full URL the entity points to + :vartype url: str + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'kind': {'required': True}, + 'additional_data': {'readonly': True}, + 'friendly_name': {'readonly': True}, + 'url': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{object}'}, + 'friendly_name': {'key': 'properties.friendlyName', 'type': 'str'}, + 'url': {'key': 'properties.url', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(UrlEntity, self).__init__(**kwargs) + self.additional_data = None + self.friendly_name = None + self.url = None + self.kind = 'Url' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/user_info.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/user_info.py new file mode 100644 index 000000000000..353378ac5ae3 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/user_info.py @@ -0,0 +1,47 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class UserInfo(Model): + """User information that made some action. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar email: The email of the user. + :vartype email: str + :ivar name: The name of the user. + :vartype name: str + :param object_id: Required. The object id of the user. + :type object_id: str + """ + + _validation = { + 'email': {'readonly': True}, + 'name': {'readonly': True}, + 'object_id': {'required': True}, + } + + _attribute_map = { + 'email': {'key': 'email', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(UserInfo, self).__init__(**kwargs) + self.email = None + self.name = None + self.object_id = kwargs.get('object_id', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/user_info_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/user_info_py3.py new file mode 100644 index 000000000000..53ffe671205b --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/user_info_py3.py @@ -0,0 +1,47 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class UserInfo(Model): + """User information that made some action. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar email: The email of the user. + :vartype email: str + :ivar name: The name of the user. + :vartype name: str + :param object_id: Required. The object id of the user. + :type object_id: str + """ + + _validation = { + 'email': {'readonly': True}, + 'name': {'readonly': True}, + 'object_id': {'required': True}, + } + + _attribute_map = { + 'email': {'key': 'email', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + } + + def __init__(self, *, object_id: str, **kwargs) -> None: + super(UserInfo, self).__init__(**kwargs) + self.email = None + self.name = None + self.object_id = object_id diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py new file mode 100644 index 000000000000..926b96bcc95b --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py @@ -0,0 +1,46 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .operations import Operations +from .alert_rules_operations import AlertRulesOperations +from .actions_operations import ActionsOperations +from .alert_rule_templates_operations import AlertRuleTemplatesOperations +from .cases_operations import CasesOperations +from .comments_operations import CommentsOperations +from .case_comments_operations import CaseCommentsOperations +from .bookmarks_operations import BookmarksOperations +from .case_relations_operations import CaseRelationsOperations +from .bookmark_relations_operations import BookmarkRelationsOperations +from .data_connectors_operations import DataConnectorsOperations +from .entities_operations import EntitiesOperations +from .office_consents_operations import OfficeConsentsOperations +from .product_settings_operations import ProductSettingsOperations +from .cases_aggregations_operations import CasesAggregationsOperations +from .entity_queries_operations import EntityQueriesOperations + +__all__ = [ + 'Operations', + 'AlertRulesOperations', + 'ActionsOperations', + 'AlertRuleTemplatesOperations', + 'CasesOperations', + 'CommentsOperations', + 'CaseCommentsOperations', + 'BookmarksOperations', + 'CaseRelationsOperations', + 'BookmarkRelationsOperations', + 'DataConnectorsOperations', + 'EntitiesOperations', + 'OfficeConsentsOperations', + 'ProductSettingsOperations', + 'CasesAggregationsOperations', + 'EntityQueriesOperations', +] diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/actions_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/actions_operations.py new file mode 100644 index 000000000000..d24f621c601d --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/actions_operations.py @@ -0,0 +1,116 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class ActionsOperations(object): + """ActionsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list_by_alert_rule( + self, resource_group_name, operational_insights_resource_provider, workspace_name, rule_id, custom_headers=None, raw=False, **operation_config): + """Gets all actions of alert rule. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param rule_id: Alert rule ID + :type rule_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of ActionResponse + :rtype: + ~azure.mgmt.securityinsight.models.ActionResponsePaged[~azure.mgmt.securityinsight.models.ActionResponse] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list_by_alert_rule.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'ruleId': self._serialize.url("rule_id", rule_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.ActionResponsePaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.ActionResponsePaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list_by_alert_rule.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/alert_rule_templates_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/alert_rule_templates_operations.py new file mode 100644 index 000000000000..5f11a18599b3 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/alert_rule_templates_operations.py @@ -0,0 +1,183 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class AlertRuleTemplatesOperations(object): + """AlertRuleTemplatesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, custom_headers=None, raw=False, **operation_config): + """Gets all alert rule templates. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of AlertRuleTemplate + :rtype: + ~azure.mgmt.securityinsight.models.AlertRuleTemplatePaged[~azure.mgmt.securityinsight.models.AlertRuleTemplate] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.AlertRuleTemplatePaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.AlertRuleTemplatePaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates'} + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, alert_rule_template_id, custom_headers=None, raw=False, **operation_config): + """Gets the alert rule template. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param alert_rule_template_id: Alert rule template ID + :type alert_rule_template_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: AlertRuleTemplate or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.AlertRuleTemplate or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'alertRuleTemplateId': self._serialize.url("alert_rule_template_id", alert_rule_template_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('AlertRuleTemplate', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates/{alertRuleTemplateId}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/alert_rules_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/alert_rules_operations.py new file mode 100644 index 000000000000..282c561bab1e --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/alert_rules_operations.py @@ -0,0 +1,544 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class AlertRulesOperations(object): + """AlertRulesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, custom_headers=None, raw=False, **operation_config): + """Gets all alert rules. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of AlertRule + :rtype: + ~azure.mgmt.securityinsight.models.AlertRulePaged[~azure.mgmt.securityinsight.models.AlertRule] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.AlertRulePaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.AlertRulePaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules'} + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, rule_id, custom_headers=None, raw=False, **operation_config): + """Gets the alert rule. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param rule_id: Alert rule ID + :type rule_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: AlertRule or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.AlertRule or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'ruleId': self._serialize.url("rule_id", rule_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('AlertRule', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}'} + + def create_or_update( + self, resource_group_name, operational_insights_resource_provider, workspace_name, rule_id, alert_rule, custom_headers=None, raw=False, **operation_config): + """Creates or updates the alert rule. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param rule_id: Alert rule ID + :type rule_id: str + :param alert_rule: The alert rule + :type alert_rule: ~azure.mgmt.securityinsight.models.AlertRule + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: AlertRule or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.AlertRule or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'ruleId': self._serialize.url("rule_id", rule_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(alert_rule, 'AlertRule') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('AlertRule', response) + if response.status_code == 201: + deserialized = self._deserialize('AlertRule', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}'} + + def delete( + self, resource_group_name, operational_insights_resource_provider, workspace_name, rule_id, custom_headers=None, raw=False, **operation_config): + """Delete the alert rule. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param rule_id: Alert rule ID + :type rule_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'ruleId': self._serialize.url("rule_id", rule_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 204]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}'} + + def get_action( + self, resource_group_name, operational_insights_resource_provider, workspace_name, rule_id, action_id, custom_headers=None, raw=False, **operation_config): + """Gets the action of alert rule. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param rule_id: Alert rule ID + :type rule_id: str + :param action_id: Action ID + :type action_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ActionResponse or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.ActionResponse or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get_action.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'ruleId': self._serialize.url("rule_id", rule_id, 'str'), + 'actionId': self._serialize.url("action_id", action_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ActionResponse', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get_action.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}'} + + def create_or_update_action( + self, resource_group_name, operational_insights_resource_provider, workspace_name, rule_id, action_id, etag=None, trigger_uri=None, custom_headers=None, raw=False, **operation_config): + """Creates or updates the action of alert rule. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param rule_id: Alert rule ID + :type rule_id: str + :param action_id: Action ID + :type action_id: str + :param etag: Etag of the azure resource + :type etag: str + :param trigger_uri: Logic App Callback URL for this specific workflow. + :type trigger_uri: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ActionResponse or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.ActionResponse or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + action = models.ActionRequest(etag=etag, trigger_uri=trigger_uri) + + # Construct URL + url = self.create_or_update_action.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'ruleId': self._serialize.url("rule_id", rule_id, 'str'), + 'actionId': self._serialize.url("action_id", action_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(action, 'ActionRequest') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ActionResponse', response) + if response.status_code == 201: + deserialized = self._deserialize('ActionResponse', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_or_update_action.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}'} + + def delete_action( + self, resource_group_name, operational_insights_resource_provider, workspace_name, rule_id, action_id, custom_headers=None, raw=False, **operation_config): + """Delete the action of alert rule. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param rule_id: Alert rule ID + :type rule_id: str + :param action_id: Action ID + :type action_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete_action.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'ruleId': self._serialize.url("rule_id", rule_id, 'str'), + 'actionId': self._serialize.url("action_id", action_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 204]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete_action.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/bookmark_relations_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/bookmark_relations_operations.py new file mode 100644 index 000000000000..ba8625d5e879 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/bookmark_relations_operations.py @@ -0,0 +1,356 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class BookmarkRelationsOperations(object): + """BookmarkRelationsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, bookmark_id, filter=None, orderby=None, top=None, skip_token=None, custom_headers=None, raw=False, **operation_config): + """Gets all bookmark relations. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param bookmark_id: Bookmark ID + :type bookmark_id: str + :param filter: Filters the results, based on a Boolean condition. + Optional. + :type filter: str + :param orderby: Sorts the results. Optional. + :type orderby: str + :param top: Returns only the first n results. Optional. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation + returned a partial result. If a previous response contains a nextLink + element, the value of the nextLink element will include a skiptoken + parameter that specifies a starting point to use for subsequent calls. + Optional. + :type skip_token: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of BookmarkRelation + :rtype: + ~azure.mgmt.securityinsight.models.BookmarkRelationPaged[~azure.mgmt.securityinsight.models.BookmarkRelation] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'bookmarkId': self._serialize.url("bookmark_id", bookmark_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + if orderby is not None: + query_parameters['$orderby'] = self._serialize.query("orderby", orderby, 'str') + if top is not None: + query_parameters['$top'] = self._serialize.query("top", top, 'int') + if skip_token is not None: + query_parameters['$skipToken'] = self._serialize.query("skip_token", skip_token, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.BookmarkRelationPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.BookmarkRelationPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations'} + + def get_relation( + self, resource_group_name, operational_insights_resource_provider, workspace_name, bookmark_id, relation_name, custom_headers=None, raw=False, **operation_config): + """Gets a bookmark relation. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param bookmark_id: Bookmark ID + :type bookmark_id: str + :param relation_name: Relation Name + :type relation_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: BookmarkRelation or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.BookmarkRelation or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get_relation.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'bookmarkId': self._serialize.url("bookmark_id", bookmark_id, 'str'), + 'relationName': self._serialize.url("relation_name", relation_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('BookmarkRelation', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get_relation.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}'} + + def create_or_update_relation( + self, resource_group_name, operational_insights_resource_provider, workspace_name, bookmark_id, relation_name, relation_input_model, custom_headers=None, raw=False, **operation_config): + """Creates the bookmark relation. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param bookmark_id: Bookmark ID + :type bookmark_id: str + :param relation_name: Relation Name + :type relation_name: str + :param relation_input_model: The relation input model + :type relation_input_model: + ~azure.mgmt.securityinsight.models.RelationsModelInput + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: BookmarkRelation or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.BookmarkRelation or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create_or_update_relation.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'bookmarkId': self._serialize.url("bookmark_id", bookmark_id, 'str'), + 'relationName': self._serialize.url("relation_name", relation_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(relation_input_model, 'RelationsModelInput') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('BookmarkRelation', response) + if response.status_code == 201: + deserialized = self._deserialize('BookmarkRelation', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_or_update_relation.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}'} + + def delete_relation( + self, resource_group_name, operational_insights_resource_provider, workspace_name, bookmark_id, relation_name, custom_headers=None, raw=False, **operation_config): + """Delete the bookmark relation. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param bookmark_id: Bookmark ID + :type bookmark_id: str + :param relation_name: Relation Name + :type relation_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete_relation.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'bookmarkId': self._serialize.url("bookmark_id", bookmark_id, 'str'), + 'relationName': self._serialize.url("relation_name", relation_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 204]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete_relation.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/bookmarks_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/bookmarks_operations.py new file mode 100644 index 000000000000..c0d38f7ee281 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/bookmarks_operations.py @@ -0,0 +1,322 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class BookmarksOperations(object): + """BookmarksOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, custom_headers=None, raw=False, **operation_config): + """Gets all bookmarks. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of Bookmark + :rtype: + ~azure.mgmt.securityinsight.models.BookmarkPaged[~azure.mgmt.securityinsight.models.Bookmark] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.BookmarkPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.BookmarkPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks'} + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, bookmark_id, custom_headers=None, raw=False, **operation_config): + """Gets a bookmark. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param bookmark_id: Bookmark ID + :type bookmark_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Bookmark or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.Bookmark or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'bookmarkId': self._serialize.url("bookmark_id", bookmark_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('Bookmark', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}'} + + def create_or_update( + self, resource_group_name, operational_insights_resource_provider, workspace_name, bookmark_id, bookmark, custom_headers=None, raw=False, **operation_config): + """Creates or updates the bookmark. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param bookmark_id: Bookmark ID + :type bookmark_id: str + :param bookmark: The bookmark + :type bookmark: ~azure.mgmt.securityinsight.models.Bookmark + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Bookmark or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.Bookmark or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'bookmarkId': self._serialize.url("bookmark_id", bookmark_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(bookmark, 'Bookmark') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('Bookmark', response) + if response.status_code == 201: + deserialized = self._deserialize('Bookmark', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}'} + + def delete( + self, resource_group_name, operational_insights_resource_provider, workspace_name, bookmark_id, custom_headers=None, raw=False, **operation_config): + """Delete the bookmark. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param bookmark_id: Bookmark ID + :type bookmark_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'bookmarkId': self._serialize.url("bookmark_id", bookmark_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 204]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/case_comments_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/case_comments_operations.py new file mode 100644 index 000000000000..162fe3e90171 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/case_comments_operations.py @@ -0,0 +1,119 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class CaseCommentsOperations(object): + """CaseCommentsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def create_comment( + self, resource_group_name, operational_insights_resource_provider, workspace_name, case_id, case_comment_id, message, custom_headers=None, raw=False, **operation_config): + """Creates the case comment. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param case_id: Case ID + :type case_id: str + :param case_comment_id: Case comment ID + :type case_comment_id: str + :param message: The comment message + :type message: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: CaseComment or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.CaseComment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + case_comment = models.CaseComment(message=message) + + # Construct URL + url = self.create_comment.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'caseId': self._serialize.url("case_id", case_id, 'str'), + 'caseCommentId': self._serialize.url("case_comment_id", case_comment_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(case_comment, 'CaseComment') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 201: + deserialized = self._deserialize('CaseComment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_comment.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/comments/{caseCommentId}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/case_relations_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/case_relations_operations.py new file mode 100644 index 000000000000..10fe41bf728a --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/case_relations_operations.py @@ -0,0 +1,356 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class CaseRelationsOperations(object): + """CaseRelationsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, case_id, filter=None, orderby=None, top=None, skip_token=None, custom_headers=None, raw=False, **operation_config): + """Gets all case relations. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param case_id: Case ID + :type case_id: str + :param filter: Filters the results, based on a Boolean condition. + Optional. + :type filter: str + :param orderby: Sorts the results. Optional. + :type orderby: str + :param top: Returns only the first n results. Optional. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation + returned a partial result. If a previous response contains a nextLink + element, the value of the nextLink element will include a skiptoken + parameter that specifies a starting point to use for subsequent calls. + Optional. + :type skip_token: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of CaseRelation + :rtype: + ~azure.mgmt.securityinsight.models.CaseRelationPaged[~azure.mgmt.securityinsight.models.CaseRelation] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'caseId': self._serialize.url("case_id", case_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + if orderby is not None: + query_parameters['$orderby'] = self._serialize.query("orderby", orderby, 'str') + if top is not None: + query_parameters['$top'] = self._serialize.query("top", top, 'int') + if skip_token is not None: + query_parameters['$skipToken'] = self._serialize.query("skip_token", skip_token, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.CaseRelationPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.CaseRelationPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations'} + + def get_relation( + self, resource_group_name, operational_insights_resource_provider, workspace_name, case_id, relation_name, custom_headers=None, raw=False, **operation_config): + """Gets a case relation. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param case_id: Case ID + :type case_id: str + :param relation_name: Relation Name + :type relation_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: CaseRelation or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.CaseRelation or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get_relation.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'caseId': self._serialize.url("case_id", case_id, 'str'), + 'relationName': self._serialize.url("relation_name", relation_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('CaseRelation', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get_relation.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations/{relationName}'} + + def create_or_update_relation( + self, resource_group_name, operational_insights_resource_provider, workspace_name, case_id, relation_name, relation_input_model, custom_headers=None, raw=False, **operation_config): + """Creates or updates the case relation. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param case_id: Case ID + :type case_id: str + :param relation_name: Relation Name + :type relation_name: str + :param relation_input_model: The relation input model + :type relation_input_model: + ~azure.mgmt.securityinsight.models.RelationsModelInput + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: CaseRelation or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.CaseRelation or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create_or_update_relation.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'caseId': self._serialize.url("case_id", case_id, 'str'), + 'relationName': self._serialize.url("relation_name", relation_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(relation_input_model, 'RelationsModelInput') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('CaseRelation', response) + if response.status_code == 201: + deserialized = self._deserialize('CaseRelation', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_or_update_relation.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations/{relationName}'} + + def delete_relation( + self, resource_group_name, operational_insights_resource_provider, workspace_name, case_id, relation_name, custom_headers=None, raw=False, **operation_config): + """Delete the case relation. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param case_id: Case ID + :type case_id: str + :param relation_name: Relation Name + :type relation_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete_relation.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'caseId': self._serialize.url("case_id", case_id, 'str'), + 'relationName': self._serialize.url("relation_name", relation_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 204]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete_relation.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations/{relationName}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/cases_aggregations_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/cases_aggregations_operations.py new file mode 100644 index 000000000000..4a22e3374106 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/cases_aggregations_operations.py @@ -0,0 +1,109 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class CasesAggregationsOperations(object): + """CasesAggregationsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, aggregations_name, custom_headers=None, raw=False, **operation_config): + """Get aggregative result for the given resources under the defined + workspace. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param aggregations_name: The aggregation name. Supports - Cases + :type aggregations_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Aggregations or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.Aggregations or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'aggregationsName': self._serialize.url("aggregations_name", aggregations_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('Aggregations', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/aggregations/{aggregationsName}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/cases_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/cases_operations.py new file mode 100644 index 000000000000..985df03e8c42 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/cases_operations.py @@ -0,0 +1,416 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class CasesOperations(object): + """CasesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, filter=None, orderby=None, top=None, skip_token=None, custom_headers=None, raw=False, **operation_config): + """Gets all cases. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. + Optional. + :type filter: str + :param orderby: Sorts the results. Optional. + :type orderby: str + :param top: Returns only the first n results. Optional. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation + returned a partial result. If a previous response contains a nextLink + element, the value of the nextLink element will include a skiptoken + parameter that specifies a starting point to use for subsequent calls. + Optional. + :type skip_token: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of Case + :rtype: + ~azure.mgmt.securityinsight.models.CasePaged[~azure.mgmt.securityinsight.models.Case] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + if orderby is not None: + query_parameters['$orderby'] = self._serialize.query("orderby", orderby, 'str') + if top is not None: + query_parameters['$top'] = self._serialize.query("top", top, 'int') + if skip_token is not None: + query_parameters['$skipToken'] = self._serialize.query("skip_token", skip_token, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.CasePaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.CasePaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases'} + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, case_id, custom_headers=None, raw=False, **operation_config): + """Gets a case. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param case_id: Case ID + :type case_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Case or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.Case or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'caseId': self._serialize.url("case_id", case_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('Case', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}'} + + def create_or_update( + self, resource_group_name, operational_insights_resource_provider, workspace_name, case_id, case, custom_headers=None, raw=False, **operation_config): + """Creates or updates the case. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param case_id: Case ID + :type case_id: str + :param case: The case + :type case: ~azure.mgmt.securityinsight.models.Case + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Case or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.Case or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'caseId': self._serialize.url("case_id", case_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(case, 'Case') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('Case', response) + if response.status_code == 201: + deserialized = self._deserialize('Case', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}'} + + def delete( + self, resource_group_name, operational_insights_resource_provider, workspace_name, case_id, custom_headers=None, raw=False, **operation_config): + """Delete the case. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param case_id: Case ID + :type case_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'caseId': self._serialize.url("case_id", case_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 204]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}'} + + def get_comment( + self, resource_group_name, operational_insights_resource_provider, workspace_name, case_id, case_comment_id, custom_headers=None, raw=False, **operation_config): + """Gets a case comment. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param case_id: Case ID + :type case_id: str + :param case_comment_id: Case comment ID + :type case_comment_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: CaseComment or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.CaseComment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get_comment.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'caseId': self._serialize.url("case_id", case_id, 'str'), + 'caseCommentId': self._serialize.url("case_comment_id", case_comment_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('CaseComment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get_comment.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/comments/{caseCommentId}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/comments_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/comments_operations.py new file mode 100644 index 000000000000..891bbe8ae064 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/comments_operations.py @@ -0,0 +1,137 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class CommentsOperations(object): + """CommentsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list_by_case( + self, resource_group_name, operational_insights_resource_provider, workspace_name, case_id, filter=None, orderby=None, top=None, skip_token=None, custom_headers=None, raw=False, **operation_config): + """Gets all case comments. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param case_id: Case ID + :type case_id: str + :param filter: Filters the results, based on a Boolean condition. + Optional. + :type filter: str + :param orderby: Sorts the results. Optional. + :type orderby: str + :param top: Returns only the first n results. Optional. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation + returned a partial result. If a previous response contains a nextLink + element, the value of the nextLink element will include a skiptoken + parameter that specifies a starting point to use for subsequent calls. + Optional. + :type skip_token: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of CaseComment + :rtype: + ~azure.mgmt.securityinsight.models.CaseCommentPaged[~azure.mgmt.securityinsight.models.CaseComment] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list_by_case.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'caseId': self._serialize.url("case_id", case_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + if orderby is not None: + query_parameters['$orderby'] = self._serialize.query("orderby", orderby, 'str') + if top is not None: + query_parameters['$top'] = self._serialize.query("top", top, 'int') + if skip_token is not None: + query_parameters['$skipToken'] = self._serialize.query("skip_token", skip_token, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.CaseCommentPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.CaseCommentPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list_by_case.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/comments'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/data_connectors_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/data_connectors_operations.py new file mode 100644 index 000000000000..61107803dfad --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/data_connectors_operations.py @@ -0,0 +1,322 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class DataConnectorsOperations(object): + """DataConnectorsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, custom_headers=None, raw=False, **operation_config): + """Gets all data connectors. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DataConnector + :rtype: + ~azure.mgmt.securityinsight.models.DataConnectorPaged[~azure.mgmt.securityinsight.models.DataConnector] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.DataConnectorPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.DataConnectorPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors'} + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, data_connector_id, custom_headers=None, raw=False, **operation_config): + """Gets a data connector. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param data_connector_id: Connector ID + :type data_connector_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: DataConnector or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.DataConnector or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'dataConnectorId': self._serialize.url("data_connector_id", data_connector_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('DataConnector', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}'} + + def create_or_update( + self, resource_group_name, operational_insights_resource_provider, workspace_name, data_connector_id, data_connector, custom_headers=None, raw=False, **operation_config): + """Creates or updates the data connector. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param data_connector_id: Connector ID + :type data_connector_id: str + :param data_connector: The data connector + :type data_connector: ~azure.mgmt.securityinsight.models.DataConnector + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: DataConnector or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.DataConnector or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'dataConnectorId': self._serialize.url("data_connector_id", data_connector_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(data_connector, 'DataConnector') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('DataConnector', response) + if response.status_code == 201: + deserialized = self._deserialize('DataConnector', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}'} + + def delete( + self, resource_group_name, operational_insights_resource_provider, workspace_name, data_connector_id, custom_headers=None, raw=False, **operation_config): + """Delete the data connector. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param data_connector_id: Connector ID + :type data_connector_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'dataConnectorId': self._serialize.url("data_connector_id", data_connector_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 204]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/entities_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/entities_operations.py new file mode 100644 index 000000000000..b1bb9cc48060 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/entities_operations.py @@ -0,0 +1,261 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class EntitiesOperations(object): + """EntitiesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, custom_headers=None, raw=False, **operation_config): + """Gets all entities. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of Entity + :rtype: + ~azure.mgmt.securityinsight.models.EntityPaged[~azure.mgmt.securityinsight.models.Entity] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.EntityPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.EntityPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities'} + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, entity_id, custom_headers=None, raw=False, **operation_config): + """Gets an entity. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param entity_id: entity ID + :type entity_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Entity or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.Entity or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'entityId': self._serialize.url("entity_id", entity_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('Entity', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}'} + + def expand( + self, resource_group_name, operational_insights_resource_provider, workspace_name, entity_id, parameters, custom_headers=None, raw=False, **operation_config): + """Expands an entity. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param entity_id: entity ID + :type entity_id: str + :param parameters: The parameters required to execute an expand + operation on the given entity. + :type parameters: + ~azure.mgmt.securityinsight.models.EntityExpandParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: EntityExpandResponse or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.EntityExpandResponse or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.expand.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'entityId': self._serialize.url("entity_id", entity_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'EntityExpandParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('EntityExpandResponse', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + expand.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/expand'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/entity_queries_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/entity_queries_operations.py new file mode 100644 index 000000000000..813b8c465579 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/entity_queries_operations.py @@ -0,0 +1,183 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class EntityQueriesOperations(object): + """EntityQueriesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, custom_headers=None, raw=False, **operation_config): + """Gets all entity queries. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of EntityQuery + :rtype: + ~azure.mgmt.securityinsight.models.EntityQueryPaged[~azure.mgmt.securityinsight.models.EntityQuery] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.EntityQueryPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.EntityQueryPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries'} + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, entity_query_id, custom_headers=None, raw=False, **operation_config): + """Gets an entity query. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param entity_query_id: entity query ID + :type entity_query_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: EntityQuery or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.EntityQuery or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'entityQueryId': self._serialize.url("entity_query_id", entity_query_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('EntityQuery', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/office_consents_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/office_consents_operations.py new file mode 100644 index 000000000000..c3e133607a46 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/office_consents_operations.py @@ -0,0 +1,244 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class OfficeConsentsOperations(object): + """OfficeConsentsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, custom_headers=None, raw=False, **operation_config): + """Gets all office365 consents. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of OfficeConsent + :rtype: + ~azure.mgmt.securityinsight.models.OfficeConsentPaged[~azure.mgmt.securityinsight.models.OfficeConsent] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.OfficeConsentPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.OfficeConsentPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents'} + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, consent_id, custom_headers=None, raw=False, **operation_config): + """Gets an office365 consent. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param consent_id: consent ID + :type consent_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: OfficeConsent or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.OfficeConsent or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'consentId': self._serialize.url("consent_id", consent_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('OfficeConsent', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}'} + + def delete( + self, resource_group_name, operational_insights_resource_provider, workspace_name, consent_id, custom_headers=None, raw=False, **operation_config): + """Delete the office365 consent. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param consent_id: consent ID + :type consent_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'consentId': self._serialize.url("consent_id", consent_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 204]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/operations.py new file mode 100644 index 000000000000..4779a6e237a0 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/operations.py @@ -0,0 +1,99 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class Operations(object): + """Operations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, custom_headers=None, raw=False, **operation_config): + """Lists all operations available Azure Security Insights Resource + Provider. + + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of Operation + :rtype: + ~azure.mgmt.securityinsight.models.OperationPaged[~azure.mgmt.securityinsight.models.Operation] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.OperationPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.OperationPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/providers/Microsoft.SecurityInsights/operations'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/product_settings_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/product_settings_operations.py new file mode 100644 index 000000000000..6878551636cc --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/product_settings_operations.py @@ -0,0 +1,184 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class ProductSettingsOperations(object): + """ProductSettingsOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, settings_name, custom_headers=None, raw=False, **operation_config): + """Gets a setting. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param settings_name: The setting name. Supports- Fusion, UEBA + :type settings_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Settings or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.Settings or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'settingsName': self._serialize.url("settings_name", settings_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('Settings', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}'} + + def update( + self, resource_group_name, operational_insights_resource_provider, workspace_name, settings_name, settings, custom_headers=None, raw=False, **operation_config): + """Updates the setting. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param settings_name: The setting name. Supports- Fusion, UEBA + :type settings_name: str + :param settings: The setting + :type settings: ~azure.mgmt.securityinsight.models.Settings + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Settings or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.Settings or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.update.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'settingsName': self._serialize.url("settings_name", settings_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(settings, 'Settings') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('Settings', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/security_insights.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/security_insights.py new file mode 100644 index 000000000000..6dc40813c051 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/security_insights.py @@ -0,0 +1,156 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.service_client import SDKClient +from msrest import Serializer, Deserializer +from msrestazure import AzureConfiguration +from .version import VERSION +from .operations.operations import Operations +from .operations.alert_rules_operations import AlertRulesOperations +from .operations.actions_operations import ActionsOperations +from .operations.alert_rule_templates_operations import AlertRuleTemplatesOperations +from .operations.cases_operations import CasesOperations +from .operations.comments_operations import CommentsOperations +from .operations.case_comments_operations import CaseCommentsOperations +from .operations.bookmarks_operations import BookmarksOperations +from .operations.case_relations_operations import CaseRelationsOperations +from .operations.bookmark_relations_operations import BookmarkRelationsOperations +from .operations.data_connectors_operations import DataConnectorsOperations +from .operations.entities_operations import EntitiesOperations +from .operations.office_consents_operations import OfficeConsentsOperations +from .operations.product_settings_operations import ProductSettingsOperations +from .operations.cases_aggregations_operations import CasesAggregationsOperations +from .operations.entity_queries_operations import EntityQueriesOperations +from . import models + + +class SecurityInsightsConfiguration(AzureConfiguration): + """Configuration for SecurityInsights + Note that all parameters used to create this instance are saved as instance + attributes. + + :param credentials: Credentials needed for the client to connect to Azure. + :type credentials: :mod:`A msrestazure Credentials + object` + :param subscription_id: Azure subscription ID + :type subscription_id: str + :param str base_url: Service URL + """ + + def __init__( + self, credentials, subscription_id, base_url=None): + + if credentials is None: + raise ValueError("Parameter 'credentials' must not be None.") + if subscription_id is None: + raise ValueError("Parameter 'subscription_id' must not be None.") + if not base_url: + base_url = 'https://management.azure.com' + + super(SecurityInsightsConfiguration, self).__init__(base_url) + + self.add_user_agent('azure-mgmt-securityinsight/{}'.format(VERSION)) + self.add_user_agent('Azure-SDK-For-Python') + + self.credentials = credentials + self.subscription_id = subscription_id + + +class SecurityInsights(SDKClient): + """API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider + + :ivar config: Configuration for client. + :vartype config: SecurityInsightsConfiguration + + :ivar operations: Operations operations + :vartype operations: azure.mgmt.securityinsight.operations.Operations + :ivar alert_rules: AlertRules operations + :vartype alert_rules: azure.mgmt.securityinsight.operations.AlertRulesOperations + :ivar actions: Actions operations + :vartype actions: azure.mgmt.securityinsight.operations.ActionsOperations + :ivar alert_rule_templates: AlertRuleTemplates operations + :vartype alert_rule_templates: azure.mgmt.securityinsight.operations.AlertRuleTemplatesOperations + :ivar cases: Cases operations + :vartype cases: azure.mgmt.securityinsight.operations.CasesOperations + :ivar comments: Comments operations + :vartype comments: azure.mgmt.securityinsight.operations.CommentsOperations + :ivar case_comments: CaseComments operations + :vartype case_comments: azure.mgmt.securityinsight.operations.CaseCommentsOperations + :ivar bookmarks: Bookmarks operations + :vartype bookmarks: azure.mgmt.securityinsight.operations.BookmarksOperations + :ivar case_relations: CaseRelations operations + :vartype case_relations: azure.mgmt.securityinsight.operations.CaseRelationsOperations + :ivar bookmark_relations: BookmarkRelations operations + :vartype bookmark_relations: azure.mgmt.securityinsight.operations.BookmarkRelationsOperations + :ivar data_connectors: DataConnectors operations + :vartype data_connectors: azure.mgmt.securityinsight.operations.DataConnectorsOperations + :ivar entities: Entities operations + :vartype entities: azure.mgmt.securityinsight.operations.EntitiesOperations + :ivar office_consents: OfficeConsents operations + :vartype office_consents: azure.mgmt.securityinsight.operations.OfficeConsentsOperations + :ivar product_settings: ProductSettings operations + :vartype product_settings: azure.mgmt.securityinsight.operations.ProductSettingsOperations + :ivar cases_aggregations: CasesAggregations operations + :vartype cases_aggregations: azure.mgmt.securityinsight.operations.CasesAggregationsOperations + :ivar entity_queries: EntityQueries operations + :vartype entity_queries: azure.mgmt.securityinsight.operations.EntityQueriesOperations + + :param credentials: Credentials needed for the client to connect to Azure. + :type credentials: :mod:`A msrestazure Credentials + object` + :param subscription_id: Azure subscription ID + :type subscription_id: str + :param str base_url: Service URL + """ + + def __init__( + self, credentials, subscription_id, base_url=None): + + self.config = SecurityInsightsConfiguration(credentials, subscription_id, base_url) + super(SecurityInsights, self).__init__(self.config.credentials, self.config) + + client_models = {k: v for k, v in models.__dict__.items() if isinstance(v, type)} + self.api_version = '2019-01-01-preview' + self._serialize = Serializer(client_models) + self._deserialize = Deserializer(client_models) + + self.operations = Operations( + self._client, self.config, self._serialize, self._deserialize) + self.alert_rules = AlertRulesOperations( + self._client, self.config, self._serialize, self._deserialize) + self.actions = ActionsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.alert_rule_templates = AlertRuleTemplatesOperations( + self._client, self.config, self._serialize, self._deserialize) + self.cases = CasesOperations( + self._client, self.config, self._serialize, self._deserialize) + self.comments = CommentsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.case_comments = CaseCommentsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.bookmarks = BookmarksOperations( + self._client, self.config, self._serialize, self._deserialize) + self.case_relations = CaseRelationsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.bookmark_relations = BookmarkRelationsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.data_connectors = DataConnectorsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.entities = EntitiesOperations( + self._client, self.config, self._serialize, self._deserialize) + self.office_consents = OfficeConsentsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.product_settings = ProductSettingsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.cases_aggregations = CasesAggregationsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.entity_queries = EntityQueriesOperations( + self._client, self.config, self._serialize, self._deserialize) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/version.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/version.py new file mode 100644 index 000000000000..e0ec669828cb --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/version.py @@ -0,0 +1,13 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +VERSION = "0.1.0" +