diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py index 932778ae90fd..78a6b7ff4b48 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py @@ -43,6 +43,7 @@ from .operations import ServerVulnerabilityAssessmentOperations from .operations import SubAssessmentsOperations from .operations import AutomationsOperations +from .operations import AssessmentsOperations from . import models @@ -112,6 +113,8 @@ class SecurityCenter(SDKClient): :vartype sub_assessments: azure.mgmt.security.operations.SubAssessmentsOperations :ivar automations: Automations operations :vartype automations: azure.mgmt.security.operations.AutomationsOperations + :ivar assessments: Assessments operations + :vartype assessments: azure.mgmt.security.operations.AssessmentsOperations :param credentials: Credentials needed for the client to connect to Azure. :type credentials: :mod:`A msrestazure Credentials @@ -194,3 +197,5 @@ def __init__( self._client, self.config, self._serialize, self._deserialize) self.automations = AutomationsOperations( self._client, self.config, self._serialize, self._deserialize) + self.assessments = AssessmentsOperations( + self._client, self.config, self._serialize, self._deserialize) diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py index f3bc298bf748..4227e97712ce 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py @@ -25,6 +25,8 @@ from ._models_py3 import AppWhitelistingIssueSummary from ._models_py3 import AppWhitelistingPutGroupData from ._models_py3 import AscLocation + from ._models_py3 import AssessmentLinks + from ._models_py3 import AssessmentStatus from ._models_py3 import AtaExternalSecuritySolution from ._models_py3 import AtaSolutionProperties from ._models_py3 import Automation @@ -43,7 +45,6 @@ from ._models_py3 import AutomationTriggeringRule from ._models_py3 import AutomationValidationStatus from ._models_py3 import AutoProvisioningSetting - from ._models_py3 import AwsResourceDetails from ._models_py3 import AzureResourceDetails from ._models_py3 import CefExternalSecuritySolution from ._models_py3 import CefSolutionProperties @@ -91,6 +92,7 @@ from ._models_py3 import Kind from ._models_py3 import ListCustomAlertRule from ._models_py3 import Location + from ._models_py3 import OnPremiseResourceDetails from ._models_py3 import Operation from ._models_py3 import OperationDisplay from ._models_py3 import PathRecommendation @@ -104,6 +106,7 @@ from ._models_py3 import RegulatoryComplianceStandard from ._models_py3 import Resource from ._models_py3 import ResourceDetails + from ._models_py3 import SecurityAssessment from ._models_py3 import SecurityContact from ._models_py3 import SecuritySubAssessment from ._models_py3 import SecurityTask @@ -147,6 +150,8 @@ from ._models import AppWhitelistingIssueSummary from ._models import AppWhitelistingPutGroupData from ._models import AscLocation + from ._models import AssessmentLinks + from ._models import AssessmentStatus from ._models import AtaExternalSecuritySolution from ._models import AtaSolutionProperties from ._models import Automation @@ -165,7 +170,6 @@ from ._models import AutomationTriggeringRule from ._models import AutomationValidationStatus from ._models import AutoProvisioningSetting - from ._models import AwsResourceDetails from ._models import AzureResourceDetails from ._models import CefExternalSecuritySolution from ._models import CefSolutionProperties @@ -213,6 +217,7 @@ from ._models import Kind from ._models import ListCustomAlertRule from ._models import Location + from ._models import OnPremiseResourceDetails from ._models import Operation from ._models import OperationDisplay from ._models import PathRecommendation @@ -226,6 +231,7 @@ from ._models import RegulatoryComplianceStandard from ._models import Resource from ._models import ResourceDetails + from ._models import SecurityAssessment from ._models import SecurityContact from ._models import SecuritySubAssessment from ._models import SecurityTask @@ -272,6 +278,7 @@ from ._paged_models import RegulatoryComplianceAssessmentPaged from ._paged_models import RegulatoryComplianceControlPaged from ._paged_models import RegulatoryComplianceStandardPaged +from ._paged_models import SecurityAssessmentPaged from ._paged_models import SecurityContactPaged from ._paged_models import SecuritySubAssessmentPaged from ._paged_models import SecurityTaskPaged @@ -305,7 +312,9 @@ EventSource, PropertyType, Operator, + AssessmentStatusCode, ConnectionType, + ExpandEnum, ) __all__ = [ @@ -324,6 +333,8 @@ 'AppWhitelistingIssueSummary', 'AppWhitelistingPutGroupData', 'AscLocation', + 'AssessmentLinks', + 'AssessmentStatus', 'AtaExternalSecuritySolution', 'AtaSolutionProperties', 'Automation', @@ -342,7 +353,6 @@ 'AutomationTriggeringRule', 'AutomationValidationStatus', 'AutoProvisioningSetting', - 'AwsResourceDetails', 'AzureResourceDetails', 'CefExternalSecuritySolution', 'CefSolutionProperties', @@ -390,6 +400,7 @@ 'Kind', 'ListCustomAlertRule', 'Location', + 'OnPremiseResourceDetails', 'Operation', 'OperationDisplay', 'PathRecommendation', @@ -403,6 +414,7 @@ 'RegulatoryComplianceStandard', 'Resource', 'ResourceDetails', + 'SecurityAssessment', 'SecurityContact', 'SecuritySubAssessment', 'SecurityTask', @@ -455,6 +467,7 @@ 'RegulatoryComplianceAssessmentPaged', 'SecuritySubAssessmentPaged', 'AutomationPaged', + 'SecurityAssessmentPaged', 'ResourceStatus', 'PricingTier', 'ReportedSeverity', @@ -481,5 +494,7 @@ 'EventSource', 'PropertyType', 'Operator', + 'AssessmentStatusCode', 'ConnectionType', + 'ExpandEnum', ] diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py index f9c16f1ed295..eab3316f878b 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py @@ -838,6 +838,60 @@ def __init__(self, **kwargs): self.properties = kwargs.get('properties', None) +class AssessmentLinks(Model): + """Links relevant to the assessment. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar azure_portal: Link to assessment in Azure Portal + :vartype azure_portal: str + """ + + _validation = { + 'azure_portal': {'readonly': True}, + } + + _attribute_map = { + 'azure_portal': {'key': 'azurePortal', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AssessmentLinks, self).__init__(**kwargs) + self.azure_portal = None + + +class AssessmentStatus(Model): + """The result of the assessment. + + All required parameters must be populated in order to send to Azure. + + :param code: Required. Programmatic code for the status of the assessment. + Possible values include: 'Healthy', 'Unhealthy', 'NotApplicable' + :type code: str or ~azure.mgmt.security.models.AssessmentStatusCode + :param cause: Programmatic code for the cause of the assessment status + :type cause: str + :param description: Human readable description of the assessment status + :type description: str + """ + + _validation = { + 'code': {'required': True}, + } + + _attribute_map = { + 'code': {'key': 'code', 'type': 'str'}, + 'cause': {'key': 'cause', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AssessmentStatus, self).__init__(**kwargs) + self.code = kwargs.get('code', None) + self.cause = kwargs.get('cause', None) + self.description = kwargs.get('description', None) + + class AtaExternalSecuritySolution(ExternalSecuritySolution): """Represents an ATA security solution which sends logs to an OMS workspace. @@ -1516,7 +1570,7 @@ class ResourceDetails(Model): """Details of the resource that was assessed. You probably want to use the sub-classes and not this class directly. Known - sub-classes are: AzureResourceDetails, AwsResourceDetails + sub-classes are: OnPremiseResourceDetails, AzureResourceDetails All required parameters must be populated in order to send to Azure. @@ -1533,7 +1587,7 @@ class ResourceDetails(Model): } _subtype_map = { - 'source': {'Azure': 'AzureResourceDetails', 'Aws': 'AwsResourceDetails'} + 'source': {'OnPremise': 'OnPremiseResourceDetails', 'Azure': 'AzureResourceDetails'} } def __init__(self, **kwargs): @@ -1541,58 +1595,20 @@ def __init__(self, **kwargs): self.source = None -class AwsResourceDetails(ResourceDetails): - """Details of the resource that was assessed. - - Variables are only populated by the server, and will be ignored when - sending a request. - - All required parameters must be populated in order to send to Azure. - - :param source: Required. Constant filled by server. - :type source: str - :ivar account_id: AWS account ID - :vartype account_id: str - :ivar aws_resource_id: AWS resource ID. can be ARN or other - :vartype aws_resource_id: str - """ - - _validation = { - 'source': {'required': True}, - 'account_id': {'readonly': True}, - 'aws_resource_id': {'readonly': True}, - } - - _attribute_map = { - 'source': {'key': 'source', 'type': 'str'}, - 'account_id': {'key': 'accountId', 'type': 'str'}, - 'aws_resource_id': {'key': 'awsResourceId', 'type': 'str'}, - } - - def __init__(self, **kwargs): - super(AwsResourceDetails, self).__init__(**kwargs) - self.account_id = None - self.aws_resource_id = None - self.source = 'Aws' - - class AzureResourceDetails(ResourceDetails): - """Details of the resource that was assessed. - - Variables are only populated by the server, and will be ignored when - sending a request. + """Details of the Azure resource that was assessed. All required parameters must be populated in order to send to Azure. :param source: Required. Constant filled by server. :type source: str - :ivar id: Azure resource ID of the assessed resource - :vartype id: str + :param id: Required. Azure resource Id of the assessed resource + :type id: str """ _validation = { 'source': {'required': True}, - 'id': {'readonly': True}, + 'id': {'required': True}, } _attribute_map = { @@ -1602,7 +1618,7 @@ class AzureResourceDetails(ResourceDetails): def __init__(self, **kwargs): super(AzureResourceDetails, self).__init__(**kwargs) - self.id = None + self.id = kwargs.get('id', None) self.source = 'Azure' @@ -3445,6 +3461,50 @@ def __init__(self, **kwargs): self.location = None +class OnPremiseResourceDetails(ResourceDetails): + """Details of the On Premise resource that was assessed. + + All required parameters must be populated in order to send to Azure. + + :param source: Required. Constant filled by server. + :type source: str + :param workspace_id: Required. Azure resource Id of the workspace the + machine is attached to + :type workspace_id: str + :param vmuuid: Required. The unique Id of the machine + :type vmuuid: str + :param source_computer_id: Required. The oms agent Id installed on the + machine + :type source_computer_id: str + :param machine_name: Required. The name of the machine + :type machine_name: str + """ + + _validation = { + 'source': {'required': True}, + 'workspace_id': {'required': True}, + 'vmuuid': {'required': True}, + 'source_computer_id': {'required': True}, + 'machine_name': {'required': True}, + } + + _attribute_map = { + 'source': {'key': 'source', 'type': 'str'}, + 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, + 'vmuuid': {'key': 'vmuuid', 'type': 'str'}, + 'source_computer_id': {'key': 'sourceComputerId', 'type': 'str'}, + 'machine_name': {'key': 'machineName', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(OnPremiseResourceDetails, self).__init__(**kwargs) + self.workspace_id = kwargs.get('workspace_id', None) + self.vmuuid = kwargs.get('vmuuid', None) + self.source_computer_id = kwargs.get('source_computer_id', None) + self.machine_name = kwargs.get('machine_name', None) + self.source = 'OnPremise' + + class Operation(Model): """Possible operation in the REST API of Microsoft.Security. @@ -3944,6 +4004,61 @@ def __init__(self, **kwargs): self.unsupported_controls = None +class SecurityAssessment(Resource): + """Security assessment on a resource. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource Id + :vartype id: str + :ivar name: Resource name + :vartype name: str + :ivar type: Resource type + :vartype type: str + :param resource_details: Required. + :type resource_details: ~azure.mgmt.security.models.ResourceDetails + :ivar display_name: User friendly display name of the assessment + :vartype display_name: str + :param status: Required. + :type status: ~azure.mgmt.security.models.AssessmentStatus + :param additional_data: Additional data regarding the assessment + :type additional_data: dict[str, str] + :param links: + :type links: ~azure.mgmt.security.models.AssessmentLinks + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'resource_details': {'required': True}, + 'display_name': {'readonly': True}, + 'status': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'resource_details': {'key': 'properties.resourceDetails', 'type': 'ResourceDetails'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'status': {'key': 'properties.status', 'type': 'AssessmentStatus'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{str}'}, + 'links': {'key': 'properties.links', 'type': 'AssessmentLinks'}, + } + + def __init__(self, **kwargs): + super(SecurityAssessment, self).__init__(**kwargs) + self.resource_details = kwargs.get('resource_details', None) + self.display_name = None + self.status = kwargs.get('status', None) + self.additional_data = kwargs.get('additional_data', None) + self.links = kwargs.get('links', None) + + class SecurityContact(Resource): """Contact details for security issues. diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py index 4de16c26c6f1..87f0f88cfea1 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py @@ -838,6 +838,60 @@ def __init__(self, *, properties=None, **kwargs) -> None: self.properties = properties +class AssessmentLinks(Model): + """Links relevant to the assessment. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar azure_portal: Link to assessment in Azure Portal + :vartype azure_portal: str + """ + + _validation = { + 'azure_portal': {'readonly': True}, + } + + _attribute_map = { + 'azure_portal': {'key': 'azurePortal', 'type': 'str'}, + } + + def __init__(self, **kwargs) -> None: + super(AssessmentLinks, self).__init__(**kwargs) + self.azure_portal = None + + +class AssessmentStatus(Model): + """The result of the assessment. + + All required parameters must be populated in order to send to Azure. + + :param code: Required. Programmatic code for the status of the assessment. + Possible values include: 'Healthy', 'Unhealthy', 'NotApplicable' + :type code: str or ~azure.mgmt.security.models.AssessmentStatusCode + :param cause: Programmatic code for the cause of the assessment status + :type cause: str + :param description: Human readable description of the assessment status + :type description: str + """ + + _validation = { + 'code': {'required': True}, + } + + _attribute_map = { + 'code': {'key': 'code', 'type': 'str'}, + 'cause': {'key': 'cause', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + } + + def __init__(self, *, code, cause: str=None, description: str=None, **kwargs) -> None: + super(AssessmentStatus, self).__init__(**kwargs) + self.code = code + self.cause = cause + self.description = description + + class AtaExternalSecuritySolution(ExternalSecuritySolution): """Represents an ATA security solution which sends logs to an OMS workspace. @@ -1516,7 +1570,7 @@ class ResourceDetails(Model): """Details of the resource that was assessed. You probably want to use the sub-classes and not this class directly. Known - sub-classes are: AzureResourceDetails, AwsResourceDetails + sub-classes are: OnPremiseResourceDetails, AzureResourceDetails All required parameters must be populated in order to send to Azure. @@ -1533,7 +1587,7 @@ class ResourceDetails(Model): } _subtype_map = { - 'source': {'Azure': 'AzureResourceDetails', 'Aws': 'AwsResourceDetails'} + 'source': {'OnPremise': 'OnPremiseResourceDetails', 'Azure': 'AzureResourceDetails'} } def __init__(self, **kwargs) -> None: @@ -1541,58 +1595,20 @@ def __init__(self, **kwargs) -> None: self.source = None -class AwsResourceDetails(ResourceDetails): - """Details of the resource that was assessed. - - Variables are only populated by the server, and will be ignored when - sending a request. - - All required parameters must be populated in order to send to Azure. - - :param source: Required. Constant filled by server. - :type source: str - :ivar account_id: AWS account ID - :vartype account_id: str - :ivar aws_resource_id: AWS resource ID. can be ARN or other - :vartype aws_resource_id: str - """ - - _validation = { - 'source': {'required': True}, - 'account_id': {'readonly': True}, - 'aws_resource_id': {'readonly': True}, - } - - _attribute_map = { - 'source': {'key': 'source', 'type': 'str'}, - 'account_id': {'key': 'accountId', 'type': 'str'}, - 'aws_resource_id': {'key': 'awsResourceId', 'type': 'str'}, - } - - def __init__(self, **kwargs) -> None: - super(AwsResourceDetails, self).__init__(**kwargs) - self.account_id = None - self.aws_resource_id = None - self.source = 'Aws' - - class AzureResourceDetails(ResourceDetails): - """Details of the resource that was assessed. - - Variables are only populated by the server, and will be ignored when - sending a request. + """Details of the Azure resource that was assessed. All required parameters must be populated in order to send to Azure. :param source: Required. Constant filled by server. :type source: str - :ivar id: Azure resource ID of the assessed resource - :vartype id: str + :param id: Required. Azure resource Id of the assessed resource + :type id: str """ _validation = { 'source': {'required': True}, - 'id': {'readonly': True}, + 'id': {'required': True}, } _attribute_map = { @@ -1600,9 +1616,9 @@ class AzureResourceDetails(ResourceDetails): 'id': {'key': 'id', 'type': 'str'}, } - def __init__(self, **kwargs) -> None: + def __init__(self, *, id: str, **kwargs) -> None: super(AzureResourceDetails, self).__init__(**kwargs) - self.id = None + self.id = id self.source = 'Azure' @@ -3445,6 +3461,50 @@ def __init__(self, **kwargs) -> None: self.location = None +class OnPremiseResourceDetails(ResourceDetails): + """Details of the On Premise resource that was assessed. + + All required parameters must be populated in order to send to Azure. + + :param source: Required. Constant filled by server. + :type source: str + :param workspace_id: Required. Azure resource Id of the workspace the + machine is attached to + :type workspace_id: str + :param vmuuid: Required. The unique Id of the machine + :type vmuuid: str + :param source_computer_id: Required. The oms agent Id installed on the + machine + :type source_computer_id: str + :param machine_name: Required. The name of the machine + :type machine_name: str + """ + + _validation = { + 'source': {'required': True}, + 'workspace_id': {'required': True}, + 'vmuuid': {'required': True}, + 'source_computer_id': {'required': True}, + 'machine_name': {'required': True}, + } + + _attribute_map = { + 'source': {'key': 'source', 'type': 'str'}, + 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, + 'vmuuid': {'key': 'vmuuid', 'type': 'str'}, + 'source_computer_id': {'key': 'sourceComputerId', 'type': 'str'}, + 'machine_name': {'key': 'machineName', 'type': 'str'}, + } + + def __init__(self, *, workspace_id: str, vmuuid: str, source_computer_id: str, machine_name: str, **kwargs) -> None: + super(OnPremiseResourceDetails, self).__init__(**kwargs) + self.workspace_id = workspace_id + self.vmuuid = vmuuid + self.source_computer_id = source_computer_id + self.machine_name = machine_name + self.source = 'OnPremise' + + class Operation(Model): """Possible operation in the REST API of Microsoft.Security. @@ -3944,6 +4004,61 @@ def __init__(self, *, state=None, **kwargs) -> None: self.unsupported_controls = None +class SecurityAssessment(Resource): + """Security assessment on a resource. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource Id + :vartype id: str + :ivar name: Resource name + :vartype name: str + :ivar type: Resource type + :vartype type: str + :param resource_details: Required. + :type resource_details: ~azure.mgmt.security.models.ResourceDetails + :ivar display_name: User friendly display name of the assessment + :vartype display_name: str + :param status: Required. + :type status: ~azure.mgmt.security.models.AssessmentStatus + :param additional_data: Additional data regarding the assessment + :type additional_data: dict[str, str] + :param links: + :type links: ~azure.mgmt.security.models.AssessmentLinks + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'resource_details': {'required': True}, + 'display_name': {'readonly': True}, + 'status': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'resource_details': {'key': 'properties.resourceDetails', 'type': 'ResourceDetails'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'status': {'key': 'properties.status', 'type': 'AssessmentStatus'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{str}'}, + 'links': {'key': 'properties.links', 'type': 'AssessmentLinks'}, + } + + def __init__(self, *, resource_details, status, additional_data=None, links=None, **kwargs) -> None: + super(SecurityAssessment, self).__init__(**kwargs) + self.resource_details = resource_details + self.display_name = None + self.status = status + self.additional_data = additional_data + self.links = links + + class SecurityContact(Resource): """Contact details for security issues. diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_paged_models.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_paged_models.py index 41a6d0fac11c..6df746f53cbd 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_paged_models.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_paged_models.py @@ -337,3 +337,16 @@ class AutomationPaged(Paged): def __init__(self, *args, **kwargs): super(AutomationPaged, self).__init__(*args, **kwargs) +class SecurityAssessmentPaged(Paged): + """ + A paging container for iterating over a list of :class:`SecurityAssessment ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[SecurityAssessment]'} + } + + def __init__(self, *args, **kwargs): + + super(SecurityAssessmentPaged, self).__init__(*args, **kwargs) diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py index 2c0c22d2b47b..1f4e38bd009a 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py @@ -203,7 +203,20 @@ class Operator(str, Enum): ends_with = "EndsWith" +class AssessmentStatusCode(str, Enum): + + healthy = "Healthy" #: The resource is healthy + unhealthy = "Unhealthy" #: The resource has a security issue that needs to be addressed + not_applicable = "NotApplicable" #: Assessment for this resource did not happen + + class ConnectionType(str, Enum): internal = "Internal" external = "External" + + +class ExpandEnum(str, Enum): + + links = "links" #: All links associated with an assessment + metadata = "metadata" #: Assessment metadata diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py index 15d69b017b72..9cdcac1698b2 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py @@ -39,6 +39,7 @@ from ._server_vulnerability_assessment_operations import ServerVulnerabilityAssessmentOperations from ._sub_assessments_operations import SubAssessmentsOperations from ._automations_operations import AutomationsOperations +from ._assessments_operations import AssessmentsOperations __all__ = [ 'ComplianceResultsOperations', @@ -71,4 +72,5 @@ 'ServerVulnerabilityAssessmentOperations', 'SubAssessmentsOperations', 'AutomationsOperations', + 'AssessmentsOperations', ] diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_operations.py new file mode 100644 index 000000000000..0c439a636679 --- /dev/null +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_operations.py @@ -0,0 +1,301 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class AssessmentsOperations(object): + """AssessmentsOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, scope, custom_headers=None, raw=False, **operation_config): + """Get security assessments on all your scanned resources inside a scope. + + :param scope: Scope of the query, can be subscription + (/subscriptions/0b06d9ea-afe6-4779-bd59-30e5c2d9d13f) or management + group (/providers/Microsoft.Management/managementGroups/mgName). + :type scope: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of SecurityAssessment + :rtype: + ~azure.mgmt.security.models.SecurityAssessmentPaged[~azure.mgmt.security.models.SecurityAssessment] + :raises: :class:`CloudError` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'scope': self._serialize.url("scope", scope, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.SecurityAssessmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list.metadata = {'url': '/{scope}/providers/Microsoft.Security/assessments'} + + def get( + self, resource_id, assessment_name, expand=None, custom_headers=None, raw=False, **operation_config): + """Get a security assessment on your scanned resource. + + :param resource_id: The identifier of the resource. + :type resource_id: str + :param assessment_name: The Assessment Key - Unique key for the + assessment type + :type assessment_name: str + :param expand: OData expand. Optional. Possible values include: + 'links', 'metadata' + :type expand: str or ~azure.mgmt.security.models.ExpandEnum + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: SecurityAssessment or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.security.models.SecurityAssessment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'resourceId': self._serialize.url("resource_id", resource_id, 'str'), + 'assessmentName': self._serialize.url("assessment_name", assessment_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + if expand is not None: + query_parameters['$expand'] = self._serialize.query("expand", expand, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('SecurityAssessment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}'} + + def create( + self, resource_id, assessment_name, body, custom_headers=None, raw=False, **operation_config): + """Create a security assessment on your resource. An assessment metadata + that describes this assessment must be predefined with the same name + before inserting the assessment result. + + :param resource_id: The identifier of the resource. + :type resource_id: str + :param assessment_name: The Assessment Key - Unique key for the + assessment type + :type assessment_name: str + :param body: Calculated assessment on a pre-defined assessment + metadata + :type body: ~azure.mgmt.security.models.SecurityAssessment + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: SecurityAssessment or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.security.models.SecurityAssessment or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create.metadata['url'] + path_format_arguments = { + 'resourceId': self._serialize.url("resource_id", resource_id, 'str'), + 'assessmentName': self._serialize.url("assessment_name", assessment_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(body, 'SecurityAssessment') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('SecurityAssessment', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create.metadata = {'url': '/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}'} + + def delete( + self, resource_id, assessment_name, custom_headers=None, raw=False, **operation_config): + """Delete a security assessment on your resource. An assessment metadata + that describes this assessment must be predefined with the same name + before inserting the assessment result. + + :param resource_id: The identifier of the resource. + :type resource_id: str + :param assessment_name: The Assessment Key - Unique key for the + assessment type + :type assessment_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'resourceId': self._serialize.url("resource_id", resource_id, 'str'), + 'assessmentName': self._serialize.url("assessment_name", assessment_name, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 204]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}'}