From 39ab7be8c15a9df946e900983137897ffaa26698 Mon Sep 17 00:00:00 2001 From: Azure SDK Bot Date: Sun, 17 Nov 2019 16:18:11 +0000 Subject: [PATCH 1/6] Generated from 247e9ed7c566795f7324172b46e37da404930054 Merge remote-tracking branch 'upstream/master' into securityAutomations --- .../azure/mgmt/security/_security_center.py | 5 + .../azure/mgmt/security/models/__init__.py | 67 ++ .../azure/mgmt/security/models/_models.py | 613 ++++++++++++++++++ .../azure/mgmt/security/models/_models_py3.py | 613 ++++++++++++++++++ .../mgmt/security/models/_paged_models.py | 13 + .../security/models/_security_center_enums.py | 35 + .../mgmt/security/operations/__init__.py | 2 + .../operations/_automations_operations.py | 434 +++++++++++++ 8 files changed, 1782 insertions(+) create mode 100644 sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_automations_operations.py diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py index 6e5d20a55e1d..932778ae90fd 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py @@ -42,6 +42,7 @@ from .operations import RegulatoryComplianceAssessmentsOperations from .operations import ServerVulnerabilityAssessmentOperations from .operations import SubAssessmentsOperations +from .operations import AutomationsOperations from . import models @@ -109,6 +110,8 @@ class SecurityCenter(SDKClient): :vartype server_vulnerability_assessment: azure.mgmt.security.operations.ServerVulnerabilityAssessmentOperations :ivar sub_assessments: SubAssessments operations :vartype sub_assessments: azure.mgmt.security.operations.SubAssessmentsOperations + :ivar automations: Automations operations + :vartype automations: azure.mgmt.security.operations.AutomationsOperations :param credentials: Credentials needed for the client to connect to Azure. :type credentials: :mod:`A msrestazure Credentials @@ -189,3 +192,5 @@ def __init__( self._client, self.config, self._serialize, self._deserialize) self.sub_assessments = SubAssessmentsOperations( self._client, self.config, self._serialize, self._deserialize) + self.automations = AutomationsOperations( + self._client, self.config, self._serialize, self._deserialize) diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py index a366a0b4789c..d4696885f2e1 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py @@ -27,6 +27,22 @@ from ._models_py3 import AscLocation from ._models_py3 import AtaExternalSecuritySolution from ._models_py3 import AtaSolutionProperties + from ._models_py3 import Automation + from ._models_py3 import AutomationAction + from ._models_py3 import AutomationActionEventHub + from ._models_py3 import AutomationActionEventHubInput + from ._models_py3 import AutomationActionEventHubOutput + from ._models_py3 import AutomationActionLogicApp + from ._models_py3 import AutomationActionLogicAppInput + from ._models_py3 import AutomationActionLogicAppOutput + from ._models_py3 import AutomationActionSecurityEmail + from ._models_py3 import AutomationActionWorkspace + from ._models_py3 import AutomationMetadata + from ._models_py3 import AutomationRuleSet + from ._models_py3 import AutomationScope + from ._models_py3 import AutomationSource + from ._models_py3 import AutomationTriggeringRule + from ._models_py3 import AutomationValidationStatus from ._models_py3 import AutoProvisioningSetting from ._models_py3 import AwsResourceDetails from ._models_py3 import AzureResourceDetails @@ -46,6 +62,7 @@ from ._models_py3 import DenylistCustomAlertRule from ._models_py3 import DeviceSecurityGroup from ._models_py3 import DiscoveredSecuritySolution + from ._models_py3 import ETag from ._models_py3 import ExternalSecuritySolution from ._models_py3 import ExternalSecuritySolutionKind1 from ._models_py3 import ExternalSecuritySolutionProperties @@ -100,6 +117,7 @@ from ._models_py3 import SettingResource from ._models_py3 import SqlServerVulnerabilityProperties from ._models_py3 import SubAssessmentStatus + from ._models_py3 import Tags from ._models_py3 import TagsResource from ._models_py3 import ThresholdCustomAlertRule from ._models_py3 import TimeWindowCustomAlertRule @@ -107,6 +125,7 @@ from ._models_py3 import TopologySingleResource from ._models_py3 import TopologySingleResourceChild from ._models_py3 import TopologySingleResourceParent + from ._models_py3 import TrackedResource from ._models_py3 import UpdateIotSecuritySolutionData from ._models_py3 import UserDefinedResourcesProperties from ._models_py3 import UserRecommendation @@ -131,6 +150,22 @@ from ._models import AscLocation from ._models import AtaExternalSecuritySolution from ._models import AtaSolutionProperties + from ._models import Automation + from ._models import AutomationAction + from ._models import AutomationActionEventHub + from ._models import AutomationActionEventHubInput + from ._models import AutomationActionEventHubOutput + from ._models import AutomationActionLogicApp + from ._models import AutomationActionLogicAppInput + from ._models import AutomationActionLogicAppOutput + from ._models import AutomationActionSecurityEmail + from ._models import AutomationActionWorkspace + from ._models import AutomationMetadata + from ._models import AutomationRuleSet + from ._models import AutomationScope + from ._models import AutomationSource + from ._models import AutomationTriggeringRule + from ._models import AutomationValidationStatus from ._models import AutoProvisioningSetting from ._models import AwsResourceDetails from ._models import AzureResourceDetails @@ -150,6 +185,7 @@ from ._models import DenylistCustomAlertRule from ._models import DeviceSecurityGroup from ._models import DiscoveredSecuritySolution + from ._models import ETag from ._models import ExternalSecuritySolution from ._models import ExternalSecuritySolutionKind1 from ._models import ExternalSecuritySolutionProperties @@ -204,6 +240,7 @@ from ._models import SettingResource from ._models import SqlServerVulnerabilityProperties from ._models import SubAssessmentStatus + from ._models import Tags from ._models import TagsResource from ._models import ThresholdCustomAlertRule from ._models import TimeWindowCustomAlertRule @@ -211,6 +248,7 @@ from ._models import TopologySingleResource from ._models import TopologySingleResourceChild from ._models import TopologySingleResourceParent + from ._models import TrackedResource from ._models import UpdateIotSecuritySolutionData from ._models import UserDefinedResourcesProperties from ._models import UserRecommendation @@ -220,6 +258,7 @@ from ._paged_models import AlertPaged from ._paged_models import AllowedConnectionsResourcePaged from ._paged_models import AscLocationPaged +from ._paged_models import AutomationPaged from ._paged_models import AutoProvisioningSettingPaged from ._paged_models import CompliancePaged from ._paged_models import ComplianceResultPaged @@ -265,6 +304,10 @@ State, SubAssessmentStatusCode, Severity, + EventSource, + PropertyType, + Operator, + SubscriptionRbacRoles, ConnectionType, ) @@ -286,6 +329,22 @@ 'AscLocation', 'AtaExternalSecuritySolution', 'AtaSolutionProperties', + 'Automation', + 'AutomationAction', + 'AutomationActionEventHub', + 'AutomationActionEventHubInput', + 'AutomationActionEventHubOutput', + 'AutomationActionLogicApp', + 'AutomationActionLogicAppInput', + 'AutomationActionLogicAppOutput', + 'AutomationActionSecurityEmail', + 'AutomationActionWorkspace', + 'AutomationMetadata', + 'AutomationRuleSet', + 'AutomationScope', + 'AutomationSource', + 'AutomationTriggeringRule', + 'AutomationValidationStatus', 'AutoProvisioningSetting', 'AwsResourceDetails', 'AzureResourceDetails', @@ -305,6 +364,7 @@ 'DenylistCustomAlertRule', 'DeviceSecurityGroup', 'DiscoveredSecuritySolution', + 'ETag', 'ExternalSecuritySolution', 'ExternalSecuritySolutionKind1', 'ExternalSecuritySolutionProperties', @@ -359,6 +419,7 @@ 'SettingResource', 'SqlServerVulnerabilityProperties', 'SubAssessmentStatus', + 'Tags', 'TagsResource', 'ThresholdCustomAlertRule', 'TimeWindowCustomAlertRule', @@ -366,6 +427,7 @@ 'TopologySingleResource', 'TopologySingleResourceChild', 'TopologySingleResourceParent', + 'TrackedResource', 'UpdateIotSecuritySolutionData', 'UserDefinedResourcesProperties', 'UserRecommendation', @@ -396,6 +458,7 @@ 'RegulatoryComplianceControlPaged', 'RegulatoryComplianceAssessmentPaged', 'SecuritySubAssessmentPaged', + 'AutomationPaged', 'ResourceStatus', 'PricingTier', 'ReportedSeverity', @@ -419,5 +482,9 @@ 'State', 'SubAssessmentStatusCode', 'Severity', + 'EventSource', + 'PropertyType', + 'Operator', + 'SubscriptionRbacRoles', 'ConnectionType', ] diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py index efa51ccc0b7b..9003f56163c9 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py @@ -941,6 +941,582 @@ def __init__(self, **kwargs): self.last_event_received = kwargs.get('last_event_received', None) +class TrackedResource(Model): + """Describes an Azure tracked resource. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Resource Id + :vartype id: str + :ivar name: Resource name + :vartype name: str + :ivar type: Resource type + :vartype type: str + :ivar location: Location where the resource is stored + :vartype location: str + :param kind: Kind of the resource + :type kind: str + :param etag: Entity tag is used for comparing two or more entities from + the same requested resource. ETags may be returned for individual + resources, and then sent via If-Match / If-None-Match headers for + concurrency control. + :type etag: str + :param tags: A list of key value pairs that describe the resource. + :type tags: dict[str, str] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'location': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'location': {'key': 'location', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '{str}'}, + } + + def __init__(self, **kwargs): + super(TrackedResource, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.location = None + self.kind = kwargs.get('kind', None) + self.etag = kwargs.get('etag', None) + self.tags = kwargs.get('tags', None) + + +class Automation(TrackedResource): + """The security automation resource. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Resource Id + :vartype id: str + :ivar name: Resource name + :vartype name: str + :ivar type: Resource type + :vartype type: str + :ivar location: Location where the resource is stored + :vartype location: str + :param kind: Kind of the resource + :type kind: str + :param etag: Entity tag is used for comparing two or more entities from + the same requested resource. ETags may be returned for individual + resources, and then sent via If-Match / If-None-Match headers for + concurrency control. + :type etag: str + :param tags: A list of key value pairs that describe the resource. + :type tags: dict[str, str] + :param description: The security automation description. + :type description: str + :param is_enabled: Indicates whether the security automation is enabled. + :type is_enabled: bool + :param metadata: The metadata of the security automation resource. + :type metadata: ~azure.mgmt.security.models.AutomationMetadata + :param scopes: A collection of scopes on which the security automations + logic is applied. Supported scopes are the subscription itself or a + resource group under that subscription. The automation will only apply on + defined scopes. + :type scopes: list[~azure.mgmt.security.models.AutomationScope] + :param sources: A collection of the source event types which evaluate the + security automation set of rules. + :type sources: list[~azure.mgmt.security.models.AutomationSource] + :param actions: A collection of the actions which are triggered if all the + configured rules evaluations, within at least one ruleset, are true. + :type actions: list[~azure.mgmt.security.models.AutomationAction] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'location': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'location': {'key': 'location', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '{str}'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'is_enabled': {'key': 'properties.isEnabled', 'type': 'bool'}, + 'metadata': {'key': 'properties.metadata', 'type': 'AutomationMetadata'}, + 'scopes': {'key': 'properties.scopes', 'type': '[AutomationScope]'}, + 'sources': {'key': 'properties.sources', 'type': '[AutomationSource]'}, + 'actions': {'key': 'properties.actions', 'type': '[AutomationAction]'}, + } + + def __init__(self, **kwargs): + super(Automation, self).__init__(**kwargs) + self.description = kwargs.get('description', None) + self.is_enabled = kwargs.get('is_enabled', None) + self.metadata = kwargs.get('metadata', None) + self.scopes = kwargs.get('scopes', None) + self.sources = kwargs.get('sources', None) + self.actions = kwargs.get('actions', None) + + +class AutomationAction(Model): + """The action that should be triggered. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: AutomationActionLogicApp, AutomationActionEventHub, + AutomationActionSecurityEmail, AutomationActionWorkspace + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + } + + _subtype_map = { + 'action_type': {'LogicApp': 'AutomationActionLogicApp', 'EventHub': 'AutomationActionEventHub', 'SecurityEmail': 'AutomationActionSecurityEmail', 'Workspace': 'AutomationActionWorkspace'} + } + + def __init__(self, **kwargs): + super(AutomationAction, self).__init__(**kwargs) + self.action_type = None + + +class AutomationActionEventHub(AutomationAction): + """The target Event Hub to which event data will be exported. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: AutomationActionEventHubInput, + AutomationActionEventHubOutput + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param event_hub_resource_id: The target Event Hub Azure Resource ID. + :type event_hub_resource_id: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'event_hub_resource_id': {'key': 'eventHubResourceId', 'type': 'str'}, + } + + _subtype_map = { + 'action_type': {'EventHub': 'AutomationActionEventHubInput', 'EventHub': 'AutomationActionEventHubOutput'} + } + + def __init__(self, **kwargs): + super(AutomationActionEventHub, self).__init__(**kwargs) + self.event_hub_resource_id = kwargs.get('event_hub_resource_id', None) + self.action_type = 'EventHub' + + +class AutomationActionEventHubInput(AutomationActionEventHub): + """The target Event Hub to which event data will be exported. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param event_hub_resource_id: The target Event Hub Azure Resource ID. + :type event_hub_resource_id: str + :param connection_string: The traget Event Hub connection string + :type connection_string: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'event_hub_resource_id': {'key': 'eventHubResourceId', 'type': 'str'}, + 'connection_string': {'key': 'connectionString', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AutomationActionEventHubInput, self).__init__(**kwargs) + self.connection_string = kwargs.get('connection_string', None) + self.action_type = 'EventHub' + + +class AutomationActionEventHubOutput(AutomationActionEventHub): + """The target Event Hub to which event data will be exported. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param event_hub_resource_id: The target Event Hub Azure Resource ID. + :type event_hub_resource_id: str + :param sas_policy_name: The target Event Hub SAS policy name. + :type sas_policy_name: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'event_hub_resource_id': {'key': 'eventHubResourceId', 'type': 'str'}, + 'sas_policy_name': {'key': 'sasPolicyName', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AutomationActionEventHubOutput, self).__init__(**kwargs) + self.sas_policy_name = kwargs.get('sas_policy_name', None) + self.action_type = 'EventHub' + + +class AutomationActionLogicApp(AutomationAction): + """The logic app action that should be triggered. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: AutomationActionLogicAppInput, + AutomationActionLogicAppOutput + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param logic_app_resource_id: The triggered Logic App Azure Resource ID. + This can also reside on other subscriptions, given that you have + permissions to trigger the Logic App + :type logic_app_resource_id: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'logic_app_resource_id': {'key': 'logicAppResourceId', 'type': 'str'}, + } + + _subtype_map = { + 'action_type': {'LogicApp': 'AutomationActionLogicAppInput', 'LogicApp': 'AutomationActionLogicAppOutput'} + } + + def __init__(self, **kwargs): + super(AutomationActionLogicApp, self).__init__(**kwargs) + self.logic_app_resource_id = kwargs.get('logic_app_resource_id', None) + self.action_type = 'LogicApp' + + +class AutomationActionLogicAppInput(AutomationActionLogicApp): + """The logic app action that should be triggered. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param logic_app_resource_id: The triggered Logic App Azure Resource ID. + This can also reside on other subscriptions, given that you have + permissions to trigger the Logic App + :type logic_app_resource_id: str + :param uri: The Logic App trigger URI endpoint. + :type uri: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'logic_app_resource_id': {'key': 'logicAppResourceId', 'type': 'str'}, + 'uri': {'key': 'uri', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AutomationActionLogicAppInput, self).__init__(**kwargs) + self.uri = kwargs.get('uri', None) + self.action_type = 'LogicApp' + + +class AutomationActionLogicAppOutput(AutomationActionLogicApp): + """The logic app action that should be triggered. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param logic_app_resource_id: The triggered Logic App Azure Resource ID. + This can also reside on other subscriptions, given that you have + permissions to trigger the Logic App + :type logic_app_resource_id: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'logic_app_resource_id': {'key': 'logicAppResourceId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AutomationActionLogicAppOutput, self).__init__(**kwargs) + self.action_type = 'LogicApp' + + +class AutomationActionSecurityEmail(AutomationAction): + """An action that triggers sending of Security emails. Emails can be sent to + users with specific roles on the subscription (for example, subscription + owners) or to user-provided emails. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param subscription_rbac_roles: A list of user roles which indicate the + relevant users that will receive the event data via email. + :type subscription_rbac_roles: list[str or + ~azure.mgmt.security.models.SubscriptionRbacRoles] + :param email_addresses: A list of email addresses that should receive the + event data. + :type email_addresses: list[str] + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'subscription_rbac_roles': {'key': 'subscriptionRbacRoles', 'type': '[str]'}, + 'email_addresses': {'key': 'emailAddresses', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(AutomationActionSecurityEmail, self).__init__(**kwargs) + self.subscription_rbac_roles = kwargs.get('subscription_rbac_roles', None) + self.email_addresses = kwargs.get('email_addresses', None) + self.action_type = 'SecurityEmail' + + +class AutomationActionWorkspace(AutomationAction): + """The Log Analytics Workspace to which event data will be exported. Security + alerts data will reside in the 'SecurityAlert' table and the assessments + data will reside in the 'SecurityRecommendation' table (under the + 'Security'/'SecurityCenterFree' solutions). Note that in order to view the + data in the workspace, the Security Center Log Analytics free/standard + solution needs to be enabled on that workspace. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param workspace_resource_id: The fully qualified Log Analytics Workspace + Azure Resource ID. + :type workspace_resource_id: str + :param workspace_id: The Log Analytics Workspace ID in a GUID format. + :type workspace_id: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'workspace_resource_id': {'key': 'workspaceResourceId', 'type': 'str'}, + 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AutomationActionWorkspace, self).__init__(**kwargs) + self.workspace_resource_id = kwargs.get('workspace_resource_id', None) + self.workspace_id = kwargs.get('workspace_id', None) + self.action_type = 'Workspace' + + +class AutomationMetadata(Model): + """The metadata of the security automation resource. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar created_date_time_utc: The security automation creation date. + :vartype created_date_time_utc: datetime + :ivar created_by: The AAD object ID of the entity that created the + security automation. + :vartype created_by: str + :ivar last_updated_date_time_utc: The security automation last updated + date. + :vartype last_updated_date_time_utc: datetime + :ivar last_updated_by: The AAD object ID of the entity that last updated + the security automation. + :vartype last_updated_by: str + """ + + _validation = { + 'created_date_time_utc': {'readonly': True}, + 'created_by': {'readonly': True}, + 'last_updated_date_time_utc': {'readonly': True}, + 'last_updated_by': {'readonly': True}, + } + + _attribute_map = { + 'created_date_time_utc': {'key': 'createdDateTimeUtc', 'type': 'iso-8601'}, + 'created_by': {'key': 'createdBy', 'type': 'str'}, + 'last_updated_date_time_utc': {'key': 'lastUpdatedDateTimeUtc', 'type': 'iso-8601'}, + 'last_updated_by': {'key': 'lastUpdatedBy', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AutomationMetadata, self).__init__(**kwargs) + self.created_date_time_utc = None + self.created_by = None + self.last_updated_date_time_utc = None + self.last_updated_by = None + + +class AutomationRuleSet(Model): + """A rule set which evaluates all its rules upon an event interception. Only + when all the included rules in the rule set will be evaluated as 'true', + will the event trigger the defined actions. + + :param rules: + :type rules: list[~azure.mgmt.security.models.AutomationTriggeringRule] + """ + + _attribute_map = { + 'rules': {'key': 'rules', 'type': '[AutomationTriggeringRule]'}, + } + + def __init__(self, **kwargs): + super(AutomationRuleSet, self).__init__(**kwargs) + self.rules = kwargs.get('rules', None) + + +class AutomationScope(Model): + """A single automation scope. + + :param description: The resources scope description. + :type description: str + :param scope_path: The resources scope path. Can be the subscription on + which the automation is defined on or a resource group under that + subscription (fully qualified Azure resource IDs). + :type scope_path: str + """ + + _attribute_map = { + 'description': {'key': 'description', 'type': 'str'}, + 'scope_path': {'key': 'scopePath', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AutomationScope, self).__init__(**kwargs) + self.description = kwargs.get('description', None) + self.scope_path = kwargs.get('scope_path', None) + + +class AutomationSource(Model): + """The source event types which evaluate the security automation set of rules. + For example - security alerts and security assessments. To learn more about + the supported security events data models schemas - please visit + https://aka.ms/ASCAutomationSchemas. + + :param event_source: A valid event source type. Possible values include: + 'Assessments', 'Alerts' + :type event_source: str or ~azure.mgmt.security.models.EventSource + :param rule_sets: A set of rules which evaluate upon event interception. A + logical disjunction is applied between defined rule sets (logical 'or'). + :type rule_sets: list[~azure.mgmt.security.models.AutomationRuleSet] + """ + + _attribute_map = { + 'event_source': {'key': 'eventSource', 'type': 'str'}, + 'rule_sets': {'key': 'ruleSets', 'type': '[AutomationRuleSet]'}, + } + + def __init__(self, **kwargs): + super(AutomationSource, self).__init__(**kwargs) + self.event_source = kwargs.get('event_source', None) + self.rule_sets = kwargs.get('rule_sets', None) + + +class AutomationTriggeringRule(Model): + """A rule which is evaluated upon event interception. The rule is configured + by comparing a specific value from the event model to an expected value. + This comparison is done by using one of the supported operators set. + + :param property_jpath: The JPath of the entity model property that should + be checked. + :type property_jpath: str + :param property_type: The data type of the compared operands (string, + integer, floating point number or a boolean [true/false]]. Possible values + include: 'String', 'Integer', 'Number', 'Boolean' + :type property_type: str or ~azure.mgmt.security.models.PropertyType + :param expected_value: The expected value. + :type expected_value: str + :param operator: A valid comparer operator to use. Possible values + include: 'Equals', 'GreaterThan', 'GreaterThanOrEqualTo', 'LesserThan', + 'LesserThanOrEqualTo', 'NotEquals', 'Contains', 'StartsWith', 'EndsWith' + :type operator: str or ~azure.mgmt.security.models.Operator + """ + + _attribute_map = { + 'property_jpath': {'key': 'propertyJPath', 'type': 'str'}, + 'property_type': {'key': 'propertyType', 'type': 'str'}, + 'expected_value': {'key': 'expectedValue', 'type': 'str'}, + 'operator': {'key': 'operator', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AutomationTriggeringRule, self).__init__(**kwargs) + self.property_jpath = kwargs.get('property_jpath', None) + self.property_type = kwargs.get('property_type', None) + self.expected_value = kwargs.get('expected_value', None) + self.operator = kwargs.get('operator', None) + + +class AutomationValidationStatus(Model): + """The security automation model state property bag. + + :param is_valid: Indicates whether the model is valid or not. + :type is_valid: bool + :param message: The validation message. + :type message: str + """ + + _attribute_map = { + 'is_valid': {'key': 'isValid', 'type': 'bool'}, + 'message': {'key': 'message', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AutomationValidationStatus, self).__init__(**kwargs) + self.is_valid = kwargs.get('is_valid', None) + self.message = kwargs.get('message', None) + + class AutoProvisioningSetting(Resource): """Auto provisioning setting. @@ -1799,6 +2375,27 @@ def __init__(self, **kwargs): self.sku = kwargs.get('sku', None) +class ETag(Model): + """Entity tag is used for comparing two or more entities from the same + requested resource. ETags may be returned for individual resources, and + then sent via If-Match / If-None-Match headers for concurrency control. . + + :param etag: Entity tag is used for comparing two or more entities from + the same requested resource. ETags may be returned for individual + resources, and then sent via If-Match / If-None-Match headers for + concurrency control. + :type etag: str + """ + + _attribute_map = { + 'etag': {'key': 'etag', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ETag, self).__init__(**kwargs) + self.etag = kwargs.get('etag', None) + + class ExternalSecuritySolutionKind1(Model): """Describes an Azure resource with kind. @@ -3827,6 +4424,22 @@ def __init__(self, **kwargs): self.severity = None +class Tags(Model): + """A list of key value pairs that describe the resource. + + :param tags: A list of key value pairs that describe the resource. + :type tags: dict[str, str] + """ + + _attribute_map = { + 'tags': {'key': 'tags', 'type': '{str}'}, + } + + def __init__(self, **kwargs): + super(Tags, self).__init__(**kwargs) + self.tags = kwargs.get('tags', None) + + class TagsResource(Model): """A container holding only the Tags for a resource, allowing the user to update the tags. diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py index 67e9f418a4cd..f4061a3fac8d 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py @@ -941,6 +941,582 @@ def __init__(self, *, additional_properties=None, device_vendor: str=None, devic self.last_event_received = last_event_received +class TrackedResource(Model): + """Describes an Azure tracked resource. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Resource Id + :vartype id: str + :ivar name: Resource name + :vartype name: str + :ivar type: Resource type + :vartype type: str + :ivar location: Location where the resource is stored + :vartype location: str + :param kind: Kind of the resource + :type kind: str + :param etag: Entity tag is used for comparing two or more entities from + the same requested resource. ETags may be returned for individual + resources, and then sent via If-Match / If-None-Match headers for + concurrency control. + :type etag: str + :param tags: A list of key value pairs that describe the resource. + :type tags: dict[str, str] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'location': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'location': {'key': 'location', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '{str}'}, + } + + def __init__(self, *, kind: str=None, etag: str=None, tags=None, **kwargs) -> None: + super(TrackedResource, self).__init__(**kwargs) + self.id = None + self.name = None + self.type = None + self.location = None + self.kind = kind + self.etag = etag + self.tags = tags + + +class Automation(TrackedResource): + """The security automation resource. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Resource Id + :vartype id: str + :ivar name: Resource name + :vartype name: str + :ivar type: Resource type + :vartype type: str + :ivar location: Location where the resource is stored + :vartype location: str + :param kind: Kind of the resource + :type kind: str + :param etag: Entity tag is used for comparing two or more entities from + the same requested resource. ETags may be returned for individual + resources, and then sent via If-Match / If-None-Match headers for + concurrency control. + :type etag: str + :param tags: A list of key value pairs that describe the resource. + :type tags: dict[str, str] + :param description: The security automation description. + :type description: str + :param is_enabled: Indicates whether the security automation is enabled. + :type is_enabled: bool + :param metadata: The metadata of the security automation resource. + :type metadata: ~azure.mgmt.security.models.AutomationMetadata + :param scopes: A collection of scopes on which the security automations + logic is applied. Supported scopes are the subscription itself or a + resource group under that subscription. The automation will only apply on + defined scopes. + :type scopes: list[~azure.mgmt.security.models.AutomationScope] + :param sources: A collection of the source event types which evaluate the + security automation set of rules. + :type sources: list[~azure.mgmt.security.models.AutomationSource] + :param actions: A collection of the actions which are triggered if all the + configured rules evaluations, within at least one ruleset, are true. + :type actions: list[~azure.mgmt.security.models.AutomationAction] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'location': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'location': {'key': 'location', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '{str}'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'is_enabled': {'key': 'properties.isEnabled', 'type': 'bool'}, + 'metadata': {'key': 'properties.metadata', 'type': 'AutomationMetadata'}, + 'scopes': {'key': 'properties.scopes', 'type': '[AutomationScope]'}, + 'sources': {'key': 'properties.sources', 'type': '[AutomationSource]'}, + 'actions': {'key': 'properties.actions', 'type': '[AutomationAction]'}, + } + + def __init__(self, *, kind: str=None, etag: str=None, tags=None, description: str=None, is_enabled: bool=None, metadata=None, scopes=None, sources=None, actions=None, **kwargs) -> None: + super(Automation, self).__init__(kind=kind, etag=etag, tags=tags, **kwargs) + self.description = description + self.is_enabled = is_enabled + self.metadata = metadata + self.scopes = scopes + self.sources = sources + self.actions = actions + + +class AutomationAction(Model): + """The action that should be triggered. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: AutomationActionLogicApp, AutomationActionEventHub, + AutomationActionSecurityEmail, AutomationActionWorkspace + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + } + + _subtype_map = { + 'action_type': {'LogicApp': 'AutomationActionLogicApp', 'EventHub': 'AutomationActionEventHub', 'SecurityEmail': 'AutomationActionSecurityEmail', 'Workspace': 'AutomationActionWorkspace'} + } + + def __init__(self, **kwargs) -> None: + super(AutomationAction, self).__init__(**kwargs) + self.action_type = None + + +class AutomationActionEventHub(AutomationAction): + """The target Event Hub to which event data will be exported. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: AutomationActionEventHubInput, + AutomationActionEventHubOutput + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param event_hub_resource_id: The target Event Hub Azure Resource ID. + :type event_hub_resource_id: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'event_hub_resource_id': {'key': 'eventHubResourceId', 'type': 'str'}, + } + + _subtype_map = { + 'action_type': {'EventHub': 'AutomationActionEventHubInput', 'EventHub': 'AutomationActionEventHubOutput'} + } + + def __init__(self, *, event_hub_resource_id: str=None, **kwargs) -> None: + super(AutomationActionEventHub, self).__init__(**kwargs) + self.event_hub_resource_id = event_hub_resource_id + self.action_type = 'EventHub' + + +class AutomationActionEventHubInput(AutomationActionEventHub): + """The target Event Hub to which event data will be exported. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param event_hub_resource_id: The target Event Hub Azure Resource ID. + :type event_hub_resource_id: str + :param connection_string: The traget Event Hub connection string + :type connection_string: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'event_hub_resource_id': {'key': 'eventHubResourceId', 'type': 'str'}, + 'connection_string': {'key': 'connectionString', 'type': 'str'}, + } + + def __init__(self, *, event_hub_resource_id: str=None, connection_string: str=None, **kwargs) -> None: + super(AutomationActionEventHubInput, self).__init__(event_hub_resource_id=event_hub_resource_id, **kwargs) + self.connection_string = connection_string + self.action_type = 'EventHub' + + +class AutomationActionEventHubOutput(AutomationActionEventHub): + """The target Event Hub to which event data will be exported. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param event_hub_resource_id: The target Event Hub Azure Resource ID. + :type event_hub_resource_id: str + :param sas_policy_name: The target Event Hub SAS policy name. + :type sas_policy_name: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'event_hub_resource_id': {'key': 'eventHubResourceId', 'type': 'str'}, + 'sas_policy_name': {'key': 'sasPolicyName', 'type': 'str'}, + } + + def __init__(self, *, event_hub_resource_id: str=None, sas_policy_name: str=None, **kwargs) -> None: + super(AutomationActionEventHubOutput, self).__init__(event_hub_resource_id=event_hub_resource_id, **kwargs) + self.sas_policy_name = sas_policy_name + self.action_type = 'EventHub' + + +class AutomationActionLogicApp(AutomationAction): + """The logic app action that should be triggered. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: AutomationActionLogicAppInput, + AutomationActionLogicAppOutput + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param logic_app_resource_id: The triggered Logic App Azure Resource ID. + This can also reside on other subscriptions, given that you have + permissions to trigger the Logic App + :type logic_app_resource_id: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'logic_app_resource_id': {'key': 'logicAppResourceId', 'type': 'str'}, + } + + _subtype_map = { + 'action_type': {'LogicApp': 'AutomationActionLogicAppInput', 'LogicApp': 'AutomationActionLogicAppOutput'} + } + + def __init__(self, *, logic_app_resource_id: str=None, **kwargs) -> None: + super(AutomationActionLogicApp, self).__init__(**kwargs) + self.logic_app_resource_id = logic_app_resource_id + self.action_type = 'LogicApp' + + +class AutomationActionLogicAppInput(AutomationActionLogicApp): + """The logic app action that should be triggered. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param logic_app_resource_id: The triggered Logic App Azure Resource ID. + This can also reside on other subscriptions, given that you have + permissions to trigger the Logic App + :type logic_app_resource_id: str + :param uri: The Logic App trigger URI endpoint. + :type uri: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'logic_app_resource_id': {'key': 'logicAppResourceId', 'type': 'str'}, + 'uri': {'key': 'uri', 'type': 'str'}, + } + + def __init__(self, *, logic_app_resource_id: str=None, uri: str=None, **kwargs) -> None: + super(AutomationActionLogicAppInput, self).__init__(logic_app_resource_id=logic_app_resource_id, **kwargs) + self.uri = uri + self.action_type = 'LogicApp' + + +class AutomationActionLogicAppOutput(AutomationActionLogicApp): + """The logic app action that should be triggered. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param logic_app_resource_id: The triggered Logic App Azure Resource ID. + This can also reside on other subscriptions, given that you have + permissions to trigger the Logic App + :type logic_app_resource_id: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'logic_app_resource_id': {'key': 'logicAppResourceId', 'type': 'str'}, + } + + def __init__(self, *, logic_app_resource_id: str=None, **kwargs) -> None: + super(AutomationActionLogicAppOutput, self).__init__(logic_app_resource_id=logic_app_resource_id, **kwargs) + self.action_type = 'LogicApp' + + +class AutomationActionSecurityEmail(AutomationAction): + """An action that triggers sending of Security emails. Emails can be sent to + users with specific roles on the subscription (for example, subscription + owners) or to user-provided emails. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param subscription_rbac_roles: A list of user roles which indicate the + relevant users that will receive the event data via email. + :type subscription_rbac_roles: list[str or + ~azure.mgmt.security.models.SubscriptionRbacRoles] + :param email_addresses: A list of email addresses that should receive the + event data. + :type email_addresses: list[str] + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'subscription_rbac_roles': {'key': 'subscriptionRbacRoles', 'type': '[str]'}, + 'email_addresses': {'key': 'emailAddresses', 'type': '[str]'}, + } + + def __init__(self, *, subscription_rbac_roles=None, email_addresses=None, **kwargs) -> None: + super(AutomationActionSecurityEmail, self).__init__(**kwargs) + self.subscription_rbac_roles = subscription_rbac_roles + self.email_addresses = email_addresses + self.action_type = 'SecurityEmail' + + +class AutomationActionWorkspace(AutomationAction): + """The Log Analytics Workspace to which event data will be exported. Security + alerts data will reside in the 'SecurityAlert' table and the assessments + data will reside in the 'SecurityRecommendation' table (under the + 'Security'/'SecurityCenterFree' solutions). Note that in order to view the + data in the workspace, the Security Center Log Analytics free/standard + solution needs to be enabled on that workspace. + + All required parameters must be populated in order to send to Azure. + + :param action_type: Required. Constant filled by server. + :type action_type: str + :param workspace_resource_id: The fully qualified Log Analytics Workspace + Azure Resource ID. + :type workspace_resource_id: str + :param workspace_id: The Log Analytics Workspace ID in a GUID format. + :type workspace_id: str + """ + + _validation = { + 'action_type': {'required': True}, + } + + _attribute_map = { + 'action_type': {'key': 'actionType', 'type': 'str'}, + 'workspace_resource_id': {'key': 'workspaceResourceId', 'type': 'str'}, + 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, + } + + def __init__(self, *, workspace_resource_id: str=None, workspace_id: str=None, **kwargs) -> None: + super(AutomationActionWorkspace, self).__init__(**kwargs) + self.workspace_resource_id = workspace_resource_id + self.workspace_id = workspace_id + self.action_type = 'Workspace' + + +class AutomationMetadata(Model): + """The metadata of the security automation resource. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar created_date_time_utc: The security automation creation date. + :vartype created_date_time_utc: datetime + :ivar created_by: The AAD object ID of the entity that created the + security automation. + :vartype created_by: str + :ivar last_updated_date_time_utc: The security automation last updated + date. + :vartype last_updated_date_time_utc: datetime + :ivar last_updated_by: The AAD object ID of the entity that last updated + the security automation. + :vartype last_updated_by: str + """ + + _validation = { + 'created_date_time_utc': {'readonly': True}, + 'created_by': {'readonly': True}, + 'last_updated_date_time_utc': {'readonly': True}, + 'last_updated_by': {'readonly': True}, + } + + _attribute_map = { + 'created_date_time_utc': {'key': 'createdDateTimeUtc', 'type': 'iso-8601'}, + 'created_by': {'key': 'createdBy', 'type': 'str'}, + 'last_updated_date_time_utc': {'key': 'lastUpdatedDateTimeUtc', 'type': 'iso-8601'}, + 'last_updated_by': {'key': 'lastUpdatedBy', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(AutomationMetadata, self).__init__(**kwargs) + self.created_date_time_utc = None + self.created_by = None + self.last_updated_date_time_utc = None + self.last_updated_by = None + + +class AutomationRuleSet(Model): + """A rule set which evaluates all its rules upon an event interception. Only + when all the included rules in the rule set will be evaluated as 'true', + will the event trigger the defined actions. + + :param rules: + :type rules: list[~azure.mgmt.security.models.AutomationTriggeringRule] + """ + + _attribute_map = { + 'rules': {'key': 'rules', 'type': '[AutomationTriggeringRule]'}, + } + + def __init__(self, *, rules=None, **kwargs) -> None: + super(AutomationRuleSet, self).__init__(**kwargs) + self.rules = rules + + +class AutomationScope(Model): + """A single automation scope. + + :param description: The resources scope description. + :type description: str + :param scope_path: The resources scope path. Can be the subscription on + which the automation is defined on or a resource group under that + subscription (fully qualified Azure resource IDs). + :type scope_path: str + """ + + _attribute_map = { + 'description': {'key': 'description', 'type': 'str'}, + 'scope_path': {'key': 'scopePath', 'type': 'str'}, + } + + def __init__(self, *, description: str=None, scope_path: str=None, **kwargs) -> None: + super(AutomationScope, self).__init__(**kwargs) + self.description = description + self.scope_path = scope_path + + +class AutomationSource(Model): + """The source event types which evaluate the security automation set of rules. + For example - security alerts and security assessments. To learn more about + the supported security events data models schemas - please visit + https://aka.ms/ASCAutomationSchemas. + + :param event_source: A valid event source type. Possible values include: + 'Assessments', 'Alerts' + :type event_source: str or ~azure.mgmt.security.models.EventSource + :param rule_sets: A set of rules which evaluate upon event interception. A + logical disjunction is applied between defined rule sets (logical 'or'). + :type rule_sets: list[~azure.mgmt.security.models.AutomationRuleSet] + """ + + _attribute_map = { + 'event_source': {'key': 'eventSource', 'type': 'str'}, + 'rule_sets': {'key': 'ruleSets', 'type': '[AutomationRuleSet]'}, + } + + def __init__(self, *, event_source=None, rule_sets=None, **kwargs) -> None: + super(AutomationSource, self).__init__(**kwargs) + self.event_source = event_source + self.rule_sets = rule_sets + + +class AutomationTriggeringRule(Model): + """A rule which is evaluated upon event interception. The rule is configured + by comparing a specific value from the event model to an expected value. + This comparison is done by using one of the supported operators set. + + :param property_jpath: The JPath of the entity model property that should + be checked. + :type property_jpath: str + :param property_type: The data type of the compared operands (string, + integer, floating point number or a boolean [true/false]]. Possible values + include: 'String', 'Integer', 'Number', 'Boolean' + :type property_type: str or ~azure.mgmt.security.models.PropertyType + :param expected_value: The expected value. + :type expected_value: str + :param operator: A valid comparer operator to use. Possible values + include: 'Equals', 'GreaterThan', 'GreaterThanOrEqualTo', 'LesserThan', + 'LesserThanOrEqualTo', 'NotEquals', 'Contains', 'StartsWith', 'EndsWith' + :type operator: str or ~azure.mgmt.security.models.Operator + """ + + _attribute_map = { + 'property_jpath': {'key': 'propertyJPath', 'type': 'str'}, + 'property_type': {'key': 'propertyType', 'type': 'str'}, + 'expected_value': {'key': 'expectedValue', 'type': 'str'}, + 'operator': {'key': 'operator', 'type': 'str'}, + } + + def __init__(self, *, property_jpath: str=None, property_type=None, expected_value: str=None, operator=None, **kwargs) -> None: + super(AutomationTriggeringRule, self).__init__(**kwargs) + self.property_jpath = property_jpath + self.property_type = property_type + self.expected_value = expected_value + self.operator = operator + + +class AutomationValidationStatus(Model): + """The security automation model state property bag. + + :param is_valid: Indicates whether the model is valid or not. + :type is_valid: bool + :param message: The validation message. + :type message: str + """ + + _attribute_map = { + 'is_valid': {'key': 'isValid', 'type': 'bool'}, + 'message': {'key': 'message', 'type': 'str'}, + } + + def __init__(self, *, is_valid: bool=None, message: str=None, **kwargs) -> None: + super(AutomationValidationStatus, self).__init__(**kwargs) + self.is_valid = is_valid + self.message = message + + class AutoProvisioningSetting(Resource): """Auto provisioning setting. @@ -1799,6 +2375,27 @@ def __init__(self, *, security_family, offer: str, publisher: str, sku: str, **k self.sku = sku +class ETag(Model): + """Entity tag is used for comparing two or more entities from the same + requested resource. ETags may be returned for individual resources, and + then sent via If-Match / If-None-Match headers for concurrency control. . + + :param etag: Entity tag is used for comparing two or more entities from + the same requested resource. ETags may be returned for individual + resources, and then sent via If-Match / If-None-Match headers for + concurrency control. + :type etag: str + """ + + _attribute_map = { + 'etag': {'key': 'etag', 'type': 'str'}, + } + + def __init__(self, *, etag: str=None, **kwargs) -> None: + super(ETag, self).__init__(**kwargs) + self.etag = etag + + class ExternalSecuritySolutionKind1(Model): """Describes an Azure resource with kind. @@ -3827,6 +4424,22 @@ def __init__(self, **kwargs) -> None: self.severity = None +class Tags(Model): + """A list of key value pairs that describe the resource. + + :param tags: A list of key value pairs that describe the resource. + :type tags: dict[str, str] + """ + + _attribute_map = { + 'tags': {'key': 'tags', 'type': '{str}'}, + } + + def __init__(self, *, tags=None, **kwargs) -> None: + super(Tags, self).__init__(**kwargs) + self.tags = tags + + class TagsResource(Model): """A container holding only the Tags for a resource, allowing the user to update the tags. diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_paged_models.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_paged_models.py index 670bbb1a5813..41a6d0fac11c 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_paged_models.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_paged_models.py @@ -324,3 +324,16 @@ class SecuritySubAssessmentPaged(Paged): def __init__(self, *args, **kwargs): super(SecuritySubAssessmentPaged, self).__init__(*args, **kwargs) +class AutomationPaged(Paged): + """ + A paging container for iterating over a list of :class:`Automation ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[Automation]'} + } + + def __init__(self, *args, **kwargs): + + super(AutomationPaged, self).__init__(*args, **kwargs) diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py index 8679f192cc6c..e5de07bea451 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py @@ -176,6 +176,41 @@ class Severity(str, Enum): high = "High" +class EventSource(str, Enum): + + assessments = "Assessments" + alerts = "Alerts" + + +class PropertyType(str, Enum): + + string = "String" + integer = "Integer" + number = "Number" + boolean = "Boolean" + + +class Operator(str, Enum): + + equals = "Equals" + greater_than = "GreaterThan" + greater_than_or_equal_to = "GreaterThanOrEqualTo" + lesser_than = "LesserThan" + lesser_than_or_equal_to = "LesserThanOrEqualTo" + not_equals = "NotEquals" + contains = "Contains" + starts_with = "StartsWith" + ends_with = "EndsWith" + + +class SubscriptionRbacRoles(str, Enum): + + account_admin = "AccountAdmin" + service_admin = "ServiceAdmin" + owner = "Owner" + contributor = "Contributor" + + class ConnectionType(str, Enum): internal = "Internal" diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py index 9fa27d57ef23..15d69b017b72 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py @@ -38,6 +38,7 @@ from ._regulatory_compliance_assessments_operations import RegulatoryComplianceAssessmentsOperations from ._server_vulnerability_assessment_operations import ServerVulnerabilityAssessmentOperations from ._sub_assessments_operations import SubAssessmentsOperations +from ._automations_operations import AutomationsOperations __all__ = [ 'ComplianceResultsOperations', @@ -69,4 +70,5 @@ 'RegulatoryComplianceAssessmentsOperations', 'ServerVulnerabilityAssessmentOperations', 'SubAssessmentsOperations', + 'AutomationsOperations', ] diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_automations_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_automations_operations.py new file mode 100644 index 000000000000..d5c3b5ce236d --- /dev/null +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_automations_operations.py @@ -0,0 +1,434 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class AutomationsOperations(object): + """AutomationsOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, custom_headers=None, raw=False, **operation_config): + """Get all security automations in a subscription. + + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of Automation + :rtype: + ~azure.mgmt.security.models.AutomationPaged[~azure.mgmt.security.models.Automation] + :raises: :class:`CloudError` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.AutomationPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/automations'} + + def list_by_resource_group( + self, resource_group_name, custom_headers=None, raw=False, **operation_config): + """Get all security automations in a resource group. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of Automation + :rtype: + ~azure.mgmt.security.models.AutomationPaged[~azure.mgmt.security.models.Automation] + :raises: :class:`CloudError` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_by_resource_group.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.AutomationPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_by_resource_group.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations'} + + def get( + self, resource_group_name, automation_name, custom_headers=None, raw=False, **operation_config): + """Get the details of a security automation. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param automation_name: The security automation name. + :type automation_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Automation or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.security.models.Automation or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'automationName': self._serialize.url("automation_name", automation_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('Automation', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}'} + + def create_or_update( + self, resource_group_name, automation_name, automation, custom_headers=None, raw=False, **operation_config): + """Create or update a security automation. If a security automation is + already created and a subsequent create request is issued with + different properties, the security automation properties will be + updated. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param automation_name: The security automation name. + :type automation_name: str + :param automation: The security automation resource + :type automation: ~azure.mgmt.security.models.Automation + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Automation or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.security.models.Automation or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'automationName': self._serialize.url("automation_name", automation_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(automation, 'Automation') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('Automation', response) + if response.status_code == 201: + deserialized = self._deserialize('Automation', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}'} + + def delete( + self, resource_group_name, automation_name, custom_headers=None, raw=False, **operation_config): + """Delete a security automation. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param automation_name: The security automation name. + :type automation_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'automationName': self._serialize.url("automation_name", automation_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}'} + + def validate( + self, resource_group_name, automation_name, automation, custom_headers=None, raw=False, **operation_config): + """Validate the security automation model before create or update. Any + validation errors are returned to the client. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param automation_name: The security automation name. + :type automation_name: str + :param automation: The security automation resource + :type automation: ~azure.mgmt.security.models.Automation + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: AutomationValidationStatus or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.security.models.AutomationValidationStatus or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.validate.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'automationName': self._serialize.url("automation_name", automation_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(automation, 'Automation') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('AutomationValidationStatus', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + validate.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}/validate'} From 128f743583e80aadce0fcdb1c5d7743d5a3db2cd Mon Sep 17 00:00:00 2001 From: Azure SDK Bot Date: Tue, 19 Nov 2019 13:13:10 +0000 Subject: [PATCH 2/6] Generated from 504543d4794bf32f07e3b5b994ddfe9f69161923 whitelist automations for SpellCheck tool, fix typo mistakes --- .../azure-mgmt-security/azure/mgmt/security/models/_models.py | 4 ++-- .../azure/mgmt/security/models/_models_py3.py | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py index 9003f56163c9..452599648b85 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py @@ -1032,7 +1032,7 @@ class Automation(TrackedResource): security automation set of rules. :type sources: list[~azure.mgmt.security.models.AutomationSource] :param actions: A collection of the actions which are triggered if all the - configured rules evaluations, within at least one ruleset, are true. + configured rules evaluations, within at least one rule set, are true. :type actions: list[~azure.mgmt.security.models.AutomationAction] """ @@ -1142,7 +1142,7 @@ class AutomationActionEventHubInput(AutomationActionEventHub): :type action_type: str :param event_hub_resource_id: The target Event Hub Azure Resource ID. :type event_hub_resource_id: str - :param connection_string: The traget Event Hub connection string + :param connection_string: The target Event Hub connection string :type connection_string: str """ diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py index f4061a3fac8d..1567c8e2270c 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py @@ -1032,7 +1032,7 @@ class Automation(TrackedResource): security automation set of rules. :type sources: list[~azure.mgmt.security.models.AutomationSource] :param actions: A collection of the actions which are triggered if all the - configured rules evaluations, within at least one ruleset, are true. + configured rules evaluations, within at least one rule set, are true. :type actions: list[~azure.mgmt.security.models.AutomationAction] """ @@ -1142,7 +1142,7 @@ class AutomationActionEventHubInput(AutomationActionEventHub): :type action_type: str :param event_hub_resource_id: The target Event Hub Azure Resource ID. :type event_hub_resource_id: str - :param connection_string: The traget Event Hub connection string + :param connection_string: The target Event Hub connection string :type connection_string: str """ From 5abbd92067f35d8b25d178ca51e68cbd6aa608a6 Mon Sep 17 00:00:00 2001 From: Azure SDK Bot Date: Wed, 27 Nov 2019 07:11:00 +0000 Subject: [PATCH 3/6] Generated from d2d9721bef97ae99cd5bd96433dd953b1b2ff2a5 Merge remote-tracking branch 'upstream/master' into securityAutomations --- .../operations/_automations_operations.py | 21 +++++++++++-------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_automations_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_automations_operations.py index d5c3b5ce236d..e2b432ba4be7 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_automations_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_automations_operations.py @@ -41,7 +41,9 @@ def __init__(self, client, config, serializer, deserializer): def list( self, custom_headers=None, raw=False, **operation_config): - """Get all security automations in a subscription. + """Lists all the security automations in the specified subscription. Use + the 'nextLink' property in the response to get the next page of + security automations for the specified subscription. :param dict custom_headers: headers that will be added to the request :param bool raw: returns the direct response alongside the @@ -107,7 +109,9 @@ def internal_paging(next_link=None): def list_by_resource_group( self, resource_group_name, custom_headers=None, raw=False, **operation_config): - """Get all security automations in a resource group. + """Lists all the security automations in the specified resource group. Use + the 'nextLink' property in the response to get the next page of + security automations for the specified resource group. :param resource_group_name: The name of the resource group within the user's subscription. The name is case insensitive. @@ -177,7 +181,7 @@ def internal_paging(next_link=None): def get( self, resource_group_name, automation_name, custom_headers=None, raw=False, **operation_config): - """Get the details of a security automation. + """Retrieves information about the model of a security automation. :param resource_group_name: The name of the resource group within the user's subscription. The name is case insensitive. @@ -239,10 +243,9 @@ def get( def create_or_update( self, resource_group_name, automation_name, automation, custom_headers=None, raw=False, **operation_config): - """Create or update a security automation. If a security automation is - already created and a subsequent create request is issued with - different properties, the security automation properties will be - updated. + """Creates or updates a security automation. If a security automation is + already created and a subsequent request is issued for the same + automation id, then it will be updated. :param resource_group_name: The name of the resource group within the user's subscription. The name is case insensitive. @@ -312,7 +315,7 @@ def create_or_update( def delete( self, resource_group_name, automation_name, custom_headers=None, raw=False, **operation_config): - """Delete a security automation. + """Deletes a security automation. :param resource_group_name: The name of the resource group within the user's subscription. The name is case insensitive. @@ -366,7 +369,7 @@ def delete( def validate( self, resource_group_name, automation_name, automation, custom_headers=None, raw=False, **operation_config): - """Validate the security automation model before create or update. Any + """Validates the security automation model before create or update. Any validation errors are returned to the client. :param resource_group_name: The name of the resource group within the From 017009e102de06b84d01f2d734b9a82e3cd95dea Mon Sep 17 00:00:00 2001 From: Azure SDK Bot Date: Wed, 27 Nov 2019 10:07:58 +0000 Subject: [PATCH 4/6] Generated from fb9c04a74e63ce4e934071390097bbacf79312f6 last alignment of the model to the actual resource model --- .../azure/mgmt/security/models/_models.py | 4 ---- .../azure/mgmt/security/models/_models_py3.py | 6 +----- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py index 452599648b85..efedc8ad696d 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py @@ -1335,8 +1335,6 @@ class AutomationActionWorkspace(AutomationAction): :param workspace_resource_id: The fully qualified Log Analytics Workspace Azure Resource ID. :type workspace_resource_id: str - :param workspace_id: The Log Analytics Workspace ID in a GUID format. - :type workspace_id: str """ _validation = { @@ -1346,13 +1344,11 @@ class AutomationActionWorkspace(AutomationAction): _attribute_map = { 'action_type': {'key': 'actionType', 'type': 'str'}, 'workspace_resource_id': {'key': 'workspaceResourceId', 'type': 'str'}, - 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, } def __init__(self, **kwargs): super(AutomationActionWorkspace, self).__init__(**kwargs) self.workspace_resource_id = kwargs.get('workspace_resource_id', None) - self.workspace_id = kwargs.get('workspace_id', None) self.action_type = 'Workspace' diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py index 1567c8e2270c..f1afb68310a1 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py @@ -1335,8 +1335,6 @@ class AutomationActionWorkspace(AutomationAction): :param workspace_resource_id: The fully qualified Log Analytics Workspace Azure Resource ID. :type workspace_resource_id: str - :param workspace_id: The Log Analytics Workspace ID in a GUID format. - :type workspace_id: str """ _validation = { @@ -1346,13 +1344,11 @@ class AutomationActionWorkspace(AutomationAction): _attribute_map = { 'action_type': {'key': 'actionType', 'type': 'str'}, 'workspace_resource_id': {'key': 'workspaceResourceId', 'type': 'str'}, - 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, } - def __init__(self, *, workspace_resource_id: str=None, workspace_id: str=None, **kwargs) -> None: + def __init__(self, *, workspace_resource_id: str=None, **kwargs) -> None: super(AutomationActionWorkspace, self).__init__(**kwargs) self.workspace_resource_id = workspace_resource_id - self.workspace_id = workspace_id self.action_type = 'Workspace' From 09b4107f8629140b9cdd7a859a6d9aebe6ea237d Mon Sep 17 00:00:00 2001 From: Azure SDK Bot Date: Wed, 27 Nov 2019 13:15:45 +0000 Subject: [PATCH 5/6] Generated from 367ff0b623fa0341af66fd627cd41fa6b19362af align the model, remove the supress rule --- .../azure/mgmt/security/models/__init__.py | 5 --- .../azure/mgmt/security/models/_models.py | 39 +------------------ .../azure/mgmt/security/models/_models_py3.py | 39 +------------------ .../security/models/_security_center_enums.py | 8 ---- 4 files changed, 4 insertions(+), 87 deletions(-) diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py index d4696885f2e1..f3bc298bf748 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py @@ -35,7 +35,6 @@ from ._models_py3 import AutomationActionLogicApp from ._models_py3 import AutomationActionLogicAppInput from ._models_py3 import AutomationActionLogicAppOutput - from ._models_py3 import AutomationActionSecurityEmail from ._models_py3 import AutomationActionWorkspace from ._models_py3 import AutomationMetadata from ._models_py3 import AutomationRuleSet @@ -158,7 +157,6 @@ from ._models import AutomationActionLogicApp from ._models import AutomationActionLogicAppInput from ._models import AutomationActionLogicAppOutput - from ._models import AutomationActionSecurityEmail from ._models import AutomationActionWorkspace from ._models import AutomationMetadata from ._models import AutomationRuleSet @@ -307,7 +305,6 @@ EventSource, PropertyType, Operator, - SubscriptionRbacRoles, ConnectionType, ) @@ -337,7 +334,6 @@ 'AutomationActionLogicApp', 'AutomationActionLogicAppInput', 'AutomationActionLogicAppOutput', - 'AutomationActionSecurityEmail', 'AutomationActionWorkspace', 'AutomationMetadata', 'AutomationRuleSet', @@ -485,6 +481,5 @@ 'EventSource', 'PropertyType', 'Operator', - 'SubscriptionRbacRoles', 'ConnectionType', ] diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py index efedc8ad696d..f934061e986c 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py @@ -1074,7 +1074,7 @@ class AutomationAction(Model): You probably want to use the sub-classes and not this class directly. Known sub-classes are: AutomationActionLogicApp, AutomationActionEventHub, - AutomationActionSecurityEmail, AutomationActionWorkspace + AutomationActionWorkspace All required parameters must be populated in order to send to Azure. @@ -1091,7 +1091,7 @@ class AutomationAction(Model): } _subtype_map = { - 'action_type': {'LogicApp': 'AutomationActionLogicApp', 'EventHub': 'AutomationActionEventHub', 'SecurityEmail': 'AutomationActionSecurityEmail', 'Workspace': 'AutomationActionWorkspace'} + 'action_type': {'LogicApp': 'AutomationActionLogicApp', 'EventHub': 'AutomationActionEventHub', 'Workspace': 'AutomationActionWorkspace'} } def __init__(self, **kwargs): @@ -1285,41 +1285,6 @@ def __init__(self, **kwargs): self.action_type = 'LogicApp' -class AutomationActionSecurityEmail(AutomationAction): - """An action that triggers sending of Security emails. Emails can be sent to - users with specific roles on the subscription (for example, subscription - owners) or to user-provided emails. - - All required parameters must be populated in order to send to Azure. - - :param action_type: Required. Constant filled by server. - :type action_type: str - :param subscription_rbac_roles: A list of user roles which indicate the - relevant users that will receive the event data via email. - :type subscription_rbac_roles: list[str or - ~azure.mgmt.security.models.SubscriptionRbacRoles] - :param email_addresses: A list of email addresses that should receive the - event data. - :type email_addresses: list[str] - """ - - _validation = { - 'action_type': {'required': True}, - } - - _attribute_map = { - 'action_type': {'key': 'actionType', 'type': 'str'}, - 'subscription_rbac_roles': {'key': 'subscriptionRbacRoles', 'type': '[str]'}, - 'email_addresses': {'key': 'emailAddresses', 'type': '[str]'}, - } - - def __init__(self, **kwargs): - super(AutomationActionSecurityEmail, self).__init__(**kwargs) - self.subscription_rbac_roles = kwargs.get('subscription_rbac_roles', None) - self.email_addresses = kwargs.get('email_addresses', None) - self.action_type = 'SecurityEmail' - - class AutomationActionWorkspace(AutomationAction): """The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the 'SecurityAlert' table and the assessments diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py index f1afb68310a1..b28f7247eb42 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py @@ -1074,7 +1074,7 @@ class AutomationAction(Model): You probably want to use the sub-classes and not this class directly. Known sub-classes are: AutomationActionLogicApp, AutomationActionEventHub, - AutomationActionSecurityEmail, AutomationActionWorkspace + AutomationActionWorkspace All required parameters must be populated in order to send to Azure. @@ -1091,7 +1091,7 @@ class AutomationAction(Model): } _subtype_map = { - 'action_type': {'LogicApp': 'AutomationActionLogicApp', 'EventHub': 'AutomationActionEventHub', 'SecurityEmail': 'AutomationActionSecurityEmail', 'Workspace': 'AutomationActionWorkspace'} + 'action_type': {'LogicApp': 'AutomationActionLogicApp', 'EventHub': 'AutomationActionEventHub', 'Workspace': 'AutomationActionWorkspace'} } def __init__(self, **kwargs) -> None: @@ -1285,41 +1285,6 @@ def __init__(self, *, logic_app_resource_id: str=None, **kwargs) -> None: self.action_type = 'LogicApp' -class AutomationActionSecurityEmail(AutomationAction): - """An action that triggers sending of Security emails. Emails can be sent to - users with specific roles on the subscription (for example, subscription - owners) or to user-provided emails. - - All required parameters must be populated in order to send to Azure. - - :param action_type: Required. Constant filled by server. - :type action_type: str - :param subscription_rbac_roles: A list of user roles which indicate the - relevant users that will receive the event data via email. - :type subscription_rbac_roles: list[str or - ~azure.mgmt.security.models.SubscriptionRbacRoles] - :param email_addresses: A list of email addresses that should receive the - event data. - :type email_addresses: list[str] - """ - - _validation = { - 'action_type': {'required': True}, - } - - _attribute_map = { - 'action_type': {'key': 'actionType', 'type': 'str'}, - 'subscription_rbac_roles': {'key': 'subscriptionRbacRoles', 'type': '[str]'}, - 'email_addresses': {'key': 'emailAddresses', 'type': '[str]'}, - } - - def __init__(self, *, subscription_rbac_roles=None, email_addresses=None, **kwargs) -> None: - super(AutomationActionSecurityEmail, self).__init__(**kwargs) - self.subscription_rbac_roles = subscription_rbac_roles - self.email_addresses = email_addresses - self.action_type = 'SecurityEmail' - - class AutomationActionWorkspace(AutomationAction): """The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the 'SecurityAlert' table and the assessments diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py index e5de07bea451..2c0c22d2b47b 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py @@ -203,14 +203,6 @@ class Operator(str, Enum): ends_with = "EndsWith" -class SubscriptionRbacRoles(str, Enum): - - account_admin = "AccountAdmin" - service_admin = "ServiceAdmin" - owner = "Owner" - contributor = "Contributor" - - class ConnectionType(str, Enum): internal = "Internal" From dd463ae51dd5d2ccb82cf4d361eb1dd3889ea6b9 Mon Sep 17 00:00:00 2001 From: Azure SDK Bot Date: Wed, 27 Nov 2019 15:20:48 +0000 Subject: [PATCH 6/6] Generated from 1f466524a515af3122f54ca70863aa4cf1b12b52 refine description of the etag --- .../azure/mgmt/security/models/_models.py | 15 ++++----------- .../azure/mgmt/security/models/_models_py3.py | 15 ++++----------- 2 files changed, 8 insertions(+), 22 deletions(-) diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py index f934061e986c..f9c16f1ed295 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py @@ -958,9 +958,7 @@ class TrackedResource(Model): :param kind: Kind of the resource :type kind: str :param etag: Entity tag is used for comparing two or more entities from - the same requested resource. ETags may be returned for individual - resources, and then sent via If-Match / If-None-Match headers for - concurrency control. + the same requested resource. :type etag: str :param tags: A list of key value pairs that describe the resource. :type tags: dict[str, str] @@ -1011,9 +1009,7 @@ class Automation(TrackedResource): :param kind: Kind of the resource :type kind: str :param etag: Entity tag is used for comparing two or more entities from - the same requested resource. ETags may be returned for individual - resources, and then sent via If-Match / If-None-Match headers for - concurrency control. + the same requested resource. :type etag: str :param tags: A list of key value pairs that describe the resource. :type tags: dict[str, str] @@ -2338,13 +2334,10 @@ def __init__(self, **kwargs): class ETag(Model): """Entity tag is used for comparing two or more entities from the same - requested resource. ETags may be returned for individual resources, and - then sent via If-Match / If-None-Match headers for concurrency control. . + requested resource. :param etag: Entity tag is used for comparing two or more entities from - the same requested resource. ETags may be returned for individual - resources, and then sent via If-Match / If-None-Match headers for - concurrency control. + the same requested resource. :type etag: str """ diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py index b28f7247eb42..4de16c26c6f1 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py @@ -958,9 +958,7 @@ class TrackedResource(Model): :param kind: Kind of the resource :type kind: str :param etag: Entity tag is used for comparing two or more entities from - the same requested resource. ETags may be returned for individual - resources, and then sent via If-Match / If-None-Match headers for - concurrency control. + the same requested resource. :type etag: str :param tags: A list of key value pairs that describe the resource. :type tags: dict[str, str] @@ -1011,9 +1009,7 @@ class Automation(TrackedResource): :param kind: Kind of the resource :type kind: str :param etag: Entity tag is used for comparing two or more entities from - the same requested resource. ETags may be returned for individual - resources, and then sent via If-Match / If-None-Match headers for - concurrency control. + the same requested resource. :type etag: str :param tags: A list of key value pairs that describe the resource. :type tags: dict[str, str] @@ -2338,13 +2334,10 @@ def __init__(self, *, security_family, offer: str, publisher: str, sku: str, **k class ETag(Model): """Entity tag is used for comparing two or more entities from the same - requested resource. ETags may be returned for individual resources, and - then sent via If-Match / If-None-Match headers for concurrency control. . + requested resource. :param etag: Entity tag is used for comparing two or more entities from - the same requested resource. ETags may be returned for individual - resources, and then sent via If-Match / If-None-Match headers for - concurrency control. + the same requested resource. :type etag: str """