From 1b2bbd15c03b1e164c569fec9c18ea7b41b4240b Mon Sep 17 00:00:00 2001 From: SDKAuto Date: Fri, 25 Apr 2025 23:13:41 +0000 Subject: [PATCH] CodeGen from PR 34261 in Azure/azure-rest-api-specs Merge b5a5db48cf7d058805983ce1fc3344f491256fe7 into 91c6b2357c03f2d2f86b278ae459b3c3361d0915 --- .../armsecurityinsights/CHANGELOG.md | 473 + .../armsecurityinsights/actions_client.go | 29 +- .../actions_client_example_test.go | 140 - .../armsecurityinsights/alertrule_client.go | 127 + .../armsecurityinsights/alertrules_client.go | 29 +- .../alertrules_client_example_test.go | 2249 -- .../alertruletemplates_client.go | 17 +- .../alertruletemplates_client_example_test.go | 297 - .../automationrules_client.go | 27 +- .../automationrules_client_example_test.go | 304 - .../armsecurityinsights/autorest.md | 7 +- .../billingstatistics_client.go | 175 + .../armsecurityinsights/bookmark_client.go | 11 +- .../bookmark_client_example_test.go | 68 - .../bookmarkrelations_client.go | 27 +- .../bookmarkrelations_client_example_test.go | 145 - .../armsecurityinsights/bookmarks_client.go | 29 +- .../bookmarks_client_example_test.go | 270 - .../businessapplicationagent_client.go | 111 + .../businessapplicationagents_client.go | 248 + .../armsecurityinsights/client.go | 187 + .../armsecurityinsights/client_factory.go | 259 +- .../armsecurityinsights/constants.go | 1107 +- .../contentpackage_client.go | 174 + .../contentpackages_client.go | 197 + .../contenttemplate_client.go | 244 + .../contenttemplates_client.go | 133 + .../dataconnectordefinitions_client.go | 310 + .../dataconnectors_client.go | 41 +- .../dataconnectors_client_example_test.go | 2500 -- .../dataconnectorscheckrequirements_client.go | 11 +- ...rscheckrequirements_client_example_test.go | 483 - .../armsecurityinsights/date_type.go | 3 - .../domainwhois_client_example_test.go | 99 - .../armsecurityinsights/entities_client.go | 147 +- .../entities_client_example_test.go | 1442 -- .../entitiesgettimeline_client.go | 11 +- ...entitiesgettimeline_client_example_test.go | 113 - .../entitiesrelations_client.go | 9 +- .../entitiesrelations_client_example_test.go | 61 - .../entityqueries_client.go | 27 +- .../entityqueries_client_example_test.go | 276 - .../entityquerytemplates_client.go | 15 +- ...ntityquerytemplates_client_example_test.go | 180 - .../entityrelations_client.go | 11 +- .../entityrelations_client_example_test.go | 49 - .../fake/actions_server.go | 64 +- .../fake/alertrule_server.go | 145 + .../fake/alertrules_server.go | 64 +- .../fake/alertruletemplates_server.go | 56 +- .../fake/automationrules_server.go | 64 +- .../fake/billingstatistics_server.go | 178 + .../fake/bookmark_server.go | 52 +- .../fake/bookmarkrelations_server.go | 64 +- .../fake/bookmarks_server.go | 64 +- .../fake/businessapplicationagent_server.go | 126 + .../fake/businessapplicationagents_server.go | 250 + .../fake/contentpackage_server.go | 173 + .../fake/contentpackages_server.go | 248 + .../fake/contenttemplate_server.go | 216 + .../fake/contenttemplates_server.go | 210 + .../fake/dataconnectordefinitions_server.go | 272 + .../fake/dataconnectors_server.go | 72 +- .../dataconnectorscheckrequirements_server.go | 52 +- .../armsecurityinsights/fake/date_type.go | 58 - .../fake/domainwhois_server.go | 101 - .../fake/entities_server.go | 177 +- .../fake/entitiesgettimeline_server.go | 52 +- .../fake/entitiesrelations_server.go | 52 +- .../fake/entityqueries_server.go | 66 +- .../fake/entityquerytemplates_server.go | 58 +- .../fake/entityrelations_server.go | 52 +- .../fake/fileimports_server.go | 76 +- .../armsecurityinsights/fake/get_server.go | 126 + .../fake/getrecommendations_server.go | 134 + .../gettriggeredanalyticsruleruns_server.go | 134 + .../fake/huntcomments_server.go | 324 + .../fake/huntrelations_server.go | 324 + .../armsecurityinsights/fake/hunts_server.go | 308 + .../fake/incidentcomments_server.go | 64 +- .../fake/incidentrelations_server.go | 64 +- .../fake/incidents_server.go | 127 +- .../fake/incidenttasks_server.go | 284 + .../armsecurityinsights/fake/internal.go | 8 +- .../fake/ipgeodata_server.go | 101 - .../fake/metadata_server.go | 68 +- .../fake/officeconsents_server.go | 60 +- .../fake/operations_server.go | 52 +- .../fake/polymorphic_helpers.go | 36 +- .../fake/productpackage_server.go | 126 + .../fake/productpackages_server.go | 180 + .../fake/productsettings_server.go | 141 +- .../fake/producttemplate_server.go | 126 + .../fake/producttemplates_server.go | 204 + .../fake/reevaluate_server.go | 126 + .../securitymlanalyticssettings_server.go | 64 +- .../fake/sentinelonboardingstates_server.go | 64 +- .../armsecurityinsights/fake/server.go | 189 + .../fake/server_factory.go | 401 +- .../fake/sourcecontrol_server.go | 56 +- .../fake/sourcecontrols_server.go | 82 +- .../fake/systems_server.go | 480 + .../fake/threatintelligence_server.go | 215 + .../threatintelligenceindicator_server.go | 76 +- ...reatintelligenceindicatormetrics_server.go | 52 +- .../threatintelligenceindicators_server.go | 66 +- .../armsecurityinsights/fake/time_rfc3339.go | 110 - .../fake/triggeredanalyticsrulerun_server.go | 126 + .../armsecurityinsights/fake/update_server.go | 130 + .../fake/watchlistitems_server.go | 70 +- .../fake/watchlists_server.go | 230 +- .../workspacemanagerassignmentjobs_server.go | 310 + .../workspacemanagerassignments_server.go | 302 + .../workspacemanagerconfigurations_server.go | 302 + .../fake/workspacemanagergroups_server.go | 302 + .../fake/workspacemanagermembers_server.go | 302 + .../armsecurityinsights/fileimports_client.go | 31 +- .../fileimports_client_example_test.go | 167 - .../armsecurityinsights/get_client.go | 111 + .../getrecommendations_client.go | 106 + .../gettriggeredanalyticsruleruns_client.go | 106 + .../armsecurityinsights/go.mod | 12 +- .../armsecurityinsights/go.sum | 29 - .../huntcomments_client.go | 340 + .../huntrelations_client.go | 340 + .../armsecurityinsights/hunts_client.go | 319 + .../incidentcomments_client.go | 27 +- .../incidentcomments_client_example_test.go | 163 - .../incidentrelations_client.go | 27 +- .../incidentrelations_client_example_test.go | 157 - .../armsecurityinsights/incidents_client.go | 122 +- .../incidents_client_example_test.go | 495 - .../incidenttasks_client.go | 327 + .../armsecurityinsights/interfaces.go | 90 +- .../ipgeodata_client_example_test.go | 56 - .../armsecurityinsights/metadata_client.go | 33 +- .../metadata_client_example_test.go | 541 - .../armsecurityinsights/models.go | 3964 ++- .../armsecurityinsights/models_serde.go | 19882 ++++++++++------ .../officeconsents_client.go | 23 +- .../officeconsents_client_example_test.go | 101 - .../armsecurityinsights/operations_client.go | 9 +- .../operations_client_example_test.go | 596 - .../armsecurityinsights/options.go | 629 +- .../polymorphic_helpers.go | 335 +- ...ata_client.go => productpackage_client.go} | 61 +- .../productpackages_client.go | 124 + .../productsettings_client.go | 78 +- .../productsettings_client_example_test.go | 135 - ...is_client.go => producttemplate_client.go} | 61 +- .../producttemplates_client.go | 128 + .../armsecurityinsights/reevaluate_client.go | 111 + .../armsecurityinsights/responses.go | 646 +- .../armsecurityinsights/responses_serde.go | 206 + .../securitymlanalyticssettings_client.go | 29 +- ...mlanalyticssettings_client_example_test.go | 399 - .../sentinelonboardingstates_client.go | 27 +- ...nelonboardingstates_client_example_test.go | 128 - .../sourcecontrol_client.go | 19 +- .../sourcecontrol_client_example_test.go | 53 - .../sourcecontrols_client.go | 55 +- .../sourcecontrols_client_example_test.go | 305 - .../armsecurityinsights/systems_client.go | 549 + .../threatintelligence_client.go | 193 + .../threatintelligenceindicator_client.go | 47 +- ...telligenceindicator_client_example_test.go | 438 - ...reatintelligenceindicatormetrics_client.go | 11 +- ...nceindicatormetrics_client_example_test.go | 65 - .../threatintelligenceindicators_client.go | 9 +- ...elligenceindicators_client_example_test.go | 112 - .../armsecurityinsights/time_rfc3339.go | 6 +- .../triggeredanalyticsrulerun_client.go | 111 + .../armsecurityinsights/update_client.go | 114 + .../watchlistitems_client.go | 27 +- .../watchlistitems_client_example_test.go | 213 - .../armsecurityinsights/watchlists_client.go | 131 +- .../watchlists_client_example_test.go | 279 - .../workspacemanagerassignmentjobs_client.go | 331 + .../workspacemanagerassignments_client.go | 320 + .../workspacemanagerconfigurations_client.go | 320 + .../workspacemanagergroups_client.go | 320 + .../workspacemanagermembers_client.go | 320 + 182 files changed, 35995 insertions(+), 22604 deletions(-) delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client_example_test.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/alertrule_client.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client_example_test.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/billingstatistics_client.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client_example_test.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/businessapplicationagent_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/businessapplicationagents_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackage_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackages_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplate_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplates_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectordefinitions_client.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/domainwhois_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client_example_test.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrule_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/billingstatistics_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/businessapplicationagent_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/businessapplicationagents_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackage_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackages_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplate_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplates_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectordefinitions_server.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/date_type.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/domainwhois_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/get_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/getrecommendations_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/gettriggeredanalyticsruleruns_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntcomments_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntrelations_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/hunts_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidenttasks_server.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/ipgeodata_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackage_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackages_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplate_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplates_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/reevaluate_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/systems_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligence_server.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/time_rfc3339.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/triggeredanalyticsrulerun_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/update_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignmentjobs_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignments_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerconfigurations_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagergroups_server.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagermembers_server.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client_example_test.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/get_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/getrecommendations_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/gettriggeredanalyticsruleruns_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/huntcomments_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/huntrelations_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/hunts_client.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client_example_test.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/incidenttasks_client.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/ipgeodata_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client_example_test.go rename sdk/resourcemanager/securityinsights/armsecurityinsights/{ipgeodata_client.go => productpackage_client.go} (51%) create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/productpackages_client.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client_example_test.go rename sdk/resourcemanager/securityinsights/armsecurityinsights/{domainwhois_client.go => producttemplate_client.go} (50%) create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplates_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/reevaluate_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/responses_serde.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client_example_test.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/systems_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligence_client.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client_example_test.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/triggeredanalyticsrulerun_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/update_client.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client_example_test.go delete mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client_example_test.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignmentjobs_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignments_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerconfigurations_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagergroups_client.go create mode 100644 sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagermembers_client.go diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/CHANGELOG.md b/sdk/resourcemanager/securityinsights/armsecurityinsights/CHANGELOG.md index cd2202f6620c..a9358ca135e3 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/CHANGELOG.md +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/CHANGELOG.md @@ -1,5 +1,478 @@ # Release History +## 2.0.0-beta.5 (2025-04-25) +### Breaking Changes + +- Function `*SourceControlClient.NewListRepositoriesPager` parameter(s) have been changed from `(string, string, RepoType, *SourceControlClientListRepositoriesOptions)` to `(string, string, RepositoryAccessProperties, *SourceControlClientListRepositoriesOptions)` +- Function `*SourceControlsClient.Delete` parameter(s) have been changed from `(context.Context, string, string, string, *SourceControlsClientDeleteOptions)` to `(context.Context, string, string, string, RepositoryAccessProperties, *SourceControlsClientDeleteOptions)` +- Type of `AccountEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `AzureResourceEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `CloudApplicationEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `DNSEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `Entity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `EntityQueriesClientListOptions.Kind` has been changed from `*Enum13` to `*EntityQueryTemplateKind` +- Type of `EntityQueryTemplatesClientListOptions.Kind` has been changed from `*Enum15` to `*EntityQueryTemplateKind` +- Type of `ExpansionResultAggregation.EntityKind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `FileEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `FileHashEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `HostEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `HuntingBookmark.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `IPEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `IncidentEntitiesResultsMetadata.EntityKind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `IoTDeviceEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `MailClusterEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `MailMessageEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `MailboxEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `MalwareEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `MetadataProperties.Kind` has been changed from `*Kind` to `*string` +- Type of `MetadataPropertiesPatch.Kind` has been changed from `*Kind` to `*string` +- Type of `NicEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `ProcessEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `RegistryKeyEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `RegistryValueEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `SecurityAlert.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `SecurityGroupEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `SubmissionMailEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `ThreatIntelligenceIndicatorModel.Kind` has been changed from `*ThreatIntelligenceResourceKindEnum` to `*ThreatIntelligenceResourceInnerKind` +- Type of `ThreatIntelligenceInformation.Kind` has been changed from `*ThreatIntelligenceResourceKindEnum` to `*ThreatIntelligenceResourceInnerKind` +- Type of `ThreatIntelligenceSortingCriteria.SortOrder` has been changed from `*ThreatIntelligenceSortingCriteriaEnum` to `*ThreatIntelligenceSortingOrder` +- Type of `URLEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `Webhook.WebhookSecretUpdateTime` has been changed from `*string` to `*time.Time` +- `ContentTypeAnalyticRule` from enum `ContentType` has been removed +- `OperatorAND`, `OperatorOR` from enum `Operator` has been removed +- `RepoTypeDevOps` from enum `RepoType` has been removed +- `SourceTypeLocalFile`, `SourceTypeRemoteStorage` from enum `SourceType` has been removed +- Enum `EntityKind` has been removed +- Enum `Enum13` has been removed +- Enum `Enum15` has been removed +- Enum `ThreatIntelligenceResourceKindEnum` has been removed +- Enum `ThreatIntelligenceSortingCriteriaEnum` has been removed +- Function `*ClientFactory.NewDomainWhoisClient` has been removed +- Function `*ClientFactory.NewIPGeodataClient` has been removed +- Function `NewDomainWhoisClient` has been removed +- Function `*DomainWhoisClient.Get` has been removed +- Function `NewIPGeodataClient` has been removed +- Function `*IPGeodataClient.Get` has been removed +- Function `*IncidentsClient.CreateTeam` has been removed +- Operation `*WatchlistsClient.CreateOrUpdate` has been changed to LRO, use `*WatchlistsClient.BeginCreateOrUpdate` instead. +- Operation `*WatchlistsClient.Delete` has been changed to LRO, use `*WatchlistsClient.BeginDelete` instead. +- Operation `*EntitiesClient.Queries` has supported pagination, use `*EntitiesClient.NewQueriesPager` instead. +- Operation `*ProductSettingsClient.List` has supported pagination, use `*ProductSettingsClient.NewListPager` instead. +- Struct `ContentPathMap` has been removed +- Struct `MSTIDataConnectorDataTypesBingSafetyPhishingURL` has been removed +- Struct `TeamProperties` has been removed +- Field `CityCf`, `CountryCf`, `StateCf` of struct `EnrichmentIPGeodata` has been removed +- Field `BingSafetyPhishingURL` of struct `MSTIDataConnectorDataTypes` has been removed +- Field `PathMapping` of struct `Repository` has been removed + +### Features Added + +- Type of `WatchlistItemProperties.EntityMapping` has been changed from `map[string]any` to `any` +- Type of `WatchlistItemProperties.ItemsKeyValue` has been changed from `map[string]any` to `any` +- New value `ActionTypeAddIncidentTask` added to enum type `ActionType` +- New value `AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAllItems` added to enum type `AutomationRulePropertyArrayConditionSupportedArrayConditionType` +- New value `AutomationRulePropertyArrayConditionSupportedArrayTypeIncidentLabels` added to enum type `AutomationRulePropertyArrayConditionSupportedArrayType` +- New value `AutomationRulePropertyConditionSupportedPropertyIncidentAlertTitle`, `AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetectionRuleIDs` added to enum type `AutomationRulePropertyConditionSupportedProperty` +- New value `ContentTypeAnalyticsRule`, `ContentTypeAutomationRule`, `ContentTypeHuntingQuery`, `ContentTypeParser`, `ContentTypePlaybook` added to enum type `ContentType` +- New value `DataConnectorKindGCP`, `DataConnectorKindMicrosoftPurviewInformationProtection`, `DataConnectorKindPurviewAudit`, `DataConnectorKindRestAPIPoller` added to enum type `DataConnectorKind` +- New value `EntityQueryTemplateKindAnomaly`, `EntityQueryTemplateKindBookmark`, `EntityQueryTemplateKindExpansion`, `EntityQueryTemplateKindGuidedInsight`, `EntityQueryTemplateKindInsight`, `EntityQueryTemplateKindSecurityAlert` added to enum type `EntityQueryTemplateKind` +- New value `KindCustomDetection`, `KindNotebook`, `KindResourcesDataConnector`, `KindStandalone`, `KindSummaryRule` added to enum type `Kind` +- New value `OperatorAfterAbsolute`, `OperatorAfterRelative`, `OperatorArrayContains`, `OperatorArrayNotContains`, `OperatorBeforeAbsolute`, `OperatorBeforeRelative`, `OperatorEquals`, `OperatorGreaterThan`, `OperatorGreaterThanEqual`, `OperatorIsFalse`, `OperatorIsNull`, `OperatorIsTrue`, `OperatorLessThan`, `OperatorLessThanEqual`, `OperatorNotEquals`, `OperatorOnOrAfterAbsolute`, `OperatorOnOrAfterRelative`, `OperatorOnOrBeforeAbsolute`, `OperatorOnOrBeforeRelative`, `OperatorStringContains`, `OperatorStringEndsWith`, `OperatorStringIsEmpty`, `OperatorStringNotContains`, `OperatorStringNotEndsWith`, `OperatorStringNotStartsWith`, `OperatorStringStartsWith` added to enum type `Operator` +- New value `RepoTypeAzureDevOps` added to enum type `RepoType` +- New value `SourceTypeAzureStorage`, `SourceTypeLocal` added to enum type `SourceType` +- New enum type `AgentType` with values `AgentTypeSAP` +- New enum type `AlertProperty` with values `AlertPropertyAlertLink`, `AlertPropertyConfidenceLevel`, `AlertPropertyConfidenceScore`, `AlertPropertyExtendedLinks`, `AlertPropertyProductComponentName`, `AlertPropertyProductName`, `AlertPropertyProviderName`, `AlertPropertyRemediationSteps`, `AlertPropertySubTechniques`, `AlertPropertyTechniques` +- New enum type `BillingStatisticKind` with values `BillingStatisticKindSapSolutionUsage` +- New enum type `CcpAuthType` with values `CcpAuthTypeAPIKey`, `CcpAuthTypeAWS`, `CcpAuthTypeBasic`, `CcpAuthTypeGCP`, `CcpAuthTypeGitHub`, `CcpAuthTypeJwtToken`, `CcpAuthTypeNone`, `CcpAuthTypeOAuth2`, `CcpAuthTypeOracle`, `CcpAuthTypeServiceBus`, `CcpAuthTypeSession` +- New enum type `ConfigurationType` with values `ConfigurationTypeSAP` +- New enum type `Connective` with values `ConnectiveAnd`, `ConnectiveOr` +- New enum type `DataConnectorDefinitionKind` with values `DataConnectorDefinitionKindCustomizable` +- New enum type `EnrichmentType` with values `EnrichmentTypeMain` +- New enum type `EntityKindEnum` with values `EntityKindEnumAccount`, `EntityKindEnumAzureResource`, `EntityKindEnumBookmark`, `EntityKindEnumCloudApplication`, `EntityKindEnumDNSResolution`, `EntityKindEnumFile`, `EntityKindEnumFileHash`, `EntityKindEnumHost`, `EntityKindEnumIP`, `EntityKindEnumIoTDevice`, `EntityKindEnumMailCluster`, `EntityKindEnumMailMessage`, `EntityKindEnumMailbox`, `EntityKindEnumMalware`, `EntityKindEnumNic`, `EntityKindEnumProcess`, `EntityKindEnumRegistryKey`, `EntityKindEnumRegistryValue`, `EntityKindEnumSecurityAlert`, `EntityKindEnumSecurityGroup`, `EntityKindEnumSubmissionMail`, `EntityKindEnumURL` +- New enum type `Flag` with values `FlagFalse`, `FlagTrue` +- New enum type `HTTPMethodVerb` with values `HTTPMethodVerbDELETE`, `HTTPMethodVerbGET`, `HTTPMethodVerbPOST`, `HTTPMethodVerbPUT` +- New enum type `HTTPSConfigurationType` with values `HTTPSConfigurationTypeHTTPOnly`, `HTTPSConfigurationTypeHTTPSWithSSLVerification`, `HTTPSConfigurationTypeHTTPSWithoutSSLVerification` +- New enum type `HypothesisStatus` with values `HypothesisStatusInvalidated`, `HypothesisStatusUnknown`, `HypothesisStatusValidated` +- New enum type `IncidentTaskStatus` with values `IncidentTaskStatusCompleted`, `IncidentTaskStatusNew` +- New enum type `IngestionType` with values `IngestionTypeFull`, `IngestionTypeIncremental` +- New enum type `KeyVaultAuthenticationMode` with values `KeyVaultAuthenticationModeManagedIdentity`, `KeyVaultAuthenticationModeServicePrincipal` +- New enum type `ListActionKind` with values `ListActionKindLockUser`, `ListActionKindUnlockUser` +- New enum type `LogStatusType` with values `LogStatusTypeDisabled`, `LogStatusTypeEnabled` +- New enum type `LogType` with values `LogTypeADCP`, `LogTypeADR6`, `LogTypeAGR1251`, `LogTypeAGRAGRS`, `LogTypeAGRDEFINE`, `LogTypeAGRFLAGS`, `LogTypeAGRPROF`, `LogTypeAGRTCODES`, `LogTypeAGRUSERS`, `LogTypeAbapAppLog`, `LogTypeAbapAuditLog`, `LogTypeAbapChangeDocsLog`, `LogTypeAbapCrLog`, `LogTypeAbapFilesLogs`, `LogTypeAbapJobLog`, `LogTypeAbapSpoolLog`, `LogTypeAbapSpoolOutputLog`, `LogTypeAbapTableDataLog`, `LogTypeAbapWorkflowLog`, `LogTypeDEVACCESS`, `LogTypeJavaFilesLogs`, `LogTypePAHI`, `LogTypeSNCSYSACL`, `LogTypeUSERADDR`, `LogTypeUSGRPUSER`, `LogTypeUSR01`, `LogTypeUSR02`, `LogTypeUSR05`, `LogTypeUSR21`, `LogTypeUSRACL`, `LogTypeUSRSTAMP`, `LogTypeUST04` +- New enum type `Mode` with values `ModeDisabled`, `ModeEnabled` +- New enum type `MtpProvider` with values `MtpProviderMicrosoftDefenderForCloudApps`, `MtpProviderMicrosoftDefenderForIdentity` +- New enum type `PackageKind` with values `PackageKindSolution`, `PackageKindStandalone` +- New enum type `ProviderPermissionsScope` with values `ProviderPermissionsScopeResourceGroup`, `ProviderPermissionsScopeSubscription`, `ProviderPermissionsScopeWorkspace` +- New enum type `ProvisioningState` with values `ProvisioningStateAccepted`, `ProvisioningStateCanceled`, `ProvisioningStateFailed`, `ProvisioningStateInProgress`, `ProvisioningStateSucceeded` +- New enum type `RepositoryAccessKind` with values `RepositoryAccessKindApp`, `RepositoryAccessKindOAuth`, `RepositoryAccessKindPAT` +- New enum type `RestAPIPollerRequestPagingKind` with values `RestAPIPollerRequestPagingKindCountBasedPaging`, `RestAPIPollerRequestPagingKindLinkHeader`, `RestAPIPollerRequestPagingKindNextPageToken`, `RestAPIPollerRequestPagingKindNextPageURL`, `RestAPIPollerRequestPagingKindOffset`, `RestAPIPollerRequestPagingKindPersistentLinkHeader`, `RestAPIPollerRequestPagingKindPersistentToken` +- New enum type `SapAuthenticationType` with values `SapAuthenticationTypeSnc`, `SapAuthenticationTypeSncWithUsernamePassword`, `SapAuthenticationTypeUsernamePassword` +- New enum type `SecretSource` with values `SecretSourceAzureKeyVault` +- New enum type `SortingDirection` with values `SortingDirectionASC`, `SortingDirectionDESC` +- New enum type `State` with values `StateActive`, `StateCompletedBySystem`, `StateCompletedByUser`, `StateDismissed`, `StateInProgress` +- New enum type `Status` with values `StatusActive`, `StatusApproved`, `StatusBacklog`, `StatusClosed`, `StatusFailed`, `StatusInProgress`, `StatusNew`, `StatusSucceeded` +- New enum type `SystemConfigurationConnectorType` with values `SystemConfigurationConnectorTypeRFC`, `SystemConfigurationConnectorTypeSapControl` +- New enum type `SystemStatusType` with values `SystemStatusTypeRunning`, `SystemStatusTypeStopped` +- New enum type `TIObjectKind` with values `TIObjectKindAttackPattern`, `TIObjectKindIdentity`, `TIObjectKindIndicator`, `TIObjectKindRelationship`, `TIObjectKindThreatActor` +- New enum type `ThreatIntelligenceResourceInnerKind` with values `ThreatIntelligenceResourceInnerKindIndicator` +- New enum type `ThreatIntelligenceSortingOrder` with values `ThreatIntelligenceSortingOrderAscending`, `ThreatIntelligenceSortingOrderDescending`, `ThreatIntelligenceSortingOrderUnsorted` +- New enum type `TiType` with values `TiTypeMain` +- New enum type `WarningCode` with values `WarningCodeSourceControlDeletedWithWarnings`, `WarningCodeSourceControlWarningDeletePipelineFromAzureDevOps`, `WarningCodeSourceControlWarningDeleteRoleAssignment`, `WarningCodeSourceControlWarningDeleteServicePrincipal`, `WarningCodeSourceControlWarningDeleteWorkflowAndSecretFromGitHub` +- New function `*APIKeyAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*AWSAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*Action.GetAction() *Action` +- New function `*AgentConfiguration.GetAgentConfiguration() *AgentConfiguration` +- New function `NewAlertRuleClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AlertRuleClient, error)` +- New function `*AlertRuleClient.BeginTriggerRuleRun(context.Context, string, string, string, AnalyticsRuleRunTrigger, *AlertRuleClientBeginTriggerRuleRunOptions) (*runtime.Poller[AlertRuleClientTriggerRuleRunResponse], error)` +- New function `*AttackPattern.GetTIObject() *TIObject` +- New function `*AutomationRuleAddIncidentTaskAction.GetAutomationRuleAction() *AutomationRuleAction` +- New function `*BasicAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*BillingStatistic.GetBillingStatistic() *BillingStatistic` +- New function `NewBillingStatisticsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*BillingStatisticsClient, error)` +- New function `*BillingStatisticsClient.Get(context.Context, string, string, string, *BillingStatisticsClientGetOptions) (BillingStatisticsClientGetResponse, error)` +- New function `*BillingStatisticsClient.NewListPager(string, string, *BillingStatisticsClientListOptions) *runtime.Pager[BillingStatisticsClientListResponse]` +- New function `NewBusinessApplicationAgentClient(string, azcore.TokenCredential, *arm.ClientOptions) (*BusinessApplicationAgentClient, error)` +- New function `*BusinessApplicationAgentClient.Get(context.Context, string, string, string, *BusinessApplicationAgentClientGetOptions) (BusinessApplicationAgentClientGetResponse, error)` +- New function `NewBusinessApplicationAgentsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*BusinessApplicationAgentsClient, error)` +- New function `*BusinessApplicationAgentsClient.CreateOrUpdate(context.Context, string, string, string, *BusinessApplicationAgentsClientCreateOrUpdateOptions) (BusinessApplicationAgentsClientCreateOrUpdateResponse, error)` +- New function `*BusinessApplicationAgentsClient.Delete(context.Context, string, string, string, *BusinessApplicationAgentsClientDeleteOptions) (BusinessApplicationAgentsClientDeleteResponse, error)` +- New function `*BusinessApplicationAgentsClient.NewListPager(string, string, *BusinessApplicationAgentsClientListOptions) *runtime.Pager[BusinessApplicationAgentsClientListResponse]` +- New function `*CcpAuthConfig.GetCcpAuthConfig() *CcpAuthConfig` +- New function `NewClient(string, azcore.TokenCredential, *arm.ClientOptions) (*Client, error)` +- New function `*Client.ListGeodataByIP(context.Context, string, string, EnrichmentType, EnrichmentIPAddressBody, *ClientListGeodataByIPOptions) (ClientListGeodataByIPResponse, error)` +- New function `*Client.ListWhoisByDomain(context.Context, string, string, EnrichmentType, EnrichmentDomainBody, *ClientListWhoisByDomainOptions) (ClientListWhoisByDomainResponse, error)` +- New function `*ClientFactory.NewAlertRuleClient() *AlertRuleClient` +- New function `*ClientFactory.NewBillingStatisticsClient() *BillingStatisticsClient` +- New function `*ClientFactory.NewBusinessApplicationAgentClient() *BusinessApplicationAgentClient` +- New function `*ClientFactory.NewBusinessApplicationAgentsClient() *BusinessApplicationAgentsClient` +- New function `*ClientFactory.NewClient() *Client` +- New function `*ClientFactory.NewContentPackageClient() *ContentPackageClient` +- New function `*ClientFactory.NewContentPackagesClient() *ContentPackagesClient` +- New function `*ClientFactory.NewContentTemplateClient() *ContentTemplateClient` +- New function `*ClientFactory.NewContentTemplatesClient() *ContentTemplatesClient` +- New function `*ClientFactory.NewDataConnectorDefinitionsClient() *DataConnectorDefinitionsClient` +- New function `*ClientFactory.NewGetClient() *GetClient` +- New function `*ClientFactory.NewGetRecommendationsClient() *GetRecommendationsClient` +- New function `*ClientFactory.NewGetTriggeredAnalyticsRuleRunsClient() *GetTriggeredAnalyticsRuleRunsClient` +- New function `*ClientFactory.NewHuntCommentsClient() *HuntCommentsClient` +- New function `*ClientFactory.NewHuntRelationsClient() *HuntRelationsClient` +- New function `*ClientFactory.NewHuntsClient() *HuntsClient` +- New function `*ClientFactory.NewIncidentTasksClient() *IncidentTasksClient` +- New function `*ClientFactory.NewProductPackageClient() *ProductPackageClient` +- New function `*ClientFactory.NewProductPackagesClient() *ProductPackagesClient` +- New function `*ClientFactory.NewProductTemplateClient() *ProductTemplateClient` +- New function `*ClientFactory.NewProductTemplatesClient() *ProductTemplatesClient` +- New function `*ClientFactory.NewReevaluateClient() *ReevaluateClient` +- New function `*ClientFactory.NewSystemsClient() *SystemsClient` +- New function `*ClientFactory.NewThreatIntelligenceClient() *ThreatIntelligenceClient` +- New function `*ClientFactory.NewTriggeredAnalyticsRuleRunClient() *TriggeredAnalyticsRuleRunClient` +- New function `*ClientFactory.NewUpdateClient() *UpdateClient` +- New function `*ClientFactory.NewWorkspaceManagerAssignmentJobsClient() *WorkspaceManagerAssignmentJobsClient` +- New function `*ClientFactory.NewWorkspaceManagerAssignmentsClient() *WorkspaceManagerAssignmentsClient` +- New function `*ClientFactory.NewWorkspaceManagerConfigurationsClient() *WorkspaceManagerConfigurationsClient` +- New function `*ClientFactory.NewWorkspaceManagerGroupsClient() *WorkspaceManagerGroupsClient` +- New function `*ClientFactory.NewWorkspaceManagerMembersClient() *WorkspaceManagerMembersClient` +- New function `NewContentPackageClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ContentPackageClient, error)` +- New function `*ContentPackageClient.Install(context.Context, string, string, string, PackageModel, *ContentPackageClientInstallOptions) (ContentPackageClientInstallResponse, error)` +- New function `*ContentPackageClient.Uninstall(context.Context, string, string, string, *ContentPackageClientUninstallOptions) (ContentPackageClientUninstallResponse, error)` +- New function `NewContentPackagesClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ContentPackagesClient, error)` +- New function `*ContentPackagesClient.Get(context.Context, string, string, string, *ContentPackagesClientGetOptions) (ContentPackagesClientGetResponse, error)` +- New function `*ContentPackagesClient.NewListPager(string, string, *ContentPackagesClientListOptions) *runtime.Pager[ContentPackagesClientListResponse]` +- New function `NewContentTemplateClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ContentTemplateClient, error)` +- New function `*ContentTemplateClient.Delete(context.Context, string, string, string, *ContentTemplateClientDeleteOptions) (ContentTemplateClientDeleteResponse, error)` +- New function `*ContentTemplateClient.Get(context.Context, string, string, string, *ContentTemplateClientGetOptions) (ContentTemplateClientGetResponse, error)` +- New function `*ContentTemplateClient.Install(context.Context, string, string, string, TemplateModel, *ContentTemplateClientInstallOptions) (ContentTemplateClientInstallResponse, error)` +- New function `NewContentTemplatesClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ContentTemplatesClient, error)` +- New function `*ContentTemplatesClient.NewListPager(string, string, *ContentTemplatesClientListOptions) *runtime.Pager[ContentTemplatesClientListResponse]` +- New function `*CustomizableConnectorDefinition.GetDataConnectorDefinition() *DataConnectorDefinition` +- New function `*DataConnectorDefinition.GetDataConnectorDefinition() *DataConnectorDefinition` +- New function `NewDataConnectorDefinitionsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*DataConnectorDefinitionsClient, error)` +- New function `*DataConnectorDefinitionsClient.CreateOrUpdate(context.Context, string, string, string, DataConnectorDefinitionClassification, *DataConnectorDefinitionsClientCreateOrUpdateOptions) (DataConnectorDefinitionsClientCreateOrUpdateResponse, error)` +- New function `*DataConnectorDefinitionsClient.Delete(context.Context, string, string, string, *DataConnectorDefinitionsClientDeleteOptions) (DataConnectorDefinitionsClientDeleteResponse, error)` +- New function `*DataConnectorDefinitionsClient.Get(context.Context, string, string, string, *DataConnectorDefinitionsClientGetOptions) (DataConnectorDefinitionsClientGetResponse, error)` +- New function `*DataConnectorDefinitionsClient.NewListPager(string, string, *DataConnectorDefinitionsClientListOptions) *runtime.Pager[DataConnectorDefinitionsClientListResponse]` +- New function `*EntitiesClient.RunPlaybook(context.Context, string, string, string, *EntitiesClientRunPlaybookOptions) (EntitiesClientRunPlaybookResponse, error)` +- New function `*GCPAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*GCPDataConnector.GetDataConnector() *DataConnector` +- New function `*GenericBlobSbsAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `NewGetClient(string, azcore.TokenCredential, *arm.ClientOptions) (*GetClient, error)` +- New function `*GetClient.SingleRecommendation(context.Context, string, string, string, *GetClientSingleRecommendationOptions) (GetClientSingleRecommendationResponse, error)` +- New function `NewGetRecommendationsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*GetRecommendationsClient, error)` +- New function `*GetRecommendationsClient.NewListPager(string, string, *GetRecommendationsClientListOptions) *runtime.Pager[GetRecommendationsClientListResponse]` +- New function `NewGetTriggeredAnalyticsRuleRunsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*GetTriggeredAnalyticsRuleRunsClient, error)` +- New function `*GetTriggeredAnalyticsRuleRunsClient.NewListPager(string, string, *GetTriggeredAnalyticsRuleRunsClientListOptions) *runtime.Pager[GetTriggeredAnalyticsRuleRunsClientListResponse]` +- New function `*GitHubAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `NewHuntCommentsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*HuntCommentsClient, error)` +- New function `*HuntCommentsClient.CreateOrUpdate(context.Context, string, string, string, string, HuntComment, *HuntCommentsClientCreateOrUpdateOptions) (HuntCommentsClientCreateOrUpdateResponse, error)` +- New function `*HuntCommentsClient.Delete(context.Context, string, string, string, string, *HuntCommentsClientDeleteOptions) (HuntCommentsClientDeleteResponse, error)` +- New function `*HuntCommentsClient.Get(context.Context, string, string, string, string, *HuntCommentsClientGetOptions) (HuntCommentsClientGetResponse, error)` +- New function `*HuntCommentsClient.NewListPager(string, string, string, *HuntCommentsClientListOptions) *runtime.Pager[HuntCommentsClientListResponse]` +- New function `NewHuntRelationsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*HuntRelationsClient, error)` +- New function `*HuntRelationsClient.CreateOrUpdate(context.Context, string, string, string, string, HuntRelation, *HuntRelationsClientCreateOrUpdateOptions) (HuntRelationsClientCreateOrUpdateResponse, error)` +- New function `*HuntRelationsClient.Delete(context.Context, string, string, string, string, *HuntRelationsClientDeleteOptions) (HuntRelationsClientDeleteResponse, error)` +- New function `*HuntRelationsClient.Get(context.Context, string, string, string, string, *HuntRelationsClientGetOptions) (HuntRelationsClientGetResponse, error)` +- New function `*HuntRelationsClient.NewListPager(string, string, string, *HuntRelationsClientListOptions) *runtime.Pager[HuntRelationsClientListResponse]` +- New function `NewHuntsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*HuntsClient, error)` +- New function `*HuntsClient.CreateOrUpdate(context.Context, string, string, string, Hunt, *HuntsClientCreateOrUpdateOptions) (HuntsClientCreateOrUpdateResponse, error)` +- New function `*HuntsClient.Delete(context.Context, string, string, string, *HuntsClientDeleteOptions) (HuntsClientDeleteResponse, error)` +- New function `*HuntsClient.Get(context.Context, string, string, string, *HuntsClientGetOptions) (HuntsClientGetResponse, error)` +- New function `*HuntsClient.NewListPager(string, string, *HuntsClientListOptions) *runtime.Pager[HuntsClientListResponse]` +- New function `*Identity.GetTIObject() *TIObject` +- New function `NewIncidentTasksClient(string, azcore.TokenCredential, *arm.ClientOptions) (*IncidentTasksClient, error)` +- New function `*IncidentTasksClient.CreateOrUpdate(context.Context, string, string, string, string, IncidentTask, *IncidentTasksClientCreateOrUpdateOptions) (IncidentTasksClientCreateOrUpdateResponse, error)` +- New function `*IncidentTasksClient.Delete(context.Context, string, string, string, string, *IncidentTasksClientDeleteOptions) (IncidentTasksClientDeleteResponse, error)` +- New function `*IncidentTasksClient.Get(context.Context, string, string, string, string, *IncidentTasksClientGetOptions) (IncidentTasksClientGetResponse, error)` +- New function `*IncidentTasksClient.NewListPager(string, string, string, *IncidentTasksClientListOptions) *runtime.Pager[IncidentTasksClientListResponse]` +- New function `*Indicator.GetTIObject() *TIObject` +- New function `*JwtAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*LockUserAction.GetAction() *Action` +- New function `*MicrosoftPurviewInformationProtectionCheckRequirements.GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements` +- New function `*MicrosoftPurviewInformationProtectionDataConnector.GetDataConnector() *DataConnector` +- New function `*OAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*OracleAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `NewProductPackageClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ProductPackageClient, error)` +- New function `*ProductPackageClient.Get(context.Context, string, string, string, *ProductPackageClientGetOptions) (ProductPackageClientGetResponse, error)` +- New function `NewProductPackagesClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ProductPackagesClient, error)` +- New function `*ProductPackagesClient.NewListPager(string, string, *ProductPackagesClientListOptions) *runtime.Pager[ProductPackagesClientListResponse]` +- New function `NewProductTemplateClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ProductTemplateClient, error)` +- New function `*ProductTemplateClient.Get(context.Context, string, string, string, *ProductTemplateClientGetOptions) (ProductTemplateClientGetResponse, error)` +- New function `NewProductTemplatesClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ProductTemplatesClient, error)` +- New function `*ProductTemplatesClient.NewListPager(string, string, *ProductTemplatesClientListOptions) *runtime.Pager[ProductTemplatesClientListResponse]` +- New function `*PurviewAuditCheckRequirements.GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements` +- New function `*PurviewAuditDataConnector.GetDataConnector() *DataConnector` +- New function `*RFCConnector.GetSystemsConfigurationConnector() *SystemsConfigurationConnector` +- New function `NewReevaluateClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ReevaluateClient, error)` +- New function `*ReevaluateClient.Recommendation(context.Context, string, string, string, *ReevaluateClientRecommendationOptions) (ReevaluateClientRecommendationResponse, error)` +- New function `*Relationship.GetTIObject() *TIObject` +- New function `*RestAPIPollerDataConnector.GetDataConnector() *DataConnector` +- New function `*SapAgentConfiguration.GetAgentConfiguration() *AgentConfiguration` +- New function `*SapControlConnector.GetSystemsConfigurationConnector() *SystemsConfigurationConnector` +- New function `*SapSolutionUsageStatistic.GetBillingStatistic() *BillingStatistic` +- New function `*SapSystemsConfiguration.GetSystemsConfiguration() *SystemsConfiguration` +- New function `*SessionAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `NewSystemsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*SystemsClient, error)` +- New function `*SystemsClient.CreateOrUpdate(context.Context, string, string, string, string, *SystemsClientCreateOrUpdateOptions) (SystemsClientCreateOrUpdateResponse, error)` +- New function `*SystemsClient.Delete(context.Context, string, string, string, string, *SystemsClientDeleteOptions) (SystemsClientDeleteResponse, error)` +- New function `*SystemsClient.Get(context.Context, string, string, string, string, *SystemsClientGetOptions) (SystemsClientGetResponse, error)` +- New function `*SystemsClient.NewListActionsPager(string, string, string, string, *SystemsClientListActionsOptions) *runtime.Pager[SystemsClientListActionsResponse]` +- New function `*SystemsClient.NewListPager(string, string, string, *SystemsClientListOptions) *runtime.Pager[SystemsClientListResponse]` +- New function `*SystemsClient.ReportActionStatus(context.Context, string, string, string, string, *SystemsClientReportActionStatusOptions) (SystemsClientReportActionStatusResponse, error)` +- New function `*SystemsClient.UndoAction(context.Context, string, string, string, string, *SystemsClientUndoActionOptions) (SystemsClientUndoActionResponse, error)` +- New function `*SystemsConfiguration.GetSystemsConfiguration() *SystemsConfiguration` +- New function `*SystemsConfigurationConnector.GetSystemsConfigurationConnector() *SystemsConfigurationConnector` +- New function `*TIObject.GetTIObject() *TIObject` +- New function `*ThreatActor.GetTIObject() *TIObject` +- New function `NewThreatIntelligenceClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ThreatIntelligenceClient, error)` +- New function `*ThreatIntelligenceClient.Count(context.Context, string, string, TiType, *ThreatIntelligenceClientCountOptions) (ThreatIntelligenceClientCountResponse, error)` +- New function `*ThreatIntelligenceClient.NewQueryPager(string, string, TiType, *ThreatIntelligenceClientQueryOptions) *runtime.Pager[ThreatIntelligenceClientQueryResponse]` +- New function `NewTriggeredAnalyticsRuleRunClient(string, azcore.TokenCredential, *arm.ClientOptions) (*TriggeredAnalyticsRuleRunClient, error)` +- New function `*TriggeredAnalyticsRuleRunClient.Get(context.Context, string, string, string, *TriggeredAnalyticsRuleRunClientGetOptions) (TriggeredAnalyticsRuleRunClientGetResponse, error)` +- New function `*UnlockUserAction.GetAction() *Action` +- New function `NewUpdateClient(string, azcore.TokenCredential, *arm.ClientOptions) (*UpdateClient, error)` +- New function `*UpdateClient.Recommendation(context.Context, string, string, string, RecommendationPatch, *UpdateClientRecommendationOptions) (UpdateClientRecommendationResponse, error)` +- New function `NewWorkspaceManagerAssignmentJobsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*WorkspaceManagerAssignmentJobsClient, error)` +- New function `*WorkspaceManagerAssignmentJobsClient.Create(context.Context, string, string, string, *WorkspaceManagerAssignmentJobsClientCreateOptions) (WorkspaceManagerAssignmentJobsClientCreateResponse, error)` +- New function `*WorkspaceManagerAssignmentJobsClient.Delete(context.Context, string, string, string, string, *WorkspaceManagerAssignmentJobsClientDeleteOptions) (WorkspaceManagerAssignmentJobsClientDeleteResponse, error)` +- New function `*WorkspaceManagerAssignmentJobsClient.Get(context.Context, string, string, string, string, *WorkspaceManagerAssignmentJobsClientGetOptions) (WorkspaceManagerAssignmentJobsClientGetResponse, error)` +- New function `*WorkspaceManagerAssignmentJobsClient.NewListPager(string, string, string, *WorkspaceManagerAssignmentJobsClientListOptions) *runtime.Pager[WorkspaceManagerAssignmentJobsClientListResponse]` +- New function `NewWorkspaceManagerAssignmentsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*WorkspaceManagerAssignmentsClient, error)` +- New function `*WorkspaceManagerAssignmentsClient.CreateOrUpdate(context.Context, string, string, string, WorkspaceManagerAssignment, *WorkspaceManagerAssignmentsClientCreateOrUpdateOptions) (WorkspaceManagerAssignmentsClientCreateOrUpdateResponse, error)` +- New function `*WorkspaceManagerAssignmentsClient.Delete(context.Context, string, string, string, *WorkspaceManagerAssignmentsClientDeleteOptions) (WorkspaceManagerAssignmentsClientDeleteResponse, error)` +- New function `*WorkspaceManagerAssignmentsClient.Get(context.Context, string, string, string, *WorkspaceManagerAssignmentsClientGetOptions) (WorkspaceManagerAssignmentsClientGetResponse, error)` +- New function `*WorkspaceManagerAssignmentsClient.NewListPager(string, string, *WorkspaceManagerAssignmentsClientListOptions) *runtime.Pager[WorkspaceManagerAssignmentsClientListResponse]` +- New function `NewWorkspaceManagerConfigurationsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*WorkspaceManagerConfigurationsClient, error)` +- New function `*WorkspaceManagerConfigurationsClient.CreateOrUpdate(context.Context, string, string, string, WorkspaceManagerConfiguration, *WorkspaceManagerConfigurationsClientCreateOrUpdateOptions) (WorkspaceManagerConfigurationsClientCreateOrUpdateResponse, error)` +- New function `*WorkspaceManagerConfigurationsClient.Delete(context.Context, string, string, string, *WorkspaceManagerConfigurationsClientDeleteOptions) (WorkspaceManagerConfigurationsClientDeleteResponse, error)` +- New function `*WorkspaceManagerConfigurationsClient.Get(context.Context, string, string, string, *WorkspaceManagerConfigurationsClientGetOptions) (WorkspaceManagerConfigurationsClientGetResponse, error)` +- New function `*WorkspaceManagerConfigurationsClient.NewListPager(string, string, *WorkspaceManagerConfigurationsClientListOptions) *runtime.Pager[WorkspaceManagerConfigurationsClientListResponse]` +- New function `NewWorkspaceManagerGroupsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*WorkspaceManagerGroupsClient, error)` +- New function `*WorkspaceManagerGroupsClient.CreateOrUpdate(context.Context, string, string, string, WorkspaceManagerGroup, *WorkspaceManagerGroupsClientCreateOrUpdateOptions) (WorkspaceManagerGroupsClientCreateOrUpdateResponse, error)` +- New function `*WorkspaceManagerGroupsClient.Delete(context.Context, string, string, string, *WorkspaceManagerGroupsClientDeleteOptions) (WorkspaceManagerGroupsClientDeleteResponse, error)` +- New function `*WorkspaceManagerGroupsClient.Get(context.Context, string, string, string, *WorkspaceManagerGroupsClientGetOptions) (WorkspaceManagerGroupsClientGetResponse, error)` +- New function `*WorkspaceManagerGroupsClient.NewListPager(string, string, *WorkspaceManagerGroupsClientListOptions) *runtime.Pager[WorkspaceManagerGroupsClientListResponse]` +- New function `NewWorkspaceManagerMembersClient(string, azcore.TokenCredential, *arm.ClientOptions) (*WorkspaceManagerMembersClient, error)` +- New function `*WorkspaceManagerMembersClient.CreateOrUpdate(context.Context, string, string, string, WorkspaceManagerMember, *WorkspaceManagerMembersClientCreateOrUpdateOptions) (WorkspaceManagerMembersClientCreateOrUpdateResponse, error)` +- New function `*WorkspaceManagerMembersClient.Delete(context.Context, string, string, string, *WorkspaceManagerMembersClientDeleteOptions) (WorkspaceManagerMembersClientDeleteResponse, error)` +- New function `*WorkspaceManagerMembersClient.Get(context.Context, string, string, string, *WorkspaceManagerMembersClientGetOptions) (WorkspaceManagerMembersClientGetResponse, error)` +- New function `*WorkspaceManagerMembersClient.NewListPager(string, string, *WorkspaceManagerMembersClientListOptions) *runtime.Pager[WorkspaceManagerMembersClientListResponse]` +- New function `*NoneAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New struct `APIKeyAuthModel` +- New struct `AWSAuthModel` +- New struct `AddIncidentTaskActionProperties` +- New struct `AgentProperties` +- New struct `AgentSystem` +- New struct `AlertPropertyMapping` +- New struct `AnalyticsRuleRunTrigger` +- New struct `AnalyticsRuleRunTriggerProperties` +- New struct `AssignmentItem` +- New struct `AttackPattern` +- New struct `AutomationRuleAddIncidentTaskAction` +- New struct `BasicAuthModel` +- New struct `BillingStatisticList` +- New struct `BusinessApplicationAgentResource` +- New struct `BusinessApplicationAgentsList` +- New struct `CcpResponseConfig` +- New struct `ConditionClause` +- New struct `ConditionProperties` +- New struct `ConnectivityCriterion` +- New struct `ConnectorDataType` +- New struct `ConnectorDefinitionsAvailability` +- New struct `ConnectorDefinitionsPermissions` +- New struct `ConnectorDefinitionsResourceProvider` +- New struct `CountQuery` +- New struct `CustomPermissionDetails` +- New struct `CustomizableConnectionsConfig` +- New struct `CustomizableConnectorDefinition` +- New struct `CustomizableConnectorDefinitionProperties` +- New struct `CustomizableConnectorUIConfig` +- New struct `DCRConfiguration` +- New struct `DataConnectorDefinitionArmCollectionWrapper` +- New struct `EnrichmentDomainBody` +- New struct `EnrichmentIPAddressBody` +- New struct `EntityManualTriggerRequestBody` +- New struct `Error` +- New struct `GCPAuthModel` +- New struct `GCPAuthProperties` +- New struct `GCPDataConnector` +- New struct `GCPDataConnectorProperties` +- New struct `GCPRequestProperties` +- New struct `GenericBlobSbsAuthModel` +- New struct `GitHubAuthModel` +- New struct `GraphQuery` +- New struct `Hunt` +- New struct `HuntComment` +- New struct `HuntCommentList` +- New struct `HuntCommentProperties` +- New struct `HuntList` +- New struct `HuntOwner` +- New struct `HuntProperties` +- New struct `HuntRelation` +- New struct `HuntRelationList` +- New struct `HuntRelationProperties` +- New struct `Identity` +- New struct `IncidentTask` +- New struct `IncidentTaskList` +- New struct `IncidentTaskProperties` +- New struct `Indicator` +- New struct `IndicatorObservablesItem` +- New struct `InstructionStep` +- New struct `InstructionStepDetails` +- New struct `Job` +- New struct `JobItem` +- New struct `JobList` +- New struct `JobProperties` +- New struct `JwtAuthModel` +- New struct `ListActionsResponse` +- New struct `LockUserAction` +- New struct `Log` +- New struct `MTPDataConnectorDataTypesAlerts` +- New struct `MicrosoftPurviewInformationProtectionCheckRequirements` +- New struct `MicrosoftPurviewInformationProtectionCheckRequirementsProperties` +- New struct `MicrosoftPurviewInformationProtectionConnectorDataTypes` +- New struct `MicrosoftPurviewInformationProtectionConnectorDataTypesLogs` +- New struct `MicrosoftPurviewInformationProtectionDataConnector` +- New struct `MicrosoftPurviewInformationProtectionDataConnectorProperties` +- New struct `MtpFilteredProviders` +- New struct `NoneAuthModel` +- New struct `OAuthModel` +- New struct `OracleAuthModel` +- New struct `PackageList` +- New struct `PackageModel` +- New struct `PackageProperties` +- New struct `ProductPackageList` +- New struct `ProductPackageModel` +- New struct `ProductPackageProperties` +- New struct `ProductTemplateList` +- New struct `ProductTemplateModel` +- New struct `ProductTemplateProperties` +- New struct `PullRequest` +- New struct `PurviewAuditCheckRequirements` +- New struct `PurviewAuditCheckRequirementsProperties` +- New struct `PurviewAuditConnectorDataTypes` +- New struct `PurviewAuditConnectorDataTypesLogs` +- New struct `PurviewAuditDataConnector` +- New struct `PurviewAuditDataConnectorProperties` +- New struct `Query` +- New struct `QueryCondition` +- New struct `QueryProperties` +- New struct `QuerySortBy` +- New struct `RFCConnector` +- New struct `Recommendation` +- New struct `RecommendationList` +- New struct `RecommendationPatch` +- New struct `RecommendationPatchProperties` +- New struct `RecommendationProperties` +- New struct `RecommendedSuggestion` +- New struct `ReevaluateResponse` +- New struct `Relationship` +- New struct `RelationshipHint` +- New struct `ReportActionStatusPayload` +- New struct `RepositoryAccess` +- New struct `RepositoryAccessObject` +- New struct `RepositoryAccessProperties` +- New struct `ResourceProviderRequiredPermissions` +- New struct `RestAPIPollerDataConnector` +- New struct `RestAPIPollerDataConnectorProperties` +- New struct `RestAPIPollerRequestConfig` +- New struct `RestAPIPollerRequestPagingConfig` +- New struct `SapAgentConfiguration` +- New struct `SapControlConnector` +- New struct `SapSolutionUsageStatistic` +- New struct `SapSolutionUsageStatisticProperties` +- New struct `SapSystemsConfiguration` +- New struct `SentinelEntityMapping` +- New struct `ServicePrincipal` +- New struct `SessionAuthModel` +- New struct `SystemProperties` +- New struct `SystemResource` +- New struct `SystemsList` +- New struct `TIObjectCommonProperties` +- New struct `TemplateList` +- New struct `TemplateModel` +- New struct `TemplateProperties` +- New struct `ThreatActor` +- New struct `ThreatIntelligenceCount` +- New struct `ThreatIntelligenceList` +- New struct `TriggeredAnalyticsRuleRun` +- New struct `TriggeredAnalyticsRuleRunProperties` +- New struct `TriggeredAnalyticsRuleRuns` +- New struct `UndoActionPayload` +- New struct `UnlockUserAction` +- New struct `Warning` +- New struct `WarningBody` +- New struct `WorkspaceManagerAssignment` +- New struct `WorkspaceManagerAssignmentList` +- New struct `WorkspaceManagerAssignmentProperties` +- New struct `WorkspaceManagerConfiguration` +- New struct `WorkspaceManagerConfigurationList` +- New struct `WorkspaceManagerConfigurationProperties` +- New struct `WorkspaceManagerGroup` +- New struct `WorkspaceManagerGroupList` +- New struct `WorkspaceManagerGroupProperties` +- New struct `WorkspaceManagerMember` +- New struct `WorkspaceManagerMemberProperties` +- New struct `WorkspaceManagerMembersList` +- New field `AlertDynamicProperties` in struct `AlertDetailsOverride` +- New field `CityConfidenceFactor`, `CountryConfidenceFactor`, `StateConfidenceFactor` in struct `EnrichmentIPGeodata` +- New field `SubTechniques` in struct `FusionAlertRuleProperties` +- New field `SubTechniques` in struct `FusionAlertRuleTemplateProperties` +- New field `MergedIncidentNumber`, `MergedIncidentURL` in struct `IncidentAdditionalData` +- New field `SubTechniques` in struct `MLBehaviorAnalyticsAlertRuleProperties` +- New field `Alerts` in struct `MTPDataConnectorDataTypes` +- New field `FilteredProviders` in struct `MTPDataConnectorProperties` +- New field `SentinelEntitiesMappings`, `SubTechniques` in struct `NrtAlertRuleProperties` +- New field `SentinelEntitiesMappings` in struct `NrtAlertRuleTemplateProperties` +- New field `InstallationID` in struct `Repo` +- New field `SentinelEntitiesMappings`, `SubTechniques` in struct `ScheduledAlertRuleProperties` +- New field `SentinelEntitiesMappings`, `SubTechniques` in struct `ScheduledAlertRuleTemplateProperties` +- New field `Intent`, `Techniques` in struct `SecurityAlertTimelineItem` +- New field `NextLink` in struct `SettingList` +- New field `PullRequest`, `RepositoryAccess`, `ServicePrincipal` in struct `SourceControlProperties` +- New anonymous field `Warning` in struct `SourceControlsClientDeleteResponse` +- New field `SubTechniques` in struct `ThreatIntelligenceAlertRuleProperties` +- New field `ProvisioningState` in struct `WatchlistProperties` + + ## 2.0.0-beta.4 (2024-06-14) ### Features Added diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client.go index e36f064ff891..aefed8b1e942 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type ActionsClient struct { } // NewActionsClient creates a new instance of ActionsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewActionsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ActionsClient, error) { @@ -46,7 +43,7 @@ func NewActionsClient(subscriptionID string, credential azcore.TokenCredential, // CreateOrUpdate - Creates or updates the action of alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -76,7 +73,7 @@ func (client *ActionsClient) CreateOrUpdate(ctx context.Context, resourceGroupNa } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *ActionsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action ActionRequest, options *ActionsClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *ActionsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action ActionRequest, _ *ActionsClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -103,7 +100,7 @@ func (client *ActionsClient) createOrUpdateCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, action); err != nil { @@ -124,7 +121,7 @@ func (client *ActionsClient) createOrUpdateHandleResponse(resp *http.Response) ( // Delete - Delete the action of alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -152,7 +149,7 @@ func (client *ActionsClient) Delete(ctx context.Context, resourceGroupName strin } // deleteCreateRequest creates the Delete request. -func (client *ActionsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, options *ActionsClientDeleteOptions) (*policy.Request, error) { +func (client *ActionsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, _ *ActionsClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -179,7 +176,7 @@ func (client *ActionsClient) deleteCreateRequest(ctx context.Context, resourceGr return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -188,7 +185,7 @@ func (client *ActionsClient) deleteCreateRequest(ctx context.Context, resourceGr // Get - Gets the action of alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -217,7 +214,7 @@ func (client *ActionsClient) Get(ctx context.Context, resourceGroupName string, } // getCreateRequest creates the Get request. -func (client *ActionsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, options *ActionsClientGetOptions) (*policy.Request, error) { +func (client *ActionsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, _ *ActionsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -244,7 +241,7 @@ func (client *ActionsClient) getCreateRequest(ctx context.Context, resourceGroup return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -261,7 +258,7 @@ func (client *ActionsClient) getHandleResponse(resp *http.Response) (ActionsClie // NewListByAlertRulePager - Gets all actions of alert rule. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -291,7 +288,7 @@ func (client *ActionsClient) NewListByAlertRulePager(resourceGroupName string, w } // listByAlertRuleCreateRequest creates the ListByAlertRule request. -func (client *ActionsClient) listByAlertRuleCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, options *ActionsClientListByAlertRuleOptions) (*policy.Request, error) { +func (client *ActionsClient) listByAlertRuleCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, _ *ActionsClientListByAlertRuleOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -314,7 +311,7 @@ func (client *ActionsClient) listByAlertRuleCreateRequest(ctx context.Context, r return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client_example_test.go deleted file mode 100644 index 06ec633f7476..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client_example_test.go +++ /dev/null @@ -1,140 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/actions/GetAllActionsByAlertRule.json -func ExampleActionsClient_NewListByAlertRulePager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewActionsClient().NewListByAlertRulePager("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.ActionsList = armsecurityinsights.ActionsList{ - // Value: []*armsecurityinsights.ActionResponse{ - // { - // Name: to.Ptr("912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules/actions"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5/actions/912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.ActionResponseProperties{ - // LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/MyAlerts"), - // WorkflowID: to.Ptr("cd3765391efd48549fd7681ded1d48d7"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/actions/GetActionOfAlertRuleById.json -func ExampleActionsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewActionsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "912bec42-cb66-4c03-ac63-1761b6898c3e", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.ActionResponse = armsecurityinsights.ActionResponse{ - // Name: to.Ptr("912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules/actions"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5/actions/912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.ActionResponseProperties{ - // LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/MyAlerts"), - // WorkflowID: to.Ptr("cd3765391efd48549fd7681ded1d48d7"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/actions/CreateActionOfAlertRule.json -func ExampleActionsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewActionsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "912bec42-cb66-4c03-ac63-1761b6898c3e", armsecurityinsights.ActionRequest{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.ActionRequestProperties{ - LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/MyAlerts"), - TriggerURI: to.Ptr("https://prod-31.northcentralus.logic.azure.com:443/workflows/cd3765391efd48549fd7681ded1d48d7/triggers/manual/paths/invoke?api-version=2016-10-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=signature"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.ActionResponse = armsecurityinsights.ActionResponse{ - // Name: to.Ptr("912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules/actions"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5/actions/912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.ActionResponseProperties{ - // LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/MyAlerts"), - // WorkflowID: to.Ptr("cd3765391efd48549fd7681ded1d48d7"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/actions/DeleteActionOfAlertRule.json -func ExampleActionsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewActionsClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "912bec42-cb66-4c03-ac63-1761b6898c3e", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrule_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrule_client.go new file mode 100644 index 000000000000..ed5e6211b4e4 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrule_client.go @@ -0,0 +1,127 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AlertRuleClient contains the methods for the AlertRule group. +// Don't use this type directly, use NewAlertRuleClient() instead. +type AlertRuleClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAlertRuleClient creates a new instance of AlertRuleClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAlertRuleClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AlertRuleClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AlertRuleClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// BeginTriggerRuleRun - triggers analytics rule run +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - ruleID - Alert rule ID +// - analyticsRuleRunTriggerParameter - The Analytics Rule Run Trigger parameter +// - options - AlertRuleClientBeginTriggerRuleRunOptions contains the optional parameters for the AlertRuleClient.BeginTriggerRuleRun +// method. +func (client *AlertRuleClient) BeginTriggerRuleRun(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, analyticsRuleRunTriggerParameter AnalyticsRuleRunTrigger, options *AlertRuleClientBeginTriggerRuleRunOptions) (*runtime.Poller[AlertRuleClientTriggerRuleRunResponse], error) { + if options == nil || options.ResumeToken == "" { + resp, err := client.triggerRuleRun(ctx, resourceGroupName, workspaceName, ruleID, analyticsRuleRunTriggerParameter, options) + if err != nil { + return nil, err + } + poller, err := runtime.NewPoller(resp, client.internal.Pipeline(), &runtime.NewPollerOptions[AlertRuleClientTriggerRuleRunResponse]{ + FinalStateVia: runtime.FinalStateViaLocation, + Tracer: client.internal.Tracer(), + }) + return poller, err + } else { + return runtime.NewPollerFromResumeToken(options.ResumeToken, client.internal.Pipeline(), &runtime.NewPollerFromResumeTokenOptions[AlertRuleClientTriggerRuleRunResponse]{ + Tracer: client.internal.Tracer(), + }) + } +} + +// TriggerRuleRun - triggers analytics rule run +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +func (client *AlertRuleClient) triggerRuleRun(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, analyticsRuleRunTriggerParameter AnalyticsRuleRunTrigger, options *AlertRuleClientBeginTriggerRuleRunOptions) (*http.Response, error) { + var err error + const operationName = "AlertRuleClient.BeginTriggerRuleRun" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.triggerRuleRunCreateRequest(ctx, resourceGroupName, workspaceName, ruleID, analyticsRuleRunTriggerParameter, options) + if err != nil { + return nil, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return nil, err + } + if !runtime.HasStatusCode(httpResp, http.StatusAccepted) { + err = runtime.NewResponseError(httpResp) + return nil, err + } + return httpResp, nil +} + +// triggerRuleRunCreateRequest creates the TriggerRuleRun request. +func (client *AlertRuleClient) triggerRuleRunCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, analyticsRuleRunTriggerParameter AnalyticsRuleRunTrigger, _ *AlertRuleClientBeginTriggerRuleRunOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/triggerRuleRun" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if ruleID == "" { + return nil, errors.New("parameter ruleID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{ruleId}", url.PathEscape(ruleID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, analyticsRuleRunTriggerParameter); err != nil { + return nil, err + } + return req, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client.go index 58e0b2ff4170..42079158cc02 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type AlertRulesClient struct { } // NewAlertRulesClient creates a new instance of AlertRulesClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewAlertRulesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AlertRulesClient, error) { @@ -46,7 +43,7 @@ func NewAlertRulesClient(subscriptionID string, credential azcore.TokenCredentia // CreateOrUpdate - Creates or updates the alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -76,7 +73,7 @@ func (client *AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGrou } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *AlertRulesClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule AlertRuleClassification, options *AlertRulesClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *AlertRulesClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule AlertRuleClassification, _ *AlertRulesClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -99,7 +96,7 @@ func (client *AlertRulesClient) createOrUpdateCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, alertRule); err != nil { @@ -120,7 +117,7 @@ func (client *AlertRulesClient) createOrUpdateHandleResponse(resp *http.Response // Delete - Delete the alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -147,7 +144,7 @@ func (client *AlertRulesClient) Delete(ctx context.Context, resourceGroupName st } // deleteCreateRequest creates the Delete request. -func (client *AlertRulesClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, options *AlertRulesClientDeleteOptions) (*policy.Request, error) { +func (client *AlertRulesClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, _ *AlertRulesClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -170,7 +167,7 @@ func (client *AlertRulesClient) deleteCreateRequest(ctx context.Context, resourc return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -179,7 +176,7 @@ func (client *AlertRulesClient) deleteCreateRequest(ctx context.Context, resourc // Get - Gets the alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -207,7 +204,7 @@ func (client *AlertRulesClient) Get(ctx context.Context, resourceGroupName strin } // getCreateRequest creates the Get request. -func (client *AlertRulesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, options *AlertRulesClientGetOptions) (*policy.Request, error) { +func (client *AlertRulesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, _ *AlertRulesClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -230,7 +227,7 @@ func (client *AlertRulesClient) getCreateRequest(ctx context.Context, resourceGr return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -247,7 +244,7 @@ func (client *AlertRulesClient) getHandleResponse(resp *http.Response) (AlertRul // NewListPager - Gets all alert rules. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - AlertRulesClientListOptions contains the optional parameters for the AlertRulesClient.NewListPager method. @@ -275,7 +272,7 @@ func (client *AlertRulesClient) NewListPager(resourceGroupName string, workspace } // listCreateRequest creates the List request. -func (client *AlertRulesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *AlertRulesClientListOptions) (*policy.Request, error) { +func (client *AlertRulesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *AlertRulesClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -294,7 +291,7 @@ func (client *AlertRulesClient) listCreateRequest(ctx context.Context, resourceG return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client_example_test.go deleted file mode 100644 index 534c187a779a..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client_example_test.go +++ /dev/null @@ -1,2249 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/GetAllAlertRules.json -func ExampleAlertRulesClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewAlertRulesClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.AlertRulesList = armsecurityinsights.AlertRulesList{ - // Value: []armsecurityinsights.AlertRuleClassification{ - // &armsecurityinsights.ScheduledAlertRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - // Properties: &armsecurityinsights.ScheduledAlertRuleProperties{ - // AlertDetailsOverride: &armsecurityinsights.AlertDetailsOverride{ - // AlertDescriptionFormat: to.Ptr("Suspicious activity was made by {{ComputerIP}}"), - // AlertDisplayNameFormat: to.Ptr("Alert from {{Computer}}"), - // }, - // CustomDetails: map[string]*string{ - // "OperatingSystemName": to.Ptr("OSName"), - // "OperatingSystemType": to.Ptr("OSType"), - // }, - // EntityMappings: []*armsecurityinsights.EntityMapping{ - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeHost), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("Computer"), - // Identifier: to.Ptr("FullName"), - // }}, - // }, - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeIP), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("ComputerIP"), - // Identifier: to.Ptr("Address"), - // }}, - // }}, - // EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - // AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - // }, - // Query: to.Ptr("Heartbeat"), - // QueryFrequency: to.Ptr("PT1H"), - // QueryPeriod: to.Ptr("P2DT1H30M"), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - // TriggerThreshold: to.Ptr[int32](0), - // Description: to.Ptr("An example for a scheduled rule"), - // DisplayName: to.Ptr("My scheduled rule"), - // Enabled: to.Ptr(true), - // IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - // CreateIncident: to.Ptr(true), - // GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - // Enabled: to.Ptr(true), - // GroupByAlertDetails: []*armsecurityinsights.AlertDetail{ - // to.Ptr(armsecurityinsights.AlertDetailDisplayName)}, - // GroupByCustomDetails: []*string{ - // to.Ptr("OperatingSystemType"), - // to.Ptr("OperatingSystemName")}, - // GroupByEntities: []*armsecurityinsights.EntityMappingType{ - // to.Ptr(armsecurityinsights.EntityMappingTypeHost)}, - // LookbackDuration: to.Ptr("PT5H"), - // MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - // ReopenClosedIncident: to.Ptr(false), - // }, - // }, - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-01T13:17:30.000Z"); return t}()), - // SuppressionDuration: to.Ptr("PT1H"), - // SuppressionEnabled: to.Ptr(false), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // Techniques: []*string{ - // to.Ptr("T1037"), - // to.Ptr("T1021")}, - // }, - // }, - // &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRule{ - // Name: to.Ptr("microsoftSecurityIncidentCreationRuleExample"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/microsoftSecurityIncidentCreationRuleExample"), - // Etag: to.Ptr("\"260097e0-0000-0d00-0000-5d6fa88f0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation), - // Properties: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleProperties{ - // ProductFilter: to.Ptr(armsecurityinsights.MicrosoftSecurityProductNameMicrosoftCloudAppSecurity), - // DisplayName: to.Ptr("testing displayname"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-04T12:05:35.729Z"); return t}()), - // }, - // }, - // &armsecurityinsights.FusionAlertRule{ - // Name: to.Ptr("myFirstFusionRule"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/myFirstFusionRule"), - // Etag: to.Ptr("\"25005c11-0000-0d00-0000-5d6cc0e20000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - // Properties: &armsecurityinsights.FusionAlertRuleProperties{ - // Description: to.Ptr("Microsoft Sentinel uses Fusion, a correlation engine based on scalable machine learning algorithms, to automatically detect multistage attacks by identifying combinations of anomalous behaviors and suspicious activities that are observed at various stages of the kill chain. On the basis of these discoveries, Azure Sentinel generates incidents that would otherwise be very difficult to catch. By design, these incidents are low-volume, high-fidelity, and high-severity, which is why this detection is turned ON by default.\n\nSince Fusion correlates multiple signals from various products to detect advanced multistage attacks, successful Fusion detections are presented as Fusion incidents on the Microsoft Sentinel Incidents page. This rule covers the following detections:\n- Fusion for emerging threats\n- Fusion for ransomware\n- Scenario-based Fusion detections (122 scenarios)\n\nTo enable these detections, we recommend you configure the following data connectors for best results:\n- Out-of-the-box anomaly detections\n- Azure Active Directory Identity Protection\n- Azure Defender\n- Azure Defender for IoT\n- Microsoft 365 Defender\n- Microsoft Cloud App Security \n- Microsoft Defender for Endpoint\n- Microsoft Defender for Identity\n- Microsoft Defender for Office 365\n- Palo Alto Networks\n- Scheduled analytics rules, both built-in and those created by your security analysts. Analytics rules must contain kill-chain (tactics) and entity mapping information in order to be used by Fusion.\n\nFor the full description of each detection that is supported by Fusion, go to https://aka.ms/SentinelFusion."), - // AlertRuleTemplateName: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - // DisplayName: to.Ptr("Advanced Multi-Stage Attack Detection"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-10-22T07:12:34.906Z"); return t}()), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // SourceSettings: []*armsecurityinsights.FusionSourceSettings{ - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Anomalies"), - // }, - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Alert providers"), - // SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Azure Active Directory Identity Protection"), - // SourceSubTypeName: to.Ptr("Azure Active Directory Identity Protection"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Defender for Cloud"), - // SourceSubTypeName: to.Ptr("Azure Defender"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Defender for IoT"), - // SourceSubTypeName: to.Ptr("Azure Defender for IoT"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft 365 Defender"), - // SourceSubTypeName: to.Ptr("Microsoft 365 Defender"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Cloud App Security"), - // SourceSubTypeName: to.Ptr("Microsoft Cloud App Security"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Defender for Endpoint"), - // SourceSubTypeName: to.Ptr("Microsoft Defender for Endpoint"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Defender for Identity"), - // SourceSubTypeName: to.Ptr("Microsoft Defender for Identity"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Defender for Office 365"), - // SourceSubTypeName: to.Ptr("Microsoft Defender for Office 365"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Azure Sentinel scheduled analytics rules"), - // SourceSubTypeName: to.Ptr("Azure Sentinel scheduled analytics rules"), - // }}, - // }, - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Raw logs from other sources"), - // SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // IsSupported: to.Ptr(false), - // }, - // SourceSubTypeDisplayName: to.Ptr("Palo Alto Networks"), - // SourceSubTypeName: to.Ptr("Palo Alto Networks"), - // }}, - // }}, - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticCollection), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl), - // to.Ptr(armsecurityinsights.AttackTacticCredentialAccess), - // to.Ptr(armsecurityinsights.AttackTacticDefenseEvasion), - // to.Ptr(armsecurityinsights.AttackTacticDiscovery), - // to.Ptr(armsecurityinsights.AttackTacticExecution), - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticImpact), - // to.Ptr(armsecurityinsights.AttackTacticInitialAccess), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement), - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticPrivilegeEscalation)}, - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/GetFusionAlertRule.json -func ExampleAlertRulesClient_Get_getAFusionAlertRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().Get(ctx, "myRg", "myWorkspace", "myFirstFusionRule", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientGetResponse{ - // AlertRuleClassification: &armsecurityinsights.FusionAlertRule{ - // Name: to.Ptr("myFirstFusionRule"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/myFirstFusionRule"), - // Etag: to.Ptr("\"260090e2-0000-0d00-0000-5d6fb8670000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - // Properties: &armsecurityinsights.FusionAlertRuleProperties{ - // Description: to.Ptr("Microsoft Sentinel uses Fusion, a correlation engine based on scalable machine learning algorithms, to automatically detect multistage attacks by identifying combinations of anomalous behaviors and suspicious activities that are observed at various stages of the kill chain. On the basis of these discoveries, Azure Sentinel generates incidents that would otherwise be very difficult to catch. By design, these incidents are low-volume, high-fidelity, and high-severity, which is why this detection is turned ON by default.\n\nSince Fusion correlates multiple signals from various products to detect advanced multistage attacks, successful Fusion detections are presented as Fusion incidents on the Microsoft Sentinel Incidents page. This rule covers the following detections:\n- Fusion for emerging threats\n- Fusion for ransomware\n- Scenario-based Fusion detections (122 scenarios)\n\nTo enable these detections, we recommend you configure the following data connectors for best results:\n- Out-of-the-box anomaly detections\n- Azure Active Directory Identity Protection\n- Azure Defender\n- Azure Defender for IoT\n- Microsoft 365 Defender\n- Microsoft Cloud App Security \n- Microsoft Defender for Endpoint\n- Microsoft Defender for Identity\n- Microsoft Defender for Office 365\n- Palo Alto Networks\n- Scheduled analytics rules, both built-in and those created by your security analysts. Analytics rules must contain kill-chain (tactics) and entity mapping information in order to be used by Fusion.\n\nFor the full description of each detection that is supported by Fusion, go to https://aka.ms/SentinelFusion."), - // AlertRuleTemplateName: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - // DisplayName: to.Ptr("Advanced Multi-Stage Attack Detection"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-10-20T13:13:11.534Z"); return t}()), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // SourceSettings: []*armsecurityinsights.FusionSourceSettings{ - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Anomalies"), - // }, - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Alert providers"), - // SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Azure Active Directory Identity Protection"), - // SourceSubTypeName: to.Ptr("Azure Active Directory Identity Protection"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Defender for Cloud"), - // SourceSubTypeName: to.Ptr("Azure Defender"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Defender for IoT"), - // SourceSubTypeName: to.Ptr("Azure Defender for IoT"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft 365 Defender"), - // SourceSubTypeName: to.Ptr("Microsoft 365 Defender"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Cloud App Security"), - // SourceSubTypeName: to.Ptr("Microsoft Cloud App Security"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Defender for Endpoint"), - // SourceSubTypeName: to.Ptr("Microsoft Defender for Endpoint"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Defender for Identity"), - // SourceSubTypeName: to.Ptr("Microsoft Defender for Identity"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Microsoft Defender for Office 365"), - // SourceSubTypeName: to.Ptr("Microsoft Defender for Office 365"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeDisplayName: to.Ptr("Azure Sentinel scheduled analytics rules"), - // SourceSubTypeName: to.Ptr("Azure Sentinel scheduled analytics rules"), - // }}, - // }, - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Raw logs from other sources"), - // SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // IsSupported: to.Ptr(false), - // }, - // SourceSubTypeDisplayName: to.Ptr("Palo Alto Networks"), - // SourceSubTypeName: to.Ptr("Palo Alto Networks"), - // }}, - // }}, - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticCollection), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl), - // to.Ptr(armsecurityinsights.AttackTacticCredentialAccess), - // to.Ptr(armsecurityinsights.AttackTacticDefenseEvasion), - // to.Ptr(armsecurityinsights.AttackTacticDiscovery), - // to.Ptr(armsecurityinsights.AttackTacticExecution), - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticImpact), - // to.Ptr(armsecurityinsights.AttackTacticInitialAccess), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement), - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticPrivilegeEscalation)}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/GetMicrosoftSecurityIncidentCreationAlertRule.json -func ExampleAlertRulesClient_Get_getAMicrosoftSecurityIncidentCreationRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().Get(ctx, "myRg", "myWorkspace", "microsoftSecurityIncidentCreationRuleExample", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientGetResponse{ - // AlertRuleClassification: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRule{ - // Name: to.Ptr("microsoftSecurityIncidentCreationRuleExample"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/microsoftSecurityIncidentCreationRuleExample"), - // Etag: to.Ptr("\"260097e0-0000-0d00-0000-5d6fa88f0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation), - // Properties: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleProperties{ - // ProductFilter: to.Ptr(armsecurityinsights.MicrosoftSecurityProductNameMicrosoftCloudAppSecurity), - // DisplayName: to.Ptr("testing displayname"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-04T12:05:35.729Z"); return t}()), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/GetScheduledAlertRule.json -func ExampleAlertRulesClient_Get_getAScheduledAlertRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientGetResponse{ - // AlertRuleClassification: &armsecurityinsights.ScheduledAlertRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - // Properties: &armsecurityinsights.ScheduledAlertRuleProperties{ - // AlertDetailsOverride: &armsecurityinsights.AlertDetailsOverride{ - // AlertDescriptionFormat: to.Ptr("Suspicious activity was made by {{ComputerIP}}"), - // AlertDisplayNameFormat: to.Ptr("Alert from {{Computer}}"), - // }, - // CustomDetails: map[string]*string{ - // "OperatingSystemName": to.Ptr("OSName"), - // "OperatingSystemType": to.Ptr("OSType"), - // }, - // EntityMappings: []*armsecurityinsights.EntityMapping{ - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeHost), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("Computer"), - // Identifier: to.Ptr("FullName"), - // }}, - // }, - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeIP), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("ComputerIP"), - // Identifier: to.Ptr("Address"), - // }}, - // }}, - // EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - // AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - // }, - // Query: to.Ptr("Heartbeat"), - // QueryFrequency: to.Ptr("PT1H"), - // QueryPeriod: to.Ptr("P2DT1H30M"), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - // TriggerThreshold: to.Ptr[int32](0), - // Description: to.Ptr("An example for a scheduled rule"), - // DisplayName: to.Ptr("My scheduled rule"), - // Enabled: to.Ptr(true), - // IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - // CreateIncident: to.Ptr(true), - // GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - // Enabled: to.Ptr(true), - // GroupByAlertDetails: []*armsecurityinsights.AlertDetail{ - // to.Ptr(armsecurityinsights.AlertDetailDisplayName)}, - // GroupByCustomDetails: []*string{ - // to.Ptr("OperatingSystemType"), - // to.Ptr("OperatingSystemName")}, - // GroupByEntities: []*armsecurityinsights.EntityMappingType{ - // to.Ptr(armsecurityinsights.EntityMappingTypeHost)}, - // LookbackDuration: to.Ptr("PT5H"), - // MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - // ReopenClosedIncident: to.Ptr(false), - // }, - // }, - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-01T13:17:30.000Z"); return t}()), - // SuppressionDuration: to.Ptr("PT1H"), - // SuppressionEnabled: to.Ptr(false), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // Techniques: []*string{ - // to.Ptr("T1037"), - // to.Ptr("T1021")}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/GetNrtAlertRule.json -func ExampleAlertRulesClient_Get_getAnNrtAlertRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientGetResponse{ - // AlertRuleClassification: &armsecurityinsights.NrtAlertRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindNRT), - // Properties: &armsecurityinsights.NrtAlertRuleProperties{ - // Description: to.Ptr(""), - // DisplayName: to.Ptr("Rule2"), - // Enabled: to.Ptr(true), - // EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - // AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - // }, - // IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - // CreateIncident: to.Ptr(true), - // GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - // Enabled: to.Ptr(true), - // GroupByEntities: []*armsecurityinsights.EntityMappingType{ - // to.Ptr(armsecurityinsights.EntityMappingTypeHost), - // to.Ptr(armsecurityinsights.EntityMappingTypeAccount)}, - // LookbackDuration: to.Ptr("PT5H"), - // MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - // ReopenClosedIncident: to.Ptr(false), - // }, - // }, - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Query: to.Ptr("ProtectionStatus | extend HostCustomEntity = Computer | extend IPCustomEntity = ComputerIP_Hidden"), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // SuppressionDuration: to.Ptr("PT1H"), - // SuppressionEnabled: to.Ptr(false), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // Techniques: []*string{ - // to.Ptr("T1037"), - // to.Ptr("T1021")}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/CreateFusionAlertRuleWithFusionScenarioExclusion.json -func ExampleAlertRulesClient_CreateOrUpdate_createsOrUpdatesAFusionAlertRuleWithScenarioExclusionPattern() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "myFirstFusionRule", &armsecurityinsights.FusionAlertRule{ - Etag: to.Ptr("3d00c3ca-0000-0100-0000-5d42d5010000"), - Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - Properties: &armsecurityinsights.FusionAlertRuleProperties{ - AlertRuleTemplateName: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - Enabled: to.Ptr(true), - SourceSettings: []*armsecurityinsights.FusionSourceSettings{ - { - Enabled: to.Ptr(true), - SourceName: to.Ptr("Anomalies"), - }, - { - Enabled: to.Ptr(true), - SourceName: to.Ptr("Alert providers"), - SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Azure Active Directory Identity Protection"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Azure Defender"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Azure Defender for IoT"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Microsoft 365 Defender"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Microsoft Cloud App Security"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Microsoft Defender for Endpoint"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Microsoft Defender for Identity"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Microsoft Defender for Office 365"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Azure Sentinel scheduled analytics rules"), - }}, - }, - { - Enabled: to.Ptr(true), - SourceName: to.Ptr("Raw logs from other sources"), - SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{}, - SourceSubTypeName: to.Ptr("Palo Alto Networks"), - }}, - }}, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientCreateOrUpdateResponse{ - // AlertRuleClassification: &armsecurityinsights.FusionAlertRule{ - // Name: to.Ptr("myFirstFusionRule"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/myFirstFusionRule"), - // Etag: to.Ptr("\"260090e2-0000-0d00-0000-5d6fb8670000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - // Properties: &armsecurityinsights.FusionAlertRuleProperties{ - // Description: to.Ptr("Using Fusion technology based on machine learning, Azure Sentinel automatically detects multistage attacks by identifying combinations of anomalous behaviors and suspicious activities observed at various stages of the kill chain. On the basis of these discoveries, Azure Sentinel generates incidents that would otherwise be very difficult to catch. By design, these incidents are low-volume, high-fidelity, and high-severity, which is why this detection is turned ON by default.\n\nThere are a total of 122 Fusion incident types detected by Azure Sentinel.\n\nTo detect these multistage attacks, the following data connectors must be configured:\n- Azure Active Directory Identity Protection.\n- Microsoft Cloud App Security.\n- Microsoft Defender for Endpoint.\n- Azure Defender.\n- Palo Alto Networks.\n- Scheduled Analytics Rules supported by Fusion\n\nFor a full list and description of each scenario that is supported for these multistage attacks, go to https://aka.ms/SentinelFusion."), - // AlertRuleTemplateName: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - // DisplayName: to.Ptr("Advanced Multi-Stage Attack Detection"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-04T13:13:11.534Z"); return t}()), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // SourceSettings: []*armsecurityinsights.FusionSourceSettings{ - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Anomalies"), - // }, - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Alert providers"), - // SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Azure Active Directory Identity Protection"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Azure Defender"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Azure Defender for IoT"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Microsoft 365 Defender"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Microsoft Cloud App Security"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Microsoft Defender for Endpoint"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Microsoft Defender for Identity"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Microsoft Defender for Office 365"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Azure Sentinel scheduled analytics rules"), - // }}, - // }, - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Raw logs from other sources"), - // SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // IsSupported: to.Ptr(false), - // }, - // SourceSubTypeName: to.Ptr("Palo Alto Networks"), - // }}, - // }}, - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticCollection), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl), - // to.Ptr(armsecurityinsights.AttackTacticCredentialAccess), - // to.Ptr(armsecurityinsights.AttackTacticDefenseEvasion), - // to.Ptr(armsecurityinsights.AttackTacticDiscovery), - // to.Ptr(armsecurityinsights.AttackTacticExecution), - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticImpact), - // to.Ptr(armsecurityinsights.AttackTacticInitialAccess), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement), - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticPrivilegeEscalation)}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/CreateFusionAlertRule.json -func ExampleAlertRulesClient_CreateOrUpdate_createsOrUpdatesAFusionAlertRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "myFirstFusionRule", &armsecurityinsights.FusionAlertRule{ - Etag: to.Ptr("3d00c3ca-0000-0100-0000-5d42d5010000"), - Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - Properties: &armsecurityinsights.FusionAlertRuleProperties{ - AlertRuleTemplateName: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - Enabled: to.Ptr(true), - SourceSettings: []*armsecurityinsights.FusionSourceSettings{ - { - Enabled: to.Ptr(true), - SourceName: to.Ptr("Anomalies"), - }, - { - Enabled: to.Ptr(true), - SourceName: to.Ptr("Alert providers"), - SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Azure Active Directory Identity Protection"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Azure Defender"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Azure Defender for IoT"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Microsoft 365 Defender"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Microsoft Cloud App Security"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Microsoft Defender for Endpoint"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Microsoft Defender for Identity"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Microsoft Defender for Office 365"), - }, - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - }, - { - Enabled: to.Ptr(true), - Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - }}, - }, - SourceSubTypeName: to.Ptr("Azure Sentinel scheduled analytics rules"), - }}, - }, - { - Enabled: to.Ptr(true), - SourceName: to.Ptr("Raw logs from other sources"), - SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - { - Enabled: to.Ptr(true), - SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{}, - SourceSubTypeName: to.Ptr("Palo Alto Networks"), - }}, - }}, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientCreateOrUpdateResponse{ - // AlertRuleClassification: &armsecurityinsights.FusionAlertRule{ - // Name: to.Ptr("myFirstFusionRule"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/myFirstFusionRule"), - // Etag: to.Ptr("\"260090e2-0000-0d00-0000-5d6fb8670000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - // Properties: &armsecurityinsights.FusionAlertRuleProperties{ - // Description: to.Ptr("Using Fusion technology based on machine learning, Azure Sentinel automatically detects multistage attacks by identifying combinations of anomalous behaviors and suspicious activities observed at various stages of the kill chain. On the basis of these discoveries, Azure Sentinel generates incidents that would otherwise be very difficult to catch. By design, these incidents are low-volume, high-fidelity, and high-severity, which is why this detection is turned ON by default.\n\nThere are a total of 122 Fusion incident types detected by Azure Sentinel.\n\nTo detect these multistage attacks, the following data connectors must be configured:\n- Azure Active Directory Identity Protection.\n- Microsoft Cloud App Security.\n- Microsoft Defender for Endpoint.\n- Azure Defender.\n- Palo Alto Networks.\n- Scheduled Analytics Rules supported by Fusion\n\nFor a full list and description of each scenario that is supported for these multistage attacks, go to https://aka.ms/SentinelFusion."), - // AlertRuleTemplateName: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - // DisplayName: to.Ptr("Advanced Multi-Stage Attack Detection"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-04T13:13:11.534Z"); return t}()), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // SourceSettings: []*armsecurityinsights.FusionSourceSettings{ - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Anomalies"), - // }, - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Alert providers"), - // SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Azure Active Directory Identity Protection"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Azure Defender"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Azure Defender for IoT"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Microsoft 365 Defender"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Microsoft Cloud App Security"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Microsoft Defender for Endpoint"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Microsoft Defender for Identity"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Microsoft Defender for Office 365"), - // }, - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // Filters: []*armsecurityinsights.FusionSubTypeSeverityFiltersItem{ - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // }, - // { - // Enabled: to.Ptr(true), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityInformational), - // }}, - // IsSupported: to.Ptr(true), - // }, - // SourceSubTypeName: to.Ptr("Azure Sentinel scheduled analytics rules"), - // }}, - // }, - // { - // Enabled: to.Ptr(true), - // SourceName: to.Ptr("Raw logs from other sources"), - // SourceSubTypes: []*armsecurityinsights.FusionSourceSubTypeSetting{ - // { - // Enabled: to.Ptr(true), - // SeverityFilters: &armsecurityinsights.FusionSubTypeSeverityFilter{ - // IsSupported: to.Ptr(false), - // }, - // SourceSubTypeName: to.Ptr("Palo Alto Networks"), - // }}, - // }}, - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticCollection), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl), - // to.Ptr(armsecurityinsights.AttackTacticCredentialAccess), - // to.Ptr(armsecurityinsights.AttackTacticDefenseEvasion), - // to.Ptr(armsecurityinsights.AttackTacticDiscovery), - // to.Ptr(armsecurityinsights.AttackTacticExecution), - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticImpact), - // to.Ptr(armsecurityinsights.AttackTacticInitialAccess), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement), - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticPrivilegeEscalation)}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/CreateMicrosoftSecurityIncidentCreationAlertRule.json -func ExampleAlertRulesClient_CreateOrUpdate_createsOrUpdatesAMicrosoftSecurityIncidentCreationRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "microsoftSecurityIncidentCreationRuleExample", &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRule{ - Etag: to.Ptr("\"260097e0-0000-0d00-0000-5d6fa88f0000\""), - Kind: to.Ptr(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation), - Properties: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleProperties{ - ProductFilter: to.Ptr(armsecurityinsights.MicrosoftSecurityProductNameMicrosoftCloudAppSecurity), - DisplayName: to.Ptr("testing displayname"), - Enabled: to.Ptr(true), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientCreateOrUpdateResponse{ - // AlertRuleClassification: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRule{ - // Name: to.Ptr("microsoftSecurityIncidentCreationRuleExample"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/microsoftSecurityIncidentCreationRuleExample"), - // Etag: to.Ptr("\"260097e0-0000-0d00-0000-5d6fa88f0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation), - // Properties: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleProperties{ - // ProductFilter: to.Ptr(armsecurityinsights.MicrosoftSecurityProductNameMicrosoftCloudAppSecurity), - // DisplayName: to.Ptr("testing displayname"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-04T12:05:35.729Z"); return t}()), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/CreateNrtAlertRule.json -func ExampleAlertRulesClient_CreateOrUpdate_createsOrUpdatesANrtAlertRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.NrtAlertRule{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Kind: to.Ptr(armsecurityinsights.AlertRuleKindNRT), - Properties: &armsecurityinsights.NrtAlertRuleProperties{ - Description: to.Ptr(""), - DisplayName: to.Ptr("Rule2"), - Enabled: to.Ptr(true), - EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - }, - IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - CreateIncident: to.Ptr(true), - GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - Enabled: to.Ptr(true), - GroupByEntities: []*armsecurityinsights.EntityMappingType{ - to.Ptr(armsecurityinsights.EntityMappingTypeHost), - to.Ptr(armsecurityinsights.EntityMappingTypeAccount)}, - LookbackDuration: to.Ptr("PT5H"), - MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - ReopenClosedIncident: to.Ptr(false), - }, - }, - Query: to.Ptr("ProtectionStatus | extend HostCustomEntity = Computer | extend IPCustomEntity = ComputerIP_Hidden"), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - SuppressionDuration: to.Ptr("PT1H"), - SuppressionEnabled: to.Ptr(false), - Tactics: []*armsecurityinsights.AttackTactic{ - to.Ptr(armsecurityinsights.AttackTacticPersistence), - to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - Techniques: []*string{ - to.Ptr("T1037"), - to.Ptr("T1021")}, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientCreateOrUpdateResponse{ - // AlertRuleClassification: &armsecurityinsights.NrtAlertRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindNRT), - // Properties: &armsecurityinsights.NrtAlertRuleProperties{ - // Description: to.Ptr(""), - // DisplayName: to.Ptr("Rule2"), - // Enabled: to.Ptr(true), - // EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - // AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - // }, - // IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - // CreateIncident: to.Ptr(true), - // GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - // Enabled: to.Ptr(true), - // GroupByEntities: []*armsecurityinsights.EntityMappingType{ - // to.Ptr(armsecurityinsights.EntityMappingTypeHost), - // to.Ptr(armsecurityinsights.EntityMappingTypeAccount)}, - // LookbackDuration: to.Ptr("PT5H"), - // MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - // ReopenClosedIncident: to.Ptr(false), - // }, - // }, - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Query: to.Ptr("ProtectionStatus | extend HostCustomEntity = Computer | extend IPCustomEntity = ComputerIP_Hidden"), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // SuppressionDuration: to.Ptr("PT1H"), - // SuppressionEnabled: to.Ptr(false), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // Techniques: []*string{ - // to.Ptr("T1037"), - // to.Ptr("T1021")}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/CreateScheduledAlertRule.json -func ExampleAlertRulesClient_CreateOrUpdate_createsOrUpdatesAScheduledAlertRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.ScheduledAlertRule{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - Properties: &armsecurityinsights.ScheduledAlertRuleProperties{ - AlertDetailsOverride: &armsecurityinsights.AlertDetailsOverride{ - AlertDescriptionFormat: to.Ptr("Suspicious activity was made by {{ComputerIP}}"), - AlertDisplayNameFormat: to.Ptr("Alert from {{Computer}}"), - }, - CustomDetails: map[string]*string{ - "OperatingSystemName": to.Ptr("OSName"), - "OperatingSystemType": to.Ptr("OSType"), - }, - EntityMappings: []*armsecurityinsights.EntityMapping{ - { - EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeHost), - FieldMappings: []*armsecurityinsights.FieldMapping{ - { - ColumnName: to.Ptr("Computer"), - Identifier: to.Ptr("FullName"), - }}, - }, - { - EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeIP), - FieldMappings: []*armsecurityinsights.FieldMapping{ - { - ColumnName: to.Ptr("ComputerIP"), - Identifier: to.Ptr("Address"), - }}, - }}, - EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - }, - Query: to.Ptr("Heartbeat"), - QueryFrequency: to.Ptr("PT1H"), - QueryPeriod: to.Ptr("P2DT1H30M"), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - TriggerThreshold: to.Ptr[int32](0), - Description: to.Ptr("An example for a scheduled rule"), - DisplayName: to.Ptr("My scheduled rule"), - Enabled: to.Ptr(true), - IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - CreateIncident: to.Ptr(true), - GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - Enabled: to.Ptr(true), - GroupByAlertDetails: []*armsecurityinsights.AlertDetail{ - to.Ptr(armsecurityinsights.AlertDetailDisplayName)}, - GroupByCustomDetails: []*string{ - to.Ptr("OperatingSystemType"), - to.Ptr("OperatingSystemName")}, - GroupByEntities: []*armsecurityinsights.EntityMappingType{ - to.Ptr(armsecurityinsights.EntityMappingTypeHost)}, - LookbackDuration: to.Ptr("PT5H"), - MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - ReopenClosedIncident: to.Ptr(false), - }, - }, - SuppressionDuration: to.Ptr("PT1H"), - SuppressionEnabled: to.Ptr(false), - Tactics: []*armsecurityinsights.AttackTactic{ - to.Ptr(armsecurityinsights.AttackTacticPersistence), - to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - Techniques: []*string{ - to.Ptr("T1037"), - to.Ptr("T1021")}, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientCreateOrUpdateResponse{ - // AlertRuleClassification: &armsecurityinsights.ScheduledAlertRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"01005144-0000-0d00-0000-6058632c0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - // Properties: &armsecurityinsights.ScheduledAlertRuleProperties{ - // AlertDetailsOverride: &armsecurityinsights.AlertDetailsOverride{ - // AlertDescriptionFormat: to.Ptr("Suspicious activity was made by {{ComputerIP}}"), - // AlertDisplayNameFormat: to.Ptr("Alert from {{Computer}}"), - // }, - // CustomDetails: map[string]*string{ - // "OperatingSystemName": to.Ptr("OSName"), - // "OperatingSystemType": to.Ptr("OSType"), - // }, - // EntityMappings: []*armsecurityinsights.EntityMapping{ - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeHost), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("Computer"), - // Identifier: to.Ptr("FullName"), - // }}, - // }, - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeIP), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("ComputerIP"), - // Identifier: to.Ptr("Address"), - // }}, - // }}, - // EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - // AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - // }, - // Query: to.Ptr("Heartbeat"), - // QueryFrequency: to.Ptr("PT1H"), - // QueryPeriod: to.Ptr("P2DT1H30M"), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - // TriggerThreshold: to.Ptr[int32](0), - // Description: to.Ptr("An example for a scheduled rule"), - // DisplayName: to.Ptr("My scheduled rule"), - // Enabled: to.Ptr(true), - // IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - // CreateIncident: to.Ptr(true), - // GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - // Enabled: to.Ptr(true), - // GroupByAlertDetails: []*armsecurityinsights.AlertDetail{ - // to.Ptr(armsecurityinsights.AlertDetailDisplayName)}, - // GroupByCustomDetails: []*string{ - // to.Ptr("OperatingSystemType"), - // to.Ptr("OperatingSystemName")}, - // GroupByEntities: []*armsecurityinsights.EntityMappingType{ - // to.Ptr(armsecurityinsights.EntityMappingTypeHost)}, - // LookbackDuration: to.Ptr("PT5H"), - // MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - // ReopenClosedIncident: to.Ptr(false), - // }, - // }, - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-01T13:17:30.000Z"); return t}()), - // SuppressionDuration: to.Ptr("PT1H"), - // SuppressionEnabled: to.Ptr(false), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // Techniques: []*string{ - // to.Ptr("T1037"), - // to.Ptr("T1021")}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/DeleteAlertRule.json -func ExampleAlertRulesClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewAlertRulesClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client.go index 07c3b14939a6..e6026de95a2a 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type AlertRuleTemplatesClient struct { } // NewAlertRuleTemplatesClient creates a new instance of AlertRuleTemplatesClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewAlertRuleTemplatesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AlertRuleTemplatesClient, error) { @@ -46,7 +43,7 @@ func NewAlertRuleTemplatesClient(subscriptionID string, credential azcore.TokenC // Get - Gets the alert rule template. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - alertRuleTemplateID - Alert rule template ID @@ -74,7 +71,7 @@ func (client *AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupNa } // getCreateRequest creates the Get request. -func (client *AlertRuleTemplatesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, alertRuleTemplateID string, options *AlertRuleTemplatesClientGetOptions) (*policy.Request, error) { +func (client *AlertRuleTemplatesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, alertRuleTemplateID string, _ *AlertRuleTemplatesClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates/{alertRuleTemplateId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -97,7 +94,7 @@ func (client *AlertRuleTemplatesClient) getCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -114,7 +111,7 @@ func (client *AlertRuleTemplatesClient) getHandleResponse(resp *http.Response) ( // NewListPager - Gets all alert rule templates. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - AlertRuleTemplatesClientListOptions contains the optional parameters for the AlertRuleTemplatesClient.NewListPager @@ -143,7 +140,7 @@ func (client *AlertRuleTemplatesClient) NewListPager(resourceGroupName string, w } // listCreateRequest creates the List request. -func (client *AlertRuleTemplatesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *AlertRuleTemplatesClientListOptions) (*policy.Request, error) { +func (client *AlertRuleTemplatesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *AlertRuleTemplatesClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -162,7 +159,7 @@ func (client *AlertRuleTemplatesClient) listCreateRequest(ctx context.Context, r return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client_example_test.go deleted file mode 100644 index d07856b6f3d6..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client_example_test.go +++ /dev/null @@ -1,297 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRuleTemplates/GetAlertRuleTemplates.json -func ExampleAlertRuleTemplatesClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewAlertRuleTemplatesClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.AlertRuleTemplatesList = armsecurityinsights.AlertRuleTemplatesList{ - // Value: []armsecurityinsights.AlertRuleTemplateClassification{ - // &armsecurityinsights.ScheduledAlertRuleTemplate{ - // Name: to.Ptr("65360bb0-8986-4ade-a89d-af3cf44d28aa"), - // Type: to.Ptr("Microsoft.SecurityInsights/AlertRuleTemplates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/AlertRuleTemplates/65360bb0-8986-4ade-a89d-af3cf44d28aa"), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - // Properties: &armsecurityinsights.ScheduledAlertRuleTemplateProperties{ - // Description: to.Ptr("This alert monitors changes to Amazon VPC (Virtual Private Cloud) settings such as new ACL entries and routes in route tables.\nMore information: https://medium.com/@GorillaStack/the-most-important-aws-cloudtrail-security-events-to-track-a5b9873f8255 \nand https://aws.amazon.com/vpc/"), - // AlertRulesCreatedByTemplateCount: to.Ptr[int32](0), - // CreatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-02-27T00:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("Changes to Amazon VPC settings"), - // LastUpdatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-27T00:00:00.000Z"); return t}()), - // Query: to.Ptr("let timeframe = 1d;\nAWSCloudTrail\n| where TimeGenerated >= ago(timeframe)\n| where EventName == \"CreateNetworkAclEntry\"\n or EventName == \"CreateRoute\"\n| project TimeGenerated, EventName, EventTypeName, UserIdentityAccountId, UserIdentityPrincipalid, UserAgent, UserIdentityUserName, SessionMfaAuthenticated, SourceIpAddress, AWSRegion, EventSource, AdditionalEventData, ResponseElements\n| extend AccountCustomEntity = UserIdentityUserName, IPCustomEntity = SourceIpAddress"), - // QueryFrequency: to.Ptr("P1D"), - // QueryPeriod: to.Ptr("P1D"), - // RequiredDataConnectors: []*armsecurityinsights.AlertRuleTemplateDataSource{ - // { - // ConnectorID: to.Ptr("AWS"), - // DataTypes: []*string{ - // to.Ptr("AWSCloudTrail")}, - // }}, - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // Status: to.Ptr(armsecurityinsights.TemplateStatusAvailable), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPrivilegeEscalation), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // Techniques: []*string{ - // to.Ptr("T1037"), - // to.Ptr("T1021")}, - // TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - // TriggerThreshold: to.Ptr[int32](0), - // Version: to.Ptr("1.0.1"), - // }, - // }, - // &armsecurityinsights.FusionAlertRuleTemplate{ - // Name: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - // Type: to.Ptr("Microsoft.SecurityInsights/AlertRuleTemplates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/AlertRuleTemplates/f71aba3d-28fb-450b-b192-4e76a83015c8"), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - // Properties: &armsecurityinsights.FusionAlertRuleTemplateProperties{ - // Description: to.Ptr("Microsoft Sentinel uses Fusion, a correlation engine based on scalable machine learning algorithms, to automatically detect multistage attacks by identifying combinations of anomalous behaviors and suspicious activities that are observed at various stages of the kill chain. On the basis of these discoveries, Azure Sentinel generates incidents that would otherwise be very difficult to catch. By design, these incidents are low-volume, high-fidelity, and high-severity, which is why this detection is turned ON by default.\n\nSince Fusion correlates multiple signals from various products to detect advanced multistage attacks, successful Fusion detections are presented as Fusion incidents on the Microsoft Sentinel Incidents page. This rule covers the following detections:\n- Fusion for emerging threats\n- Fusion for ransomware\n- Scenario-based Fusion detections (122 scenarios)\n\nTo enable these detections, we recommend you configure the following data connectors for best results:\n- Out-of-the-box anomaly detections\n- Azure Active Directory Identity Protection\n- Azure Defender\n- Azure Defender for IoT\n- Microsoft 365 Defender\n- Microsoft Cloud App Security \n- Microsoft Defender for Endpoint\n- Microsoft Defender for Identity\n- Microsoft Defender for Office 365\n- Palo Alto Networks\n- Scheduled analytics rules, both built-in and those created by your security analysts. Analytics rules must contain kill-chain (tactics) and entity mapping information in order to be used by Fusion.\n\nFor the full description of each detection that is supported by Fusion, go to https://aka.ms/SentinelFusion."), - // AlertRulesCreatedByTemplateCount: to.Ptr[int32](0), - // CreatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-07-25T00:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("Advanced Multi-Stage Attack Detection"), - // LastUpdatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-06-09T00:00:00.000Z"); return t}()), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // SourceSettings: []*armsecurityinsights.FusionTemplateSourceSetting{ - // { - // SourceName: to.Ptr("Anomalies"), - // }, - // { - // SourceName: to.Ptr("Alert providers"), - // SourceSubTypes: []*armsecurityinsights.FusionTemplateSourceSubType{ - // { - // SeverityFilter: &armsecurityinsights.FusionTemplateSubTypeSeverityFilter{ - // IsSupported: to.Ptr(true), - // SeverityFilters: []*armsecurityinsights.AlertSeverity{ - // to.Ptr(armsecurityinsights.AlertSeverityInformational), - // to.Ptr(armsecurityinsights.AlertSeverityLow), - // to.Ptr(armsecurityinsights.AlertSeverityMedium), - // to.Ptr(armsecurityinsights.AlertSeverityHigh)}, - // }, - // SourceSubTypeName: to.Ptr("Azure Active Directory Identity Protection"), - // }, - // { - // SeverityFilter: &armsecurityinsights.FusionTemplateSubTypeSeverityFilter{ - // IsSupported: to.Ptr(true), - // SeverityFilters: []*armsecurityinsights.AlertSeverity{ - // to.Ptr(armsecurityinsights.AlertSeverityInformational), - // to.Ptr(armsecurityinsights.AlertSeverityLow), - // to.Ptr(armsecurityinsights.AlertSeverityMedium), - // to.Ptr(armsecurityinsights.AlertSeverityHigh)}, - // }, - // SourceSubTypeName: to.Ptr("Azure Defender"), - // }, - // { - // SeverityFilter: &armsecurityinsights.FusionTemplateSubTypeSeverityFilter{ - // IsSupported: to.Ptr(true), - // SeverityFilters: []*armsecurityinsights.AlertSeverity{ - // to.Ptr(armsecurityinsights.AlertSeverityInformational), - // to.Ptr(armsecurityinsights.AlertSeverityLow), - // to.Ptr(armsecurityinsights.AlertSeverityMedium), - // to.Ptr(armsecurityinsights.AlertSeverityHigh)}, - // }, - // SourceSubTypeName: to.Ptr("Azure Defender for IoT"), - // }, - // { - // SeverityFilter: &armsecurityinsights.FusionTemplateSubTypeSeverityFilter{ - // IsSupported: to.Ptr(true), - // SeverityFilters: []*armsecurityinsights.AlertSeverity{ - // to.Ptr(armsecurityinsights.AlertSeverityInformational), - // to.Ptr(armsecurityinsights.AlertSeverityLow), - // to.Ptr(armsecurityinsights.AlertSeverityMedium), - // to.Ptr(armsecurityinsights.AlertSeverityHigh)}, - // }, - // SourceSubTypeName: to.Ptr("Microsoft 365 Defender"), - // }, - // { - // SeverityFilter: &armsecurityinsights.FusionTemplateSubTypeSeverityFilter{ - // IsSupported: to.Ptr(true), - // SeverityFilters: []*armsecurityinsights.AlertSeverity{ - // to.Ptr(armsecurityinsights.AlertSeverityInformational), - // to.Ptr(armsecurityinsights.AlertSeverityLow), - // to.Ptr(armsecurityinsights.AlertSeverityMedium), - // to.Ptr(armsecurityinsights.AlertSeverityHigh)}, - // }, - // SourceSubTypeName: to.Ptr("Microsoft Cloud App Security"), - // }, - // { - // SeverityFilter: &armsecurityinsights.FusionTemplateSubTypeSeverityFilter{ - // IsSupported: to.Ptr(true), - // SeverityFilters: []*armsecurityinsights.AlertSeverity{ - // to.Ptr(armsecurityinsights.AlertSeverityInformational), - // to.Ptr(armsecurityinsights.AlertSeverityLow), - // to.Ptr(armsecurityinsights.AlertSeverityMedium), - // to.Ptr(armsecurityinsights.AlertSeverityHigh)}, - // }, - // SourceSubTypeName: to.Ptr("Microsoft Defender for Endpoint"), - // }, - // { - // SeverityFilter: &armsecurityinsights.FusionTemplateSubTypeSeverityFilter{ - // IsSupported: to.Ptr(true), - // SeverityFilters: []*armsecurityinsights.AlertSeverity{ - // to.Ptr(armsecurityinsights.AlertSeverityInformational), - // to.Ptr(armsecurityinsights.AlertSeverityLow), - // to.Ptr(armsecurityinsights.AlertSeverityMedium), - // to.Ptr(armsecurityinsights.AlertSeverityHigh)}, - // }, - // SourceSubTypeName: to.Ptr("Microsoft Defender for Identity"), - // }, - // { - // SeverityFilter: &armsecurityinsights.FusionTemplateSubTypeSeverityFilter{ - // IsSupported: to.Ptr(true), - // SeverityFilters: []*armsecurityinsights.AlertSeverity{ - // to.Ptr(armsecurityinsights.AlertSeverityInformational), - // to.Ptr(armsecurityinsights.AlertSeverityLow), - // to.Ptr(armsecurityinsights.AlertSeverityMedium), - // to.Ptr(armsecurityinsights.AlertSeverityHigh)}, - // }, - // SourceSubTypeName: to.Ptr("Microsoft Defender for Office 365"), - // }, - // { - // SeverityFilter: &armsecurityinsights.FusionTemplateSubTypeSeverityFilter{ - // IsSupported: to.Ptr(true), - // SeverityFilters: []*armsecurityinsights.AlertSeverity{ - // to.Ptr(armsecurityinsights.AlertSeverityInformational), - // to.Ptr(armsecurityinsights.AlertSeverityLow), - // to.Ptr(armsecurityinsights.AlertSeverityMedium), - // to.Ptr(armsecurityinsights.AlertSeverityHigh)}, - // }, - // SourceSubTypeName: to.Ptr("Azure Sentinel scheduled analytics rules"), - // }}, - // }, - // { - // SourceName: to.Ptr("Raw logs from other sources"), - // SourceSubTypes: []*armsecurityinsights.FusionTemplateSourceSubType{ - // { - // SeverityFilter: &armsecurityinsights.FusionTemplateSubTypeSeverityFilter{ - // IsSupported: to.Ptr(false), - // }, - // SourceSubTypeName: to.Ptr("Palo Alto Networks"), - // }}, - // }}, - // Status: to.Ptr(armsecurityinsights.TemplateStatusAvailable), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticCollection), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl), - // to.Ptr(armsecurityinsights.AttackTacticCredentialAccess), - // to.Ptr(armsecurityinsights.AttackTacticDefenseEvasion), - // to.Ptr(armsecurityinsights.AttackTacticDiscovery), - // to.Ptr(armsecurityinsights.AttackTacticExecution), - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticImpact), - // to.Ptr(armsecurityinsights.AttackTacticInitialAccess), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement), - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticPrivilegeEscalation)}, - // }, - // }, - // &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleTemplate{ - // Name: to.Ptr("b3cfc7c0-092c-481c-a55b-34a3979758cb"), - // Type: to.Ptr("Microsoft.SecurityInsights/AlertRuleTemplates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/AlertRuleTemplates/b3cfc7c0-092c-481c-a55b-34a3979758cb"), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation), - // Properties: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties{ - // Description: to.Ptr("Create incidents based on all alerts generated in Microsoft Cloud App Security"), - // AlertRulesCreatedByTemplateCount: to.Ptr[int32](0), - // CreatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-07-16T00:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("Create incidents based on Microsoft Cloud App Security alerts"), - // LastUpdatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-27T00:00:00.000Z"); return t}()), - // Status: to.Ptr(armsecurityinsights.TemplateStatusAvailable), - // ProductFilter: to.Ptr(armsecurityinsights.MicrosoftSecurityProductNameMicrosoftCloudAppSecurity), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRuleTemplates/GetAlertRuleTemplateById.json -func ExampleAlertRuleTemplatesClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRuleTemplatesClient().Get(ctx, "myRg", "myWorkspace", "65360bb0-8986-4ade-a89d-af3cf44d28aa", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRuleTemplatesClientGetResponse{ - // AlertRuleTemplateClassification: &armsecurityinsights.ScheduledAlertRuleTemplate{ - // Name: to.Ptr("65360bb0-8986-4ade-a89d-af3cf44d28aa"), - // Type: to.Ptr("Microsoft.SecurityInsights/AlertRuleTemplates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRuleTemplates/65360bb0-8986-4ade-a89d-af3cf44d28aa"), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - // Properties: &armsecurityinsights.ScheduledAlertRuleTemplateProperties{ - // Description: to.Ptr("This alert monitors changes to Amazon VPC (Virtual Private Cloud) settings such as new ACL entries and routes in route tables.\nMore information: https://medium.com/@GorillaStack/the-most-important-aws-cloudtrail-security-events-to-track-a5b9873f8255 \nand https://aws.amazon.com/vpc/"), - // AlertRulesCreatedByTemplateCount: to.Ptr[int32](0), - // CreatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-02-27T00:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("Changes to Amazon VPC settings"), - // EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - // AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - // }, - // LastUpdatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-27T00:00:00.000Z"); return t}()), - // Query: to.Ptr("let timeframe = 1d;\nAWSCloudTrail\n| where TimeGenerated >= ago(timeframe)\n| where EventName == \"CreateNetworkAclEntry\"\n or EventName == \"CreateRoute\"\n| project TimeGenerated, EventName, EventTypeName, UserIdentityAccountId, UserIdentityPrincipalid, UserAgent, UserIdentityUserName, SessionMfaAuthenticated, SourceIpAddress, AWSRegion, EventSource, AdditionalEventData, ResponseElements\n| extend AccountCustomEntity = UserIdentityUserName, IPCustomEntity = SourceIpAddress"), - // QueryFrequency: to.Ptr("P1D"), - // QueryPeriod: to.Ptr("P1D"), - // RequiredDataConnectors: []*armsecurityinsights.AlertRuleTemplateDataSource{ - // { - // ConnectorID: to.Ptr("AWS"), - // DataTypes: []*string{ - // to.Ptr("AWSCloudTrail")}, - // }}, - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // Status: to.Ptr(armsecurityinsights.TemplateStatusAvailable), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPrivilegeEscalation), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // Techniques: []*string{ - // to.Ptr("T1037"), - // to.Ptr("T1021")}, - // TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - // TriggerThreshold: to.Ptr[int32](0), - // Version: to.Ptr("1.0.2"), - // }, - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client.go index e2d3436d85a8..312a557b255c 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type AutomationRulesClient struct { } // NewAutomationRulesClient creates a new instance of AutomationRulesClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewAutomationRulesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AutomationRulesClient, error) { @@ -46,7 +43,7 @@ func NewAutomationRulesClient(subscriptionID string, credential azcore.TokenCred // CreateOrUpdate - Creates or updates the automation rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - automationRuleID - Automation rule ID @@ -98,7 +95,7 @@ func (client *AutomationRulesClient) createOrUpdateCreateRequest(ctx context.Con return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if options != nil && options.AutomationRuleToUpsert != nil { @@ -122,7 +119,7 @@ func (client *AutomationRulesClient) createOrUpdateHandleResponse(resp *http.Res // Delete - Delete the automation rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - automationRuleID - Automation rule ID @@ -150,7 +147,7 @@ func (client *AutomationRulesClient) Delete(ctx context.Context, resourceGroupNa } // deleteCreateRequest creates the Delete request. -func (client *AutomationRulesClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string, options *AutomationRulesClientDeleteOptions) (*policy.Request, error) { +func (client *AutomationRulesClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string, _ *AutomationRulesClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -173,7 +170,7 @@ func (client *AutomationRulesClient) deleteCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -191,7 +188,7 @@ func (client *AutomationRulesClient) deleteHandleResponse(resp *http.Response) ( // Get - Gets the automation rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - automationRuleID - Automation rule ID @@ -219,7 +216,7 @@ func (client *AutomationRulesClient) Get(ctx context.Context, resourceGroupName } // getCreateRequest creates the Get request. -func (client *AutomationRulesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string, options *AutomationRulesClientGetOptions) (*policy.Request, error) { +func (client *AutomationRulesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string, _ *AutomationRulesClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -242,7 +239,7 @@ func (client *AutomationRulesClient) getCreateRequest(ctx context.Context, resou return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -259,7 +256,7 @@ func (client *AutomationRulesClient) getHandleResponse(resp *http.Response) (Aut // NewListPager - Gets all automation rules. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - AutomationRulesClientListOptions contains the optional parameters for the AutomationRulesClient.NewListPager @@ -288,7 +285,7 @@ func (client *AutomationRulesClient) NewListPager(resourceGroupName string, work } // listCreateRequest creates the List request. -func (client *AutomationRulesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *AutomationRulesClientListOptions) (*policy.Request, error) { +func (client *AutomationRulesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *AutomationRulesClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -307,7 +304,7 @@ func (client *AutomationRulesClient) listCreateRequest(ctx context.Context, reso return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client_example_test.go deleted file mode 100644 index 588fd5ab83f8..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client_example_test.go +++ /dev/null @@ -1,304 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/automationRules/AutomationRules_Get.json -func ExampleAutomationRulesClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAutomationRulesClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.AutomationRule = armsecurityinsights.AutomationRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/automationRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/automationRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.AutomationRuleProperties{ - // Actions: []armsecurityinsights.AutomationRuleActionClassification{ - // &armsecurityinsights.AutomationRuleRunPlaybookAction{ - // ActionType: to.Ptr(armsecurityinsights.ActionTypeRunPlaybook), - // Order: to.Ptr[int32](1), - // ActionConfiguration: &armsecurityinsights.PlaybookActionProperties{ - // LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/IncidentPlaybook"), - // TenantID: to.Ptr("d23e3eef-eed0-428f-a2d5-bc48c268e31d"), - // }, - // }}, - // CreatedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("Suspicious alerts in workspace"), - // LastModifiedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // Order: to.Ptr[int32](1), - // TriggeringLogic: &armsecurityinsights.AutomationRuleTriggeringLogic{ - // Conditions: []armsecurityinsights.AutomationRuleConditionClassification{ - // &armsecurityinsights.BooleanConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypeBoolean), - // ConditionProperties: &armsecurityinsights.AutomationRuleBooleanCondition{ - // InnerConditions: []armsecurityinsights.AutomationRuleConditionClassification{ - // &armsecurityinsights.PropertyConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypeProperty), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyValuesCondition{ - // Operator: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedOperatorEquals), - // PropertyName: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedPropertyAccountName), - // PropertyValues: []*string{ - // to.Ptr("Administrator")}, - // }, - // }, - // &armsecurityinsights.PropertyConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypeProperty), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyValuesCondition{ - // Operator: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedOperatorEquals), - // PropertyName: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedPropertyHostName), - // PropertyValues: []*string{ - // to.Ptr("MainServer")}, - // }, - // }}, - // Operator: to.Ptr(armsecurityinsights.AutomationRuleBooleanConditionSupportedOperatorOr), - // }, - // }, - // &armsecurityinsights.PropertyArrayConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypePropertyArray), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyArrayValuesCondition{ - // ArrayConditionType: to.Ptr(armsecurityinsights.AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAnyItem), - // ArrayType: to.Ptr(armsecurityinsights.AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetails), - // ItemConditions: []armsecurityinsights.AutomationRuleConditionClassification{ - // &armsecurityinsights.PropertyConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypeProperty), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyValuesCondition{ - // Operator: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedOperatorEquals), - // PropertyName: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsKey), - // PropertyValues: []*string{ - // to.Ptr("AlertTags")}, - // }, - // }, - // &armsecurityinsights.PropertyArrayConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypePropertyArray), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyArrayValuesCondition{ - // ArrayConditionType: to.Ptr(armsecurityinsights.AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAnyItem), - // ArrayType: to.Ptr(armsecurityinsights.AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetailValues), - // ItemConditions: []armsecurityinsights.AutomationRuleConditionClassification{ - // &armsecurityinsights.PropertyConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypeProperty), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyValuesCondition{ - // Operator: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedOperatorEquals), - // PropertyName: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsValue), - // PropertyValues: []*string{ - // to.Ptr("HighPriority")}, - // }, - // }}, - // }, - // }}, - // }, - // }}, - // IsEnabled: to.Ptr(true), - // TriggersOn: to.Ptr(armsecurityinsights.TriggersOnIncidents), - // TriggersWhen: to.Ptr(armsecurityinsights.TriggersWhenCreated), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/automationRules/AutomationRules_CreateOrUpdate.json -func ExampleAutomationRulesClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAutomationRulesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.AutomationRulesClientCreateOrUpdateOptions{AutomationRuleToUpsert: nil}) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.AutomationRule = armsecurityinsights.AutomationRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/automationRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/automationRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.AutomationRuleProperties{ - // Actions: []armsecurityinsights.AutomationRuleActionClassification{ - // &armsecurityinsights.AutomationRuleRunPlaybookAction{ - // ActionType: to.Ptr(armsecurityinsights.ActionTypeRunPlaybook), - // Order: to.Ptr[int32](1), - // ActionConfiguration: &armsecurityinsights.PlaybookActionProperties{ - // LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/AlertPlaybook"), - // TenantID: to.Ptr("d23e3eef-eed0-428f-a2d5-bc48c268e31d"), - // }, - // }}, - // CreatedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("Suspicious alerts in workspace"), - // LastModifiedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // Order: to.Ptr[int32](1), - // TriggeringLogic: &armsecurityinsights.AutomationRuleTriggeringLogic{ - // Conditions: []armsecurityinsights.AutomationRuleConditionClassification{ - // &armsecurityinsights.PropertyConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypeProperty), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyValuesCondition{ - // Operator: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedOperatorContains), - // PropertyName: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedPropertyAlertAnalyticRuleIDs), - // PropertyValues: []*string{ - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/fab3d2d4-747f-46a7-8ef0-9c0be8112bf7"), - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/8deb8303-e94d-46ff-96e0-5fd94b33df1a")}, - // }, - // }}, - // IsEnabled: to.Ptr(true), - // TriggersOn: to.Ptr(armsecurityinsights.TriggersOnAlerts), - // TriggersWhen: to.Ptr(armsecurityinsights.TriggersWhenCreated), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/automationRules/AutomationRules_Delete.json -func ExampleAutomationRulesClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAutomationRulesClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Interface = map[string]any{ - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/automationRules/AutomationRules_List.json -func ExampleAutomationRulesClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewAutomationRulesClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.AutomationRulesList = armsecurityinsights.AutomationRulesList{ - // Value: []*armsecurityinsights.AutomationRule{ - // { - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/automationRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/automationRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.AutomationRuleProperties{ - // Actions: []armsecurityinsights.AutomationRuleActionClassification{ - // &armsecurityinsights.AutomationRuleRunPlaybookAction{ - // ActionType: to.Ptr(armsecurityinsights.ActionTypeRunPlaybook), - // Order: to.Ptr[int32](1), - // ActionConfiguration: &armsecurityinsights.PlaybookActionProperties{ - // LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/AlertPlaybook"), - // TenantID: to.Ptr("d23e3eef-eed0-428f-a2d5-bc48c268e31d"), - // }, - // }}, - // CreatedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("Suspicious alerts in workspace"), - // LastModifiedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // Order: to.Ptr[int32](1), - // TriggeringLogic: &armsecurityinsights.AutomationRuleTriggeringLogic{ - // Conditions: []armsecurityinsights.AutomationRuleConditionClassification{ - // &armsecurityinsights.PropertyConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypeProperty), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyValuesCondition{ - // Operator: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedOperatorContains), - // PropertyName: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedPropertyAlertAnalyticRuleIDs), - // PropertyValues: []*string{ - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/fab3d2d4-747f-46a7-8ef0-9c0be8112bf7"), - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/8deb8303-e94d-46ff-96e0-5fd94b33df1a")}, - // }, - // }}, - // IsEnabled: to.Ptr(true), - // TriggersOn: to.Ptr(armsecurityinsights.TriggersOnAlerts), - // TriggersWhen: to.Ptr(armsecurityinsights.TriggersWhenCreated), - // }, - // }, - // }}, - // } - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/autorest.md b/sdk/resourcemanager/securityinsights/armsecurityinsights/autorest.md index d3f5ffc2ac5e..e60139a897cc 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/autorest.md +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/autorest.md @@ -5,9 +5,8 @@ ``` yaml azure-arm: true require: -- https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/readme.md -- https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/readme.go.md +- /mnt/vss/_work/1/s/azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md +- /mnt/vss/_work/1/s/azure-rest-api-specs/specification/securityinsights/resource-manager/readme.go.md license-header: MICROSOFT_MIT_NO_VERSION -module-version: 2.0.0-beta.4 -tag: package-preview-2022-09 +module-version: 2.0.0-beta.5 ``` \ No newline at end of file diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/billingstatistics_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/billingstatistics_client.go new file mode 100644 index 000000000000..4001d67a6e96 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/billingstatistics_client.go @@ -0,0 +1,175 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// BillingStatisticsClient contains the methods for the BillingStatistics group. +// Don't use this type directly, use NewBillingStatisticsClient() instead. +type BillingStatisticsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewBillingStatisticsClient creates a new instance of BillingStatisticsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewBillingStatisticsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*BillingStatisticsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &BillingStatisticsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Gets a billing statistic +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - billingStatisticName - The name of the billing statistic +// - options - BillingStatisticsClientGetOptions contains the optional parameters for the BillingStatisticsClient.Get method. +func (client *BillingStatisticsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, billingStatisticName string, options *BillingStatisticsClientGetOptions) (BillingStatisticsClientGetResponse, error) { + var err error + const operationName = "BillingStatisticsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, billingStatisticName, options) + if err != nil { + return BillingStatisticsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return BillingStatisticsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return BillingStatisticsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *BillingStatisticsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, billingStatisticName string, _ *BillingStatisticsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/billingStatistics/{billingStatisticName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if billingStatisticName == "" { + return nil, errors.New("parameter billingStatisticName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{billingStatisticName}", url.PathEscape(billingStatisticName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *BillingStatisticsClient) getHandleResponse(resp *http.Response) (BillingStatisticsClientGetResponse, error) { + result := BillingStatisticsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return BillingStatisticsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all Microsoft Sentinel billing statistics. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - BillingStatisticsClientListOptions contains the optional parameters for the BillingStatisticsClient.NewListPager +// method. +func (client *BillingStatisticsClient) NewListPager(resourceGroupName string, workspaceName string, options *BillingStatisticsClientListOptions) *runtime.Pager[BillingStatisticsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[BillingStatisticsClientListResponse]{ + More: func(page BillingStatisticsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *BillingStatisticsClientListResponse) (BillingStatisticsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "BillingStatisticsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return BillingStatisticsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *BillingStatisticsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *BillingStatisticsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/billingStatistics" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *BillingStatisticsClient) listHandleResponse(resp *http.Response) (BillingStatisticsClientListResponse, error) { + result := BillingStatisticsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.BillingStatisticList); err != nil { + return BillingStatisticsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client.go index ad617ff03cb5..47ee9a1644f6 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type BookmarkClient struct { } // NewBookmarkClient creates a new instance of BookmarkClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewBookmarkClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*BookmarkClient, error) { @@ -46,7 +43,7 @@ func NewBookmarkClient(subscriptionID string, credential azcore.TokenCredential, // Expand - Expand an bookmark // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -75,7 +72,7 @@ func (client *BookmarkClient) Expand(ctx context.Context, resourceGroupName stri } // expandCreateRequest creates the Expand request. -func (client *BookmarkClient) expandCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, parameters BookmarkExpandParameters, options *BookmarkClientExpandOptions) (*policy.Request, error) { +func (client *BookmarkClient) expandCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, parameters BookmarkExpandParameters, _ *BookmarkClientExpandOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/expand" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -98,7 +95,7 @@ func (client *BookmarkClient) expandCreateRequest(ctx context.Context, resourceG return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, parameters); err != nil { diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client_example_test.go deleted file mode 100644 index 68c3e0b207af..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client_example_test.go +++ /dev/null @@ -1,68 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/expand/PostExpandBookmark.json -func ExampleBookmarkClient_Expand() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewBookmarkClient().Expand(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", armsecurityinsights.BookmarkExpandParameters{ - EndTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-01-24T17:21:00.000Z"); return t }()), - ExpansionID: to.Ptr("27f76e63-c41b-480f-bb18-12ad2e011d49"), - StartTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-25T17:21:00.000Z"); return t }()), - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.BookmarkExpandResponse = armsecurityinsights.BookmarkExpandResponse{ - // MetaData: &armsecurityinsights.ExpansionResultsMetadata{ - // Aggregations: []*armsecurityinsights.ExpansionResultAggregation{ - // { - // Count: to.Ptr[int32](1), - // EntityKind: to.Ptr(armsecurityinsights.EntityKindAccount), - // }}, - // }, - // Value: &armsecurityinsights.BookmarkExpandResponseValue{ - // Entities: []armsecurityinsights.EntityClassification{ - // &armsecurityinsights.AccountEntity{ - // Name: to.Ptr("fe4ddab5-8cea-eca3-c8b8-9e92e830a387"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/fe4ddab5-8cea-eca3-c8b8-9e92e830a387"), - // Kind: to.Ptr(armsecurityinsights.EntityKindAccount), - // Properties: &armsecurityinsights.AccountEntityProperties{ - // FriendlyName: to.Ptr("administrator"), - // AccountName: to.Ptr("administrator"), - // NtDomain: to.Ptr("domain"), - // }, - // }}, - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client.go index 92c37d971da4..71987434c18e 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -29,7 +26,7 @@ type BookmarkRelationsClient struct { } // NewBookmarkRelationsClient creates a new instance of BookmarkRelationsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewBookmarkRelationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*BookmarkRelationsClient, error) { @@ -47,7 +44,7 @@ func NewBookmarkRelationsClient(subscriptionID string, credential azcore.TokenCr // CreateOrUpdate - Creates the bookmark relation. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -78,7 +75,7 @@ func (client *BookmarkRelationsClient) CreateOrUpdate(ctx context.Context, resou } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *BookmarkRelationsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, relation Relation, options *BookmarkRelationsClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *BookmarkRelationsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, relation Relation, _ *BookmarkRelationsClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -105,7 +102,7 @@ func (client *BookmarkRelationsClient) createOrUpdateCreateRequest(ctx context.C return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, relation); err != nil { @@ -126,7 +123,7 @@ func (client *BookmarkRelationsClient) createOrUpdateHandleResponse(resp *http.R // Delete - Delete the bookmark relation. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -155,7 +152,7 @@ func (client *BookmarkRelationsClient) Delete(ctx context.Context, resourceGroup } // deleteCreateRequest creates the Delete request. -func (client *BookmarkRelationsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, options *BookmarkRelationsClientDeleteOptions) (*policy.Request, error) { +func (client *BookmarkRelationsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, _ *BookmarkRelationsClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -182,7 +179,7 @@ func (client *BookmarkRelationsClient) deleteCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -191,7 +188,7 @@ func (client *BookmarkRelationsClient) deleteCreateRequest(ctx context.Context, // Get - Gets a bookmark relation. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -220,7 +217,7 @@ func (client *BookmarkRelationsClient) Get(ctx context.Context, resourceGroupNam } // getCreateRequest creates the Get request. -func (client *BookmarkRelationsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, options *BookmarkRelationsClientGetOptions) (*policy.Request, error) { +func (client *BookmarkRelationsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, _ *BookmarkRelationsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -247,7 +244,7 @@ func (client *BookmarkRelationsClient) getCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -264,7 +261,7 @@ func (client *BookmarkRelationsClient) getHandleResponse(resp *http.Response) (B // NewListPager - Gets all bookmark relations. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -329,7 +326,7 @@ func (client *BookmarkRelationsClient) listCreateRequest(ctx context.Context, re if options != nil && options.Top != nil { reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) } - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client_example_test.go deleted file mode 100644 index 444e03c98fe9..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client_example_test.go +++ /dev/null @@ -1,145 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/relations/GetAllBookmarkRelations.json -func ExampleBookmarkRelationsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewBookmarkRelationsClient().NewListPager("myRg", "myWorkspace", "2216d0e1-91e3-4902-89fd-d2df8c535096", &armsecurityinsights.BookmarkRelationsClientListOptions{Filter: nil, - Orderby: nil, - Top: nil, - SkipToken: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.RelationList = armsecurityinsights.RelationList{ - // Value: []*armsecurityinsights.Relation{ - // { - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/bookmarks/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812"), - // RelatedResourceName: to.Ptr("afbd324f-6c48-459c-8710-8d1e1cd03812"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/incidents"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/relations/GetBookmarkRelationByName.json -func ExampleBookmarkRelationsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewBookmarkRelationsClient().Get(ctx, "myRg", "myWorkspace", "2216d0e1-91e3-4902-89fd-d2df8c535096", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Relation = armsecurityinsights.Relation{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/bookmarks/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812"), - // RelatedResourceName: to.Ptr("afbd324f-6c48-459c-8710-8d1e1cd03812"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/incidents"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/relations/CreateBookmarkRelation.json -func ExampleBookmarkRelationsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewBookmarkRelationsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "2216d0e1-91e3-4902-89fd-d2df8c535096", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", armsecurityinsights.Relation{ - Properties: &armsecurityinsights.RelationProperties{ - RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Relation = armsecurityinsights.Relation{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/bookmarks/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812"), - // RelatedResourceName: to.Ptr("afbd324f-6c48-459c-8710-8d1e1cd03812"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/incidents"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/relations/DeleteBookmarkRelation.json -func ExampleBookmarkRelationsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewBookmarkRelationsClient().Delete(ctx, "myRg", "myWorkspace", "2216d0e1-91e3-4902-89fd-d2df8c535096", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client.go index 61b9576d33f7..855010ec979a 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type BookmarksClient struct { } // NewBookmarksClient creates a new instance of BookmarksClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewBookmarksClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*BookmarksClient, error) { @@ -46,7 +43,7 @@ func NewBookmarksClient(subscriptionID string, credential azcore.TokenCredential // CreateOrUpdate - Creates or updates the bookmark. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -76,7 +73,7 @@ func (client *BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroup } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *BookmarksClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, bookmark Bookmark, options *BookmarksClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *BookmarksClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, bookmark Bookmark, _ *BookmarksClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -99,7 +96,7 @@ func (client *BookmarksClient) createOrUpdateCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, bookmark); err != nil { @@ -120,7 +117,7 @@ func (client *BookmarksClient) createOrUpdateHandleResponse(resp *http.Response) // Delete - Delete the bookmark. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -147,7 +144,7 @@ func (client *BookmarksClient) Delete(ctx context.Context, resourceGroupName str } // deleteCreateRequest creates the Delete request. -func (client *BookmarksClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, options *BookmarksClientDeleteOptions) (*policy.Request, error) { +func (client *BookmarksClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, _ *BookmarksClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -170,7 +167,7 @@ func (client *BookmarksClient) deleteCreateRequest(ctx context.Context, resource return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -179,7 +176,7 @@ func (client *BookmarksClient) deleteCreateRequest(ctx context.Context, resource // Get - Gets a bookmark. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -207,7 +204,7 @@ func (client *BookmarksClient) Get(ctx context.Context, resourceGroupName string } // getCreateRequest creates the Get request. -func (client *BookmarksClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, options *BookmarksClientGetOptions) (*policy.Request, error) { +func (client *BookmarksClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, _ *BookmarksClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -230,7 +227,7 @@ func (client *BookmarksClient) getCreateRequest(ctx context.Context, resourceGro return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -247,7 +244,7 @@ func (client *BookmarksClient) getHandleResponse(resp *http.Response) (Bookmarks // NewListPager - Gets all bookmarks. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - BookmarksClientListOptions contains the optional parameters for the BookmarksClient.NewListPager method. @@ -275,7 +272,7 @@ func (client *BookmarksClient) NewListPager(resourceGroupName string, workspaceN } // listCreateRequest creates the List request. -func (client *BookmarksClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *BookmarksClientListOptions) (*policy.Request, error) { +func (client *BookmarksClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *BookmarksClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -294,7 +291,7 @@ func (client *BookmarksClient) listCreateRequest(ctx context.Context, resourceGr return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client_example_test.go deleted file mode 100644 index 7a0cd2fcc989..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client_example_test.go +++ /dev/null @@ -1,270 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/GetBookmarks.json -func ExampleBookmarksClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewBookmarksClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.BookmarkList = armsecurityinsights.BookmarkList{ - // Value: []*armsecurityinsights.Bookmark{ - // { - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.BookmarkProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T13:15:30.000Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DisplayName: to.Ptr("My bookmark"), - // EntityMappings: []*armsecurityinsights.BookmarkEntityMappings{ - // { - // EntityType: to.Ptr("Account"), - // FieldMappings: []*armsecurityinsights.EntityFieldMapping{ - // { - // Identifier: to.Ptr("Fullname"), - // Value: to.Ptr("johndoe@microsoft.com"), - // }}, - // }}, - // IncidentInfo: &armsecurityinsights.IncidentInfo{ - // IncidentID: to.Ptr("DDA55F97-170B-40B9-B8ED-CBFD05481E7D"), - // RelationName: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0018"), - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityLow), - // Title: to.Ptr("New case 1"), - // }, - // Labels: []*string{ - // to.Ptr("Tag1"), - // to.Ptr("Tag2")}, - // Notes: to.Ptr("Found a suspicious activity"), - // Query: to.Ptr("SecurityEvent | where TimeGenerated > ago(1d) and TimeGenerated < ago(2d)"), - // QueryResult: to.Ptr("Security Event query result"), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticExecution)}, - // Techniques: []*string{ - // to.Ptr("T1609")}, - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T13:15:30.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/GetBookmarkById.json -func ExampleBookmarksClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewBookmarksClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Bookmark = armsecurityinsights.Bookmark{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.BookmarkProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T13:15:30.000Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DisplayName: to.Ptr("My bookmark"), - // EntityMappings: []*armsecurityinsights.BookmarkEntityMappings{ - // { - // EntityType: to.Ptr("Account"), - // FieldMappings: []*armsecurityinsights.EntityFieldMapping{ - // { - // Identifier: to.Ptr("Fullname"), - // Value: to.Ptr("johndoe@microsoft.com"), - // }}, - // }}, - // IncidentInfo: &armsecurityinsights.IncidentInfo{ - // IncidentID: to.Ptr("DDA55F97-170B-40B9-B8ED-CBFD05481E7D"), - // RelationName: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0018"), - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityLow), - // Title: to.Ptr("New case 1"), - // }, - // Labels: []*string{ - // to.Ptr("Tag1"), - // to.Ptr("Tag2")}, - // Notes: to.Ptr("Found a suspicious activity"), - // Query: to.Ptr("SecurityEvent | where TimeGenerated > ago(1d) and TimeGenerated < ago(2d)"), - // QueryResult: to.Ptr("Security Event query result"), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticExecution)}, - // Techniques: []*string{ - // to.Ptr("T1609")}, - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T13:15:30.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/CreateBookmark.json -func ExampleBookmarksClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewBookmarksClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", armsecurityinsights.Bookmark{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.BookmarkProperties{ - Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T13:15:30.000Z"); return t }()), - CreatedBy: &armsecurityinsights.UserInfo{ - ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - }, - DisplayName: to.Ptr("My bookmark"), - EntityMappings: []*armsecurityinsights.BookmarkEntityMappings{ - { - EntityType: to.Ptr("Account"), - FieldMappings: []*armsecurityinsights.EntityFieldMapping{ - { - Identifier: to.Ptr("Fullname"), - Value: to.Ptr("johndoe@microsoft.com"), - }}, - }}, - Labels: []*string{ - to.Ptr("Tag1"), - to.Ptr("Tag2")}, - Notes: to.Ptr("Found a suspicious activity"), - Query: to.Ptr("SecurityEvent | where TimeGenerated > ago(1d) and TimeGenerated < ago(2d)"), - QueryResult: to.Ptr("Security Event query result"), - Tactics: []*armsecurityinsights.AttackTactic{ - to.Ptr(armsecurityinsights.AttackTacticExecution)}, - Techniques: []*string{ - to.Ptr("T1609")}, - Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T13:15:30.000Z"); return t }()), - UpdatedBy: &armsecurityinsights.UserInfo{ - ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Bookmark = armsecurityinsights.Bookmark{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.BookmarkProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T13:15:30.000Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DisplayName: to.Ptr("My bookmark"), - // EntityMappings: []*armsecurityinsights.BookmarkEntityMappings{ - // { - // EntityType: to.Ptr("Account"), - // FieldMappings: []*armsecurityinsights.EntityFieldMapping{ - // { - // Identifier: to.Ptr("Fullname"), - // Value: to.Ptr("johndoe@microsoft.com"), - // }}, - // }}, - // Labels: []*string{ - // to.Ptr("Tag1"), - // to.Ptr("Tag2")}, - // Notes: to.Ptr("Found a suspicious activity"), - // Query: to.Ptr("SecurityEvent | where TimeGenerated > ago(1d) and TimeGenerated < ago(2d)"), - // QueryResult: to.Ptr("Security Event query result"), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticExecution)}, - // Techniques: []*string{ - // to.Ptr("T1609")}, - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T13:15:30.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/DeleteBookmark.json -func ExampleBookmarksClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewBookmarksClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/businessapplicationagent_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/businessapplicationagent_client.go new file mode 100644 index 000000000000..f6552d2c8307 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/businessapplicationagent_client.go @@ -0,0 +1,111 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// BusinessApplicationAgentClient contains the methods for the BusinessApplicationAgent group. +// Don't use this type directly, use NewBusinessApplicationAgentClient() instead. +type BusinessApplicationAgentClient struct { + internal *arm.Client + subscriptionID string +} + +// NewBusinessApplicationAgentClient creates a new instance of BusinessApplicationAgentClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewBusinessApplicationAgentClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*BusinessApplicationAgentClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &BusinessApplicationAgentClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Gets Business Application Agent. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - agentResourceName - Business Application Agent Name +// - options - BusinessApplicationAgentClientGetOptions contains the optional parameters for the BusinessApplicationAgentClient.Get +// method. +func (client *BusinessApplicationAgentClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, options *BusinessApplicationAgentClientGetOptions) (BusinessApplicationAgentClientGetResponse, error) { + var err error + const operationName = "BusinessApplicationAgentClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, agentResourceName, options) + if err != nil { + return BusinessApplicationAgentClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return BusinessApplicationAgentClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return BusinessApplicationAgentClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *BusinessApplicationAgentClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, _ *BusinessApplicationAgentClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents/{agentResourceName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if agentResourceName == "" { + return nil, errors.New("parameter agentResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{agentResourceName}", url.PathEscape(agentResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *BusinessApplicationAgentClient) getHandleResponse(resp *http.Response) (BusinessApplicationAgentClientGetResponse, error) { + result := BusinessApplicationAgentClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.BusinessApplicationAgentResource); err != nil { + return BusinessApplicationAgentClientGetResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/businessapplicationagents_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/businessapplicationagents_client.go new file mode 100644 index 000000000000..85a0015ba46a --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/businessapplicationagents_client.go @@ -0,0 +1,248 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// BusinessApplicationAgentsClient contains the methods for the BusinessApplicationAgents group. +// Don't use this type directly, use NewBusinessApplicationAgentsClient() instead. +type BusinessApplicationAgentsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewBusinessApplicationAgentsClient creates a new instance of BusinessApplicationAgentsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewBusinessApplicationAgentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*BusinessApplicationAgentsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &BusinessApplicationAgentsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates the Business Application Agent. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - agentResourceName - Business Application Agent Name +// - options - BusinessApplicationAgentsClientCreateOrUpdateOptions contains the optional parameters for the BusinessApplicationAgentsClient.CreateOrUpdate +// method. +func (client *BusinessApplicationAgentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, options *BusinessApplicationAgentsClientCreateOrUpdateOptions) (BusinessApplicationAgentsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "BusinessApplicationAgentsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, agentResourceName, options) + if err != nil { + return BusinessApplicationAgentsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return BusinessApplicationAgentsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return BusinessApplicationAgentsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *BusinessApplicationAgentsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, options *BusinessApplicationAgentsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents/{agentResourceName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if agentResourceName == "" { + return nil, errors.New("parameter agentResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{agentResourceName}", url.PathEscape(agentResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.AgentToUpsert != nil { + if err := runtime.MarshalAsJSON(req, *options.AgentToUpsert); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *BusinessApplicationAgentsClient) createOrUpdateHandleResponse(resp *http.Response) (BusinessApplicationAgentsClientCreateOrUpdateResponse, error) { + result := BusinessApplicationAgentsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.BusinessApplicationAgentResource); err != nil { + return BusinessApplicationAgentsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete the Business Application Agent. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - agentResourceName - Business Application Agent Name +// - options - BusinessApplicationAgentsClientDeleteOptions contains the optional parameters for the BusinessApplicationAgentsClient.Delete +// method. +func (client *BusinessApplicationAgentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, options *BusinessApplicationAgentsClientDeleteOptions) (BusinessApplicationAgentsClientDeleteResponse, error) { + var err error + const operationName = "BusinessApplicationAgentsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, agentResourceName, options) + if err != nil { + return BusinessApplicationAgentsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return BusinessApplicationAgentsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return BusinessApplicationAgentsClientDeleteResponse{}, err + } + return BusinessApplicationAgentsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *BusinessApplicationAgentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, _ *BusinessApplicationAgentsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents/{agentResourceName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if agentResourceName == "" { + return nil, errors.New("parameter agentResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{agentResourceName}", url.PathEscape(agentResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// NewListPager - Gets all Business Application Agents under the workspace. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - BusinessApplicationAgentsClientListOptions contains the optional parameters for the BusinessApplicationAgentsClient.NewListPager +// method. +func (client *BusinessApplicationAgentsClient) NewListPager(resourceGroupName string, workspaceName string, options *BusinessApplicationAgentsClientListOptions) *runtime.Pager[BusinessApplicationAgentsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[BusinessApplicationAgentsClientListResponse]{ + More: func(page BusinessApplicationAgentsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *BusinessApplicationAgentsClientListResponse) (BusinessApplicationAgentsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "BusinessApplicationAgentsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return BusinessApplicationAgentsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *BusinessApplicationAgentsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *BusinessApplicationAgentsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *BusinessApplicationAgentsClient) listHandleResponse(resp *http.Response) (BusinessApplicationAgentsClientListResponse, error) { + result := BusinessApplicationAgentsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.BusinessApplicationAgentsList); err != nil { + return BusinessApplicationAgentsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/client.go new file mode 100644 index 000000000000..9b3cd7b038ea --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/client.go @@ -0,0 +1,187 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// Client contains the methods for the SecurityInsights group. +// Don't use this type directly, use NewClient() instead. +type Client struct { + internal *arm.Client + subscriptionID string +} + +// NewClient creates a new instance of Client with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*Client, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &Client{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// ListGeodataByIP - Get geodata for a single IP address +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - enrichmentType - Enrichment type +// - ipAddressBody - IP address (v4 or v6) to be enriched +// - options - ClientListGeodataByIPOptions contains the optional parameters for the Client.ListGeodataByIP method. +func (client *Client) ListGeodataByIP(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType EnrichmentType, ipAddressBody EnrichmentIPAddressBody, options *ClientListGeodataByIPOptions) (ClientListGeodataByIPResponse, error) { + var err error + const operationName = "Client.ListGeodataByIP" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.listGeodataByIPCreateRequest(ctx, resourceGroupName, workspaceName, enrichmentType, ipAddressBody, options) + if err != nil { + return ClientListGeodataByIPResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ClientListGeodataByIPResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ClientListGeodataByIPResponse{}, err + } + resp, err := client.listGeodataByIPHandleResponse(httpResp) + return resp, err +} + +// listGeodataByIPCreateRequest creates the ListGeodataByIP request. +func (client *Client) listGeodataByIPCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType EnrichmentType, ipAddressBody EnrichmentIPAddressBody, _ *ClientListGeodataByIPOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/enrichment/{enrichmentType}/listGeodataByIp" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if enrichmentType == "" { + return nil, errors.New("parameter enrichmentType cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{enrichmentType}", url.PathEscape(string(enrichmentType))) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, ipAddressBody); err != nil { + return nil, err + } + return req, nil +} + +// listGeodataByIPHandleResponse handles the ListGeodataByIP response. +func (client *Client) listGeodataByIPHandleResponse(resp *http.Response) (ClientListGeodataByIPResponse, error) { + result := ClientListGeodataByIPResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EnrichmentIPGeodata); err != nil { + return ClientListGeodataByIPResponse{}, err + } + return result, nil +} + +// ListWhoisByDomain - Get whois information for a single domain name +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - enrichmentType - Enrichment type +// - domainBody - Domain name to be enriched. Only domain name is accepted +// - options - ClientListWhoisByDomainOptions contains the optional parameters for the Client.ListWhoisByDomain method. +func (client *Client) ListWhoisByDomain(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType EnrichmentType, domainBody EnrichmentDomainBody, options *ClientListWhoisByDomainOptions) (ClientListWhoisByDomainResponse, error) { + var err error + const operationName = "Client.ListWhoisByDomain" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.listWhoisByDomainCreateRequest(ctx, resourceGroupName, workspaceName, enrichmentType, domainBody, options) + if err != nil { + return ClientListWhoisByDomainResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ClientListWhoisByDomainResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ClientListWhoisByDomainResponse{}, err + } + resp, err := client.listWhoisByDomainHandleResponse(httpResp) + return resp, err +} + +// listWhoisByDomainCreateRequest creates the ListWhoisByDomain request. +func (client *Client) listWhoisByDomainCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType EnrichmentType, domainBody EnrichmentDomainBody, _ *ClientListWhoisByDomainOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/enrichment/{enrichmentType}/listWhoisByDomain" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if enrichmentType == "" { + return nil, errors.New("parameter enrichmentType cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{enrichmentType}", url.PathEscape(string(enrichmentType))) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, domainBody); err != nil { + return nil, err + } + return req, nil +} + +// listWhoisByDomainHandleResponse handles the ListWhoisByDomain response. +func (client *Client) listWhoisByDomainHandleResponse(resp *http.Response) (ClientListWhoisByDomainResponse, error) { + result := ClientListWhoisByDomainResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EnrichmentDomainWhois); err != nil { + return ClientListWhoisByDomainResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/client_factory.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/client_factory.go index 9fffbe478fdd..f179c8d7a517 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/client_factory.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/client_factory.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -22,7 +19,7 @@ type ClientFactory struct { // NewClientFactory creates a new instance of ClientFactory with the specified values. // The parameter values will be propagated to any client created from this factory. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewClientFactory(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ClientFactory, error) { @@ -44,6 +41,14 @@ func (c *ClientFactory) NewActionsClient() *ActionsClient { } } +// NewAlertRuleClient creates a new instance of AlertRuleClient. +func (c *ClientFactory) NewAlertRuleClient() *AlertRuleClient { + return &AlertRuleClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + // NewAlertRuleTemplatesClient creates a new instance of AlertRuleTemplatesClient. func (c *ClientFactory) NewAlertRuleTemplatesClient() *AlertRuleTemplatesClient { return &AlertRuleTemplatesClient{ @@ -68,6 +73,14 @@ func (c *ClientFactory) NewAutomationRulesClient() *AutomationRulesClient { } } +// NewBillingStatisticsClient creates a new instance of BillingStatisticsClient. +func (c *ClientFactory) NewBillingStatisticsClient() *BillingStatisticsClient { + return &BillingStatisticsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + // NewBookmarkClient creates a new instance of BookmarkClient. func (c *ClientFactory) NewBookmarkClient() *BookmarkClient { return &BookmarkClient{ @@ -92,6 +105,70 @@ func (c *ClientFactory) NewBookmarksClient() *BookmarksClient { } } +// NewBusinessApplicationAgentClient creates a new instance of BusinessApplicationAgentClient. +func (c *ClientFactory) NewBusinessApplicationAgentClient() *BusinessApplicationAgentClient { + return &BusinessApplicationAgentClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewBusinessApplicationAgentsClient creates a new instance of BusinessApplicationAgentsClient. +func (c *ClientFactory) NewBusinessApplicationAgentsClient() *BusinessApplicationAgentsClient { + return &BusinessApplicationAgentsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewClient creates a new instance of Client. +func (c *ClientFactory) NewClient() *Client { + return &Client{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewContentPackageClient creates a new instance of ContentPackageClient. +func (c *ClientFactory) NewContentPackageClient() *ContentPackageClient { + return &ContentPackageClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewContentPackagesClient creates a new instance of ContentPackagesClient. +func (c *ClientFactory) NewContentPackagesClient() *ContentPackagesClient { + return &ContentPackagesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewContentTemplateClient creates a new instance of ContentTemplateClient. +func (c *ClientFactory) NewContentTemplateClient() *ContentTemplateClient { + return &ContentTemplateClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewContentTemplatesClient creates a new instance of ContentTemplatesClient. +func (c *ClientFactory) NewContentTemplatesClient() *ContentTemplatesClient { + return &ContentTemplatesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewDataConnectorDefinitionsClient creates a new instance of DataConnectorDefinitionsClient. +func (c *ClientFactory) NewDataConnectorDefinitionsClient() *DataConnectorDefinitionsClient { + return &DataConnectorDefinitionsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + // NewDataConnectorsCheckRequirementsClient creates a new instance of DataConnectorsCheckRequirementsClient. func (c *ClientFactory) NewDataConnectorsCheckRequirementsClient() *DataConnectorsCheckRequirementsClient { return &DataConnectorsCheckRequirementsClient{ @@ -108,14 +185,6 @@ func (c *ClientFactory) NewDataConnectorsClient() *DataConnectorsClient { } } -// NewDomainWhoisClient creates a new instance of DomainWhoisClient. -func (c *ClientFactory) NewDomainWhoisClient() *DomainWhoisClient { - return &DomainWhoisClient{ - subscriptionID: c.subscriptionID, - internal: c.internal, - } -} - // NewEntitiesClient creates a new instance of EntitiesClient. func (c *ClientFactory) NewEntitiesClient() *EntitiesClient { return &EntitiesClient{ @@ -172,9 +241,49 @@ func (c *ClientFactory) NewFileImportsClient() *FileImportsClient { } } -// NewIPGeodataClient creates a new instance of IPGeodataClient. -func (c *ClientFactory) NewIPGeodataClient() *IPGeodataClient { - return &IPGeodataClient{ +// NewGetClient creates a new instance of GetClient. +func (c *ClientFactory) NewGetClient() *GetClient { + return &GetClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewGetRecommendationsClient creates a new instance of GetRecommendationsClient. +func (c *ClientFactory) NewGetRecommendationsClient() *GetRecommendationsClient { + return &GetRecommendationsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewGetTriggeredAnalyticsRuleRunsClient creates a new instance of GetTriggeredAnalyticsRuleRunsClient. +func (c *ClientFactory) NewGetTriggeredAnalyticsRuleRunsClient() *GetTriggeredAnalyticsRuleRunsClient { + return &GetTriggeredAnalyticsRuleRunsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewHuntCommentsClient creates a new instance of HuntCommentsClient. +func (c *ClientFactory) NewHuntCommentsClient() *HuntCommentsClient { + return &HuntCommentsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewHuntRelationsClient creates a new instance of HuntRelationsClient. +func (c *ClientFactory) NewHuntRelationsClient() *HuntRelationsClient { + return &HuntRelationsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewHuntsClient creates a new instance of HuntsClient. +func (c *ClientFactory) NewHuntsClient() *HuntsClient { + return &HuntsClient{ subscriptionID: c.subscriptionID, internal: c.internal, } @@ -196,6 +305,14 @@ func (c *ClientFactory) NewIncidentRelationsClient() *IncidentRelationsClient { } } +// NewIncidentTasksClient creates a new instance of IncidentTasksClient. +func (c *ClientFactory) NewIncidentTasksClient() *IncidentTasksClient { + return &IncidentTasksClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + // NewIncidentsClient creates a new instance of IncidentsClient. func (c *ClientFactory) NewIncidentsClient() *IncidentsClient { return &IncidentsClient{ @@ -227,6 +344,22 @@ func (c *ClientFactory) NewOperationsClient() *OperationsClient { } } +// NewProductPackageClient creates a new instance of ProductPackageClient. +func (c *ClientFactory) NewProductPackageClient() *ProductPackageClient { + return &ProductPackageClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewProductPackagesClient creates a new instance of ProductPackagesClient. +func (c *ClientFactory) NewProductPackagesClient() *ProductPackagesClient { + return &ProductPackagesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + // NewProductSettingsClient creates a new instance of ProductSettingsClient. func (c *ClientFactory) NewProductSettingsClient() *ProductSettingsClient { return &ProductSettingsClient{ @@ -235,6 +368,30 @@ func (c *ClientFactory) NewProductSettingsClient() *ProductSettingsClient { } } +// NewProductTemplateClient creates a new instance of ProductTemplateClient. +func (c *ClientFactory) NewProductTemplateClient() *ProductTemplateClient { + return &ProductTemplateClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewProductTemplatesClient creates a new instance of ProductTemplatesClient. +func (c *ClientFactory) NewProductTemplatesClient() *ProductTemplatesClient { + return &ProductTemplatesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewReevaluateClient creates a new instance of ReevaluateClient. +func (c *ClientFactory) NewReevaluateClient() *ReevaluateClient { + return &ReevaluateClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + // NewSecurityMLAnalyticsSettingsClient creates a new instance of SecurityMLAnalyticsSettingsClient. func (c *ClientFactory) NewSecurityMLAnalyticsSettingsClient() *SecurityMLAnalyticsSettingsClient { return &SecurityMLAnalyticsSettingsClient{ @@ -267,6 +424,22 @@ func (c *ClientFactory) NewSourceControlsClient() *SourceControlsClient { } } +// NewSystemsClient creates a new instance of SystemsClient. +func (c *ClientFactory) NewSystemsClient() *SystemsClient { + return &SystemsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewThreatIntelligenceClient creates a new instance of ThreatIntelligenceClient. +func (c *ClientFactory) NewThreatIntelligenceClient() *ThreatIntelligenceClient { + return &ThreatIntelligenceClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + // NewThreatIntelligenceIndicatorClient creates a new instance of ThreatIntelligenceIndicatorClient. func (c *ClientFactory) NewThreatIntelligenceIndicatorClient() *ThreatIntelligenceIndicatorClient { return &ThreatIntelligenceIndicatorClient{ @@ -291,6 +464,22 @@ func (c *ClientFactory) NewThreatIntelligenceIndicatorsClient() *ThreatIntellige } } +// NewTriggeredAnalyticsRuleRunClient creates a new instance of TriggeredAnalyticsRuleRunClient. +func (c *ClientFactory) NewTriggeredAnalyticsRuleRunClient() *TriggeredAnalyticsRuleRunClient { + return &TriggeredAnalyticsRuleRunClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewUpdateClient creates a new instance of UpdateClient. +func (c *ClientFactory) NewUpdateClient() *UpdateClient { + return &UpdateClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + // NewWatchlistItemsClient creates a new instance of WatchlistItemsClient. func (c *ClientFactory) NewWatchlistItemsClient() *WatchlistItemsClient { return &WatchlistItemsClient{ @@ -306,3 +495,43 @@ func (c *ClientFactory) NewWatchlistsClient() *WatchlistsClient { internal: c.internal, } } + +// NewWorkspaceManagerAssignmentJobsClient creates a new instance of WorkspaceManagerAssignmentJobsClient. +func (c *ClientFactory) NewWorkspaceManagerAssignmentJobsClient() *WorkspaceManagerAssignmentJobsClient { + return &WorkspaceManagerAssignmentJobsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewWorkspaceManagerAssignmentsClient creates a new instance of WorkspaceManagerAssignmentsClient. +func (c *ClientFactory) NewWorkspaceManagerAssignmentsClient() *WorkspaceManagerAssignmentsClient { + return &WorkspaceManagerAssignmentsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewWorkspaceManagerConfigurationsClient creates a new instance of WorkspaceManagerConfigurationsClient. +func (c *ClientFactory) NewWorkspaceManagerConfigurationsClient() *WorkspaceManagerConfigurationsClient { + return &WorkspaceManagerConfigurationsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewWorkspaceManagerGroupsClient creates a new instance of WorkspaceManagerGroupsClient. +func (c *ClientFactory) NewWorkspaceManagerGroupsClient() *WorkspaceManagerGroupsClient { + return &WorkspaceManagerGroupsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewWorkspaceManagerMembersClient creates a new instance of WorkspaceManagerMembersClient. +func (c *ClientFactory) NewWorkspaceManagerMembersClient() *WorkspaceManagerMembersClient { + return &WorkspaceManagerMembersClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/constants.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/constants.go index 7a67cf91168a..3172508e21a1 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/constants.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/constants.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -10,13 +7,15 @@ package armsecurityinsights const ( moduleName = "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" - moduleVersion = "v2.0.0-beta.4" + moduleVersion = "v2.0.0-beta.5" ) // ActionType - The type of the automation rule action. type ActionType string const ( + // ActionTypeAddIncidentTask - Add a task to an incident object + ActionTypeAddIncidentTask ActionType = "AddIncidentTask" // ActionTypeModifyProperties - Modify an object's properties ActionTypeModifyProperties ActionType = "ModifyProperties" // ActionTypeRunPlaybook - Run a playbook on an object @@ -26,11 +25,26 @@ const ( // PossibleActionTypeValues returns the possible values for the ActionType const type. func PossibleActionTypeValues() []ActionType { return []ActionType{ + ActionTypeAddIncidentTask, ActionTypeModifyProperties, ActionTypeRunPlaybook, } } +// AgentType - Type of the agent +type AgentType string + +const ( + AgentTypeSAP AgentType = "SAP" +) + +// PossibleAgentTypeValues returns the possible values for the AgentType const type. +func PossibleAgentTypeValues() []AgentType { + return []AgentType{ + AgentTypeSAP, + } +} + // AlertDetail - Alert detail type AlertDetail string @@ -49,6 +63,48 @@ func PossibleAlertDetailValues() []AlertDetail { } } +// AlertProperty - The V3 alert property +type AlertProperty string + +const ( + // AlertPropertyAlertLink - Alert's link + AlertPropertyAlertLink AlertProperty = "AlertLink" + // AlertPropertyConfidenceLevel - Confidence level property + AlertPropertyConfidenceLevel AlertProperty = "ConfidenceLevel" + // AlertPropertyConfidenceScore - Confidence score + AlertPropertyConfidenceScore AlertProperty = "ConfidenceScore" + // AlertPropertyExtendedLinks - Extended links to the alert + AlertPropertyExtendedLinks AlertProperty = "ExtendedLinks" + // AlertPropertyProductComponentName - Product component name alert property + AlertPropertyProductComponentName AlertProperty = "ProductComponentName" + // AlertPropertyProductName - Product name alert property + AlertPropertyProductName AlertProperty = "ProductName" + // AlertPropertyProviderName - Provider name alert property + AlertPropertyProviderName AlertProperty = "ProviderName" + // AlertPropertyRemediationSteps - Remediation steps alert property + AlertPropertyRemediationSteps AlertProperty = "RemediationSteps" + // AlertPropertySubTechniques - SubTechniques alert property + AlertPropertySubTechniques AlertProperty = "SubTechniques" + // AlertPropertyTechniques - Techniques alert property + AlertPropertyTechniques AlertProperty = "Techniques" +) + +// PossibleAlertPropertyValues returns the possible values for the AlertProperty const type. +func PossibleAlertPropertyValues() []AlertProperty { + return []AlertProperty{ + AlertPropertyAlertLink, + AlertPropertyConfidenceLevel, + AlertPropertyConfidenceScore, + AlertPropertyExtendedLinks, + AlertPropertyProductComponentName, + AlertPropertyProductName, + AlertPropertyProviderName, + AlertPropertyRemediationSteps, + AlertPropertySubTechniques, + AlertPropertyTechniques, + } +} + // AlertRuleKind - The kind of the alert rule type AlertRuleKind string @@ -252,6 +308,9 @@ func PossibleAutomationRulePropertyArrayChangedConditionSupportedChangeTypeValue type AutomationRulePropertyArrayConditionSupportedArrayConditionType string const ( + // AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAllItems - Evaluate the condition as true if all the items + // fulfill it + AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAllItems AutomationRulePropertyArrayConditionSupportedArrayConditionType = "AllItems" // AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAnyItem - Evaluate the condition as true if any item fulfills // it AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAnyItem AutomationRulePropertyArrayConditionSupportedArrayConditionType = "AnyItem" @@ -260,6 +319,7 @@ const ( // PossibleAutomationRulePropertyArrayConditionSupportedArrayConditionTypeValues returns the possible values for the AutomationRulePropertyArrayConditionSupportedArrayConditionType const type. func PossibleAutomationRulePropertyArrayConditionSupportedArrayConditionTypeValues() []AutomationRulePropertyArrayConditionSupportedArrayConditionType { return []AutomationRulePropertyArrayConditionSupportedArrayConditionType{ + AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAllItems, AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAnyItem, } } @@ -272,6 +332,8 @@ const ( AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetailValues AutomationRulePropertyArrayConditionSupportedArrayType = "CustomDetailValues" // AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetails - Evaluate the condition on the custom detail keys AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetails AutomationRulePropertyArrayConditionSupportedArrayType = "CustomDetails" + // AutomationRulePropertyArrayConditionSupportedArrayTypeIncidentLabels - Evaluate the condition on the incident labels + AutomationRulePropertyArrayConditionSupportedArrayTypeIncidentLabels AutomationRulePropertyArrayConditionSupportedArrayType = "IncidentLabels" ) // PossibleAutomationRulePropertyArrayConditionSupportedArrayTypeValues returns the possible values for the AutomationRulePropertyArrayConditionSupportedArrayType const type. @@ -279,6 +341,7 @@ func PossibleAutomationRulePropertyArrayConditionSupportedArrayTypeValues() []Au return []AutomationRulePropertyArrayConditionSupportedArrayType{ AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetailValues, AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetails, + AutomationRulePropertyArrayConditionSupportedArrayTypeIncidentLabels, } } @@ -415,10 +478,16 @@ const ( AutomationRulePropertyConditionSupportedPropertyHostOSVersion AutomationRulePropertyConditionSupportedProperty = "HostOSVersion" // AutomationRulePropertyConditionSupportedPropertyIPAddress - The IP address AutomationRulePropertyConditionSupportedPropertyIPAddress AutomationRulePropertyConditionSupportedProperty = "IPAddress" + // AutomationRulePropertyConditionSupportedPropertyIncidentAlertTitle - The alert title associated with any of the incident + // alerts + AutomationRulePropertyConditionSupportedPropertyIncidentAlertTitle AutomationRulePropertyConditionSupportedProperty = "IncidentAlertTitle" // AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsKey - The incident custom detail key AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsKey AutomationRulePropertyConditionSupportedProperty = "IncidentCustomDetailsKey" // AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsValue - The incident custom detail value AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsValue AutomationRulePropertyConditionSupportedProperty = "IncidentCustomDetailsValue" + // AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetectionRuleIDs - The Custom-Detection rule ids associated + // with any of the incident alerts + AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetectionRuleIDs AutomationRulePropertyConditionSupportedProperty = "IncidentCustomDetectionRuleIds" // AutomationRulePropertyConditionSupportedPropertyIncidentDescription - The description of the incident AutomationRulePropertyConditionSupportedPropertyIncidentDescription AutomationRulePropertyConditionSupportedProperty = "IncidentDescription" // AutomationRulePropertyConditionSupportedPropertyIncidentLabel - The labels of the incident @@ -512,8 +581,10 @@ func PossibleAutomationRulePropertyConditionSupportedPropertyValues() []Automati AutomationRulePropertyConditionSupportedPropertyHostNetBiosName, AutomationRulePropertyConditionSupportedPropertyHostOSVersion, AutomationRulePropertyConditionSupportedPropertyIPAddress, + AutomationRulePropertyConditionSupportedPropertyIncidentAlertTitle, AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsKey, AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsValue, + AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetectionRuleIDs, AutomationRulePropertyConditionSupportedPropertyIncidentDescription, AutomationRulePropertyConditionSupportedPropertyIncidentLabel, AutomationRulePropertyConditionSupportedPropertyIncidentProviderName, @@ -549,6 +620,54 @@ func PossibleAutomationRulePropertyConditionSupportedPropertyValues() []Automati } } +// BillingStatisticKind - The kind of the billing statistic +type BillingStatisticKind string + +const ( + BillingStatisticKindSapSolutionUsage BillingStatisticKind = "SapSolutionUsage" +) + +// PossibleBillingStatisticKindValues returns the possible values for the BillingStatisticKind const type. +func PossibleBillingStatisticKindValues() []BillingStatisticKind { + return []BillingStatisticKind{ + BillingStatisticKindSapSolutionUsage, + } +} + +// CcpAuthType - Type of paging +type CcpAuthType string + +const ( + CcpAuthTypeAPIKey CcpAuthType = "APIKey" + CcpAuthTypeAWS CcpAuthType = "AWS" + CcpAuthTypeBasic CcpAuthType = "Basic" + CcpAuthTypeGCP CcpAuthType = "GCP" + CcpAuthTypeGitHub CcpAuthType = "GitHub" + CcpAuthTypeJwtToken CcpAuthType = "JwtToken" + CcpAuthTypeNone CcpAuthType = "None" + CcpAuthTypeOAuth2 CcpAuthType = "OAuth2" + CcpAuthTypeOracle CcpAuthType = "Oracle" + CcpAuthTypeServiceBus CcpAuthType = "ServiceBus" + CcpAuthTypeSession CcpAuthType = "Session" +) + +// PossibleCcpAuthTypeValues returns the possible values for the CcpAuthType const type. +func PossibleCcpAuthTypeValues() []CcpAuthType { + return []CcpAuthType{ + CcpAuthTypeAPIKey, + CcpAuthTypeAWS, + CcpAuthTypeBasic, + CcpAuthTypeGCP, + CcpAuthTypeGitHub, + CcpAuthTypeJwtToken, + CcpAuthTypeNone, + CcpAuthTypeOAuth2, + CcpAuthTypeOracle, + CcpAuthTypeServiceBus, + CcpAuthTypeSession, + } +} + type ConditionType string const ( @@ -622,6 +741,20 @@ func PossibleConfidenceScoreStatusValues() []ConfidenceScoreStatus { } } +// ConfigurationType - Represents the types of configuration for a system. +type ConfigurationType string + +const ( + ConfigurationTypeSAP ConfigurationType = "SAP" +) + +// PossibleConfigurationTypeValues returns the possible values for the ConfigurationType const type. +func PossibleConfigurationTypeValues() []ConfigurationType { + return []ConfigurationType{ + ConfigurationTypeSAP, + } +} + // ConnectAuthKind - The authentication kind used to poll the data type ConnectAuthKind string @@ -640,6 +773,24 @@ func PossibleConnectAuthKindValues() []ConnectAuthKind { } } +// Connective - Represents boolean connectives used to join clauses in conditions. +type Connective string + +const ( + // ConnectiveAnd - 'And' connective + ConnectiveAnd Connective = "And" + // ConnectiveOr - 'Or' connective + ConnectiveOr Connective = "Or" +) + +// PossibleConnectiveValues returns the possible values for the Connective const type. +func PossibleConnectiveValues() []Connective { + return []Connective{ + ConnectiveAnd, + ConnectiveOr, + } +} + // ConnectivityType - type of connectivity type ConnectivityType string @@ -658,14 +809,22 @@ func PossibleConnectivityTypeValues() []ConnectivityType { type ContentType string const ( - ContentTypeAnalyticRule ContentType = "AnalyticRule" - ContentTypeWorkbook ContentType = "Workbook" + ContentTypeAnalyticsRule ContentType = "AnalyticsRule" + ContentTypeAutomationRule ContentType = "AutomationRule" + ContentTypeHuntingQuery ContentType = "HuntingQuery" + ContentTypeParser ContentType = "Parser" + ContentTypePlaybook ContentType = "Playbook" + ContentTypeWorkbook ContentType = "Workbook" ) // PossibleContentTypeValues returns the possible values for the ContentType const type. func PossibleContentTypeValues() []ContentType { return []ContentType{ - ContentTypeAnalyticRule, + ContentTypeAnalyticsRule, + ContentTypeAutomationRule, + ContentTypeHuntingQuery, + ContentTypeParser, + ContentTypePlaybook, ContentTypeWorkbook, } } @@ -720,6 +879,20 @@ func PossibleDataConnectorAuthorizationStateValues() []DataConnectorAuthorizatio } } +// DataConnectorDefinitionKind - The kind of the data connector definitions +type DataConnectorDefinitionKind string + +const ( + DataConnectorDefinitionKindCustomizable DataConnectorDefinitionKind = "Customizable" +) + +// PossibleDataConnectorDefinitionKindValues returns the possible values for the DataConnectorDefinitionKind const type. +func PossibleDataConnectorDefinitionKindValues() []DataConnectorDefinitionKind { + return []DataConnectorDefinitionKind{ + DataConnectorDefinitionKindCustomizable, + } +} + // DataConnectorKind - The kind of the data connector type DataConnectorKind string @@ -731,10 +904,12 @@ const ( DataConnectorKindAzureAdvancedThreatProtection DataConnectorKind = "AzureAdvancedThreatProtection" DataConnectorKindAzureSecurityCenter DataConnectorKind = "AzureSecurityCenter" DataConnectorKindDynamics365 DataConnectorKind = "Dynamics365" + DataConnectorKindGCP DataConnectorKind = "GCP" DataConnectorKindGenericUI DataConnectorKind = "GenericUI" DataConnectorKindIOT DataConnectorKind = "IOT" DataConnectorKindMicrosoftCloudAppSecurity DataConnectorKind = "MicrosoftCloudAppSecurity" DataConnectorKindMicrosoftDefenderAdvancedThreatProtection DataConnectorKind = "MicrosoftDefenderAdvancedThreatProtection" + DataConnectorKindMicrosoftPurviewInformationProtection DataConnectorKind = "MicrosoftPurviewInformationProtection" DataConnectorKindMicrosoftThreatIntelligence DataConnectorKind = "MicrosoftThreatIntelligence" DataConnectorKindMicrosoftThreatProtection DataConnectorKind = "MicrosoftThreatProtection" DataConnectorKindOffice365 DataConnectorKind = "Office365" @@ -742,6 +917,8 @@ const ( DataConnectorKindOfficeATP DataConnectorKind = "OfficeATP" DataConnectorKindOfficeIRM DataConnectorKind = "OfficeIRM" DataConnectorKindOfficePowerBI DataConnectorKind = "OfficePowerBI" + DataConnectorKindPurviewAudit DataConnectorKind = "PurviewAudit" + DataConnectorKindRestAPIPoller DataConnectorKind = "RestApiPoller" DataConnectorKindThreatIntelligence DataConnectorKind = "ThreatIntelligence" DataConnectorKindThreatIntelligenceTaxii DataConnectorKind = "ThreatIntelligenceTaxii" ) @@ -756,10 +933,12 @@ func PossibleDataConnectorKindValues() []DataConnectorKind { DataConnectorKindAzureAdvancedThreatProtection, DataConnectorKindAzureSecurityCenter, DataConnectorKindDynamics365, + DataConnectorKindGCP, DataConnectorKindGenericUI, DataConnectorKindIOT, DataConnectorKindMicrosoftCloudAppSecurity, DataConnectorKindMicrosoftDefenderAdvancedThreatProtection, + DataConnectorKindMicrosoftPurviewInformationProtection, DataConnectorKindMicrosoftThreatIntelligence, DataConnectorKindMicrosoftThreatProtection, DataConnectorKindOffice365, @@ -767,6 +946,8 @@ func PossibleDataConnectorKindValues() []DataConnectorKind { DataConnectorKindOfficeATP, DataConnectorKindOfficeIRM, DataConnectorKindOfficePowerBI, + DataConnectorKindPurviewAudit, + DataConnectorKindRestAPIPoller, DataConnectorKindThreatIntelligence, DataConnectorKindThreatIntelligenceTaxii, } @@ -994,6 +1175,19 @@ func PossibleElevationTokenValues() []ElevationToken { } } +type EnrichmentType string + +const ( + EnrichmentTypeMain EnrichmentType = "main" +) + +// PossibleEnrichmentTypeValues returns the possible values for the EnrichmentType const type. +func PossibleEnrichmentTypeValues() []EnrichmentType { + return []EnrichmentType{ + EnrichmentTypeMain, + } +} + type EntityItemQueryKind string const ( @@ -1008,81 +1202,81 @@ func PossibleEntityItemQueryKindValues() []EntityItemQueryKind { } } -// EntityKind - The kind of the entity -type EntityKind string - -const ( - // EntityKindAccount - Entity represents account in the system. - EntityKindAccount EntityKind = "Account" - // EntityKindAzureResource - Entity represents azure resource in the system. - EntityKindAzureResource EntityKind = "AzureResource" - // EntityKindBookmark - Entity represents bookmark in the system. - EntityKindBookmark EntityKind = "Bookmark" - // EntityKindCloudApplication - Entity represents cloud application in the system. - EntityKindCloudApplication EntityKind = "CloudApplication" - // EntityKindDNSResolution - Entity represents dns resolution in the system. - EntityKindDNSResolution EntityKind = "DnsResolution" - // EntityKindFile - Entity represents file in the system. - EntityKindFile EntityKind = "File" - // EntityKindFileHash - Entity represents file hash in the system. - EntityKindFileHash EntityKind = "FileHash" - // EntityKindHost - Entity represents host in the system. - EntityKindHost EntityKind = "Host" - // EntityKindIP - Entity represents ip in the system. - EntityKindIP EntityKind = "Ip" - // EntityKindIoTDevice - Entity represents IoT device in the system. - EntityKindIoTDevice EntityKind = "IoTDevice" - // EntityKindMailCluster - Entity represents mail cluster in the system. - EntityKindMailCluster EntityKind = "MailCluster" - // EntityKindMailMessage - Entity represents mail message in the system. - EntityKindMailMessage EntityKind = "MailMessage" - // EntityKindMailbox - Entity represents mailbox in the system. - EntityKindMailbox EntityKind = "Mailbox" - // EntityKindMalware - Entity represents malware in the system. - EntityKindMalware EntityKind = "Malware" - // EntityKindNic - Entity represents network interface in the system. - EntityKindNic EntityKind = "Nic" - // EntityKindProcess - Entity represents process in the system. - EntityKindProcess EntityKind = "Process" - // EntityKindRegistryKey - Entity represents registry key in the system. - EntityKindRegistryKey EntityKind = "RegistryKey" - // EntityKindRegistryValue - Entity represents registry value in the system. - EntityKindRegistryValue EntityKind = "RegistryValue" - // EntityKindSecurityAlert - Entity represents security alert in the system. - EntityKindSecurityAlert EntityKind = "SecurityAlert" - // EntityKindSecurityGroup - Entity represents security group in the system. - EntityKindSecurityGroup EntityKind = "SecurityGroup" - // EntityKindSubmissionMail - Entity represents submission mail in the system. - EntityKindSubmissionMail EntityKind = "SubmissionMail" - // EntityKindURL - Entity represents url in the system. - EntityKindURL EntityKind = "Url" -) - -// PossibleEntityKindValues returns the possible values for the EntityKind const type. -func PossibleEntityKindValues() []EntityKind { - return []EntityKind{ - EntityKindAccount, - EntityKindAzureResource, - EntityKindBookmark, - EntityKindCloudApplication, - EntityKindDNSResolution, - EntityKindFile, - EntityKindFileHash, - EntityKindHost, - EntityKindIP, - EntityKindIoTDevice, - EntityKindMailCluster, - EntityKindMailMessage, - EntityKindMailbox, - EntityKindMalware, - EntityKindNic, - EntityKindProcess, - EntityKindRegistryKey, - EntityKindRegistryValue, - EntityKindSecurityAlert, - EntityKindSecurityGroup, - EntityKindSubmissionMail, - EntityKindURL, +// EntityKindEnum - The kind of the entity +type EntityKindEnum string + +const ( + // EntityKindEnumAccount - Entity represents account in the system. + EntityKindEnumAccount EntityKindEnum = "Account" + // EntityKindEnumAzureResource - Entity represents azure resource in the system. + EntityKindEnumAzureResource EntityKindEnum = "AzureResource" + // EntityKindEnumBookmark - Entity represents bookmark in the system. + EntityKindEnumBookmark EntityKindEnum = "Bookmark" + // EntityKindEnumCloudApplication - Entity represents cloud application in the system. + EntityKindEnumCloudApplication EntityKindEnum = "CloudApplication" + // EntityKindEnumDNSResolution - Entity represents dns resolution in the system. + EntityKindEnumDNSResolution EntityKindEnum = "DnsResolution" + // EntityKindEnumFile - Entity represents file in the system. + EntityKindEnumFile EntityKindEnum = "File" + // EntityKindEnumFileHash - Entity represents file hash in the system. + EntityKindEnumFileHash EntityKindEnum = "FileHash" + // EntityKindEnumHost - Entity represents host in the system. + EntityKindEnumHost EntityKindEnum = "Host" + // EntityKindEnumIP - Entity represents ip in the system. + EntityKindEnumIP EntityKindEnum = "Ip" + // EntityKindEnumIoTDevice - Entity represents IoT device in the system. + EntityKindEnumIoTDevice EntityKindEnum = "IoTDevice" + // EntityKindEnumMailCluster - Entity represents mail cluster in the system. + EntityKindEnumMailCluster EntityKindEnum = "MailCluster" + // EntityKindEnumMailMessage - Entity represents mail message in the system. + EntityKindEnumMailMessage EntityKindEnum = "MailMessage" + // EntityKindEnumMailbox - Entity represents mailbox in the system. + EntityKindEnumMailbox EntityKindEnum = "Mailbox" + // EntityKindEnumMalware - Entity represents malware in the system. + EntityKindEnumMalware EntityKindEnum = "Malware" + // EntityKindEnumNic - Entity represents network interface in the system. + EntityKindEnumNic EntityKindEnum = "Nic" + // EntityKindEnumProcess - Entity represents process in the system. + EntityKindEnumProcess EntityKindEnum = "Process" + // EntityKindEnumRegistryKey - Entity represents registry key in the system. + EntityKindEnumRegistryKey EntityKindEnum = "RegistryKey" + // EntityKindEnumRegistryValue - Entity represents registry value in the system. + EntityKindEnumRegistryValue EntityKindEnum = "RegistryValue" + // EntityKindEnumSecurityAlert - Entity represents security alert in the system. + EntityKindEnumSecurityAlert EntityKindEnum = "SecurityAlert" + // EntityKindEnumSecurityGroup - Entity represents security group in the system. + EntityKindEnumSecurityGroup EntityKindEnum = "SecurityGroup" + // EntityKindEnumSubmissionMail - Entity represents submission mail in the system. + EntityKindEnumSubmissionMail EntityKindEnum = "SubmissionMail" + // EntityKindEnumURL - Entity represents url in the system. + EntityKindEnumURL EntityKindEnum = "Url" +) + +// PossibleEntityKindEnumValues returns the possible values for the EntityKindEnum const type. +func PossibleEntityKindEnumValues() []EntityKindEnum { + return []EntityKindEnum{ + EntityKindEnumAccount, + EntityKindEnumAzureResource, + EntityKindEnumBookmark, + EntityKindEnumCloudApplication, + EntityKindEnumDNSResolution, + EntityKindEnumFile, + EntityKindEnumFileHash, + EntityKindEnumHost, + EntityKindEnumIP, + EntityKindEnumIoTDevice, + EntityKindEnumMailCluster, + EntityKindEnumMailMessage, + EntityKindEnumMailbox, + EntityKindEnumMalware, + EntityKindEnumNic, + EntityKindEnumProcess, + EntityKindEnumRegistryKey, + EntityKindEnumRegistryValue, + EntityKindEnumSecurityAlert, + EntityKindEnumSecurityGroup, + EntityKindEnumSubmissionMail, + EntityKindEnumURL, } } @@ -1186,17 +1380,28 @@ func PossibleEntityQueryKindValues() []EntityQueryKind { } } -// EntityQueryTemplateKind - The kind of the entity query template. type EntityQueryTemplateKind string const ( - EntityQueryTemplateKindActivity EntityQueryTemplateKind = "Activity" + EntityQueryTemplateKindActivity EntityQueryTemplateKind = "Activity" + EntityQueryTemplateKindAnomaly EntityQueryTemplateKind = "Anomaly" + EntityQueryTemplateKindBookmark EntityQueryTemplateKind = "Bookmark" + EntityQueryTemplateKindExpansion EntityQueryTemplateKind = "Expansion" + EntityQueryTemplateKindGuidedInsight EntityQueryTemplateKind = "GuidedInsight" + EntityQueryTemplateKindInsight EntityQueryTemplateKind = "Insight" + EntityQueryTemplateKindSecurityAlert EntityQueryTemplateKind = "SecurityAlert" ) // PossibleEntityQueryTemplateKindValues returns the possible values for the EntityQueryTemplateKind const type. func PossibleEntityQueryTemplateKindValues() []EntityQueryTemplateKind { return []EntityQueryTemplateKind{ EntityQueryTemplateKindActivity, + EntityQueryTemplateKindAnomaly, + EntityQueryTemplateKindBookmark, + EntityQueryTemplateKindExpansion, + EntityQueryTemplateKindGuidedInsight, + EntityQueryTemplateKindInsight, + EntityQueryTemplateKindSecurityAlert, } } @@ -1302,34 +1507,6 @@ func PossibleEntityTypeValues() []EntityType { } } -type Enum13 string - -const ( - Enum13Activity Enum13 = "Activity" - Enum13Expansion Enum13 = "Expansion" -) - -// PossibleEnum13Values returns the possible values for the Enum13 const type. -func PossibleEnum13Values() []Enum13 { - return []Enum13{ - Enum13Activity, - Enum13Expansion, - } -} - -type Enum15 string - -const ( - Enum15Activity Enum15 = "Activity" -) - -// PossibleEnum15Values returns the possible values for the Enum15 const type. -func PossibleEnum15Values() []Enum15 { - return []Enum15{ - Enum15Activity, - } -} - // EventGroupingAggregationKind - The event grouping aggregation kinds type EventGroupingAggregationKind string @@ -1449,6 +1626,22 @@ func PossibleFileImportStateValues() []FileImportState { } } +// Flag - The boolean value the metadata is for. +type Flag string + +const ( + FlagFalse Flag = "false" + FlagTrue Flag = "true" +) + +// PossibleFlagValues returns the possible values for the Flag const type. +func PossibleFlagValues() []Flag { + return []Flag{ + FlagFalse, + FlagTrue, + } +} + // GetInsightsError - the query kind type GetInsightsError string @@ -1463,6 +1656,62 @@ func PossibleGetInsightsErrorValues() []GetInsightsError { } } +// HTTPMethodVerb - The HTTP method, default value GET. +type HTTPMethodVerb string + +const ( + HTTPMethodVerbDELETE HTTPMethodVerb = "DELETE" + HTTPMethodVerbGET HTTPMethodVerb = "GET" + HTTPMethodVerbPOST HTTPMethodVerb = "POST" + HTTPMethodVerbPUT HTTPMethodVerb = "PUT" +) + +// PossibleHTTPMethodVerbValues returns the possible values for the HTTPMethodVerb const type. +func PossibleHTTPMethodVerbValues() []HTTPMethodVerb { + return []HTTPMethodVerb{ + HTTPMethodVerbDELETE, + HTTPMethodVerbGET, + HTTPMethodVerbPOST, + HTTPMethodVerbPUT, + } +} + +// HTTPSConfigurationType - Represents the types of HTTPS configuration to connect to the SapControl service. +type HTTPSConfigurationType string + +const ( + HTTPSConfigurationTypeHTTPOnly HTTPSConfigurationType = "HttpOnly" + HTTPSConfigurationTypeHTTPSWithSSLVerification HTTPSConfigurationType = "HttpsWithSslVerification" + HTTPSConfigurationTypeHTTPSWithoutSSLVerification HTTPSConfigurationType = "HttpsWithoutSslVerification" +) + +// PossibleHTTPSConfigurationTypeValues returns the possible values for the HTTPSConfigurationType const type. +func PossibleHTTPSConfigurationTypeValues() []HTTPSConfigurationType { + return []HTTPSConfigurationType{ + HTTPSConfigurationTypeHTTPOnly, + HTTPSConfigurationTypeHTTPSWithSSLVerification, + HTTPSConfigurationTypeHTTPSWithoutSSLVerification, + } +} + +// HypothesisStatus - The hypothesis status of the hunt. +type HypothesisStatus string + +const ( + HypothesisStatusInvalidated HypothesisStatus = "Invalidated" + HypothesisStatusUnknown HypothesisStatus = "Unknown" + HypothesisStatusValidated HypothesisStatus = "Validated" +) + +// PossibleHypothesisStatusValues returns the possible values for the HypothesisStatus const type. +func PossibleHypothesisStatusValues() []HypothesisStatus { + return []HypothesisStatus{ + HypothesisStatusInvalidated, + HypothesisStatusUnknown, + HypothesisStatusValidated, + } +} + // IncidentClassification - The reason the incident was closed type IncidentClassification string @@ -1574,6 +1823,23 @@ func PossibleIncidentStatusValues() []IncidentStatus { } } +type IncidentTaskStatus string + +const ( + // IncidentTaskStatusCompleted - A completed task + IncidentTaskStatusCompleted IncidentTaskStatus = "Completed" + // IncidentTaskStatusNew - A new task + IncidentTaskStatusNew IncidentTaskStatus = "New" +) + +// PossibleIncidentTaskStatusValues returns the possible values for the IncidentTaskStatus const type. +func PossibleIncidentTaskStatusValues() []IncidentTaskStatus { + return []IncidentTaskStatus{ + IncidentTaskStatusCompleted, + IncidentTaskStatusNew, + } +} + // IngestionMode - Describes how to ingest the records in the file. type IngestionMode string @@ -1595,7 +1861,39 @@ func PossibleIngestionModeValues() []IngestionMode { } } -// KillChainIntent - Holds the alert intent stage(s) mapping for this alert. +// IngestionType - Types of ingestion. +type IngestionType string + +const ( + IngestionTypeFull IngestionType = "Full" + IngestionTypeIncremental IngestionType = "Incremental" +) + +// PossibleIngestionTypeValues returns the possible values for the IngestionType const type. +func PossibleIngestionTypeValues() []IngestionType { + return []IngestionType{ + IngestionTypeFull, + IngestionTypeIncremental, + } +} + +// KeyVaultAuthenticationMode - Type for authentication identity to key vault +type KeyVaultAuthenticationMode string + +const ( + KeyVaultAuthenticationModeManagedIdentity KeyVaultAuthenticationMode = "ManagedIdentity" + KeyVaultAuthenticationModeServicePrincipal KeyVaultAuthenticationMode = "ServicePrincipal" +) + +// PossibleKeyVaultAuthenticationModeValues returns the possible values for the KeyVaultAuthenticationMode const type. +func PossibleKeyVaultAuthenticationModeValues() []KeyVaultAuthenticationMode { + return []KeyVaultAuthenticationMode{ + KeyVaultAuthenticationModeManagedIdentity, + KeyVaultAuthenticationModeServicePrincipal, + } +} + +// KillChainIntent - The intent of the alert. type KillChainIntent string const ( @@ -1617,8 +1915,8 @@ const ( // benefit of subverting a particular defense or mitigation. KillChainIntentDefenseEvasion KillChainIntent = "DefenseEvasion" // KillChainIntentDiscovery - Discovery consists of techniques that allow the adversary to gain knowledge about the system - // and internal network. When adversaries gain access to a new system, they must orient themselves to what they now have control - // of and what benefits operating from that system give to their current objective or overall goals during the intrusion. + // and internal network. When adversaries gain access to a new system, they must navigate themselves to what they now have + // control of and what benefits operating from that system give to their current objective or overall goals during the intrusion. // The operating system provides many native tools that aid in this post-compromise information-gathering phase. KillChainIntentDiscovery KillChainIntent = "Discovery" // KillChainIntentExecution - The execution tactic represents techniques that result in execution of adversary-controlled @@ -1687,19 +1985,26 @@ func PossibleKillChainIntentValues() []KillChainIntent { type Kind string const ( - KindAnalyticsRule Kind = "AnalyticsRule" - KindAnalyticsRuleTemplate Kind = "AnalyticsRuleTemplate" - KindAutomationRule Kind = "AutomationRule" - KindAzureFunction Kind = "AzureFunction" + KindAnalyticsRule Kind = "AnalyticsRule" + KindAnalyticsRuleTemplate Kind = "AnalyticsRuleTemplate" + KindAutomationRule Kind = "AutomationRule" + KindAzureFunction Kind = "AzureFunction" + // KindCustomDetection - Custom detections enable proactive monitoring and automated response actions for various events and + // system states across your tenant. + KindCustomDetection Kind = "CustomDetection" KindDataConnector Kind = "DataConnector" KindDataType Kind = "DataType" KindHuntingQuery Kind = "HuntingQuery" KindInvestigationQuery Kind = "InvestigationQuery" KindLogicAppsCustomConnector Kind = "LogicAppsCustomConnector" + KindNotebook Kind = "Notebook" KindParser Kind = "Parser" KindPlaybook Kind = "Playbook" KindPlaybookTemplate Kind = "PlaybookTemplate" + KindResourcesDataConnector Kind = "ResourcesDataConnector" KindSolution Kind = "Solution" + KindStandalone Kind = "Standalone" + KindSummaryRule Kind = "SummaryRule" KindWatchlist Kind = "Watchlist" KindWatchlistTemplate Kind = "WatchlistTemplate" KindWorkbook Kind = "Workbook" @@ -1713,15 +2018,20 @@ func PossibleKindValues() []Kind { KindAnalyticsRuleTemplate, KindAutomationRule, KindAzureFunction, + KindCustomDetection, KindDataConnector, KindDataType, KindHuntingQuery, KindInvestigationQuery, KindLogicAppsCustomConnector, + KindNotebook, KindParser, KindPlaybook, KindPlaybookTemplate, + KindResourcesDataConnector, KindSolution, + KindStandalone, + KindSummaryRule, KindWatchlist, KindWatchlistTemplate, KindWorkbook, @@ -1729,6 +2039,114 @@ func PossibleKindValues() []Kind { } } +// ListActionKind - The kind of the action +type ListActionKind string + +const ( + ListActionKindLockUser ListActionKind = "LockUser" + ListActionKindUnlockUser ListActionKind = "UnlockUser" +) + +// PossibleListActionKindValues returns the possible values for the ListActionKind const type. +func PossibleListActionKindValues() []ListActionKind { + return []ListActionKind{ + ListActionKindLockUser, + ListActionKindUnlockUser, + } +} + +// LogStatusType - Types of log status. +type LogStatusType string + +const ( + LogStatusTypeDisabled LogStatusType = "Disabled" + LogStatusTypeEnabled LogStatusType = "Enabled" +) + +// PossibleLogStatusTypeValues returns the possible values for the LogStatusType const type. +func PossibleLogStatusTypeValues() []LogStatusType { + return []LogStatusType{ + LogStatusTypeDisabled, + LogStatusTypeEnabled, + } +} + +// LogType - Types of logs and tables. +type LogType string + +const ( + LogTypeADCP LogType = "ADCP" + LogTypeADR6 LogType = "ADR6" + LogTypeAGR1251 LogType = "AGR1251" + LogTypeAGRAGRS LogType = "AGRAGRS" + LogTypeAGRDEFINE LogType = "AGRDEFINE" + LogTypeAGRFLAGS LogType = "AGRFLAGS" + LogTypeAGRPROF LogType = "AGRPROF" + LogTypeAGRTCODES LogType = "AGRTCODES" + LogTypeAGRUSERS LogType = "AGRUSERS" + LogTypeAbapAppLog LogType = "AbapAppLog" + LogTypeAbapAuditLog LogType = "AbapAuditLog" + LogTypeAbapChangeDocsLog LogType = "AbapChangeDocsLog" + LogTypeAbapCrLog LogType = "AbapCrLog" + LogTypeAbapFilesLogs LogType = "AbapFilesLogs" + LogTypeAbapJobLog LogType = "AbapJobLog" + LogTypeAbapSpoolLog LogType = "AbapSpoolLog" + LogTypeAbapSpoolOutputLog LogType = "AbapSpoolOutputLog" + LogTypeAbapTableDataLog LogType = "AbapTableDataLog" + LogTypeAbapWorkflowLog LogType = "AbapWorkflowLog" + LogTypeDEVACCESS LogType = "DEVACCESS" + LogTypeJavaFilesLogs LogType = "JavaFilesLogs" + LogTypePAHI LogType = "PAHI" + LogTypeSNCSYSACL LogType = "SNCSYSACL" + LogTypeUSERADDR LogType = "USERADDR" + LogTypeUSGRPUSER LogType = "USGRPUSER" + LogTypeUSR01 LogType = "USR01" + LogTypeUSR02 LogType = "USR02" + LogTypeUSR05 LogType = "USR05" + LogTypeUSR21 LogType = "USR21" + LogTypeUSRACL LogType = "USRACL" + LogTypeUSRSTAMP LogType = "USRSTAMP" + LogTypeUST04 LogType = "UST04" +) + +// PossibleLogTypeValues returns the possible values for the LogType const type. +func PossibleLogTypeValues() []LogType { + return []LogType{ + LogTypeADCP, + LogTypeADR6, + LogTypeAGR1251, + LogTypeAGRAGRS, + LogTypeAGRDEFINE, + LogTypeAGRFLAGS, + LogTypeAGRPROF, + LogTypeAGRTCODES, + LogTypeAGRUSERS, + LogTypeAbapAppLog, + LogTypeAbapAuditLog, + LogTypeAbapChangeDocsLog, + LogTypeAbapCrLog, + LogTypeAbapFilesLogs, + LogTypeAbapJobLog, + LogTypeAbapSpoolLog, + LogTypeAbapSpoolOutputLog, + LogTypeAbapTableDataLog, + LogTypeAbapWorkflowLog, + LogTypeDEVACCESS, + LogTypeJavaFilesLogs, + LogTypePAHI, + LogTypeSNCSYSACL, + LogTypeUSERADDR, + LogTypeUSGRPUSER, + LogTypeUSR01, + LogTypeUSR02, + LogTypeUSR05, + LogTypeUSR21, + LogTypeUSRACL, + LogTypeUSRSTAMP, + LogTypeUST04, + } +} + // MatchingMethod - Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, // groupByCustomDetails must be provided and not empty. type MatchingMethod string @@ -1778,6 +2196,40 @@ func PossibleMicrosoftSecurityProductNameValues() []MicrosoftSecurityProductName } } +// Mode - The current mode of the workspace manager configuration +type Mode string + +const ( + // ModeDisabled - The workspace manager configuration is disabled + ModeDisabled Mode = "Disabled" + // ModeEnabled - The workspace manager configuration is enabled + ModeEnabled Mode = "Enabled" +) + +// PossibleModeValues returns the possible values for the Mode const type. +func PossibleModeValues() []Mode { + return []Mode{ + ModeDisabled, + ModeEnabled, + } +} + +// MtpProvider - The available data providers. +type MtpProvider string + +const ( + MtpProviderMicrosoftDefenderForCloudApps MtpProvider = "microsoftDefenderForCloudApps" + MtpProviderMicrosoftDefenderForIdentity MtpProvider = "microsoftDefenderForIdentity" +) + +// PossibleMtpProviderValues returns the possible values for the MtpProvider const type. +func PossibleMtpProviderValues() []MtpProvider { + return []MtpProvider{ + MtpProviderMicrosoftDefenderForCloudApps, + MtpProviderMicrosoftDefenderForIdentity, + } +} + // OSFamily - The operating system type. type OSFamily string @@ -1805,19 +2257,67 @@ func PossibleOSFamilyValues() []OSFamily { } } -// Operator - Operator used for list of dependencies in criteria array. +// Operator - Represents an operator in a ConditionClause. type Operator string const ( - OperatorAND Operator = "AND" - OperatorOR Operator = "OR" + OperatorAfterAbsolute Operator = "AfterAbsolute" + OperatorAfterRelative Operator = "AfterRelative" + OperatorArrayContains Operator = "ArrayContains" + OperatorArrayNotContains Operator = "ArrayNotContains" + OperatorBeforeAbsolute Operator = "BeforeAbsolute" + OperatorBeforeRelative Operator = "BeforeRelative" + OperatorEquals Operator = "Equals" + OperatorGreaterThan Operator = "GreaterThan" + OperatorGreaterThanEqual Operator = "GreaterThanEqual" + OperatorIsFalse Operator = "IsFalse" + OperatorIsNull Operator = "IsNull" + OperatorIsTrue Operator = "IsTrue" + OperatorLessThan Operator = "LessThan" + OperatorLessThanEqual Operator = "LessThanEqual" + OperatorNotEquals Operator = "NotEquals" + OperatorOnOrAfterAbsolute Operator = "OnOrAfterAbsolute" + OperatorOnOrAfterRelative Operator = "OnOrAfterRelative" + OperatorOnOrBeforeAbsolute Operator = "OnOrBeforeAbsolute" + OperatorOnOrBeforeRelative Operator = "OnOrBeforeRelative" + OperatorStringContains Operator = "StringContains" + OperatorStringEndsWith Operator = "StringEndsWith" + OperatorStringIsEmpty Operator = "StringIsEmpty" + OperatorStringNotContains Operator = "StringNotContains" + OperatorStringNotEndsWith Operator = "StringNotEndsWith" + OperatorStringNotStartsWith Operator = "StringNotStartsWith" + OperatorStringStartsWith Operator = "StringStartsWith" ) // PossibleOperatorValues returns the possible values for the Operator const type. func PossibleOperatorValues() []Operator { return []Operator{ - OperatorAND, - OperatorOR, + OperatorAfterAbsolute, + OperatorAfterRelative, + OperatorArrayContains, + OperatorArrayNotContains, + OperatorBeforeAbsolute, + OperatorBeforeRelative, + OperatorEquals, + OperatorGreaterThan, + OperatorGreaterThanEqual, + OperatorIsFalse, + OperatorIsNull, + OperatorIsTrue, + OperatorLessThan, + OperatorLessThanEqual, + OperatorNotEquals, + OperatorOnOrAfterAbsolute, + OperatorOnOrAfterRelative, + OperatorOnOrBeforeAbsolute, + OperatorOnOrBeforeRelative, + OperatorStringContains, + OperatorStringEndsWith, + OperatorStringIsEmpty, + OperatorStringNotContains, + OperatorStringNotEndsWith, + OperatorStringNotStartsWith, + OperatorStringStartsWith, } } @@ -1841,15 +2341,15 @@ func PossibleOutputTypeValues() []OutputType { } } -// OwnerType - The type of the owner the incident is assigned to. +// OwnerType - The type of the owner the hunt is assigned to. type OwnerType string const ( - // OwnerTypeGroup - The incident owner type is an AAD group + // OwnerTypeGroup - The hunt owner type is an AAD group OwnerTypeGroup OwnerType = "Group" - // OwnerTypeUnknown - The incident owner type is unknown + // OwnerTypeUnknown - The hunt owner type is unknown OwnerTypeUnknown OwnerType = "Unknown" - // OwnerTypeUser - The incident owner type is an AAD user + // OwnerTypeUser - The hunt owner type is an AAD user OwnerTypeUser OwnerType = "User" ) @@ -1862,6 +2362,22 @@ func PossibleOwnerTypeValues() []OwnerType { } } +// PackageKind - The package kind +type PackageKind string + +const ( + PackageKindSolution PackageKind = "Solution" + PackageKindStandalone PackageKind = "Standalone" +) + +// PossiblePackageKindValues returns the possible values for the PackageKind const type. +func PossiblePackageKindValues() []PackageKind { + return []PackageKind{ + PackageKindSolution, + PackageKindStandalone, + } +} + // PermissionProviderScope - Permission provider scope type PermissionProviderScope string @@ -1925,6 +2441,46 @@ func PossibleProviderNameValues() []ProviderName { } } +// ProviderPermissionsScope - The scope on which the user should have permissions, in order to be able to create connections. +type ProviderPermissionsScope string + +const ( + ProviderPermissionsScopeResourceGroup ProviderPermissionsScope = "ResourceGroup" + ProviderPermissionsScopeSubscription ProviderPermissionsScope = "Subscription" + ProviderPermissionsScopeWorkspace ProviderPermissionsScope = "Workspace" +) + +// PossibleProviderPermissionsScopeValues returns the possible values for the ProviderPermissionsScope const type. +func PossibleProviderPermissionsScopeValues() []ProviderPermissionsScope { + return []ProviderPermissionsScope{ + ProviderPermissionsScopeResourceGroup, + ProviderPermissionsScopeSubscription, + ProviderPermissionsScopeWorkspace, + } +} + +// ProvisioningState - The triggered analytics rule run provisioning state +type ProvisioningState string + +const ( + ProvisioningStateAccepted ProvisioningState = "Accepted" + ProvisioningStateCanceled ProvisioningState = "Canceled" + ProvisioningStateFailed ProvisioningState = "Failed" + ProvisioningStateInProgress ProvisioningState = "InProgress" + ProvisioningStateSucceeded ProvisioningState = "Succeeded" +) + +// PossibleProvisioningStateValues returns the possible values for the ProvisioningState const type. +func PossibleProvisioningStateValues() []ProvisioningState { + return []ProvisioningState{ + ProvisioningStateAccepted, + ProvisioningStateCanceled, + ProvisioningStateFailed, + ProvisioningStateInProgress, + ProvisioningStateSucceeded, + } +} + // RegistryHive - the hive that holds the registry key. type RegistryHive string @@ -2008,18 +2564,94 @@ func PossibleRegistryValueKindValues() []RegistryValueKind { type RepoType string const ( - RepoTypeDevOps RepoType = "DevOps" - RepoTypeGithub RepoType = "Github" + RepoTypeAzureDevOps RepoType = "AzureDevOps" + RepoTypeGithub RepoType = "Github" ) // PossibleRepoTypeValues returns the possible values for the RepoType const type. func PossibleRepoTypeValues() []RepoType { return []RepoType{ - RepoTypeDevOps, + RepoTypeAzureDevOps, RepoTypeGithub, } } +// RepositoryAccessKind - The kind of repository access credentials +type RepositoryAccessKind string + +const ( + RepositoryAccessKindApp RepositoryAccessKind = "App" + RepositoryAccessKindOAuth RepositoryAccessKind = "OAuth" + RepositoryAccessKindPAT RepositoryAccessKind = "PAT" +) + +// PossibleRepositoryAccessKindValues returns the possible values for the RepositoryAccessKind const type. +func PossibleRepositoryAccessKindValues() []RepositoryAccessKind { + return []RepositoryAccessKind{ + RepositoryAccessKindApp, + RepositoryAccessKindOAuth, + RepositoryAccessKindPAT, + } +} + +// RestAPIPollerRequestPagingKind - Type of paging +type RestAPIPollerRequestPagingKind string + +const ( + RestAPIPollerRequestPagingKindCountBasedPaging RestAPIPollerRequestPagingKind = "CountBasedPaging" + RestAPIPollerRequestPagingKindLinkHeader RestAPIPollerRequestPagingKind = "LinkHeader" + RestAPIPollerRequestPagingKindNextPageToken RestAPIPollerRequestPagingKind = "NextPageToken" + RestAPIPollerRequestPagingKindNextPageURL RestAPIPollerRequestPagingKind = "NextPageUrl" + RestAPIPollerRequestPagingKindOffset RestAPIPollerRequestPagingKind = "Offset" + RestAPIPollerRequestPagingKindPersistentLinkHeader RestAPIPollerRequestPagingKind = "PersistentLinkHeader" + RestAPIPollerRequestPagingKindPersistentToken RestAPIPollerRequestPagingKind = "PersistentToken" +) + +// PossibleRestAPIPollerRequestPagingKindValues returns the possible values for the RestAPIPollerRequestPagingKind const type. +func PossibleRestAPIPollerRequestPagingKindValues() []RestAPIPollerRequestPagingKind { + return []RestAPIPollerRequestPagingKind{ + RestAPIPollerRequestPagingKindCountBasedPaging, + RestAPIPollerRequestPagingKindLinkHeader, + RestAPIPollerRequestPagingKindNextPageToken, + RestAPIPollerRequestPagingKindNextPageURL, + RestAPIPollerRequestPagingKindOffset, + RestAPIPollerRequestPagingKindPersistentLinkHeader, + RestAPIPollerRequestPagingKindPersistentToken, + } +} + +// SapAuthenticationType - Types of authentication to SAP. +type SapAuthenticationType string + +const ( + SapAuthenticationTypeSnc SapAuthenticationType = "Snc" + SapAuthenticationTypeSncWithUsernamePassword SapAuthenticationType = "SncWithUsernamePassword" + SapAuthenticationTypeUsernamePassword SapAuthenticationType = "UsernamePassword" +) + +// PossibleSapAuthenticationTypeValues returns the possible values for the SapAuthenticationType const type. +func PossibleSapAuthenticationTypeValues() []SapAuthenticationType { + return []SapAuthenticationType{ + SapAuthenticationTypeSnc, + SapAuthenticationTypeSncWithUsernamePassword, + SapAuthenticationTypeUsernamePassword, + } +} + +// SecretSource - Type for Secret Source - Azure Key Vault +type SecretSource string + +const ( + SecretSourceAzureKeyVault SecretSource = "AzureKeyVault" +) + +// PossibleSecretSourceValues returns the possible values for the SecretSource const type. +func PossibleSecretSourceValues() []SecretSource { + return []SecretSource{ + SecretSourceAzureKeyVault, + } +} + // SecurityMLAnalyticsSettingsKind - The kind of security ML analytics settings type SecurityMLAnalyticsSettingsKind string @@ -2090,6 +2722,24 @@ func PossibleSettingsStatusValues() []SettingsStatus { } } +// SortingDirection - The direction to sort the results by. +type SortingDirection string + +const ( + // SortingDirectionASC - Indicates that the query should be sorted from lowest-to-highest value. + SortingDirectionASC SortingDirection = "ASC" + // SortingDirectionDESC - Indicates that the query should be sorted from lowest-to-highest value. + SortingDirectionDESC SortingDirection = "DESC" +) + +// PossibleSortingDirectionValues returns the possible values for the SortingDirection const type. +func PossibleSortingDirectionValues() []SortingDirection { + return []SortingDirection{ + SortingDirectionASC, + SortingDirectionDESC, + } +} + // SourceKind - Source type of the content type SourceKind string @@ -2114,15 +2764,70 @@ func PossibleSourceKindValues() []SourceKind { type SourceType string const ( - SourceTypeLocalFile SourceType = "Local file" - SourceTypeRemoteStorage SourceType = "Remote storage" + SourceTypeAzureStorage SourceType = "AzureStorage" + SourceTypeLocal SourceType = "Local" ) // PossibleSourceTypeValues returns the possible values for the SourceType const type. func PossibleSourceTypeValues() []SourceType { return []SourceType{ - SourceTypeLocalFile, - SourceTypeRemoteStorage, + SourceTypeAzureStorage, + SourceTypeLocal, + } +} + +// State - State of recommendation. +type State string + +const ( + // StateActive - Recommendation is active. + StateActive State = "Active" + // StateCompletedBySystem - Recommendation has been completed by the system. + StateCompletedBySystem State = "CompletedBySystem" + // StateCompletedByUser - Recommendation has been completed by user. + StateCompletedByUser State = "CompletedByUser" + // StateDismissed - Recommendation has been dismissed. + StateDismissed State = "Dismissed" + // StateInProgress - Recommendation is in progress. + StateInProgress State = "InProgress" +) + +// PossibleStateValues returns the possible values for the State const type. +func PossibleStateValues() []State { + return []State{ + StateActive, + StateCompletedBySystem, + StateCompletedByUser, + StateDismissed, + StateInProgress, + } +} + +// Status - The status of the hunt. +type Status string + +const ( + StatusActive Status = "Active" + StatusApproved Status = "Approved" + StatusBacklog Status = "Backlog" + StatusClosed Status = "Closed" + StatusFailed Status = "Failed" + StatusInProgress Status = "InProgress" + StatusNew Status = "New" + StatusSucceeded Status = "Succeeded" +) + +// PossibleStatusValues returns the possible values for the Status const type. +func PossibleStatusValues() []Status { + return []Status{ + StatusActive, + StatusApproved, + StatusBacklog, + StatusClosed, + StatusFailed, + StatusInProgress, + StatusNew, + StatusSucceeded, } } @@ -2144,6 +2849,65 @@ func PossibleSupportTierValues() []SupportTier { } } +// SystemConfigurationConnectorType - Represents the types of SAP systems. +type SystemConfigurationConnectorType string + +const ( + SystemConfigurationConnectorTypeRFC SystemConfigurationConnectorType = "Rfc" + SystemConfigurationConnectorTypeSapControl SystemConfigurationConnectorType = "SapControl" +) + +// PossibleSystemConfigurationConnectorTypeValues returns the possible values for the SystemConfigurationConnectorType const type. +func PossibleSystemConfigurationConnectorTypeValues() []SystemConfigurationConnectorType { + return []SystemConfigurationConnectorType{ + SystemConfigurationConnectorTypeRFC, + SystemConfigurationConnectorTypeSapControl, + } +} + +// SystemStatusType - The status of the system. +type SystemStatusType string + +const ( + SystemStatusTypeRunning SystemStatusType = "Running" + SystemStatusTypeStopped SystemStatusType = "Stopped" +) + +// PossibleSystemStatusTypeValues returns the possible values for the SystemStatusType const type. +func PossibleSystemStatusTypeValues() []SystemStatusType { + return []SystemStatusType{ + SystemStatusTypeRunning, + SystemStatusTypeStopped, + } +} + +// TIObjectKind - The kind of the TI object +type TIObjectKind string + +const ( + // TIObjectKindAttackPattern - A TI object that represents an attack pattern. + TIObjectKindAttackPattern TIObjectKind = "AttackPattern" + // TIObjectKindIdentity - A TI object that represents an identity. + TIObjectKindIdentity TIObjectKind = "Identity" + // TIObjectKindIndicator - A TI object that represents an indicator. + TIObjectKindIndicator TIObjectKind = "Indicator" + // TIObjectKindRelationship - A TI object that represents a relationship between two TI objects. + TIObjectKindRelationship TIObjectKind = "Relationship" + // TIObjectKindThreatActor - A TI object that represents a threat actor. + TIObjectKindThreatActor TIObjectKind = "ThreatActor" +) + +// PossibleTIObjectKindValues returns the possible values for the TIObjectKind const type. +func PossibleTIObjectKindValues() []TIObjectKind { + return []TIObjectKind{ + TIObjectKindAttackPattern, + TIObjectKindIdentity, + TIObjectKindIndicator, + TIObjectKindRelationship, + TIObjectKindThreatActor, + } +} + // TemplateStatus - The alert rule template status. type TemplateStatus string @@ -2165,36 +2929,49 @@ func PossibleTemplateStatusValues() []TemplateStatus { } } -// ThreatIntelligenceResourceKindEnum - The kind of the threat intelligence entity -type ThreatIntelligenceResourceKindEnum string +// ThreatIntelligenceResourceInnerKind - The kind of the threat intelligence entity +type ThreatIntelligenceResourceInnerKind string const ( - // ThreatIntelligenceResourceKindEnumIndicator - Entity represents threat intelligence indicator in the system. - ThreatIntelligenceResourceKindEnumIndicator ThreatIntelligenceResourceKindEnum = "indicator" + // ThreatIntelligenceResourceInnerKindIndicator - Entity represents threat intelligence indicator in the system. + ThreatIntelligenceResourceInnerKindIndicator ThreatIntelligenceResourceInnerKind = "indicator" ) -// PossibleThreatIntelligenceResourceKindEnumValues returns the possible values for the ThreatIntelligenceResourceKindEnum const type. -func PossibleThreatIntelligenceResourceKindEnumValues() []ThreatIntelligenceResourceKindEnum { - return []ThreatIntelligenceResourceKindEnum{ - ThreatIntelligenceResourceKindEnumIndicator, +// PossibleThreatIntelligenceResourceInnerKindValues returns the possible values for the ThreatIntelligenceResourceInnerKind const type. +func PossibleThreatIntelligenceResourceInnerKindValues() []ThreatIntelligenceResourceInnerKind { + return []ThreatIntelligenceResourceInnerKind{ + ThreatIntelligenceResourceInnerKindIndicator, } } -// ThreatIntelligenceSortingCriteriaEnum - Sorting order (ascending/descending/unsorted). -type ThreatIntelligenceSortingCriteriaEnum string +// ThreatIntelligenceSortingOrder - Sorting order (ascending/descending/unsorted). +type ThreatIntelligenceSortingOrder string const ( - ThreatIntelligenceSortingCriteriaEnumAscending ThreatIntelligenceSortingCriteriaEnum = "ascending" - ThreatIntelligenceSortingCriteriaEnumDescending ThreatIntelligenceSortingCriteriaEnum = "descending" - ThreatIntelligenceSortingCriteriaEnumUnsorted ThreatIntelligenceSortingCriteriaEnum = "unsorted" + ThreatIntelligenceSortingOrderAscending ThreatIntelligenceSortingOrder = "ascending" + ThreatIntelligenceSortingOrderDescending ThreatIntelligenceSortingOrder = "descending" + ThreatIntelligenceSortingOrderUnsorted ThreatIntelligenceSortingOrder = "unsorted" ) -// PossibleThreatIntelligenceSortingCriteriaEnumValues returns the possible values for the ThreatIntelligenceSortingCriteriaEnum const type. -func PossibleThreatIntelligenceSortingCriteriaEnumValues() []ThreatIntelligenceSortingCriteriaEnum { - return []ThreatIntelligenceSortingCriteriaEnum{ - ThreatIntelligenceSortingCriteriaEnumAscending, - ThreatIntelligenceSortingCriteriaEnumDescending, - ThreatIntelligenceSortingCriteriaEnumUnsorted, +// PossibleThreatIntelligenceSortingOrderValues returns the possible values for the ThreatIntelligenceSortingOrder const type. +func PossibleThreatIntelligenceSortingOrderValues() []ThreatIntelligenceSortingOrder { + return []ThreatIntelligenceSortingOrder{ + ThreatIntelligenceSortingOrderAscending, + ThreatIntelligenceSortingOrderDescending, + ThreatIntelligenceSortingOrderUnsorted, + } +} + +type TiType string + +const ( + TiTypeMain TiType = "main" +) + +// PossibleTiTypeValues returns the possible values for the TiType const type. +func PossibleTiTypeValues() []TiType { + return []TiType{ + TiTypeMain, } } @@ -2287,3 +3064,25 @@ func PossibleVersionValues() []Version { VersionV2, } } + +// WarningCode - The type of repository. +type WarningCode string + +const ( + WarningCodeSourceControlDeletedWithWarnings WarningCode = "SourceControl_DeletedWithWarnings" + WarningCodeSourceControlWarningDeletePipelineFromAzureDevOps WarningCode = "SourceControlWarning_DeletePipelineFromAzureDevOps" + WarningCodeSourceControlWarningDeleteRoleAssignment WarningCode = "SourceControlWarning_DeleteRoleAssignment" + WarningCodeSourceControlWarningDeleteServicePrincipal WarningCode = "SourceControlWarning_DeleteServicePrincipal" + WarningCodeSourceControlWarningDeleteWorkflowAndSecretFromGitHub WarningCode = "SourceControlWarning_DeleteWorkflowAndSecretFromGitHub" +) + +// PossibleWarningCodeValues returns the possible values for the WarningCode const type. +func PossibleWarningCodeValues() []WarningCode { + return []WarningCode{ + WarningCodeSourceControlDeletedWithWarnings, + WarningCodeSourceControlWarningDeletePipelineFromAzureDevOps, + WarningCodeSourceControlWarningDeleteRoleAssignment, + WarningCodeSourceControlWarningDeleteServicePrincipal, + WarningCodeSourceControlWarningDeleteWorkflowAndSecretFromGitHub, + } +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackage_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackage_client.go new file mode 100644 index 000000000000..0d79800e605a --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackage_client.go @@ -0,0 +1,174 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ContentPackageClient contains the methods for the ContentPackage group. +// Don't use this type directly, use NewContentPackageClient() instead. +type ContentPackageClient struct { + internal *arm.Client + subscriptionID string +} + +// NewContentPackageClient creates a new instance of ContentPackageClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewContentPackageClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ContentPackageClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ContentPackageClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Install - Install a package to the workspace. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - packageID - package Id +// - packageInstallationProperties - Package installation properties +// - options - ContentPackageClientInstallOptions contains the optional parameters for the ContentPackageClient.Install method. +func (client *ContentPackageClient) Install(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, packageInstallationProperties PackageModel, options *ContentPackageClientInstallOptions) (ContentPackageClientInstallResponse, error) { + var err error + const operationName = "ContentPackageClient.Install" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.installCreateRequest(ctx, resourceGroupName, workspaceName, packageID, packageInstallationProperties, options) + if err != nil { + return ContentPackageClientInstallResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentPackageClientInstallResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return ContentPackageClientInstallResponse{}, err + } + resp, err := client.installHandleResponse(httpResp) + return resp, err +} + +// installCreateRequest creates the Install request. +func (client *ContentPackageClient) installCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, packageInstallationProperties PackageModel, _ *ContentPackageClientInstallOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if packageID == "" { + return nil, errors.New("parameter packageID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{packageId}", url.PathEscape(packageID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, packageInstallationProperties); err != nil { + return nil, err + } + return req, nil +} + +// installHandleResponse handles the Install response. +func (client *ContentPackageClient) installHandleResponse(resp *http.Response) (ContentPackageClientInstallResponse, error) { + result := ContentPackageClientInstallResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.PackageModel); err != nil { + return ContentPackageClientInstallResponse{}, err + } + return result, nil +} + +// Uninstall - Uninstall a package from the workspace. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - packageID - package Id +// - options - ContentPackageClientUninstallOptions contains the optional parameters for the ContentPackageClient.Uninstall +// method. +func (client *ContentPackageClient) Uninstall(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *ContentPackageClientUninstallOptions) (ContentPackageClientUninstallResponse, error) { + var err error + const operationName = "ContentPackageClient.Uninstall" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.uninstallCreateRequest(ctx, resourceGroupName, workspaceName, packageID, options) + if err != nil { + return ContentPackageClientUninstallResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentPackageClientUninstallResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ContentPackageClientUninstallResponse{}, err + } + return ContentPackageClientUninstallResponse{}, nil +} + +// uninstallCreateRequest creates the Uninstall request. +func (client *ContentPackageClient) uninstallCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, _ *ContentPackageClientUninstallOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if packageID == "" { + return nil, errors.New("parameter packageID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{packageId}", url.PathEscape(packageID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackages_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackages_client.go new file mode 100644 index 000000000000..56cae9b5808f --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackages_client.go @@ -0,0 +1,197 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// ContentPackagesClient contains the methods for the ContentPackages group. +// Don't use this type directly, use NewContentPackagesClient() instead. +type ContentPackagesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewContentPackagesClient creates a new instance of ContentPackagesClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewContentPackagesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ContentPackagesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ContentPackagesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Gets an installed packages by its id. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - packageID - package Id +// - options - ContentPackagesClientGetOptions contains the optional parameters for the ContentPackagesClient.Get method. +func (client *ContentPackagesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *ContentPackagesClientGetOptions) (ContentPackagesClientGetResponse, error) { + var err error + const operationName = "ContentPackagesClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, packageID, options) + if err != nil { + return ContentPackagesClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentPackagesClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ContentPackagesClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *ContentPackagesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, _ *ContentPackagesClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if packageID == "" { + return nil, errors.New("parameter packageID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{packageId}", url.PathEscape(packageID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *ContentPackagesClient) getHandleResponse(resp *http.Response) (ContentPackagesClientGetResponse, error) { + result := ContentPackagesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.PackageModel); err != nil { + return ContentPackagesClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all installed packages. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - ContentPackagesClientListOptions contains the optional parameters for the ContentPackagesClient.NewListPager +// method. +func (client *ContentPackagesClient) NewListPager(resourceGroupName string, workspaceName string, options *ContentPackagesClientListOptions) *runtime.Pager[ContentPackagesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ContentPackagesClientListResponse]{ + More: func(page ContentPackagesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ContentPackagesClientListResponse) (ContentPackagesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ContentPackagesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return ContentPackagesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ContentPackagesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ContentPackagesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Count != nil { + reqQP.Set("$count", strconv.FormatBool(*options.Count)) + } + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.Search != nil { + reqQP.Set("$search", *options.Search) + } + if options != nil && options.Skip != nil { + reqQP.Set("$skip", strconv.FormatInt(int64(*options.Skip), 10)) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ContentPackagesClient) listHandleResponse(resp *http.Response) (ContentPackagesClientListResponse, error) { + result := ContentPackagesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.PackageList); err != nil { + return ContentPackagesClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplate_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplate_client.go new file mode 100644 index 000000000000..5cfa91ef8f18 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplate_client.go @@ -0,0 +1,244 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ContentTemplateClient contains the methods for the ContentTemplate group. +// Don't use this type directly, use NewContentTemplateClient() instead. +type ContentTemplateClient struct { + internal *arm.Client + subscriptionID string +} + +// NewContentTemplateClient creates a new instance of ContentTemplateClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewContentTemplateClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ContentTemplateClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ContentTemplateClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Delete - Delete an installed template. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - templateID - template Id +// - options - ContentTemplateClientDeleteOptions contains the optional parameters for the ContentTemplateClient.Delete method. +func (client *ContentTemplateClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *ContentTemplateClientDeleteOptions) (ContentTemplateClientDeleteResponse, error) { + var err error + const operationName = "ContentTemplateClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, templateID, options) + if err != nil { + return ContentTemplateClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentTemplateClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ContentTemplateClientDeleteResponse{}, err + } + return ContentTemplateClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *ContentTemplateClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, _ *ContentTemplateClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if templateID == "" { + return nil, errors.New("parameter templateID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{templateId}", url.PathEscape(templateID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a template byt its identifier. Expandable properties: +// * properties/mainTemplate +// * properties/dependantTemplates +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - templateID - template Id +// - options - ContentTemplateClientGetOptions contains the optional parameters for the ContentTemplateClient.Get method. +func (client *ContentTemplateClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *ContentTemplateClientGetOptions) (ContentTemplateClientGetResponse, error) { + var err error + const operationName = "ContentTemplateClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, templateID, options) + if err != nil { + return ContentTemplateClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentTemplateClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ContentTemplateClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *ContentTemplateClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, _ *ContentTemplateClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if templateID == "" { + return nil, errors.New("parameter templateID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{templateId}", url.PathEscape(templateID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *ContentTemplateClient) getHandleResponse(resp *http.Response) (ContentTemplateClientGetResponse, error) { + result := ContentTemplateClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TemplateModel); err != nil { + return ContentTemplateClientGetResponse{}, err + } + return result, nil +} + +// Install - Install a template. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - templateID - template Id +// - templateInstallationProperties - Template installation properties +// - options - ContentTemplateClientInstallOptions contains the optional parameters for the ContentTemplateClient.Install method. +func (client *ContentTemplateClient) Install(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, templateInstallationProperties TemplateModel, options *ContentTemplateClientInstallOptions) (ContentTemplateClientInstallResponse, error) { + var err error + const operationName = "ContentTemplateClient.Install" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.installCreateRequest(ctx, resourceGroupName, workspaceName, templateID, templateInstallationProperties, options) + if err != nil { + return ContentTemplateClientInstallResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentTemplateClientInstallResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return ContentTemplateClientInstallResponse{}, err + } + resp, err := client.installHandleResponse(httpResp) + return resp, err +} + +// installCreateRequest creates the Install request. +func (client *ContentTemplateClient) installCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, templateInstallationProperties TemplateModel, _ *ContentTemplateClientInstallOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if templateID == "" { + return nil, errors.New("parameter templateID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{templateId}", url.PathEscape(templateID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, templateInstallationProperties); err != nil { + return nil, err + } + return req, nil +} + +// installHandleResponse handles the Install response. +func (client *ContentTemplateClient) installHandleResponse(resp *http.Response) (ContentTemplateClientInstallResponse, error) { + result := ContentTemplateClientInstallResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TemplateModel); err != nil { + return ContentTemplateClientInstallResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplates_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplates_client.go new file mode 100644 index 000000000000..7383910b94a8 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplates_client.go @@ -0,0 +1,133 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// ContentTemplatesClient contains the methods for the ContentTemplates group. +// Don't use this type directly, use NewContentTemplatesClient() instead. +type ContentTemplatesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewContentTemplatesClient creates a new instance of ContentTemplatesClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewContentTemplatesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ContentTemplatesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ContentTemplatesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets all installed templates. Expandable properties: +// * properties/mainTemplate +// * properties/dependantTemplates +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - ContentTemplatesClientListOptions contains the optional parameters for the ContentTemplatesClient.NewListPager +// method. +func (client *ContentTemplatesClient) NewListPager(resourceGroupName string, workspaceName string, options *ContentTemplatesClientListOptions) *runtime.Pager[ContentTemplatesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ContentTemplatesClientListResponse]{ + More: func(page ContentTemplatesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ContentTemplatesClientListResponse) (ContentTemplatesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ContentTemplatesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return ContentTemplatesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ContentTemplatesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ContentTemplatesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Count != nil { + reqQP.Set("$count", strconv.FormatBool(*options.Count)) + } + if options != nil && options.Expand != nil { + reqQP.Set("$expand", *options.Expand) + } + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.Search != nil { + reqQP.Set("$search", *options.Search) + } + if options != nil && options.Skip != nil { + reqQP.Set("$skip", strconv.FormatInt(int64(*options.Skip), 10)) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ContentTemplatesClient) listHandleResponse(resp *http.Response) (ContentTemplatesClientListResponse, error) { + result := ContentTemplatesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TemplateList); err != nil { + return ContentTemplatesClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectordefinitions_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectordefinitions_client.go new file mode 100644 index 000000000000..06dbd28ff16f --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectordefinitions_client.go @@ -0,0 +1,310 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// DataConnectorDefinitionsClient contains the methods for the DataConnectorDefinitions group. +// Don't use this type directly, use NewDataConnectorDefinitionsClient() instead. +type DataConnectorDefinitionsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewDataConnectorDefinitionsClient creates a new instance of DataConnectorDefinitionsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewDataConnectorDefinitionsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*DataConnectorDefinitionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &DataConnectorDefinitionsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates the data connector definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - dataConnectorDefinitionName - The data connector definition name. +// - connectorDefinitionInput - The data connector definition +// - options - DataConnectorDefinitionsClientCreateOrUpdateOptions contains the optional parameters for the DataConnectorDefinitionsClient.CreateOrUpdate +// method. +func (client *DataConnectorDefinitionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, connectorDefinitionInput DataConnectorDefinitionClassification, options *DataConnectorDefinitionsClientCreateOrUpdateOptions) (DataConnectorDefinitionsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "DataConnectorDefinitionsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, dataConnectorDefinitionName, connectorDefinitionInput, options) + if err != nil { + return DataConnectorDefinitionsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DataConnectorDefinitionsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return DataConnectorDefinitionsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *DataConnectorDefinitionsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, connectorDefinitionInput DataConnectorDefinitionClassification, _ *DataConnectorDefinitionsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorDefinitions/{dataConnectorDefinitionName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if dataConnectorDefinitionName == "" { + return nil, errors.New("parameter dataConnectorDefinitionName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{dataConnectorDefinitionName}", url.PathEscape(dataConnectorDefinitionName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, connectorDefinitionInput); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *DataConnectorDefinitionsClient) createOrUpdateHandleResponse(resp *http.Response) (DataConnectorDefinitionsClientCreateOrUpdateResponse, error) { + result := DataConnectorDefinitionsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return DataConnectorDefinitionsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete the data connector definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - dataConnectorDefinitionName - The data connector definition name. +// - options - DataConnectorDefinitionsClientDeleteOptions contains the optional parameters for the DataConnectorDefinitionsClient.Delete +// method. +func (client *DataConnectorDefinitionsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, options *DataConnectorDefinitionsClientDeleteOptions) (DataConnectorDefinitionsClientDeleteResponse, error) { + var err error + const operationName = "DataConnectorDefinitionsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, dataConnectorDefinitionName, options) + if err != nil { + return DataConnectorDefinitionsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DataConnectorDefinitionsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return DataConnectorDefinitionsClientDeleteResponse{}, err + } + return DataConnectorDefinitionsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *DataConnectorDefinitionsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, _ *DataConnectorDefinitionsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorDefinitions/{dataConnectorDefinitionName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if dataConnectorDefinitionName == "" { + return nil, errors.New("parameter dataConnectorDefinitionName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{dataConnectorDefinitionName}", url.PathEscape(dataConnectorDefinitionName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a data connector definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - dataConnectorDefinitionName - The data connector definition name. +// - options - DataConnectorDefinitionsClientGetOptions contains the optional parameters for the DataConnectorDefinitionsClient.Get +// method. +func (client *DataConnectorDefinitionsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, options *DataConnectorDefinitionsClientGetOptions) (DataConnectorDefinitionsClientGetResponse, error) { + var err error + const operationName = "DataConnectorDefinitionsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, dataConnectorDefinitionName, options) + if err != nil { + return DataConnectorDefinitionsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DataConnectorDefinitionsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return DataConnectorDefinitionsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *DataConnectorDefinitionsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, _ *DataConnectorDefinitionsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorDefinitions/{dataConnectorDefinitionName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if dataConnectorDefinitionName == "" { + return nil, errors.New("parameter dataConnectorDefinitionName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{dataConnectorDefinitionName}", url.PathEscape(dataConnectorDefinitionName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *DataConnectorDefinitionsClient) getHandleResponse(resp *http.Response) (DataConnectorDefinitionsClientGetResponse, error) { + result := DataConnectorDefinitionsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return DataConnectorDefinitionsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all data connector definitions. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - DataConnectorDefinitionsClientListOptions contains the optional parameters for the DataConnectorDefinitionsClient.NewListPager +// method. +func (client *DataConnectorDefinitionsClient) NewListPager(resourceGroupName string, workspaceName string, options *DataConnectorDefinitionsClientListOptions) *runtime.Pager[DataConnectorDefinitionsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[DataConnectorDefinitionsClientListResponse]{ + More: func(page DataConnectorDefinitionsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *DataConnectorDefinitionsClientListResponse) (DataConnectorDefinitionsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "DataConnectorDefinitionsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return DataConnectorDefinitionsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *DataConnectorDefinitionsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *DataConnectorDefinitionsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorDefinitions" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *DataConnectorDefinitionsClient) listHandleResponse(resp *http.Response) (DataConnectorDefinitionsClientListResponse, error) { + result := DataConnectorDefinitionsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.DataConnectorDefinitionArmCollectionWrapper); err != nil { + return DataConnectorDefinitionsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client.go index 6c168df337bd..d1520229c029 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type DataConnectorsClient struct { } // NewDataConnectorsClient creates a new instance of DataConnectorsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewDataConnectorsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*DataConnectorsClient, error) { @@ -46,7 +43,7 @@ func NewDataConnectorsClient(subscriptionID string, credential azcore.TokenCrede // Connect - Connects a data connector. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - dataConnectorID - Connector ID @@ -74,7 +71,7 @@ func (client *DataConnectorsClient) Connect(ctx context.Context, resourceGroupNa } // connectCreateRequest creates the Connect request. -func (client *DataConnectorsClient) connectCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, connectBody DataConnectorConnectBody, options *DataConnectorsClientConnectOptions) (*policy.Request, error) { +func (client *DataConnectorsClient) connectCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, connectBody DataConnectorConnectBody, _ *DataConnectorsClientConnectOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}/connect" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -97,7 +94,7 @@ func (client *DataConnectorsClient) connectCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, connectBody); err != nil { @@ -109,7 +106,7 @@ func (client *DataConnectorsClient) connectCreateRequest(ctx context.Context, re // CreateOrUpdate - Creates or updates the data connector. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - dataConnectorID - Connector ID @@ -139,7 +136,7 @@ func (client *DataConnectorsClient) CreateOrUpdate(ctx context.Context, resource } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *DataConnectorsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector DataConnectorClassification, options *DataConnectorsClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *DataConnectorsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector DataConnectorClassification, _ *DataConnectorsClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -162,7 +159,7 @@ func (client *DataConnectorsClient) createOrUpdateCreateRequest(ctx context.Cont return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, dataConnector); err != nil { @@ -183,7 +180,7 @@ func (client *DataConnectorsClient) createOrUpdateHandleResponse(resp *http.Resp // Delete - Delete the data connector. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - dataConnectorID - Connector ID @@ -210,7 +207,7 @@ func (client *DataConnectorsClient) Delete(ctx context.Context, resourceGroupNam } // deleteCreateRequest creates the Delete request. -func (client *DataConnectorsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, options *DataConnectorsClientDeleteOptions) (*policy.Request, error) { +func (client *DataConnectorsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, _ *DataConnectorsClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -233,7 +230,7 @@ func (client *DataConnectorsClient) deleteCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -242,7 +239,7 @@ func (client *DataConnectorsClient) deleteCreateRequest(ctx context.Context, res // Disconnect - Disconnect a data connector. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - dataConnectorID - Connector ID @@ -270,7 +267,7 @@ func (client *DataConnectorsClient) Disconnect(ctx context.Context, resourceGrou } // disconnectCreateRequest creates the Disconnect request. -func (client *DataConnectorsClient) disconnectCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, options *DataConnectorsClientDisconnectOptions) (*policy.Request, error) { +func (client *DataConnectorsClient) disconnectCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, _ *DataConnectorsClientDisconnectOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}/disconnect" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -293,7 +290,7 @@ func (client *DataConnectorsClient) disconnectCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -302,7 +299,7 @@ func (client *DataConnectorsClient) disconnectCreateRequest(ctx context.Context, // Get - Gets a data connector. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - dataConnectorID - Connector ID @@ -330,7 +327,7 @@ func (client *DataConnectorsClient) Get(ctx context.Context, resourceGroupName s } // getCreateRequest creates the Get request. -func (client *DataConnectorsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, options *DataConnectorsClientGetOptions) (*policy.Request, error) { +func (client *DataConnectorsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, _ *DataConnectorsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -353,7 +350,7 @@ func (client *DataConnectorsClient) getCreateRequest(ctx context.Context, resour return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -370,7 +367,7 @@ func (client *DataConnectorsClient) getHandleResponse(resp *http.Response) (Data // NewListPager - Gets all data connectors. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - DataConnectorsClientListOptions contains the optional parameters for the DataConnectorsClient.NewListPager method. @@ -398,7 +395,7 @@ func (client *DataConnectorsClient) NewListPager(resourceGroupName string, works } // listCreateRequest creates the List request. -func (client *DataConnectorsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *DataConnectorsClientListOptions) (*policy.Request, error) { +func (client *DataConnectorsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *DataConnectorsClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -417,7 +414,7 @@ func (client *DataConnectorsClient) listCreateRequest(ctx context.Context, resou return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client_example_test.go deleted file mode 100644 index e9df44a50f9e..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client_example_test.go +++ /dev/null @@ -1,2500 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetDataConnectors.json -func ExampleDataConnectorsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewDataConnectorsClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.DataConnectorList = armsecurityinsights.DataConnectorList{ - // Value: []armsecurityinsights.DataConnectorClassification{ - // &armsecurityinsights.ASCDataConnector{ - // Name: to.Ptr("763f9fa1-c2d3-4fa2-93e9-bccd4899aa12"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/763f9fa1-c2d3-4fa2-93e9-bccd4899aa12"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureSecurityCenter), - // Properties: &armsecurityinsights.ASCDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // SubscriptionID: to.Ptr("d0cfe6b2-9ac0-4464-9919-dccaee2e48c0"), - // }, - // }, - // &armsecurityinsights.TIDataConnector{ - // Name: to.Ptr("c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligence), - // Properties: &armsecurityinsights.TIDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.TIDataConnectorDataTypes{ - // Indicators: &armsecurityinsights.TIDataConnectorDataTypesIndicators{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.TiTaxiiDataConnector{ - // Name: to.Ptr("c39bb458-02a7-4b3f-b0c8-71a1d2692652"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c39bb458-02a7-4b3f-b0c8-71a1d2692652"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligenceTaxii), - // Properties: &armsecurityinsights.TiTaxiiDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // CollectionID: to.Ptr("e0b1f32d-1188-48f7-a7a3-de71924e4b5e"), - // DataTypes: &armsecurityinsights.TiTaxiiDataConnectorDataTypes{ - // TaxiiClient: &armsecurityinsights.TiTaxiiDataConnectorDataTypesTaxiiClient{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // FriendlyName: to.Ptr("My TI Taxii Connector"), - // Password: to.Ptr(""), - // PollingFrequency: to.Ptr(armsecurityinsights.PollingFrequencyOnceAMinute), - // TaxiiServer: to.Ptr("https://mytaxiiserver.com/taxiing/v2/api"), - // UserName: to.Ptr(""), - // WorkspaceID: to.Ptr("8b014a77-4695-4ef4-96bb-6623afb121a2"), - // }, - // }, - // &armsecurityinsights.AADDataConnector{ - // Name: to.Ptr("f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureActiveDirectory), - // Properties: &armsecurityinsights.AADDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.OfficeDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365), - // Properties: &armsecurityinsights.OfficeDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.OfficeDataConnectorDataTypes{ - // Exchange: &armsecurityinsights.OfficeDataConnectorDataTypesExchange{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // SharePoint: &armsecurityinsights.OfficeDataConnectorDataTypesSharePoint{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // Teams: &armsecurityinsights.OfficeDataConnectorDataTypesTeams{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.MCASDataConnector{ - // Name: to.Ptr("b96d014d-b5c2-4a01-9aba-a8058f629d42"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/b96d014d-b5c2-4a01-9aba-a8058f629d42"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftCloudAppSecurity), - // Properties: &armsecurityinsights.MCASDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.MCASDataConnectorDataTypes{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // DiscoveryLogs: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.AATPDataConnector{ - // Name: to.Ptr("07e42cb3-e658-4e90-801c-efa0f29d3d44"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/07e42cb3-e658-4e90-801c-efa0f29d3d44"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureAdvancedThreatProtection), - // Properties: &armsecurityinsights.AATPDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.AwsCloudTrailDataConnector{ - // Name: to.Ptr("c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAmazonWebServicesCloudTrail), - // Properties: &armsecurityinsights.AwsCloudTrailDataConnectorProperties{ - // AwsRoleArn: to.Ptr("myAwsRoleArn"), - // DataTypes: &armsecurityinsights.AwsCloudTrailDataConnectorDataTypes{ - // Logs: &armsecurityinsights.AwsCloudTrailDataConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.AwsS3DataConnector{ - // Name: to.Ptr("afef3743-0c88-469c-84ff-ca2e87dc1e48"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/afef3743-0c88-469c-84ff-ca2e87dc1e48"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAmazonWebServicesS3), - // Properties: &armsecurityinsights.AwsS3DataConnectorProperties{ - // DataTypes: &armsecurityinsights.AwsS3DataConnectorDataTypes{ - // Logs: &armsecurityinsights.AwsS3DataConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // DestinationTable: to.Ptr("AWSVPCFlow"), - // RoleArn: to.Ptr("arn:aws:iam::072643944673:role/RoleName"), - // SqsUrls: []*string{ - // to.Ptr("https://sqs.us-west-1.amazonaws.com/111111111111/sqsTestName")}, - // }, - // }, - // &armsecurityinsights.MDATPDataConnector{ - // Name: to.Ptr("06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftDefenderAdvancedThreatProtection), - // Properties: &armsecurityinsights.MDATPDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.OfficeATPDataConnector{ - // Name: to.Ptr("3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOfficeATP), - // Properties: &armsecurityinsights.OfficeATPDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.Office365ProjectDataConnector{ - // Name: to.Ptr("3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365Project), - // Properties: &armsecurityinsights.Office365ProjectDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.Office365ProjectConnectorDataTypes{ - // Logs: &armsecurityinsights.Office365ProjectConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.OfficePowerBIDataConnector{ - // Name: to.Ptr("3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOfficePowerBI), - // Properties: &armsecurityinsights.OfficePowerBIDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.OfficePowerBIConnectorDataTypes{ - // Logs: &armsecurityinsights.OfficePowerBIConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.Dynamics365DataConnector{ - // Name: to.Ptr("c2541efb-c9a6-47fe-9501-87d1017d1512"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindDynamics365), - // Properties: &armsecurityinsights.Dynamics365DataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.Dynamics365DataConnectorDataTypes{ - // Dynamics365CdsActivities: &armsecurityinsights.Dynamics365DataConnectorDataTypesDynamics365CdsActivities{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.CodelessUIDataConnector{ - // Name: to.Ptr("316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Etag: to.Ptr("\"1a00b074-0000-0100-0000-606ef5bd0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindGenericUI), - // Properties: &armsecurityinsights.CodelessParameters{ - // ConnectorUIConfig: &armsecurityinsights.CodelessUIConnectorConfigProperties{ - // Availability: &armsecurityinsights.Availability{ - // IsPreview: to.Ptr(true), - // Status: to.Ptr[int32](1), - // }, - // ConnectivityCriteria: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem{ - // { - // Type: to.Ptr(armsecurityinsights.ConnectivityTypeIsConnectedQuery), - // Value: []*string{ - // to.Ptr("{{graphQueriesTableName}}\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)")}, - // }}, - // CustomImage: to.Ptr("The image connector content"), - // DataTypes: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesDataTypesItem{ - // { - // Name: to.Ptr("{{graphQueriesTableName}}"), - // LastDataReceivedQuery: to.Ptr("{{graphQueriesTableName}}\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)"), - // }}, - // DescriptionMarkdown: to.Ptr("The [Qualys Vulnerability Management (VM)](https://www.qualys.com/apps/vulnerability-management/) data connector provides the capability to ingest vulnerability host detection data into Azure Sentinel through the Qualys API. The connector provides visibility into host detection data from vulerability scans. This connector provides Azure Sentinel the capability to view dashboards, create custom alerts, and improve investigation "), - // GraphQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesGraphQueriesItem{ - // { - // BaseQuery: to.Ptr("{{graphQueriesTableName}}"), - // Legend: to.Ptr("{{graphQueriesTableName}}"), - // MetricName: to.Ptr("Total data received"), - // }}, - // GraphQueriesTableName: to.Ptr("QualysHostDetection_CL"), - // InstructionSteps: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesInstructionStepsItem{ - // { - // Description: to.Ptr(">**NOTE:** This connector uses Azure Functions to connect to Qualys VM to pull its logs into Azure Sentinel. This might result in additional data ingestion costs. Check the [Azure Functions pricing page](https://azure.microsoft.com/pricing/details/functions/) for details."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr(">**(Optional Step)** Securely store workspace and API authorization key(s) or token(s) in Azure Key Vault. Azure Key Vault provides a secure mechanism to store and retrieve key values. [Follow these instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) to use Azure Key Vault with an Azure Function App."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**STEP 1 - Configuration steps for the Qualys VM API**\n\n1. Log into the Qualys Vulnerability Management console with an administrator account, select the **Users** tab and the **Users** subtab. \n2. Click on the **New** drop-down menu and select **Users..**\n3. Create a username and password for the API account. \n4. In the **User Roles** tab, ensure the account role is set to **Manager** and access is allowed to **GUI** and **API**\n4. Log out of the administrator account and log into the console with the new API credentials for validation, then log out of the API account. \n5. Log back into the console using an administrator account and modify the API accounts User Roles, removing access to **GUI**. \n6. Save all changes."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**STEP 2 - Choose ONE from the following two deployment options to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Qualys VM connector, have the Workspace ID and Workspace Primary Key (can be copied from the following), as well as the Qualys VM API Authorization Key(s), readily available."), - // Instructions: []*armsecurityinsights.InstructionStepsInstructionsItem{ - // { - // Type: to.Ptr(armsecurityinsights.SettingTypeCopyableLabel), - // Parameters: map[string]any{ - // "fillWith":[]any{ - // "WorkspaceId", - // }, - // "label": "Workspace ID", - // }, - // }, - // { - // Type: to.Ptr(armsecurityinsights.SettingTypeCopyableLabel), - // Parameters: map[string]any{ - // "fillWith":[]any{ - // "PrimaryKey", - // }, - // "label": "Primary Key", - // }, - // }}, - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("Use this method for automated deployment of the Qualys VM connector using an ARM Tempate.\n\n1. Click the **Deploy to Azure** button below. \n\n [![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinelqualysvmazuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the **Workspace ID**, **Workspace Key**, **API Username**, **API Password** , update the **URI**, and any additional URI **Filter Parameters** (each filter should be separated by an \"&\" symbol, no spaces.) \n> - Enter the URI that corresponds to your region. The complete list of API Server URLs can be [found here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348) -- There is no need to add a time suffix to the URI, the Function App will dynamically append the Time Value to the URI in the proper format. \n - The default **Time Interval** is set to pull the last five (5) minutes of data. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly (in the function.json file, post deployment) to prevent overlapping data ingestion. \n> - Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details. \n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy."), - // Title: to.Ptr("Option 1 - Azure Resource Manager (ARM) Template"), - // }, - // { - // Description: to.Ptr("Use the following step-by-step instructions to deploy the Quayls VM connector manually with Azure Functions."), - // Title: to.Ptr("Option 2 - Manual Deployment of Azure Functions"), - // }, - // { - // Description: to.Ptr("**1. Create a Function App**\n\n1. From the Azure Portal, navigate to [Function App](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.Web%2Fsites/kind/functionapp), and select **+ Add**.\n2. In the **Basics** tab, ensure Runtime stack is set to **Powershell Core**. \n3. In the **Hosting** tab, ensure the **Consumption (Serverless)** plan type is selected.\n4. Make other preferrable configuration changes, if needed, then click **Create**."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**2. Import Function App Code**\n\n1. In the newly created Function App, select **Functions** on the left pane and click **+ New Function**.\n2. Select **Timer Trigger**.\n3. Enter a unique Function **Name** and leave the default cron schedule of every 5 minutes, then click **Create**.\n5. Click on **Code + Test** on the left pane. \n6. Copy the [Function App Code](https://aka.ms/sentinelqualysvmazurefunctioncode) and paste into the Function App `run.ps1` editor.\n7. Click **Save**."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**3. Configure the Function App**\n\n1. In the Function App, select the Function App Name and select **Configuration**.\n2. In the **Application settings** tab, select **+ New application setting**.\n3. Add each of the following seven (7) application settings individually, with their respective string values (case-sensitive): \n apiUsername\n apiPassword\n workspaceID\n workspaceKey\n uri\n filterParameters\n timeInterval\n> - Enter the URI that corresponds to your region. The complete list of API Server URLs can be [found here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348). The `uri` value must follow the following schema: `https:///api/2.0/fo/asset/host/vm/detection/?action=list&vm_processed_after=` -- There is no need to add a time suffix to the URI, the Function App will dynamically append the Time Value to the URI in the proper format.\n> - Add any additional filter parameters, for the `filterParameters` variable, that need to be appended to the URI. Each parameter should be seperated by an \"&\" symbol and should not include any spaces.\n> - Set the `timeInterval` (in minutes) to the value of `5` to correspond to the Timer Trigger of every `5` minutes. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly to prevent overlapping data ingestion.\n> - Note: If using Azure Key Vault, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n4. Once all application settings have been entered, click **Save**."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**4. Configure the host.json**.\n\nDue to the potentially large amount of Qualys host detection data being ingested, it can cause the execution time to surpass the default Function App timeout of five (5) minutes. Increase the default timeout duration to the maximum of ten (10) minutes, under the Consumption Plan, to allow more time for the Function App to execute.\n\n1. In the Function App, select the Function App Name and select the **App Service Editor** blade.\n2. Click **Go** to open the editor, then select the **host.json** file under the **wwwroot** directory.\n3. Add the line `\"functionTimeout\": \"00:10:00\",` above the `managedDependancy` line \n4. Ensure **SAVED** appears on the top right corner of the editor, then exit the editor.\n\n> NOTE: If a longer timeout duration is required, consider upgrading to an [App Service Plan](https://docs.microsoft.com/azure/azure-functions/functions-scale#timeout)"), - // Title: to.Ptr(""), - // }}, - // Permissions: &armsecurityinsights.Permissions{ - // Customs: []*armsecurityinsights.PermissionsCustomsItem{ - // { - // Name: to.Ptr("Microsoft.Web/sites permissions"), - // Description: to.Ptr("Read and write permissions to Azure Functions to create a Function App is required. [See the documentation to learn more about Azure Functions](https://docs.microsoft.com/azure/azure-functions/)."), - // }, - // { - // Name: to.Ptr("Qualys API Key"), - // Description: to.Ptr("A Qualys VM API username and password is required. [See the documentation to learn more about Qualys VM API](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf)."), - // }}, - // ResourceProvider: []*armsecurityinsights.PermissionsResourceProviderItem{ - // { - // PermissionsDisplayText: to.Ptr("read and write permissions on the workspace are required."), - // Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspaces), - // ProviderDisplayName: to.Ptr("Workspace"), - // RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - // Delete: to.Ptr(true), - // Read: to.Ptr(true), - // Write: to.Ptr(true), - // }, - // Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - // }, - // { - // PermissionsDisplayText: to.Ptr("read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key)."), - // Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspacesSharedKeys), - // ProviderDisplayName: to.Ptr("Keys"), - // RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - // Action: to.Ptr(true), - // }, - // Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - // }}, - // }, - // Publisher: to.Ptr("Qualys"), - // SampleQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesSampleQueriesItem{ - // { - // Description: to.Ptr("Top 10 Vulerabilities detected"), - // Query: to.Ptr("{{graphQueriesTableName}}\n | mv-expand todynamic(Detections_s)\n | extend Vulnerability = tostring(Detections_s.Results)\n | summarize count() by Vulnerability\n | top 10 by count_"), - // }}, - // Title: to.Ptr("Qualys Vulnerability Management (CCP DEMO)"), - // }, - // }, - // }, - // &armsecurityinsights.CodelessAPIPollingDataConnector{ - // Name: to.Ptr("316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Etag: to.Ptr("\"1a00b074-0000-0100-0000-606ef5bd0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAPIPolling), - // Properties: &armsecurityinsights.APIPollingParameters{ - // ConnectorUIConfig: &armsecurityinsights.CodelessUIConnectorConfigProperties{ - // Availability: &armsecurityinsights.Availability{ - // IsPreview: to.Ptr(true), - // Status: to.Ptr[int32](1), - // }, - // ConnectivityCriteria: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem{ - // { - // Type: to.Ptr(armsecurityinsights.ConnectivityType("SentinelKindsV2")), - // Value: []*string{ - // }, - // }}, - // DataTypes: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesDataTypesItem{ - // { - // Name: to.Ptr("{{graphQueriesTableName}}"), - // LastDataReceivedQuery: to.Ptr("{{graphQueriesTableName}}\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)"), - // }}, - // DescriptionMarkdown: to.Ptr("The GitHub audit log connector provides the capability to ingest GitHub logs into Azure Sentinel. By connecting GitHub audit logs into Azure Sentinel, you can view this data in workbooks, use it to create custom alerts, and improve your investigation process."), - // GraphQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesGraphQueriesItem{ - // { - // BaseQuery: to.Ptr("{{graphQueriesTableName}}"), - // Legend: to.Ptr("GitHub audit log events"), - // MetricName: to.Ptr("Total events received"), - // }}, - // GraphQueriesTableName: to.Ptr("GitHubAuditLogPolling_CL"), - // InstructionSteps: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesInstructionStepsItem{ - // { - // Description: to.Ptr("Enable GitHub audit Logs. \n Follow [this](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token) to create or find your personal key"), - // Instructions: []*armsecurityinsights.InstructionStepsInstructionsItem{ - // { - // Type: to.Ptr(armsecurityinsights.SettingType("APIKey")), - // Parameters: map[string]any{ - // "enable": "true", - // "userRequestPlaceHoldersInput":[]any{ - // map[string]any{ - // "displayText": "Organization Name", - // "placeHolderName": "{{placeHolder1}}", - // "placeHolderValue": "", - // "requestObjectKey": "apiEndpoint", - // }, - // }, - // }, - // }}, - // Title: to.Ptr("Connect GitHub Enterprise Audit Log to Azure Sentinel"), - // }}, - // Permissions: &armsecurityinsights.Permissions{ - // Customs: []*armsecurityinsights.PermissionsCustomsItem{ - // { - // Name: to.Ptr("GitHub API personal token Key"), - // Description: to.Ptr("You need access to GitHub personal token, the key should have 'admin:org' scope"), - // }}, - // ResourceProvider: []*armsecurityinsights.PermissionsResourceProviderItem{ - // { - // PermissionsDisplayText: to.Ptr("read and write permissions are required."), - // Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspaces), - // ProviderDisplayName: to.Ptr("Workspace"), - // RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - // Delete: to.Ptr(true), - // Read: to.Ptr(true), - // Write: to.Ptr(true), - // }, - // Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - // }}, - // }, - // Publisher: to.Ptr("GitHub"), - // SampleQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesSampleQueriesItem{ - // { - // Description: to.Ptr("All logs"), - // Query: to.Ptr("{{graphQueriesTableName}}\n | take 10 "), - // }}, - // Title: to.Ptr("GitHub Enterprise Audit Log"), - // }, - // PollingConfig: &armsecurityinsights.CodelessConnectorPollingConfigProperties{ - // Auth: &armsecurityinsights.CodelessConnectorPollingAuthProperties{ - // APIKeyIdentifier: to.Ptr("token"), - // APIKeyName: to.Ptr("Authorization"), - // AuthType: to.Ptr("APIKey"), - // }, - // Paging: &armsecurityinsights.CodelessConnectorPollingPagingProperties{ - // PageSizeParaName: to.Ptr("per_page"), - // PagingType: to.Ptr("LinkHeader"), - // }, - // Response: &armsecurityinsights.CodelessConnectorPollingResponseProperties{ - // EventsJSONPaths: []*string{ - // to.Ptr("$")}, - // }, - // Request: &armsecurityinsights.CodelessConnectorPollingRequestProperties{ - // APIEndpoint: to.Ptr("https://api.github.com/organizations/{{placeHolder1}}/audit-log"), - // Headers: map[string]any{ - // "Accept": "application/json", - // "User-Agent": "Scuba", - // }, - // HTTPMethod: to.Ptr("Get"), - // QueryParameters: map[string]any{ - // "phrase": "created:{_QueryWindowStartTime}..{_QueryWindowEndTime}", - // }, - // QueryTimeFormat: to.Ptr("yyyy-MM-ddTHH:mm:ssZ"), - // QueryWindowInMin: to.Ptr[int32](15), - // RateLimitQPS: to.Ptr[int32](50), - // RetryCount: to.Ptr[int32](2), - // TimeoutInSeconds: to.Ptr[int32](60), - // }, - // }, - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAPIPolling.json -func ExampleDataConnectorsClient_Get_getAApiPollingDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.CodelessAPIPollingDataConnector{ - // Name: to.Ptr("316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Etag: to.Ptr("\"1a00b074-0000-0100-0000-606ef5bd0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAPIPolling), - // Properties: &armsecurityinsights.APIPollingParameters{ - // ConnectorUIConfig: &armsecurityinsights.CodelessUIConnectorConfigProperties{ - // Availability: &armsecurityinsights.Availability{ - // IsPreview: to.Ptr(true), - // Status: to.Ptr[int32](1), - // }, - // ConnectivityCriteria: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem{ - // { - // Type: to.Ptr(armsecurityinsights.ConnectivityType("SentinelKindsV2")), - // Value: []*string{ - // }, - // }}, - // CustomImage: to.Ptr("The image connector content"), - // DataTypes: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesDataTypesItem{ - // { - // Name: to.Ptr("{{graphQueriesTableName}}"), - // LastDataReceivedQuery: to.Ptr("{{graphQueriesTableName}}\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)"), - // }}, - // DescriptionMarkdown: to.Ptr("The GitHub audit log connector provides the capability to ingest GitHub logs into Azure Sentinel. By connecting GitHub audit logs into Azure Sentinel, you can view this data in workbooks, use it to create custom alerts, and improve your investigation process."), - // GraphQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesGraphQueriesItem{ - // { - // BaseQuery: to.Ptr("{{graphQueriesTableName}}"), - // Legend: to.Ptr("GitHub audit log events"), - // MetricName: to.Ptr("Total events received"), - // }}, - // GraphQueriesTableName: to.Ptr("GitHubAuditLogPolling_CL"), - // InstructionSteps: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesInstructionStepsItem{ - // { - // Description: to.Ptr("Enable GitHub audit Logs. \n Follow [this](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token) to create or find your personal key"), - // Instructions: []*armsecurityinsights.InstructionStepsInstructionsItem{ - // { - // Type: to.Ptr(armsecurityinsights.SettingType("APIKey")), - // Parameters: map[string]any{ - // "enable": "true", - // "userRequestPlaceHoldersInput":[]any{ - // map[string]any{ - // "displayText": "Organization Name", - // "placeHolderName": "{{placeHolder1}}", - // "placeHolderValue": "", - // "requestObjectKey": "apiEndpoint", - // }, - // }, - // }, - // }}, - // Title: to.Ptr("Connect GitHub Enterprise Audit Log to Azure Sentinel"), - // }}, - // Permissions: &armsecurityinsights.Permissions{ - // Customs: []*armsecurityinsights.PermissionsCustomsItem{ - // { - // Name: to.Ptr("GitHub API personal token Key"), - // Description: to.Ptr("You need access to GitHub personal token, the key should have 'admin:org' scope"), - // }}, - // ResourceProvider: []*armsecurityinsights.PermissionsResourceProviderItem{ - // { - // PermissionsDisplayText: to.Ptr("read and write permissions are required."), - // Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspaces), - // ProviderDisplayName: to.Ptr("Workspace"), - // RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - // Delete: to.Ptr(true), - // Read: to.Ptr(true), - // Write: to.Ptr(true), - // }, - // Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - // }}, - // }, - // Publisher: to.Ptr("GitHub"), - // SampleQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesSampleQueriesItem{ - // { - // Description: to.Ptr("All logs"), - // Query: to.Ptr("{{graphQueriesTableName}}\n | take 10 "), - // }}, - // Title: to.Ptr("GitHub Enterprise Audit Log"), - // }, - // PollingConfig: &armsecurityinsights.CodelessConnectorPollingConfigProperties{ - // Auth: &armsecurityinsights.CodelessConnectorPollingAuthProperties{ - // APIKeyIdentifier: to.Ptr("token"), - // APIKeyName: to.Ptr("Authorization"), - // AuthType: to.Ptr("APIKey"), - // }, - // Paging: &armsecurityinsights.CodelessConnectorPollingPagingProperties{ - // PageSizeParaName: to.Ptr("per_page"), - // PagingType: to.Ptr("LinkHeader"), - // }, - // Response: &armsecurityinsights.CodelessConnectorPollingResponseProperties{ - // EventsJSONPaths: []*string{ - // to.Ptr("$")}, - // }, - // Request: &armsecurityinsights.CodelessConnectorPollingRequestProperties{ - // APIEndpoint: to.Ptr("https://api.github.com/organizations/{{placeHolder1}}/audit-log"), - // Headers: map[string]any{ - // "Accept": "application/json", - // "User-Agent": "Scuba", - // }, - // HTTPMethod: to.Ptr("Get"), - // QueryParameters: map[string]any{ - // "phrase": "created:{_QueryWindowStartTime}..{_QueryWindowEndTime}", - // }, - // QueryTimeFormat: to.Ptr("yyyy-MM-ddTHH:mm:ssZ"), - // QueryWindowInMin: to.Ptr[int32](15), - // RateLimitQPS: to.Ptr[int32](50), - // RetryCount: to.Ptr[int32](2), - // TimeoutInSeconds: to.Ptr[int32](60), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAzureSecurityCenterById.json -func ExampleDataConnectorsClient_Get_getAAscDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "763f9fa1-c2d3-4fa2-93e9-bccd4899aa12", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.ASCDataConnector{ - // Name: to.Ptr("763f9fa1-c2d3-4fa2-93e9-bccd4899aa12"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/763f9fa1-c2d3-4fa2-93e9-bccd4899aa12"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureSecurityCenter), - // Properties: &armsecurityinsights.ASCDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // SubscriptionID: to.Ptr("c0688291-89d7-4bed-87a2-a7b1bff43f4c"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetDynamics365DataConnectorById.json -func ExampleDataConnectorsClient_Get_getADynamics365DataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "c2541efb-c9a6-47fe-9501-87d1017d1512", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.Dynamics365DataConnector{ - // Name: to.Ptr("c2541efb-c9a6-47fe-9501-87d1017d1512"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindDynamics365), - // Properties: &armsecurityinsights.Dynamics365DataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.Dynamics365DataConnectorDataTypes{ - // Dynamics365CdsActivities: &armsecurityinsights.Dynamics365DataConnectorDataTypesDynamics365CdsActivities{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetGenericUI.json -func ExampleDataConnectorsClient_Get_getAGenericUiDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.CodelessUIDataConnector{ - // Name: to.Ptr("316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Etag: to.Ptr("\"1a00b074-0000-0100-0000-606ef5bd0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindGenericUI), - // Properties: &armsecurityinsights.CodelessParameters{ - // ConnectorUIConfig: &armsecurityinsights.CodelessUIConnectorConfigProperties{ - // Availability: &armsecurityinsights.Availability{ - // IsPreview: to.Ptr(true), - // Status: to.Ptr[int32](1), - // }, - // ConnectivityCriteria: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem{ - // { - // Type: to.Ptr(armsecurityinsights.ConnectivityTypeIsConnectedQuery), - // Value: []*string{ - // to.Ptr("{{graphQueriesTableName}}\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)")}, - // }}, - // CustomImage: to.Ptr("The image connector content"), - // DataTypes: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesDataTypesItem{ - // { - // Name: to.Ptr("{{graphQueriesTableName}}"), - // LastDataReceivedQuery: to.Ptr("{{graphQueriesTableName}}\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)"), - // }}, - // DescriptionMarkdown: to.Ptr("The [Qualys Vulnerability Management (VM)](https://www.qualys.com/apps/vulnerability-management/) data connector provides the capability to ingest vulnerability host detection data into Azure Sentinel through the Qualys API. The connector provides visibility into host detection data from vulerability scans. This connector provides Azure Sentinel the capability to view dashboards, create custom alerts, and improve investigation "), - // GraphQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesGraphQueriesItem{ - // { - // BaseQuery: to.Ptr("{{graphQueriesTableName}}"), - // Legend: to.Ptr("{{graphQueriesTableName}}"), - // MetricName: to.Ptr("Total data received"), - // }}, - // GraphQueriesTableName: to.Ptr("QualysHostDetection_CL"), - // InstructionSteps: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesInstructionStepsItem{ - // { - // Description: to.Ptr(">**NOTE:** This connector uses Azure Functions to connect to Qualys VM to pull its logs into Azure Sentinel. This might result in additional data ingestion costs. Check the [Azure Functions pricing page](https://azure.microsoft.com/pricing/details/functions/) for details."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr(">**(Optional Step)** Securely store workspace and API authorization key(s) or token(s) in Azure Key Vault. Azure Key Vault provides a secure mechanism to store and retrieve key values. [Follow these instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) to use Azure Key Vault with an Azure Function App."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**STEP 1 - Configuration steps for the Qualys VM API**\n\n1. Log into the Qualys Vulnerability Management console with an administrator account, select the **Users** tab and the **Users** subtab. \n2. Click on the **New** drop-down menu and select **Users..**\n3. Create a username and password for the API account. \n4. In the **User Roles** tab, ensure the account role is set to **Manager** and access is allowed to **GUI** and **API**\n4. Log out of the administrator account and log into the console with the new API credentials for validation, then log out of the API account. \n5. Log back into the console using an administrator account and modify the API accounts User Roles, removing access to **GUI**. \n6. Save all changes."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**STEP 2 - Choose ONE from the following two deployment options to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Qualys VM connector, have the Workspace ID and Workspace Primary Key (can be copied from the following), as well as the Qualys VM API Authorization Key(s), readily available."), - // Instructions: []*armsecurityinsights.InstructionStepsInstructionsItem{ - // { - // Type: to.Ptr(armsecurityinsights.SettingTypeCopyableLabel), - // Parameters: map[string]any{ - // "fillWith":[]any{ - // "WorkspaceId", - // }, - // "label": "Workspace ID", - // }, - // }, - // { - // Type: to.Ptr(armsecurityinsights.SettingTypeCopyableLabel), - // Parameters: map[string]any{ - // "fillWith":[]any{ - // "PrimaryKey", - // }, - // "label": "Primary Key", - // }, - // }}, - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("Use this method for automated deployment of the Qualys VM connector using an ARM Tempate.\n\n1. Click the **Deploy to Azure** button below. \n\n [![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinelqualysvmazuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the **Workspace ID**, **Workspace Key**, **API Username**, **API Password** , update the **URI**, and any additional URI **Filter Parameters** (each filter should be separated by an \"&\" symbol, no spaces.) \n> - Enter the URI that corresponds to your region. The complete list of API Server URLs can be [found here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348) -- There is no need to add a time suffix to the URI, the Function App will dynamically append the Time Value to the URI in the proper format. \n - The default **Time Interval** is set to pull the last five (5) minutes of data. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly (in the function.json file, post deployment) to prevent overlapping data ingestion. \n> - Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details. \n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy."), - // Title: to.Ptr("Option 1 - Azure Resource Manager (ARM) Template"), - // }, - // { - // Description: to.Ptr("Use the following step-by-step instructions to deploy the Quayls VM connector manually with Azure Functions."), - // Title: to.Ptr("Option 2 - Manual Deployment of Azure Functions"), - // }, - // { - // Description: to.Ptr("**1. Create a Function App**\n\n1. From the Azure Portal, navigate to [Function App](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.Web%2Fsites/kind/functionapp), and select **+ Add**.\n2. In the **Basics** tab, ensure Runtime stack is set to **Powershell Core**. \n3. In the **Hosting** tab, ensure the **Consumption (Serverless)** plan type is selected.\n4. Make other preferrable configuration changes, if needed, then click **Create**."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**2. Import Function App Code**\n\n1. In the newly created Function App, select **Functions** on the left pane and click **+ New Function**.\n2. Select **Timer Trigger**.\n3. Enter a unique Function **Name** and leave the default cron schedule of every 5 minutes, then click **Create**.\n5. Click on **Code + Test** on the left pane. \n6. Copy the [Function App Code](https://aka.ms/sentinelqualysvmazurefunctioncode) and paste into the Function App `run.ps1` editor.\n7. Click **Save**."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**3. Configure the Function App**\n\n1. In the Function App, select the Function App Name and select **Configuration**.\n2. In the **Application settings** tab, select **+ New application setting**.\n3. Add each of the following seven (7) application settings individually, with their respective string values (case-sensitive): \n apiUsername\n apiPassword\n workspaceID\n workspaceKey\n uri\n filterParameters\n timeInterval\n> - Enter the URI that corresponds to your region. The complete list of API Server URLs can be [found here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348). The `uri` value must follow the following schema: `https:///api/2.0/fo/asset/host/vm/detection/?action=list&vm_processed_after=` -- There is no need to add a time suffix to the URI, the Function App will dynamically append the Time Value to the URI in the proper format.\n> - Add any additional filter parameters, for the `filterParameters` variable, that need to be appended to the URI. Each parameter should be seperated by an \"&\" symbol and should not include any spaces.\n> - Set the `timeInterval` (in minutes) to the value of `5` to correspond to the Timer Trigger of every `5` minutes. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly to prevent overlapping data ingestion.\n> - Note: If using Azure Key Vault, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n4. Once all application settings have been entered, click **Save**."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**4. Configure the host.json**.\n\nDue to the potentially large amount of Qualys host detection data being ingested, it can cause the execution time to surpass the default Function App timeout of five (5) minutes. Increase the default timeout duration to the maximum of ten (10) minutes, under the Consumption Plan, to allow more time for the Function App to execute.\n\n1. In the Function App, select the Function App Name and select the **App Service Editor** blade.\n2. Click **Go** to open the editor, then select the **host.json** file under the **wwwroot** directory.\n3. Add the line `\"functionTimeout\": \"00:10:00\",` above the `managedDependancy` line \n4. Ensure **SAVED** appears on the top right corner of the editor, then exit the editor.\n\n> NOTE: If a longer timeout duration is required, consider upgrading to an [App Service Plan](https://docs.microsoft.com/azure/azure-functions/functions-scale#timeout)"), - // Title: to.Ptr(""), - // }}, - // Permissions: &armsecurityinsights.Permissions{ - // Customs: []*armsecurityinsights.PermissionsCustomsItem{ - // { - // Name: to.Ptr("Microsoft.Web/sites permissions"), - // Description: to.Ptr("Read and write permissions to Azure Functions to create a Function App is required. [See the documentation to learn more about Azure Functions](https://docs.microsoft.com/azure/azure-functions/)."), - // }, - // { - // Name: to.Ptr("Qualys API Key"), - // Description: to.Ptr("A Qualys VM API username and password is required. [See the documentation to learn more about Qualys VM API](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf)."), - // }}, - // ResourceProvider: []*armsecurityinsights.PermissionsResourceProviderItem{ - // { - // PermissionsDisplayText: to.Ptr("read and write permissions on the workspace are required."), - // Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspaces), - // ProviderDisplayName: to.Ptr("Workspace"), - // RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - // Delete: to.Ptr(true), - // Read: to.Ptr(true), - // Write: to.Ptr(true), - // }, - // Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - // }, - // { - // PermissionsDisplayText: to.Ptr("read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key)."), - // Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspacesSharedKeys), - // ProviderDisplayName: to.Ptr("Keys"), - // RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - // Action: to.Ptr(true), - // }, - // Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - // }}, - // }, - // Publisher: to.Ptr("Qualys"), - // SampleQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesSampleQueriesItem{ - // { - // Description: to.Ptr("Top 10 Vulerabilities detected"), - // Query: to.Ptr("{{graphQueriesTableName}}\n | mv-expand todynamic(Detections_s)\n | extend Vulnerability = tostring(Detections_s.Results)\n | summarize count() by Vulnerability\n | top 10 by count_"), - // }}, - // Title: to.Ptr("Qualys Vulnerability Management (CCP DEMO)"), - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetIoTById.json -func ExampleDataConnectorsClient_Get_getAIoTDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "d2e5dc7a-f3a2-429d-954b-939fa8c2932e", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.IoTDataConnector{ - // Name: to.Ptr("d2e5dc7a-f3a2-429d-954b-939fa8c2932e"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/d2e5dc7a-f3a2-429d-954b-939fa8c2932e"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindIOT), - // Properties: &armsecurityinsights.IoTDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // SubscriptionID: to.Ptr("c0688291-89d7-4bed-87a2-a7b1bff43f4c"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetMicrosoftCloudAppSecurityById.json -func ExampleDataConnectorsClient_Get_getAMcasDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "b96d014d-b5c2-4a01-9aba-a8058f629d42", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.MCASDataConnector{ - // Name: to.Ptr("b96d014d-b5c2-4a01-9aba-a8058f629d42"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/b96d014d-b5c2-4a01-9aba-a8058f629d42"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftCloudAppSecurity), - // Properties: &armsecurityinsights.MCASDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.MCASDataConnectorDataTypes{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // DiscoveryLogs: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetMicrosoftDefenderAdvancedThreatProtectionById.json -func ExampleDataConnectorsClient_Get_getAMdatpDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "06b3ccb8-1384-4bcc-aec7-852f6d57161b", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.MDATPDataConnector{ - // Name: to.Ptr("06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftDefenderAdvancedThreatProtection), - // Properties: &armsecurityinsights.MDATPDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetMicrosoftThreatIntelligenceById.json -func ExampleDataConnectorsClient_Get_getAMicrosoftThreatIntelligenceDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.MSTIDataConnector{ - // Name: to.Ptr("c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftThreatIntelligence), - // Properties: &armsecurityinsights.MSTIDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.MSTIDataConnectorDataTypes{ - // BingSafetyPhishingURL: &armsecurityinsights.MSTIDataConnectorDataTypesBingSafetyPhishingURL{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // LookbackPeriod: to.Ptr("example ??"), - // }, - // MicrosoftEmergingThreatFeed: &armsecurityinsights.MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // LookbackPeriod: to.Ptr("example"), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetMicrosoftThreatProtectionById.json -func ExampleDataConnectorsClient_Get_getAMicrosoftThreatProtectionDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.MTPDataConnector{ - // Name: to.Ptr("c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftThreatProtection), - // Properties: &armsecurityinsights.MTPDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.MTPDataConnectorDataTypes{ - // Incidents: &armsecurityinsights.MTPDataConnectorDataTypesIncidents{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetThreatIntelligenceTaxiiById.json -func ExampleDataConnectorsClient_Get_getATiTaxiiDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "c39bb458-02a7-4b3f-b0c8-71a1d2692652", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.TiTaxiiDataConnector{ - // Name: to.Ptr("c39bb458-02a7-4b3f-b0c8-71a1d2692652"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c39bb458-02a7-4b3f-b0c8-71a1d2692652"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligenceTaxii), - // Properties: &armsecurityinsights.TiTaxiiDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // CollectionID: to.Ptr("e0b1f32d-1188-48f7-a7a3-de71924e4b5e"), - // DataTypes: &armsecurityinsights.TiTaxiiDataConnectorDataTypes{ - // TaxiiClient: &armsecurityinsights.TiTaxiiDataConnectorDataTypesTaxiiClient{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // FriendlyName: to.Ptr("My TI Taxii Connector"), - // Password: to.Ptr(""), - // PollingFrequency: to.Ptr(armsecurityinsights.PollingFrequencyOnceADay), - // TaxiiLookbackPeriod: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-01-01T13:00:30.123Z"); return t}()), - // TaxiiServer: to.Ptr("https://mytaxiiserver.com/taxiing/v2/api"), - // UserName: to.Ptr(""), - // WorkspaceID: to.Ptr("8b014a77-4695-4ef4-96bb-6623afb121a2"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetThreatIntelligenceById.json -func ExampleDataConnectorsClient_Get_getATiDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.TIDataConnector{ - // Name: to.Ptr("c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligence), - // Properties: &armsecurityinsights.TIDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.TIDataConnectorDataTypes{ - // Indicators: &armsecurityinsights.TIDataConnectorDataTypesIndicators{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TipLookbackPeriod: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-01-01T13:00:30.123Z"); return t}()), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAzureActiveDirectoryById.json -func ExampleDataConnectorsClient_Get_getAnAadDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.AADDataConnector{ - // Name: to.Ptr("f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureActiveDirectory), - // Properties: &armsecurityinsights.AADDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAzureAdvancedThreatProtectionById.json -func ExampleDataConnectorsClient_Get_getAnAatpDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "07e42cb3-e658-4e90-801c-efa0f29d3d44", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.AATPDataConnector{ - // Name: to.Ptr("07e42cb3-e658-4e90-801c-efa0f29d3d44"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/07e42cb3-e658-4e90-801c-efa0f29d3d44"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureAdvancedThreatProtection), - // Properties: &armsecurityinsights.AATPDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAmazonWebServicesS3ById.json -func ExampleDataConnectorsClient_Get_getAnAwsS3DataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "afef3743-0c88-469c-84ff-ca2e87dc1e48", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.AwsS3DataConnector{ - // Name: to.Ptr("afef3743-0c88-469c-84ff-ca2e87dc1e48"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/afef3743-0c88-469c-84ff-ca2e87dc1e48"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAmazonWebServicesS3), - // Properties: &armsecurityinsights.AwsS3DataConnectorProperties{ - // DataTypes: &armsecurityinsights.AwsS3DataConnectorDataTypes{ - // Logs: &armsecurityinsights.AwsS3DataConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // DestinationTable: to.Ptr("AWSVPCFlow"), - // RoleArn: to.Ptr("arn:aws:iam::072643944673:role/RoleName"), - // SqsUrls: []*string{ - // to.Ptr("https://sqs.us-west-1.amazonaws.com/111111111111/sqsTestName")}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAmazonWebServicesCloudTrailById.json -func ExampleDataConnectorsClient_Get_getAnAwsCloudTrailDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.AwsCloudTrailDataConnector{ - // Name: to.Ptr("c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAmazonWebServicesCloudTrail), - // Properties: &armsecurityinsights.AwsCloudTrailDataConnectorProperties{ - // AwsRoleArn: to.Ptr("myAwsRoleArn"), - // DataTypes: &armsecurityinsights.AwsCloudTrailDataConnectorDataTypes{ - // Logs: &armsecurityinsights.AwsCloudTrailDataConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetOffice365AdvancedThreatProtectionById.json -func ExampleDataConnectorsClient_Get_getAnOfficeAtpDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "3d3e955e-33eb-401d-89a7-251c81ddd660", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.OfficeATPDataConnector{ - // Name: to.Ptr("3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOfficeATP), - // Properties: &armsecurityinsights.OfficeATPDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetMicrosoftInsiderRiskManagementById.json -func ExampleDataConnectorsClient_Get_getAnOfficeIrmDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "3d3e955e-33eb-401d-89a7-251c81ddd660", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.OfficeIRMDataConnector{ - // Name: to.Ptr("3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/3d3e955e-33eb-401d-89a7-251c81ddd660"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOfficeIRM), - // Properties: &armsecurityinsights.OfficeIRMDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetOfficePowerBIDataConnetorById.json -func ExampleDataConnectorsClient_Get_getAnOffice365PowerBiDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.OfficePowerBIDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOfficePowerBI), - // Properties: &armsecurityinsights.OfficePowerBIDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.OfficePowerBIConnectorDataTypes{ - // Logs: &armsecurityinsights.OfficePowerBIConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetOffice365ProjectDataConnetorById.json -func ExampleDataConnectorsClient_Get_getAnOffice365ProjectDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.Office365ProjectDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365Project), - // Properties: &armsecurityinsights.Office365ProjectDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.Office365ProjectConnectorDataTypes{ - // Logs: &armsecurityinsights.Office365ProjectConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetOfficeDataConnetorById.json -func ExampleDataConnectorsClient_Get_getAnOffice365DataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.OfficeDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365), - // Properties: &armsecurityinsights.OfficeDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.OfficeDataConnectorDataTypes{ - // Exchange: &armsecurityinsights.OfficeDataConnectorDataTypesExchange{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // SharePoint: &armsecurityinsights.OfficeDataConnectorDataTypesSharePoint{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // Teams: &armsecurityinsights.OfficeDataConnectorDataTypesTeams{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateAPIPolling.json -func ExampleDataConnectorsClient_CreateOrUpdate_createsOrUpdatesAApiPollingDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", &armsecurityinsights.CodelessAPIPollingDataConnector{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindAPIPolling), - Properties: &armsecurityinsights.APIPollingParameters{ - ConnectorUIConfig: &armsecurityinsights.CodelessUIConnectorConfigProperties{ - Availability: &armsecurityinsights.Availability{ - IsPreview: to.Ptr(true), - Status: to.Ptr[int32](1), - }, - ConnectivityCriteria: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem{ - { - Type: to.Ptr(armsecurityinsights.ConnectivityType("SentinelKindsV2")), - Value: []*string{}, - }}, - DataTypes: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesDataTypesItem{ - { - Name: to.Ptr("{{graphQueriesTableName}}"), - LastDataReceivedQuery: to.Ptr("{{graphQueriesTableName}}\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)"), - }}, - DescriptionMarkdown: to.Ptr("The GitHub audit log connector provides the capability to ingest GitHub logs into Azure Sentinel. By connecting GitHub audit logs into Azure Sentinel, you can view this data in workbooks, use it to create custom alerts, and improve your investigation process."), - GraphQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesGraphQueriesItem{ - { - BaseQuery: to.Ptr("{{graphQueriesTableName}}"), - Legend: to.Ptr("GitHub audit log events"), - MetricName: to.Ptr("Total events received"), - }}, - GraphQueriesTableName: to.Ptr("GitHubAuditLogPolling_CL"), - InstructionSteps: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesInstructionStepsItem{ - { - Description: to.Ptr("Enable GitHub audit Logs. \n Follow [this](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token) to create or find your personal key"), - Instructions: []*armsecurityinsights.InstructionStepsInstructionsItem{ - { - Type: to.Ptr(armsecurityinsights.SettingType("APIKey")), - Parameters: map[string]any{ - "enable": "true", - "userRequestPlaceHoldersInput": []any{ - map[string]any{ - "displayText": "Organization Name", - "placeHolderName": "{{placeHolder1}}", - "placeHolderValue": "", - "requestObjectKey": "apiEndpoint", - }, - }, - }, - }}, - Title: to.Ptr("Connect GitHub Enterprise Audit Log to Azure Sentinel"), - }}, - Permissions: &armsecurityinsights.Permissions{ - Customs: []*armsecurityinsights.PermissionsCustomsItem{ - { - Name: to.Ptr("GitHub API personal token Key"), - Description: to.Ptr("You need access to GitHub personal token, the key should have 'admin:org' scope"), - }}, - ResourceProvider: []*armsecurityinsights.PermissionsResourceProviderItem{ - { - PermissionsDisplayText: to.Ptr("read and write permissions are required."), - Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspaces), - ProviderDisplayName: to.Ptr("Workspace"), - RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - Delete: to.Ptr(true), - Read: to.Ptr(true), - Write: to.Ptr(true), - }, - Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - }}, - }, - Publisher: to.Ptr("GitHub"), - SampleQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesSampleQueriesItem{ - { - Description: to.Ptr("All logs"), - Query: to.Ptr("{{graphQueriesTableName}}\n | take 10 "), - }}, - Title: to.Ptr("GitHub Enterprise Audit Log"), - }, - PollingConfig: &armsecurityinsights.CodelessConnectorPollingConfigProperties{ - Auth: &armsecurityinsights.CodelessConnectorPollingAuthProperties{ - APIKeyIdentifier: to.Ptr("token"), - APIKeyName: to.Ptr("Authorization"), - AuthType: to.Ptr("APIKey"), - }, - Paging: &armsecurityinsights.CodelessConnectorPollingPagingProperties{ - PageSizeParaName: to.Ptr("per_page"), - PagingType: to.Ptr("LinkHeader"), - }, - Response: &armsecurityinsights.CodelessConnectorPollingResponseProperties{ - EventsJSONPaths: []*string{ - to.Ptr("$")}, - }, - Request: &armsecurityinsights.CodelessConnectorPollingRequestProperties{ - APIEndpoint: to.Ptr("https://api.github.com/organizations/{{placeHolder1}}/audit-log"), - Headers: map[string]any{ - "Accept": "application/json", - "User-Agent": "Scuba", - }, - HTTPMethod: to.Ptr("Get"), - QueryParameters: map[string]any{ - "phrase": "created:{_QueryWindowStartTime}..{_QueryWindowEndTime}", - }, - QueryTimeFormat: to.Ptr("yyyy-MM-ddTHH:mm:ssZ"), - QueryWindowInMin: to.Ptr[int32](15), - RateLimitQPS: to.Ptr[int32](50), - RetryCount: to.Ptr[int32](2), - TimeoutInSeconds: to.Ptr[int32](60), - }, - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse{ - // DataConnectorClassification: &armsecurityinsights.CodelessAPIPollingDataConnector{ - // Name: to.Ptr("316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Etag: to.Ptr("\"1a00b074-0000-0100-0000-606ef5bd0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAPIPolling), - // Properties: &armsecurityinsights.APIPollingParameters{ - // ConnectorUIConfig: &armsecurityinsights.CodelessUIConnectorConfigProperties{ - // Availability: &armsecurityinsights.Availability{ - // IsPreview: to.Ptr(true), - // Status: to.Ptr[int32](1), - // }, - // ConnectivityCriteria: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem{ - // { - // Type: to.Ptr(armsecurityinsights.ConnectivityType("SentinelKindsV2")), - // Value: []*string{ - // }, - // }}, - // DataTypes: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesDataTypesItem{ - // { - // Name: to.Ptr("{{graphQueriesTableName}}"), - // LastDataReceivedQuery: to.Ptr("{{graphQueriesTableName}}\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)"), - // }}, - // DescriptionMarkdown: to.Ptr("The GitHub audit log connector provides the capability to ingest GitHub logs into Azure Sentinel. By connecting GitHub audit logs into Azure Sentinel, you can view this data in workbooks, use it to create custom alerts, and improve your investigation process."), - // GraphQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesGraphQueriesItem{ - // { - // BaseQuery: to.Ptr("{{graphQueriesTableName}}"), - // Legend: to.Ptr("GitHub audit log events"), - // MetricName: to.Ptr("Total events received"), - // }}, - // GraphQueriesTableName: to.Ptr("GitHubAuditLogPolling_CL"), - // InstructionSteps: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesInstructionStepsItem{ - // { - // Description: to.Ptr("Enable GitHub audit Logs. \n Follow [this](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token) to create or find your personal key"), - // Instructions: []*armsecurityinsights.InstructionStepsInstructionsItem{ - // { - // Type: to.Ptr(armsecurityinsights.SettingType("APIKey")), - // Parameters: map[string]any{ - // "enable": "true", - // "userRequestPlaceHoldersInput":[]any{ - // map[string]any{ - // "displayText": "Organization Name", - // "placeHolderName": "{{placeHolder1}}", - // "placeHolderValue": "", - // "requestObjectKey": "apiEndpoint", - // }, - // }, - // }, - // }}, - // Title: to.Ptr("Connect GitHub Enterprise Audit Log to Azure Sentinel"), - // }}, - // Permissions: &armsecurityinsights.Permissions{ - // Customs: []*armsecurityinsights.PermissionsCustomsItem{ - // { - // Name: to.Ptr("GitHub API personal token Key"), - // Description: to.Ptr("You need access to GitHub personal token, the key should have 'admin:org' scope"), - // }}, - // ResourceProvider: []*armsecurityinsights.PermissionsResourceProviderItem{ - // { - // PermissionsDisplayText: to.Ptr("read and write permissions are required."), - // Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspaces), - // ProviderDisplayName: to.Ptr("Workspace"), - // RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - // Delete: to.Ptr(true), - // Read: to.Ptr(true), - // Write: to.Ptr(true), - // }, - // Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - // }}, - // }, - // Publisher: to.Ptr("GitHub"), - // SampleQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesSampleQueriesItem{ - // { - // Description: to.Ptr("All logs"), - // Query: to.Ptr("{{graphQueriesTableName}}\n | take 10 "), - // }}, - // Title: to.Ptr("GitHub Enterprise Audit Log"), - // }, - // PollingConfig: &armsecurityinsights.CodelessConnectorPollingConfigProperties{ - // Auth: &armsecurityinsights.CodelessConnectorPollingAuthProperties{ - // APIKeyIdentifier: to.Ptr("token"), - // APIKeyName: to.Ptr("Authorization"), - // AuthType: to.Ptr("APIKey"), - // }, - // Paging: &armsecurityinsights.CodelessConnectorPollingPagingProperties{ - // PageSizeParaName: to.Ptr("per_page"), - // PagingType: to.Ptr("LinkHeader"), - // }, - // Response: &armsecurityinsights.CodelessConnectorPollingResponseProperties{ - // EventsJSONPaths: []*string{ - // to.Ptr("$")}, - // }, - // Request: &armsecurityinsights.CodelessConnectorPollingRequestProperties{ - // APIEndpoint: to.Ptr("https://api.github.com/organizations/{{placeHolder1}}/audit-log"), - // Headers: map[string]any{ - // "Accept": "application/json", - // "User-Agent": "Scuba", - // }, - // HTTPMethod: to.Ptr("Get"), - // QueryParameters: map[string]any{ - // "phrase": "created:{_QueryWindowStartTime}..{_QueryWindowEndTime}", - // }, - // QueryTimeFormat: to.Ptr("yyyy-MM-ddTHH:mm:ssZ"), - // QueryWindowInMin: to.Ptr[int32](15), - // RateLimitQPS: to.Ptr[int32](50), - // RetryCount: to.Ptr[int32](2), - // TimeoutInSeconds: to.Ptr[int32](60), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateDynamics365DataConnetor.json -func ExampleDataConnectorsClient_CreateOrUpdate_createsOrUpdatesADynamics365DataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "c2541efb-c9a6-47fe-9501-87d1017d1512", &armsecurityinsights.Dynamics365DataConnector{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Kind: to.Ptr(armsecurityinsights.DataConnectorKindDynamics365), - Properties: &armsecurityinsights.Dynamics365DataConnectorProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - DataTypes: &armsecurityinsights.Dynamics365DataConnectorDataTypes{ - Dynamics365CdsActivities: &armsecurityinsights.Dynamics365DataConnectorDataTypesDynamics365CdsActivities{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse{ - // DataConnectorClassification: &armsecurityinsights.Dynamics365DataConnector{ - // Name: to.Ptr("c2541efb-c9a6-47fe-9501-87d1017d1512"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindDynamics365), - // Properties: &armsecurityinsights.Dynamics365DataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.Dynamics365DataConnectorDataTypes{ - // Dynamics365CdsActivities: &armsecurityinsights.Dynamics365DataConnectorDataTypesDynamics365CdsActivities{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateGenericUI.json -func ExampleDataConnectorsClient_CreateOrUpdate_createsOrUpdatesAGenericUiDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", &armsecurityinsights.CodelessUIDataConnector{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindGenericUI), - Properties: &armsecurityinsights.CodelessParameters{ - ConnectorUIConfig: &armsecurityinsights.CodelessUIConnectorConfigProperties{ - Availability: &armsecurityinsights.Availability{ - IsPreview: to.Ptr(true), - Status: to.Ptr[int32](1), - }, - ConnectivityCriteria: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem{ - { - Type: to.Ptr(armsecurityinsights.ConnectivityTypeIsConnectedQuery), - Value: []*string{ - to.Ptr("{{graphQueriesTableName}}\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)")}, - }}, - DataTypes: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesDataTypesItem{ - { - Name: to.Ptr("{{graphQueriesTableName}}"), - LastDataReceivedQuery: to.Ptr("{{graphQueriesTableName}}\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)"), - }}, - DescriptionMarkdown: to.Ptr("The [Qualys Vulnerability Management (VM)](https://www.qualys.com/apps/vulnerability-management/) data connector provides the capability to ingest vulnerability host detection data into Azure Sentinel through the Qualys API. The connector provides visibility into host detection data from vulerability scans. This connector provides Azure Sentinel the capability to view dashboards, create custom alerts, and improve investigation "), - GraphQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesGraphQueriesItem{ - { - BaseQuery: to.Ptr("{{graphQueriesTableName}}"), - Legend: to.Ptr("{{graphQueriesTableName}}"), - MetricName: to.Ptr("Total data received"), - }}, - GraphQueriesTableName: to.Ptr("QualysHostDetection_CL"), - InstructionSteps: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesInstructionStepsItem{ - { - Description: to.Ptr(">**NOTE:** This connector uses Azure Functions to connect to Qualys VM to pull its logs into Azure Sentinel. This might result in additional data ingestion costs. Check the [Azure Functions pricing page](https://azure.microsoft.com/pricing/details/functions/) for details."), - Title: to.Ptr(""), - }, - { - Description: to.Ptr(">**(Optional Step)** Securely store workspace and API authorization key(s) or token(s) in Azure Key Vault. Azure Key Vault provides a secure mechanism to store and retrieve key values. [Follow these instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) to use Azure Key Vault with an Azure Function App."), - Title: to.Ptr(""), - }, - { - Description: to.Ptr("**STEP 1 - Configuration steps for the Qualys VM API**\n\n1. Log into the Qualys Vulnerability Management console with an administrator account, select the **Users** tab and the **Users** subtab. \n2. Click on the **New** drop-down menu and select **Users..**\n3. Create a username and password for the API account. \n4. In the **User Roles** tab, ensure the account role is set to **Manager** and access is allowed to **GUI** and **API**\n4. Log out of the administrator account and log into the console with the new API credentials for validation, then log out of the API account. \n5. Log back into the console using an administrator account and modify the API accounts User Roles, removing access to **GUI**. \n6. Save all changes."), - Title: to.Ptr(""), - }, - { - Description: to.Ptr("**STEP 2 - Choose ONE from the following two deployment options to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Qualys VM connector, have the Workspace ID and Workspace Primary Key (can be copied from the following), as well as the Qualys VM API Authorization Key(s), readily available."), - Instructions: []*armsecurityinsights.InstructionStepsInstructionsItem{ - { - Type: to.Ptr(armsecurityinsights.SettingTypeCopyableLabel), - Parameters: map[string]any{ - "fillWith": []any{ - "WorkspaceId", - }, - "label": "Workspace ID", - }, - }, - { - Type: to.Ptr(armsecurityinsights.SettingTypeCopyableLabel), - Parameters: map[string]any{ - "fillWith": []any{ - "PrimaryKey", - }, - "label": "Primary Key", - }, - }}, - Title: to.Ptr(""), - }, - { - Description: to.Ptr("Use this method for automated deployment of the Qualys VM connector using an ARM Tempate.\n\n1. Click the **Deploy to Azure** button below. \n\n [![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinelqualysvmazuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the **Workspace ID**, **Workspace Key**, **API Username**, **API Password** , update the **URI**, and any additional URI **Filter Parameters** (each filter should be separated by an \"&\" symbol, no spaces.) \n> - Enter the URI that corresponds to your region. The complete list of API Server URLs can be [found here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348) -- There is no need to add a time suffix to the URI, the Function App will dynamically append the Time Value to the URI in the proper format. \n - The default **Time Interval** is set to pull the last five (5) minutes of data. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly (in the function.json file, post deployment) to prevent overlapping data ingestion. \n> - Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details. \n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy."), - Title: to.Ptr("Option 1 - Azure Resource Manager (ARM) Template"), - }, - { - Description: to.Ptr("Use the following step-by-step instructions to deploy the Quayls VM connector manually with Azure Functions."), - Title: to.Ptr("Option 2 - Manual Deployment of Azure Functions"), - }, - { - Description: to.Ptr("**1. Create a Function App**\n\n1. From the Azure Portal, navigate to [Function App](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.Web%2Fsites/kind/functionapp), and select **+ Add**.\n2. In the **Basics** tab, ensure Runtime stack is set to **Powershell Core**. \n3. In the **Hosting** tab, ensure the **Consumption (Serverless)** plan type is selected.\n4. Make other preferrable configuration changes, if needed, then click **Create**."), - Title: to.Ptr(""), - }, - { - Description: to.Ptr("**2. Import Function App Code**\n\n1. In the newly created Function App, select **Functions** on the left pane and click **+ New Function**.\n2. Select **Timer Trigger**.\n3. Enter a unique Function **Name** and leave the default cron schedule of every 5 minutes, then click **Create**.\n5. Click on **Code + Test** on the left pane. \n6. Copy the [Function App Code](https://aka.ms/sentinelqualysvmazurefunctioncode) and paste into the Function App `run.ps1` editor.\n7. Click **Save**."), - Title: to.Ptr(""), - }, - { - Description: to.Ptr("**3. Configure the Function App**\n\n1. In the Function App, select the Function App Name and select **Configuration**.\n2. In the **Application settings** tab, select **+ New application setting**.\n3. Add each of the following seven (7) application settings individually, with their respective string values (case-sensitive): \n apiUsername\n apiPassword\n workspaceID\n workspaceKey\n uri\n filterParameters\n timeInterval\n> - Enter the URI that corresponds to your region. The complete list of API Server URLs can be [found here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348). The `uri` value must follow the following schema: `https:///api/2.0/fo/asset/host/vm/detection/?action=list&vm_processed_after=` -- There is no need to add a time suffix to the URI, the Function App will dynamically append the Time Value to the URI in the proper format.\n> - Add any additional filter parameters, for the `filterParameters` variable, that need to be appended to the URI. Each parameter should be seperated by an \"&\" symbol and should not include any spaces.\n> - Set the `timeInterval` (in minutes) to the value of `5` to correspond to the Timer Trigger of every `5` minutes. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly to prevent overlapping data ingestion.\n> - Note: If using Azure Key Vault, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n4. Once all application settings have been entered, click **Save**."), - Title: to.Ptr(""), - }, - { - Description: to.Ptr("**4. Configure the host.json**.\n\nDue to the potentially large amount of Qualys host detection data being ingested, it can cause the execution time to surpass the default Function App timeout of five (5) minutes. Increase the default timeout duration to the maximum of ten (10) minutes, under the Consumption Plan, to allow more time for the Function App to execute.\n\n1. In the Function App, select the Function App Name and select the **App Service Editor** blade.\n2. Click **Go** to open the editor, then select the **host.json** file under the **wwwroot** directory.\n3. Add the line `\"functionTimeout\": \"00:10:00\",` above the `managedDependancy` line \n4. Ensure **SAVED** appears on the top right corner of the editor, then exit the editor.\n\n> NOTE: If a longer timeout duration is required, consider upgrading to an [App Service Plan](https://docs.microsoft.com/azure/azure-functions/functions-scale#timeout)"), - Title: to.Ptr(""), - }}, - Permissions: &armsecurityinsights.Permissions{ - Customs: []*armsecurityinsights.PermissionsCustomsItem{ - { - Name: to.Ptr("Microsoft.Web/sites permissions"), - Description: to.Ptr("Read and write permissions to Azure Functions to create a Function App is required. [See the documentation to learn more about Azure Functions](https://docs.microsoft.com/azure/azure-functions/)."), - }, - { - Name: to.Ptr("Qualys API Key"), - Description: to.Ptr("A Qualys VM API username and password is required. [See the documentation to learn more about Qualys VM API](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf)."), - }}, - ResourceProvider: []*armsecurityinsights.PermissionsResourceProviderItem{ - { - PermissionsDisplayText: to.Ptr("read and write permissions on the workspace are required."), - Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspaces), - ProviderDisplayName: to.Ptr("Workspace"), - RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - Delete: to.Ptr(true), - Read: to.Ptr(true), - Write: to.Ptr(true), - }, - Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - }, - { - PermissionsDisplayText: to.Ptr("read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key)."), - Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspacesSharedKeys), - ProviderDisplayName: to.Ptr("Keys"), - RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - Action: to.Ptr(true), - }, - Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - }}, - }, - Publisher: to.Ptr("Qualys"), - SampleQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesSampleQueriesItem{ - { - Description: to.Ptr("Top 10 Vulerabilities detected"), - Query: to.Ptr("{{graphQueriesTableName}}\n | mv-expand todynamic(Detections_s)\n | extend Vulnerability = tostring(Detections_s.Results)\n | summarize count() by Vulnerability\n | top 10 by count_"), - }}, - Title: to.Ptr("Qualys Vulnerability Management (CCP DEMO)"), - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse{ - // DataConnectorClassification: &armsecurityinsights.CodelessUIDataConnector{ - // Name: to.Ptr("316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/316ec55e-7138-4d63-ab18-90c8a60fd1c8"), - // Etag: to.Ptr("\"1a00b074-0000-0100-0000-606ef5bd0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindGenericUI), - // Properties: &armsecurityinsights.CodelessParameters{ - // ConnectorUIConfig: &armsecurityinsights.CodelessUIConnectorConfigProperties{ - // Availability: &armsecurityinsights.Availability{ - // IsPreview: to.Ptr(true), - // Status: to.Ptr[int32](1), - // }, - // ConnectivityCriteria: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem{ - // { - // Type: to.Ptr(armsecurityinsights.ConnectivityTypeIsConnectedQuery), - // Value: []*string{ - // to.Ptr("{{graphQueriesTableName}}\n | summarize LastLogReceived = max(TimeGenerated)\n | project IsConnected = LastLogReceived > ago(30d)")}, - // }}, - // DataTypes: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesDataTypesItem{ - // { - // Name: to.Ptr("{{graphQueriesTableName}}"), - // LastDataReceivedQuery: to.Ptr("{{graphQueriesTableName}}\n | summarize Time = max(TimeGenerated)\n | where isnotempty(Time)"), - // }}, - // DescriptionMarkdown: to.Ptr("The [Qualys Vulnerability Management (VM)](https://www.qualys.com/apps/vulnerability-management/) data connector provides the capability to ingest vulnerability host detection data into Azure Sentinel through the Qualys API. The connector provides visibility into host detection data from vulerability scans. This connector provides Azure Sentinel the capability to view dashboards, create custom alerts, and improve investigation "), - // GraphQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesGraphQueriesItem{ - // { - // BaseQuery: to.Ptr("{{graphQueriesTableName}}"), - // Legend: to.Ptr("{{graphQueriesTableName}}"), - // MetricName: to.Ptr("Total data received"), - // }}, - // GraphQueriesTableName: to.Ptr("QualysHostDetection_CL"), - // InstructionSteps: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesInstructionStepsItem{ - // { - // Description: to.Ptr(">**NOTE:** This connector uses Azure Functions to connect to Qualys VM to pull its logs into Azure Sentinel. This might result in additional data ingestion costs. Check the [Azure Functions pricing page](https://azure.microsoft.com/pricing/details/functions/) for details."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr(">**(Optional Step)** Securely store workspace and API authorization key(s) or token(s) in Azure Key Vault. Azure Key Vault provides a secure mechanism to store and retrieve key values. [Follow these instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) to use Azure Key Vault with an Azure Function App."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**STEP 1 - Configuration steps for the Qualys VM API**\n\n1. Log into the Qualys Vulnerability Management console with an administrator account, select the **Users** tab and the **Users** subtab. \n2. Click on the **New** drop-down menu and select **Users..**\n3. Create a username and password for the API account. \n4. In the **User Roles** tab, ensure the account role is set to **Manager** and access is allowed to **GUI** and **API**\n4. Log out of the administrator account and log into the console with the new API credentials for validation, then log out of the API account. \n5. Log back into the console using an administrator account and modify the API accounts User Roles, removing access to **GUI**. \n6. Save all changes."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**STEP 2 - Choose ONE from the following two deployment options to deploy the connector and the associated Azure Function**\n\n>**IMPORTANT:** Before deploying the Qualys VM connector, have the Workspace ID and Workspace Primary Key (can be copied from the following), as well as the Qualys VM API Authorization Key(s), readily available."), - // Instructions: []*armsecurityinsights.InstructionStepsInstructionsItem{ - // { - // Type: to.Ptr(armsecurityinsights.SettingTypeCopyableLabel), - // Parameters: map[string]any{ - // "fillWith":[]any{ - // "WorkspaceId", - // }, - // "label": "Workspace ID", - // }, - // }, - // { - // Type: to.Ptr(armsecurityinsights.SettingTypeCopyableLabel), - // Parameters: map[string]any{ - // "fillWith":[]any{ - // "PrimaryKey", - // }, - // "label": "Primary Key", - // }, - // }}, - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("Use this method for automated deployment of the Qualys VM connector using an ARM Tempate.\n\n1. Click the **Deploy to Azure** button below. \n\n [![Deploy To Azure](https://aka.ms/deploytoazurebutton)](https://aka.ms/sentinelqualysvmazuredeploy)\n2. Select the preferred **Subscription**, **Resource Group** and **Location**. \n3. Enter the **Workspace ID**, **Workspace Key**, **API Username**, **API Password** , update the **URI**, and any additional URI **Filter Parameters** (each filter should be separated by an \"&\" symbol, no spaces.) \n> - Enter the URI that corresponds to your region. The complete list of API Server URLs can be [found here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348) -- There is no need to add a time suffix to the URI, the Function App will dynamically append the Time Value to the URI in the proper format. \n - The default **Time Interval** is set to pull the last five (5) minutes of data. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly (in the function.json file, post deployment) to prevent overlapping data ingestion. \n> - Note: If using Azure Key Vault secrets for any of the values above, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details. \n4. Mark the checkbox labeled **I agree to the terms and conditions stated above**. \n5. Click **Purchase** to deploy."), - // Title: to.Ptr("Option 1 - Azure Resource Manager (ARM) Template"), - // }, - // { - // Description: to.Ptr("Use the following step-by-step instructions to deploy the Quayls VM connector manually with Azure Functions."), - // Title: to.Ptr("Option 2 - Manual Deployment of Azure Functions"), - // }, - // { - // Description: to.Ptr("**1. Create a Function App**\n\n1. From the Azure Portal, navigate to [Function App](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.Web%2Fsites/kind/functionapp), and select **+ Add**.\n2. In the **Basics** tab, ensure Runtime stack is set to **Powershell Core**. \n3. In the **Hosting** tab, ensure the **Consumption (Serverless)** plan type is selected.\n4. Make other preferrable configuration changes, if needed, then click **Create**."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**2. Import Function App Code**\n\n1. In the newly created Function App, select **Functions** on the left pane and click **+ New Function**.\n2. Select **Timer Trigger**.\n3. Enter a unique Function **Name** and leave the default cron schedule of every 5 minutes, then click **Create**.\n5. Click on **Code + Test** on the left pane. \n6. Copy the [Function App Code](https://aka.ms/sentinelqualysvmazurefunctioncode) and paste into the Function App `run.ps1` editor.\n7. Click **Save**."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**3. Configure the Function App**\n\n1. In the Function App, select the Function App Name and select **Configuration**.\n2. In the **Application settings** tab, select **+ New application setting**.\n3. Add each of the following seven (7) application settings individually, with their respective string values (case-sensitive): \n apiUsername\n apiPassword\n workspaceID\n workspaceKey\n uri\n filterParameters\n timeInterval\n> - Enter the URI that corresponds to your region. The complete list of API Server URLs can be [found here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348). The `uri` value must follow the following schema: `https:///api/2.0/fo/asset/host/vm/detection/?action=list&vm_processed_after=` -- There is no need to add a time suffix to the URI, the Function App will dynamically append the Time Value to the URI in the proper format.\n> - Add any additional filter parameters, for the `filterParameters` variable, that need to be appended to the URI. Each parameter should be seperated by an \"&\" symbol and should not include any spaces.\n> - Set the `timeInterval` (in minutes) to the value of `5` to correspond to the Timer Trigger of every `5` minutes. If the time interval needs to be modified, it is recommended to change the Function App Timer Trigger accordingly to prevent overlapping data ingestion.\n> - Note: If using Azure Key Vault, use the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema in place of the string values. Refer to [Key Vault references documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references) for further details.\n4. Once all application settings have been entered, click **Save**."), - // Title: to.Ptr(""), - // }, - // { - // Description: to.Ptr("**4. Configure the host.json**.\n\nDue to the potentially large amount of Qualys host detection data being ingested, it can cause the execution time to surpass the default Function App timeout of five (5) minutes. Increase the default timeout duration to the maximum of ten (10) minutes, under the Consumption Plan, to allow more time for the Function App to execute.\n\n1. In the Function App, select the Function App Name and select the **App Service Editor** blade.\n2. Click **Go** to open the editor, then select the **host.json** file under the **wwwroot** directory.\n3. Add the line `\"functionTimeout\": \"00:10:00\",` above the `managedDependancy` line \n4. Ensure **SAVED** appears on the top right corner of the editor, then exit the editor.\n\n> NOTE: If a longer timeout duration is required, consider upgrading to an [App Service Plan](https://docs.microsoft.com/azure/azure-functions/functions-scale#timeout)"), - // Title: to.Ptr(""), - // }}, - // Permissions: &armsecurityinsights.Permissions{ - // Customs: []*armsecurityinsights.PermissionsCustomsItem{ - // { - // Name: to.Ptr("Microsoft.Web/sites permissions"), - // Description: to.Ptr("Read and write permissions to Azure Functions to create a Function App is required. [See the documentation to learn more about Azure Functions](https://docs.microsoft.com/azure/azure-functions/)."), - // }, - // { - // Name: to.Ptr("Qualys API Key"), - // Description: to.Ptr("A Qualys VM API username and password is required. [See the documentation to learn more about Qualys VM API](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf)."), - // }}, - // ResourceProvider: []*armsecurityinsights.PermissionsResourceProviderItem{ - // { - // PermissionsDisplayText: to.Ptr("read and write permissions on the workspace are required."), - // Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspaces), - // ProviderDisplayName: to.Ptr("Workspace"), - // RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - // Delete: to.Ptr(true), - // Read: to.Ptr(true), - // Write: to.Ptr(true), - // }, - // Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - // }, - // { - // PermissionsDisplayText: to.Ptr("read permissions to shared keys for the workspace are required. [See the documentation to learn more about workspace keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key)."), - // Provider: to.Ptr(armsecurityinsights.ProviderNameMicrosoftOperationalInsightsWorkspacesSharedKeys), - // ProviderDisplayName: to.Ptr("Keys"), - // RequiredPermissions: &armsecurityinsights.RequiredPermissions{ - // Action: to.Ptr(true), - // }, - // Scope: to.Ptr(armsecurityinsights.PermissionProviderScopeWorkspace), - // }}, - // }, - // Publisher: to.Ptr("Qualys"), - // SampleQueries: []*armsecurityinsights.CodelessUIConnectorConfigPropertiesSampleQueriesItem{ - // { - // Description: to.Ptr("Top 10 Vulerabilities detected"), - // Query: to.Ptr("{{graphQueriesTableName}}\n | mv-expand todynamic(Detections_s)\n | extend Vulnerability = tostring(Detections_s.Results)\n | summarize count() by Vulnerability\n | top 10 by count_"), - // }}, - // Title: to.Ptr("Qualys Vulnerability Management (CCP DEMO)"), - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateThreatIntelligenceTaxiiDataConnector.json -func ExampleDataConnectorsClient_CreateOrUpdate_createsOrUpdatesAThreatIntelligenceTaxiiDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.TiTaxiiDataConnector{ - Etag: to.Ptr("d12423f6-a60b-4ca5-88c0-feb1a182d0f0"), - Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligenceTaxii), - Properties: &armsecurityinsights.TiTaxiiDataConnectorProperties{ - TenantID: to.Ptr("06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - CollectionID: to.Ptr("135"), - DataTypes: &armsecurityinsights.TiTaxiiDataConnectorDataTypes{ - TaxiiClient: &armsecurityinsights.TiTaxiiDataConnectorDataTypesTaxiiClient{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - }, - FriendlyName: to.Ptr("testTaxii"), - Password: to.Ptr("--"), - PollingFrequency: to.Ptr(armsecurityinsights.PollingFrequencyOnceADay), - TaxiiLookbackPeriod: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-01-01T13:00:30.123Z"); return t }()), - TaxiiServer: to.Ptr("https://limo.anomali.com/api/v1/taxii2/feeds"), - UserName: to.Ptr("--"), - WorkspaceID: to.Ptr("dd124572-4962-4495-9bd2-9dade12314b4"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse{ - // DataConnectorClassification: &armsecurityinsights.TiTaxiiDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("d12423f6-a60b-4ca5-88c0-feb1a182d0f0"), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligenceTaxii), - // Properties: &armsecurityinsights.TiTaxiiDataConnectorProperties{ - // TenantID: to.Ptr("06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // CollectionID: to.Ptr("135"), - // DataTypes: &armsecurityinsights.TiTaxiiDataConnectorDataTypes{ - // TaxiiClient: &armsecurityinsights.TiTaxiiDataConnectorDataTypesTaxiiClient{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // FriendlyName: to.Ptr("testTaxii"), - // PollingFrequency: to.Ptr(armsecurityinsights.PollingFrequencyOnceADay), - // TaxiiLookbackPeriod: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-01-01T13:00:30.123Z"); return t}()), - // TaxiiServer: to.Ptr("https://limo.anomali.com/api/v1/taxii2/feeds"), - // WorkspaceID: to.Ptr("28e5f051-34cb-4208-9037-693e5342a871"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateOfficePowerBIDataConnector.json -func ExampleDataConnectorsClient_CreateOrUpdate_createsOrUpdatesAnOfficePowerBiDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.OfficePowerBIDataConnector{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Kind: to.Ptr(armsecurityinsights.DataConnectorKindOfficePowerBI), - Properties: &armsecurityinsights.OfficePowerBIDataConnectorProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - DataTypes: &armsecurityinsights.OfficePowerBIConnectorDataTypes{ - Logs: &armsecurityinsights.OfficePowerBIConnectorDataTypesLogs{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse{ - // DataConnectorClassification: &armsecurityinsights.OfficePowerBIDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOfficePowerBI), - // Properties: &armsecurityinsights.OfficePowerBIDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.OfficePowerBIConnectorDataTypes{ - // Logs: &armsecurityinsights.OfficePowerBIConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateOffice365ProjectDataConnetor.json -func ExampleDataConnectorsClient_CreateOrUpdate_createsOrUpdatesAnOffice365ProjectDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.Office365ProjectDataConnector{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365Project), - Properties: &armsecurityinsights.Office365ProjectDataConnectorProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - DataTypes: &armsecurityinsights.Office365ProjectConnectorDataTypes{ - Logs: &armsecurityinsights.Office365ProjectConnectorDataTypesLogs{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse{ - // DataConnectorClassification: &armsecurityinsights.Office365ProjectDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365Project), - // Properties: &armsecurityinsights.Office365ProjectDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.Office365ProjectConnectorDataTypes{ - // Logs: &armsecurityinsights.Office365ProjectConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateOfficeDataConnetor.json -func ExampleDataConnectorsClient_CreateOrUpdate_createsOrUpdatesAnOffice365DataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.OfficeDataConnector{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365), - Properties: &armsecurityinsights.OfficeDataConnectorProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - DataTypes: &armsecurityinsights.OfficeDataConnectorDataTypes{ - Exchange: &armsecurityinsights.OfficeDataConnectorDataTypesExchange{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - SharePoint: &armsecurityinsights.OfficeDataConnectorDataTypesSharePoint{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - Teams: &armsecurityinsights.OfficeDataConnectorDataTypesTeams{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse{ - // DataConnectorClassification: &armsecurityinsights.OfficeDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365), - // Properties: &armsecurityinsights.OfficeDataConnectorProperties{ - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // DataTypes: &armsecurityinsights.OfficeDataConnectorDataTypes{ - // Exchange: &armsecurityinsights.OfficeDataConnectorDataTypesExchange{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // SharePoint: &armsecurityinsights.OfficeDataConnectorDataTypesSharePoint{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // Teams: &armsecurityinsights.OfficeDataConnectorDataTypesTeams{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateThreatIntelligenceDataConnector.json -func ExampleDataConnectorsClient_CreateOrUpdate_createsOrUpdatesAnThreatIntelligencePlatformDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.TIDataConnector{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligence), - Properties: &armsecurityinsights.TIDataConnectorProperties{ - TenantID: to.Ptr("06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - DataTypes: &armsecurityinsights.TIDataConnectorDataTypes{ - Indicators: &armsecurityinsights.TIDataConnectorDataTypesIndicators{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - }, - TipLookbackPeriod: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-01-01T13:00:30.123Z"); return t }()), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse{ - // DataConnectorClassification: &armsecurityinsights.TIDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligence), - // Properties: &armsecurityinsights.TIDataConnectorProperties{ - // TenantID: to.Ptr("06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // DataTypes: &armsecurityinsights.TIDataConnectorDataTypes{ - // Indicators: &armsecurityinsights.TIDataConnectorDataTypesIndicators{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TipLookbackPeriod: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-01-01T13:00:30.123Z"); return t}()), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DeleteAPIPolling.json -func ExampleDataConnectorsClient_Delete_deleteAApiPollingDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewDataConnectorsClient().Delete(ctx, "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DeleteGenericUI.json -func ExampleDataConnectorsClient_Delete_deleteAGenericUiDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewDataConnectorsClient().Delete(ctx, "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DeleteOfficePowerBIDataConnetor.json -func ExampleDataConnectorsClient_Delete_deleteAnOfficePowerBiDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewDataConnectorsClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DeleteOffice365ProjectDataConnetor.json -func ExampleDataConnectorsClient_Delete_deleteAnOffice365ProjectDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewDataConnectorsClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DeleteOfficeDataConnetor.json -func ExampleDataConnectorsClient_Delete_deleteAnOffice365DataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewDataConnectorsClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/ConnectAPIPollingV2Logs.json -func ExampleDataConnectorsClient_Connect_connectAnApiPollingV2LogsDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewDataConnectorsClient().Connect(ctx, "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", armsecurityinsights.DataConnectorConnectBody{ - APIKey: to.Ptr("123456789"), - DataCollectionEndpoint: to.Ptr("https://test.eastus.ingest.monitor.azure.com"), - DataCollectionRuleImmutableID: to.Ptr("dcr-34adsj9o7d6f9de204478b9cgb43b631"), - Kind: to.Ptr(armsecurityinsights.ConnectAuthKindAPIKey), - OutputStream: to.Ptr("Custom-MyTableRawData"), - RequestConfigUserInputValues: []any{ - map[string]any{ - "displayText": "Organization Name", - "placeHolderName": "{{placeHolder1}}", - "placeHolderValue": "somePlaceHolderValue", - "requestObjectKey": "apiEndpoint", - }}, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/ConnectAPIPolling.json -func ExampleDataConnectorsClient_Connect_connectAnApiPollingDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewDataConnectorsClient().Connect(ctx, "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", armsecurityinsights.DataConnectorConnectBody{ - APIKey: to.Ptr("123456789"), - Kind: to.Ptr(armsecurityinsights.ConnectAuthKindAPIKey), - RequestConfigUserInputValues: []any{ - map[string]any{ - "displayText": "Organization Name", - "placeHolderName": "{{placeHolder1}}", - "placeHolderValue": "somePlaceHolderValue", - "requestObjectKey": "apiEndpoint", - }}, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DisconnectAPIPolling.json -func ExampleDataConnectorsClient_Disconnect() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewDataConnectorsClient().Disconnect(ctx, "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client.go index 3230728b88d2..6de345a02e70 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type DataConnectorsCheckRequirementsClient struct { } // NewDataConnectorsCheckRequirementsClient creates a new instance of DataConnectorsCheckRequirementsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewDataConnectorsCheckRequirementsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*DataConnectorsCheckRequirementsClient, error) { @@ -46,7 +43,7 @@ func NewDataConnectorsCheckRequirementsClient(subscriptionID string, credential // Post - Get requirements state for a data connector type. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - dataConnectorsCheckRequirements - The parameters for requirements check message @@ -75,7 +72,7 @@ func (client *DataConnectorsCheckRequirementsClient) Post(ctx context.Context, r } // postCreateRequest creates the Post request. -func (client *DataConnectorsCheckRequirementsClient) postCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorsCheckRequirements DataConnectorsCheckRequirementsClassification, options *DataConnectorsCheckRequirementsClientPostOptions) (*policy.Request, error) { +func (client *DataConnectorsCheckRequirementsClient) postCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorsCheckRequirements DataConnectorsCheckRequirementsClassification, _ *DataConnectorsCheckRequirementsClientPostOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorsCheckRequirements" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -94,7 +91,7 @@ func (client *DataConnectorsCheckRequirementsClient) postCreateRequest(ctx conte return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, dataConnectorsCheckRequirements); err != nil { diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client_example_test.go deleted file mode 100644 index 24046c5890a2..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client_example_test.go +++ /dev/null @@ -1,483 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsAzureActiveDirectoryNoAuthorization.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForAadNoAuthorization() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.AADCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureActiveDirectory), - Properties: &armsecurityinsights.AADCheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsAzureActiveDirectoryNoLicense.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForAadNoLicense() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.AADCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureActiveDirectory), - Properties: &armsecurityinsights.AADCheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsAzureActiveDirectory.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForAad() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.AADCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureActiveDirectory), - Properties: &armsecurityinsights.AADCheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsAzureSecurityCenter.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForAsc() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.ASCCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureSecurityCenter), - Properties: &armsecurityinsights.ASCCheckRequirementsProperties{ - SubscriptionID: to.Ptr("c0688291-89d7-4bed-87a2-a7b1bff43f4c"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsDynamics365.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForDynamics365() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.Dynamics365CheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindDynamics365), - Properties: &armsecurityinsights.Dynamics365CheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsIoT.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForIoT() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.IoTCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindIOT), - Properties: &armsecurityinsights.IoTCheckRequirementsProperties{ - SubscriptionID: to.Ptr("c0688291-89d7-4bed-87a2-a7b1bff43f4c"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsMicrosoftCloudAppSecurity.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForMcas() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.MCASCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftCloudAppSecurity), - Properties: &armsecurityinsights.MCASCheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsMdatp.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForMdatp() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.MCASCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftCloudAppSecurity), - Properties: &armsecurityinsights.MCASCheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsMicrosoftThreatIntelligence.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForMicrosoftThreatIntelligence() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.MSTICheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftThreatIntelligence), - Properties: &armsecurityinsights.MSTICheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsMicrosoftThreatProtection.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForMicrosoftThreatProtection() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.MtpCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftThreatProtection), - Properties: &armsecurityinsights.MTPCheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsOffice365Project.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForOffice365Project() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.Office365ProjectCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365Project), - Properties: &armsecurityinsights.Office365ProjectCheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsOfficeATP.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForOfficeAtp() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.OfficeATPCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindOfficeATP), - Properties: &armsecurityinsights.OfficeATPCheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsOfficeIRM.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForOfficeIrm() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.OfficeIRMCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindOfficeIRM), - Properties: &armsecurityinsights.OfficeIRMCheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsOfficePowerBI.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForOfficePowerBi() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.OfficePowerBICheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindOfficePowerBI), - Properties: &armsecurityinsights.OfficePowerBICheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsThreatIntelligenceTaxii.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForTiTaxii() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.TiTaxiiCheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligenceTaxii), - Properties: &armsecurityinsights.TiTaxiiCheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsThreatIntelligence.json -func ExampleDataConnectorsCheckRequirementsClient_Post_checkRequirementsForTi() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsCheckRequirementsClient().Post(ctx, "myRg", "myWorkspace", &armsecurityinsights.TICheckRequirements{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligence), - Properties: &armsecurityinsights.TICheckRequirementsProperties{ - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.DataConnectorRequirementsState = armsecurityinsights.DataConnectorRequirementsState{ - // AuthorizationState: to.Ptr(armsecurityinsights.DataConnectorAuthorizationStateValid), - // LicenseState: to.Ptr(armsecurityinsights.DataConnectorLicenseStateValid), - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/date_type.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/date_type.go index 6040de1564ac..a592c20317be 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/date_type.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/date_type.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/domainwhois_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/domainwhois_client_example_test.go deleted file mode 100644 index e9b595f785e2..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/domainwhois_client_example_test.go +++ /dev/null @@ -1,99 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/enrichment/GetWhoisByDomainName.json -func ExampleDomainWhoisClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDomainWhoisClient().Get(ctx, "myRg", "microsoft.com", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.EnrichmentDomainWhois = armsecurityinsights.EnrichmentDomainWhois{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T16:15:01.187Z"); return t}()), - // Domain: to.Ptr("microsoft.com"), - // ParsedWhois: &armsecurityinsights.EnrichmentDomainWhoisDetails{ - // Contacts: &armsecurityinsights.EnrichmentDomainWhoisContacts{ - // Admin: &armsecurityinsights.EnrichmentDomainWhoisContact{ - // Name: to.Ptr("Administrator"), - // Country: to.Ptr("United States"), - // Email: to.Ptr("mail@microsoft.com"), - // Org: to.Ptr("Microsoft"), - // Phone: to.Ptr("1-800-555-1234"), - // Postal: to.Ptr("98052"), - // State: to.Ptr("WA"), - // Street: []*string{ - // to.Ptr("One Microsoft Way")}, - // }, - // Billing: &armsecurityinsights.EnrichmentDomainWhoisContact{ - // Name: to.Ptr("Administrator"), - // Country: to.Ptr("United States"), - // Email: to.Ptr("mail@microsoft.com"), - // Org: to.Ptr("Microsoft"), - // Phone: to.Ptr("1-800-555-1234"), - // Postal: to.Ptr("98052"), - // State: to.Ptr("WA"), - // Street: []*string{ - // to.Ptr("One Microsoft Way")}, - // }, - // Tech: &armsecurityinsights.EnrichmentDomainWhoisContact{ - // Name: to.Ptr("Administrator"), - // Country: to.Ptr("United States"), - // Email: to.Ptr("mail@microsoft.com"), - // Org: to.Ptr("Microsoft"), - // Phone: to.Ptr("1-800-555-1234"), - // Postal: to.Ptr("98052"), - // State: to.Ptr("WA"), - // Street: []*string{ - // to.Ptr("One Microsoft Way")}, - // }, - // }, - // NameServers: []*string{ - // to.Ptr("ns1-205.azure-dns.com"), - // to.Ptr("ns2-205.azure-dns.net"), - // to.Ptr("ns3-205.azure-dns.org"), - // to.Ptr("ns4-205.azure-dns.info")}, - // Registrar: &armsecurityinsights.EnrichmentDomainWhoisRegistrarDetails{ - // Name: to.Ptr("MarkMonitor, Inc"), - // AbuseContactEmail: to.Ptr("abuse@microsoft.com"), - // AbuseContactPhone: to.Ptr("12083895770"), - // URL: to.Ptr("http://www.markmonitor.com"), - // WhoisServer: to.Ptr("whois.markmonitor.com"), - // }, - // Statuses: []*string{ - // to.Ptr("clientUpdateProhibited"), - // to.Ptr("clientTransferProhibited"), - // to.Ptr("clientDeleteProhibited"), - // to.Ptr("serverUpdateProhibited"), - // to.Ptr("serverTransferProhibited"), - // to.Ptr("serverDeleteProhibited")}, - // }, - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T16:15:01.187Z"); return t}()), - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client.go index f3112c804776..4b043fa224dc 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type EntitiesClient struct { } // NewEntitiesClient creates a new instance of EntitiesClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewEntitiesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntitiesClient, error) { @@ -46,7 +43,7 @@ func NewEntitiesClient(subscriptionID string, credential azcore.TokenCredential, // Expand - Expands an entity. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityID - entity ID @@ -75,7 +72,7 @@ func (client *EntitiesClient) Expand(ctx context.Context, resourceGroupName stri } // expandCreateRequest creates the Expand request. -func (client *EntitiesClient) expandCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityExpandParameters, options *EntitiesClientExpandOptions) (*policy.Request, error) { +func (client *EntitiesClient) expandCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityExpandParameters, _ *EntitiesClientExpandOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/expand" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -98,7 +95,7 @@ func (client *EntitiesClient) expandCreateRequest(ctx context.Context, resourceG return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, parameters); err != nil { @@ -119,7 +116,7 @@ func (client *EntitiesClient) expandHandleResponse(resp *http.Response) (Entitie // Get - Gets an entity. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityID - entity ID @@ -147,7 +144,7 @@ func (client *EntitiesClient) Get(ctx context.Context, resourceGroupName string, } // getCreateRequest creates the Get request. -func (client *EntitiesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, options *EntitiesClientGetOptions) (*policy.Request, error) { +func (client *EntitiesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, _ *EntitiesClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -170,7 +167,7 @@ func (client *EntitiesClient) getCreateRequest(ctx context.Context, resourceGrou return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -188,7 +185,7 @@ func (client *EntitiesClient) getHandleResponse(resp *http.Response) (EntitiesCl // GetInsights - Execute Insights for an entity. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityID - entity ID @@ -217,7 +214,7 @@ func (client *EntitiesClient) GetInsights(ctx context.Context, resourceGroupName } // getInsightsCreateRequest creates the GetInsights request. -func (client *EntitiesClient) getInsightsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityGetInsightsParameters, options *EntitiesClientGetInsightsOptions) (*policy.Request, error) { +func (client *EntitiesClient) getInsightsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityGetInsightsParameters, _ *EntitiesClientGetInsightsOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/getInsights" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -240,7 +237,7 @@ func (client *EntitiesClient) getInsightsCreateRequest(ctx context.Context, reso return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, parameters); err != nil { @@ -260,7 +257,7 @@ func (client *EntitiesClient) getInsightsHandleResponse(resp *http.Response) (En // NewListPager - Gets all entities. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - EntitiesClientListOptions contains the optional parameters for the EntitiesClient.NewListPager method. @@ -288,7 +285,7 @@ func (client *EntitiesClient) NewListPager(resourceGroupName string, workspaceNa } // listCreateRequest creates the List request. -func (client *EntitiesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *EntitiesClientListOptions) (*policy.Request, error) { +func (client *EntitiesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *EntitiesClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -307,7 +304,7 @@ func (client *EntitiesClient) listCreateRequest(ctx context.Context, resourceGro return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -322,39 +319,40 @@ func (client *EntitiesClient) listHandleResponse(resp *http.Response) (EntitiesC return result, nil } -// Queries - Get Insights and Activities for an entity. -// If the operation fails it returns an *azcore.ResponseError type. +// NewQueriesPager - Get Insights and Activities for an entity. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityID - entity ID // - kind - The Kind parameter for queries -// - options - EntitiesClientQueriesOptions contains the optional parameters for the EntitiesClient.Queries method. -func (client *EntitiesClient) Queries(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, kind EntityItemQueryKind, options *EntitiesClientQueriesOptions) (EntitiesClientQueriesResponse, error) { - var err error - const operationName = "EntitiesClient.Queries" - ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) - ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) - defer func() { endSpan(err) }() - req, err := client.queriesCreateRequest(ctx, resourceGroupName, workspaceName, entityID, kind, options) - if err != nil { - return EntitiesClientQueriesResponse{}, err - } - httpResp, err := client.internal.Pipeline().Do(req) - if err != nil { - return EntitiesClientQueriesResponse{}, err - } - if !runtime.HasStatusCode(httpResp, http.StatusOK) { - err = runtime.NewResponseError(httpResp) - return EntitiesClientQueriesResponse{}, err - } - resp, err := client.queriesHandleResponse(httpResp) - return resp, err +// - options - EntitiesClientQueriesOptions contains the optional parameters for the EntitiesClient.NewQueriesPager method. +func (client *EntitiesClient) NewQueriesPager(resourceGroupName string, workspaceName string, entityID string, kind EntityItemQueryKind, options *EntitiesClientQueriesOptions) *runtime.Pager[EntitiesClientQueriesResponse] { + return runtime.NewPager(runtime.PagingHandler[EntitiesClientQueriesResponse]{ + More: func(page EntitiesClientQueriesResponse) bool { + return false + }, + Fetcher: func(ctx context.Context, page *EntitiesClientQueriesResponse) (EntitiesClientQueriesResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "EntitiesClient.NewQueriesPager") + req, err := client.queriesCreateRequest(ctx, resourceGroupName, workspaceName, entityID, kind, options) + if err != nil { + return EntitiesClientQueriesResponse{}, err + } + resp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntitiesClientQueriesResponse{}, err + } + if !runtime.HasStatusCode(resp, http.StatusOK) { + return EntitiesClientQueriesResponse{}, runtime.NewResponseError(resp) + } + return client.queriesHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) } // queriesCreateRequest creates the Queries request. -func (client *EntitiesClient) queriesCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, kind EntityItemQueryKind, options *EntitiesClientQueriesOptions) (*policy.Request, error) { +func (client *EntitiesClient) queriesCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, kind EntityItemQueryKind, _ *EntitiesClientQueriesOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/queries" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -377,7 +375,7 @@ func (client *EntitiesClient) queriesCreateRequest(ctx context.Context, resource return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") reqQP.Set("kind", string(kind)) req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} @@ -392,3 +390,68 @@ func (client *EntitiesClient) queriesHandleResponse(resp *http.Response) (Entiti } return result, nil } + +// RunPlaybook - Triggers playbook on a specific entity. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityIdentifier - Entity identifier. +// - options - EntitiesClientRunPlaybookOptions contains the optional parameters for the EntitiesClient.RunPlaybook method. +func (client *EntitiesClient) RunPlaybook(ctx context.Context, resourceGroupName string, workspaceName string, entityIdentifier string, options *EntitiesClientRunPlaybookOptions) (EntitiesClientRunPlaybookResponse, error) { + var err error + const operationName = "EntitiesClient.RunPlaybook" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.runPlaybookCreateRequest(ctx, resourceGroupName, workspaceName, entityIdentifier, options) + if err != nil { + return EntitiesClientRunPlaybookResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntitiesClientRunPlaybookResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return EntitiesClientRunPlaybookResponse{}, err + } + return EntitiesClientRunPlaybookResponse{}, nil +} + +// runPlaybookCreateRequest creates the RunPlaybook request. +func (client *EntitiesClient) runPlaybookCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityIdentifier string, options *EntitiesClientRunPlaybookOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityIdentifier}/runPlaybook" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityIdentifier == "" { + return nil, errors.New("parameter entityIdentifier cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityIdentifier}", url.PathEscape(entityIdentifier)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.RequestBody != nil { + if err := runtime.MarshalAsJSON(req, *options.RequestBody); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client_example_test.go deleted file mode 100644 index 171435888d01..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client_example_test.go +++ /dev/null @@ -1,1442 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetEntities.json -func ExampleEntitiesClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewEntitiesClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.EntityList = armsecurityinsights.EntityList{ - // Value: []armsecurityinsights.EntityClassification{ - // &armsecurityinsights.AccountEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindAccount), - // Properties: &armsecurityinsights.AccountEntityProperties{ - // FriendlyName: to.Ptr("administrator"), - // AADTenantID: to.Ptr("70fbdad0-7441-4564-b2b5-2b8862d0fee0"), - // AADUserID: to.Ptr("f7033626-2572-46b1-bba0-06646f4f95b3"), - // AccountName: to.Ptr("administrator"), - // IsDomainJoined: to.Ptr(true), - // NtDomain: to.Ptr("domain"), - // ObjectGUID: to.Ptr("11227b78-3c6e-436e-a2a2-02fc7662eca0"), - // Puid: to.Ptr("ee3cb2d8-14ba-45ef-8009-d6f1cacfa04d"), - // Sid: to.Ptr("S-1-5-18"), - // UpnSuffix: to.Ptr("contoso"), - // }, - // }, - // &armsecurityinsights.HostEntity{ - // Name: to.Ptr("fed9fe89-dce8-40f2-bf44-70f23fe93b3c"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/fed9fe89-dce8-40f2-bf44-70f23fe93b3c"), - // Kind: to.Ptr(armsecurityinsights.EntityKindHost), - // Properties: &armsecurityinsights.HostEntityProperties{ - // FriendlyName: to.Ptr("vm1"), - // AzureID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1"), - // DNSDomain: to.Ptr("contoso"), - // HostName: to.Ptr("vm1"), - // IsDomainJoined: to.Ptr(true), - // NetBiosName: to.Ptr("contoso"), - // NtDomain: to.Ptr("domain"), - // OmsAgentID: to.Ptr("70fbdad0-7441-4564-b2b5-2b8862d0fee0"), - // OSFamily: to.Ptr(armsecurityinsights.OSFamilyWindows), - // OSVersion: to.Ptr("1.0"), - // }, - // }, - // &armsecurityinsights.FileEntity{ - // Name: to.Ptr("af378b21-b4aa-4fe7-bc70-13f8621a322f"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/af378b21-b4aa-4fe7-bc70-13f8621a322f"), - // Kind: to.Ptr(armsecurityinsights.EntityKindFile), - // Properties: &armsecurityinsights.FileEntityProperties{ - // FriendlyName: to.Ptr("cmd.exe"), - // Directory: to.Ptr("C:\\Windows\\System32"), - // FileName: to.Ptr("cmd.exe"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetCloudApplicationEntityById.json -func ExampleEntitiesClient_Get_getACloudApplicationEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.CloudApplicationEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindCloudApplication), - // Properties: &armsecurityinsights.CloudApplicationEntityProperties{ - // FriendlyName: to.Ptr("AppName"), - // AppID: to.Ptr[int32](1), - // AppName: to.Ptr("AppName"), - // InstanceName: to.Ptr("InstanceName"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetDnsEntityById.json -func ExampleEntitiesClient_Get_getADnsEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "f4e74920-f2c0-4412-a45f-66d94fdf01f8", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.DNSEntity{ - // Name: to.Ptr("f4e74920-f2c0-4412-a45f-66d94fdf01f8"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/f4e74920-f2c0-4412-a45f-66d94fdf01f8"), - // Kind: to.Ptr(armsecurityinsights.EntityKindDNSResolution), - // Properties: &armsecurityinsights.DNSEntityProperties{ - // FriendlyName: to.Ptr("domain"), - // DomainName: to.Ptr("domain"), - // IPAddressEntityIDs: []*string{ - // to.Ptr("475d3120-33e0-4841-9f1c-a8f15a801d19")}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetFileEntityById.json -func ExampleEntitiesClient_Get_getAFileEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "af378b21-b4aa-4fe7-bc70-13f8621a322f", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.FileEntity{ - // Name: to.Ptr("af378b21-b4aa-4fe7-bc70-13f8621a322f"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/af378b21-b4aa-4fe7-bc70-13f8621a322f"), - // Kind: to.Ptr(armsecurityinsights.EntityKindFile), - // Properties: &armsecurityinsights.FileEntityProperties{ - // FriendlyName: to.Ptr("cmd.exe"), - // Directory: to.Ptr("C:\\Windows\\System32"), - // FileName: to.Ptr("cmd.exe"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetFileHashEntityById.json -func ExampleEntitiesClient_Get_getAFileHashEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "ea359fa6-c1e5-f878-e105-6344f3e399a1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.FileHashEntity{ - // Name: to.Ptr("ea359fa6-c1e5-f878-e105-6344f3e399a1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/ea359fa6-c1e5-f878-e105-6344f3e399a1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindFileHash), - // Properties: &armsecurityinsights.FileHashEntityProperties{ - // FriendlyName: to.Ptr("E923636F1093C414AAB39F846E9D7A372BEEFA7B628B28179197E539C56AA0F0(SHA256)"), - // Algorithm: to.Ptr(armsecurityinsights.FileHashAlgorithmSHA256), - // HashValue: to.Ptr("E923636F1093C414AAB39F846E9D7A372BEEFA7B628B28179197E539C56AA0F0"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetHostEntityById.json -func ExampleEntitiesClient_Get_getAHostEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.HostEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindHost), - // Properties: &armsecurityinsights.HostEntityProperties{ - // FriendlyName: to.Ptr("vm1"), - // AzureID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1"), - // DNSDomain: to.Ptr("contoso"), - // HostName: to.Ptr("vm1"), - // IsDomainJoined: to.Ptr(true), - // NetBiosName: to.Ptr("contoso"), - // NtDomain: to.Ptr("domain"), - // OmsAgentID: to.Ptr("70fbdad0-7441-4564-b2b5-2b8862d0fee0"), - // OSFamily: to.Ptr(armsecurityinsights.OSFamilyWindows), - // OSVersion: to.Ptr("1.0"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetMailClusterEntityById.json -func ExampleEntitiesClient_Get_getAMailClusterEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.MailClusterEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindMailCluster), - // Properties: &armsecurityinsights.MailClusterEntityProperties{ - // FriendlyName: to.Ptr("ClusterSourceIdentifier"), - // ClusterGroup: to.Ptr("cluster group"), - // ClusterSourceIdentifier: to.Ptr("cluster source identifier"), - // ClusterSourceType: to.Ptr("Similarity"), - // CountByDeliveryStatus: map[string]any{ - // "deliveryStatus": float64(5), - // }, - // CountByProtectionStatus: map[string]any{ - // "protectionStatus": float64(65), - // }, - // CountByThreatType: map[string]any{ - // "threatType": float64(6), - // }, - // NetworkMessageIDs: []*string{ - // to.Ptr("ccfce855-e02f-491b-a1cc-5bafb371ad0c")}, - // Query: to.Ptr("kqlFilter"), - // QueryTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T01:42:01.602Z"); return t}()), - // Source: to.Ptr("ClusterSourceIdentifier"), - // Threats: []*string{ - // to.Ptr("thrreat1"), - // to.Ptr("thread2")}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetMailMessageEntityById.json -func ExampleEntitiesClient_Get_getAMailMessageEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.MailMessageEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindMailMessage), - // Properties: &armsecurityinsights.MailMessageEntityProperties{ - // FriendlyName: to.Ptr("cmd.exe"), - // DeliveryAction: to.Ptr(armsecurityinsights.DeliveryActionBlocked), - // FileEntityIDs: []*string{ - // to.Ptr("ccfce855-e02f-491b-a1cc-5bafb371ad0c")}, - // InternetMessageID: to.Ptr("message id"), - // P1Sender: to.Ptr("email@fake.com"), - // P1SenderDisplayName: to.Ptr("p1 sender display name"), - // P1SenderDomain: to.Ptr("p1 sender domain"), - // P2Sender: to.Ptr("the sender"), - // P2SenderDisplayName: to.Ptr("p2 sender display name"), - // P2SenderDomain: to.Ptr("p2 Sender Domain"), - // Recipient: to.Ptr("recipient"), - // SenderIP: to.Ptr("1.23.34.43"), - // Subject: to.Ptr("subject"), - // ThreatDetectionMethods: []*string{ - // to.Ptr("thrreat1"), - // to.Ptr("thread2")}, - // Threats: []*string{ - // to.Ptr("thrreat1"), - // to.Ptr("thread2")}, - // Urls: []*string{ - // to.Ptr("http://moqbrarcwmnk.banxhdcojlg.biz")}, - // Language: to.Ptr("language"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetMailboxEntityById.json -func ExampleEntitiesClient_Get_getAMailboxEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.MailboxEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindMailbox), - // Properties: &armsecurityinsights.MailboxEntityProperties{ - // FriendlyName: to.Ptr("emailAddress1"), - // DisplayName: to.Ptr("display name"), - // ExternalDirectoryObjectID: to.Ptr("18cc8fdc-e169-4451-983a-bd027db286eb"), - // MailboxPrimaryAddress: to.Ptr("emailAddress1"), - // Upn: to.Ptr("upn1"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetMalwareEntityById.json -func ExampleEntitiesClient_Get_getAMalwareEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "af378b21-b4aa-4fe7-bc70-13f8621a322f", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.MalwareEntity{ - // Name: to.Ptr("af378b21-b4aa-4fe7-bc70-13f8621a322f"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/af378b21-b4aa-4fe7-bc70-13f8621a322f"), - // Kind: to.Ptr(armsecurityinsights.EntityKindMalware), - // Properties: &armsecurityinsights.MalwareEntityProperties{ - // FriendlyName: to.Ptr("Win32/Toga!rfn"), - // Category: to.Ptr("Trojan"), - // MalwareName: to.Ptr("Win32/Toga!rfn"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetProcessEntityById.json -func ExampleEntitiesClient_Get_getAProcessEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "7264685c-038c-42c6-948c-38e14ef1fb98", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.ProcessEntity{ - // Name: to.Ptr("7264685c-038c-42c6-948c-38e14ef1fb98"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/7264685c-038c-42c6-948c-38e14ef1fb98"), - // Kind: to.Ptr(armsecurityinsights.EntityKindProcess), - // Properties: &armsecurityinsights.ProcessEntityProperties{ - // FriendlyName: to.Ptr("cmd.exe"), - // CommandLine: to.Ptr("\"cmd\""), - // ImageFileEntityID: to.Ptr("bba7b47b-c1c1-4021-b568-5b07b9292f5e"), - // ProcessID: to.Ptr("0x2aa48"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetRegistryKeyEntityById.json -func ExampleEntitiesClient_Get_getARegistryKeyEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.RegistryKeyEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindRegistryKey), - // Properties: &armsecurityinsights.RegistryKeyEntityProperties{ - // FriendlyName: to.Ptr("SOFTWARE"), - // Hive: to.Ptr(armsecurityinsights.RegistryHiveHKEYLOCALMACHINE), - // Key: to.Ptr("SOFTWARE"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetRegistryValueEntityById.json -func ExampleEntitiesClient_Get_getARegistryValueEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "dc44bd11-b348-4d76-ad29-37bf7aa41356", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.RegistryValueEntity{ - // Name: to.Ptr("dc44bd11-b348-4d76-ad29-37bf7aa41356"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/dc44bd11-b348-4d76-ad29-37bf7aa41356"), - // Kind: to.Ptr(armsecurityinsights.EntityKindRegistryValue), - // Properties: &armsecurityinsights.RegistryValueEntityProperties{ - // FriendlyName: to.Ptr("Data"), - // KeyEntityID: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // ValueData: to.Ptr("Data"), - // ValueName: to.Ptr("Name"), - // ValueType: to.Ptr(armsecurityinsights.RegistryValueKindString), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetSecurityAlertEntityById.json -func ExampleEntitiesClient_Get_getASecurityAlertEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "4aa486e0-6f85-41af-99ea-7acdce7be6c8", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.SecurityAlert{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/4aa486e0-6f85-41af-99ea-7acdce7be6c8"), - // Kind: to.Ptr(armsecurityinsights.EntityKindSecurityAlert), - // Properties: &armsecurityinsights.SecurityAlertProperties{ - // AdditionalData: map[string]any{ - // "Query": "Heartbeat \n| extend AccountCustomEntity = \"administrator\"", - // "Query Period": "05:00:00", - // "Search Query Results Overall Count": "203", - // "Total Account Entities": "1", - // "Trigger Operator": "GreaterThan", - // "Trigger Threshold": "200", - // }, - // FriendlyName: to.Ptr("Suspicious account detected"), - // Description: to.Ptr(""), - // AlertDisplayName: to.Ptr("Suspicious account detected"), - // AlertLink: to.Ptr("https://portal.azure.com/#blade/Microsoft_Azure_Security/AlertBlade/alertId/2518119885989999999_4aa486e0-6f85-41af-99ea-7acdce7be6c8/subscriptionId/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/myRg/myWorkspace/referencedFrom/alertDeepLink/location/centralus"), - // AlertType: to.Ptr("c8c99641-985d-4e4e-8e91-fb3466cd0e5b_46c7b6c0-ff43-44dd-8b4d-ceffff7aa7df"), - // ConfidenceLevel: to.Ptr(armsecurityinsights.ConfidenceLevelUnknown), - // EndTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T13:21:45.926Z"); return t}()), - // Intent: to.Ptr(armsecurityinsights.KillChainIntentUnknown), - // ProcessingEndTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-07-06T13:56:53.539Z"); return t}()), - // ProductComponentName: to.Ptr("Scheduled Alerts"), - // ProductName: to.Ptr("Azure Sentinel"), - // ProviderAlertID: to.Ptr("c2bafff9-fb31-41d0-a177-ecbff7a02ffe"), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // StartTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T08:21:45.926Z"); return t}()), - // Status: to.Ptr(armsecurityinsights.AlertStatusNew), - // SystemAlertID: to.Ptr("4aa486e0-6f85-41af-99ea-7acdce7be6c8"), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // TimeGenerated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T13:56:53.539Z"); return t}()), - // VendorName: to.Ptr("Microsoft"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetSecurityGroupEntityById.json -func ExampleEntitiesClient_Get_getASecurityGroupEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.SecurityGroupEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindSecurityGroup), - // Properties: &armsecurityinsights.SecurityGroupEntityProperties{ - // FriendlyName: to.Ptr("Name"), - // DistinguishedName: to.Ptr("Name"), - // ObjectGUID: to.Ptr("fb1b8e04-d944-4986-b39a-1ce9adedcd98"), - // Sid: to.Ptr("Sid"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetSubmissionMailEntityById.json -func ExampleEntitiesClient_Get_getASubmissionMailEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.SubmissionMailEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindSubmissionMail), - // Properties: &armsecurityinsights.SubmissionMailEntityProperties{ - // FriendlyName: to.Ptr("recipient"), - // Recipient: to.Ptr("recipient"), - // ReportType: to.Ptr("report type"), - // Sender: to.Ptr("sender"), - // SenderIP: to.Ptr("1.4.35.34"), - // Subject: to.Ptr("subject"), - // SubmissionID: to.Ptr("5bb3d8fe-54bc-499c-bc21-86fe8df2a184"), - // Submitter: to.Ptr("submitter"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetUrlEntityById.json -func ExampleEntitiesClient_Get_getAUrlEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.URLEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindURL), - // Properties: &armsecurityinsights.URLEntityProperties{ - // FriendlyName: to.Ptr("https://bing.com"), - // URL: to.Ptr("https://bing.com"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetIoTDeviceEntityById.json -func ExampleEntitiesClient_Get_getAnIoTDeviceEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.IoTDeviceEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindIoTDevice), - // Properties: &armsecurityinsights.IoTDeviceEntityProperties{ - // FriendlyName: to.Ptr("device1"), - // DeviceID: to.Ptr("device1"), - // DeviceName: to.Ptr("device1"), - // DeviceType: to.Ptr("Industrial"), - // FirmwareVersion: to.Ptr("20.11"), - // Importance: to.Ptr(armsecurityinsights.DeviceImportanceNormal), - // IotHubEntityID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/8b2d9401-f953-e89d-2583-be9b4975870c"), - // IsAuthorized: to.Ptr(true), - // IsProgramming: to.Ptr(false), - // IsScanner: to.Ptr(false), - // Model: to.Ptr("demo-model"), - // NicEntityIDs: []*string{ - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/6ee379bd-ace8-44cf-ab10-ee669a1b71e2")}, - // OperatingSystem: to.Ptr("Windows"), - // Protocols: []*string{ - // to.Ptr("CIP"), - // to.Ptr("EtherNet/IP")}, - // PurdueLayer: to.Ptr("ProcessControl"), - // Sensor: to.Ptr("demo-sensor"), - // Site: to.Ptr("demo-site"), - // Vendor: to.Ptr("demo-vendor"), - // Zone: to.Ptr("zone"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetAccountEntityById.json -func ExampleEntitiesClient_Get_getAnAccountEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.AccountEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindAccount), - // Properties: &armsecurityinsights.AccountEntityProperties{ - // FriendlyName: to.Ptr("administrator"), - // AADTenantID: to.Ptr("70fbdad0-7441-4564-b2b5-2b8862d0fee0"), - // AADUserID: to.Ptr("f7033626-2572-46b1-bba0-06646f4f95b3"), - // AccountName: to.Ptr("administrator"), - // DNSDomain: to.Ptr("contoso.com"), - // IsDomainJoined: to.Ptr(true), - // NtDomain: to.Ptr("domain"), - // ObjectGUID: to.Ptr("11227b78-3c6e-436e-a2a2-02fc7662eca0"), - // Puid: to.Ptr("ee3cb2d8-14ba-45ef-8009-d6f1cacfa04d"), - // Sid: to.Ptr("S-1-5-18"), - // UpnSuffix: to.Ptr("contoso"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetAzureResourceEntityById.json -func ExampleEntitiesClient_Get_getAnAzureResourceEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.AzureResourceEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindAzureResource), - // Properties: &armsecurityinsights.AzureResourceEntityProperties{ - // FriendlyName: to.Ptr("vm1"), - // ResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1"), - // SubscriptionID: to.Ptr("d0cfe6b2-9ac0-4464-9919-dccaee2e48c0"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetIpEntityById.json -func ExampleEntitiesClient_Get_getAnIpEntity() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Get(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntitiesClientGetResponse{ - // EntityClassification: &armsecurityinsights.IPEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindIP), - // Properties: &armsecurityinsights.IPEntityProperties{ - // FriendlyName: to.Ptr("10.3.2.8"), - // Address: to.Ptr("10.3.2.8"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/expand/PostExpandEntity.json -func ExampleEntitiesClient_Expand() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Expand(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", armsecurityinsights.EntityExpandParameters{ - EndTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-05-26T00:00:00.000Z"); return t }()), - ExpansionID: to.Ptr("a77992f3-25e9-4d01-99a4-5ff606cc410a"), - StartTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-04-25T00:00:00.000Z"); return t }()), - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.EntityExpandResponse = armsecurityinsights.EntityExpandResponse{ - // MetaData: &armsecurityinsights.ExpansionResultsMetadata{ - // Aggregations: []*armsecurityinsights.ExpansionResultAggregation{ - // { - // Count: to.Ptr[int32](1), - // EntityKind: to.Ptr(armsecurityinsights.EntityKindAccount), - // }}, - // }, - // Value: &armsecurityinsights.EntityExpandResponseValue{ - // Edges: []*armsecurityinsights.EntityEdges{ - // { - // AdditionalData: map[string]any{ - // "EpochTimestamp": "1608289949", - // "FirstSeen": "2021-09-01T11:12:29.597Z", - // "Source": "Heartbeat", - // }, - // TargetEntityID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/c1d60d86-5988-11eb-ae93-0242ac130002"), - // }}, - // Entities: []armsecurityinsights.EntityClassification{ - // &armsecurityinsights.IPEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindIP), - // Properties: &armsecurityinsights.IPEntityProperties{ - // FriendlyName: to.Ptr("13.89.108.248"), - // Address: to.Ptr("13.89.108.248"), - // }, - // }}, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetQueries.json -func ExampleEntitiesClient_Queries() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().Queries(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", armsecurityinsights.EntityItemQueryKindInsight, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.GetQueriesResponse = armsecurityinsights.GetQueriesResponse{ - // Value: []armsecurityinsights.EntityQueryItemClassification{ - // &armsecurityinsights.InsightQueryItem{ - // Name: to.Ptr("6db7f5d1-f41e-46c2-b935-230b36a569e6"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities/queries"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1/queries/6db7f5d1-f41e-46c2-b935-230b36a569e6"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryKindInsight), - // Properties: &armsecurityinsights.InsightQueryItemProperties{ - // DataTypes: []*armsecurityinsights.EntityQueryItemPropertiesDataTypesItem{ - // { - // DataType: to.Ptr("AuditLogs"), - // }, - // { - // DataType: to.Ptr("SecurityEvent"), - // }}, - // EntitiesFilter: map[string]any{ - // }, - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeAccount), - // RequiredInputFieldsSets: [][]*string{ - // []*string{ - // to.Ptr("Account_Name"), - // to.Ptr("Account_NTDomain")}, - // []*string{ - // to.Ptr("Account_Name"), - // to.Ptr("Account_UPNSuffix")}, - // []*string{ - // to.Ptr("Account_AADUserId")}, - // []*string{ - // to.Ptr("Account_SID")}}, - // Description: to.Ptr("Summary of actions taken on the specified account, grouped by action: password resets and changes, account lockouts (policy or admin), account creation and deletion, account enabled and disabled\n"), - // AdditionalQuery: &armsecurityinsights.InsightQueryItemPropertiesAdditionalQuery{ - // Query: to.Ptr("project TimeGenerated, UserPrincipalName, Account_Name, OperationName, Activity, DisableUser, TargetSid, AADUserId, InitiatedBy, AADTenantId, AccountType, Computer, SubjectAccount, SubjectUserSid, EventData"), - // Text: to.Ptr("See all account activity"), - // }, - // BaseQuery: to.Ptr("let GetAccountActions = (v_Account_Name:string, v_Account_NTDomain:string, v_Account_UPNSuffix:string, v_Account_AADUserId:string, v_Account_SID:string){\nAuditLogs\n| where OperationName in~ ('Delete user', 'Change user password', 'Reset user password', 'Change password (self-service)', 'Reset password (by admin)', 'Reset password (self-service)', 'Update user')\n| extend UserPrincipalName = tostring(TargetResources[0].userPrincipalName)\n| extend Account_Name = tostring(split(UserPrincipalName, '@')[0])\n| extend Account_UPNSuffix = tostring(split(UserPrincipalName, '@')[1])\n| extend Action = tostring(parse_json(tostring(parse_json(tostring(TargetResources[0].modifiedProperties))[0])))\n| extend ModifiedProperty = parse_json(Action).displayName\n| extend ModifiedValue = parse_json(Action).newValue\n| extend Account_AADUserId = tostring(TargetResources[0].id)\n| extend DisableUser = iif(ModifiedProperty =~ 'AccountEnabled' and ModifiedValue =~ '[false]', 'True', 'False')\n| union isfuzzy=true (\nSecurityEvent\n| where EventID in (4720, 4722, 4723, 4724, 4725, 4726, 4740)\n| extend OperationName = tostring(EventID)\n| where AccountType =~ \"user\" or isempty(AccountType)\n| extend Account_Name = TargetUserName, Account_NTDomain = TargetDomainName, Account_SID = TargetSid\n)\n| where (Account_Name =~ v_Account_Name and (Account_UPNSuffix =~ v_Account_UPNSuffix or Account_NTDomain =~ v_Account_NTDomain)) or Account_AADUserId =~ v_Account_AADUserId or Account_SID =~ v_Account_SID\n};\nGetAccountActions('CTFFUser4', '', 'seccxp.ninja', '', '')\n"), - // ChartQuery: map[string]any{ - // "type": "BarChart", - // "dataSets":[]any{ - // map[string]any{ - // "legendColumnName": "OperationName", - // "query": "summarize Count = count() by bin(TimeGenerated, 1h), OperationName", - // "xColumnName": "TimeGenerated", - // "yColumnName": "Count", - // }, - // }, - // "title": "Actions by type", - // }, - // DefaultTimeRange: &armsecurityinsights.InsightQueryItemPropertiesDefaultTimeRange{ - // AfterRange: to.Ptr("12h"), - // BeforeRange: to.Ptr("12h"), - // }, - // DisplayName: to.Ptr("Actions on account"), - // TableQuery: &armsecurityinsights.InsightQueryItemPropertiesTableQuery{ - // ColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem{ - // { - // Header: to.Ptr("Action"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeString), - // SupportDeepLink: to.Ptr(false), - // }, - // { - // Header: to.Ptr("Most Recent"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeDate), - // SupportDeepLink: to.Ptr(false), - // }, - // { - // Header: to.Ptr("Count"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeNumber), - // SupportDeepLink: to.Ptr(true), - // }}, - // QueriesDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem{ - // { - // Filter: to.Ptr("where OperationName in~ ('Change user password', 'Reset user password', 'Change password (self-service)', 'Reset password (by admin)', 'Reset password (self-service)', '4724', '4723')"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("Count"), - // }}, - // Project: to.Ptr("project Title = OperationName, MostRecent, Count"), - // Summarize: to.Ptr("summarize MostRecent = max(TimeGenerated), Count = count() by OperationName"), - // }, - // { - // Filter: to.Ptr("where OperationName in~ ('Blocked from self-service password reset', '4740')"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("Count"), - // }}, - // Project: to.Ptr("project Title = OperationName, MostRecent, Count"), - // Summarize: to.Ptr("summarize MostRecent = max(TimeGenerated), Count = count() by OperationName"), - // }, - // { - // Filter: to.Ptr("where OperationName == '4725' or (OperationName =~ 'Update user' and DisableUser =~ 'True')"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("Count"), - // }}, - // Project: to.Ptr("project Title = OperationName, MostRecent, Count"), - // Summarize: to.Ptr("summarize MostRecent = max(TimeGenerated), Count = count() by OperationName"), - // }, - // { - // Filter: to.Ptr("where OperationName in~ ('Add user', '4720')"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("Count"), - // }}, - // Project: to.Ptr("project Title = OperationName, MostRecent, Count"), - // Summarize: to.Ptr("summarize MostRecent = max(TimeGenerated), Count = count() by OperationName"), - // }, - // { - // Filter: to.Ptr("where OperationName in~ ('Delete user', '4726')"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("Count"), - // }}, - // Project: to.Ptr("project Title = OperationName, MostRecent, Count"), - // Summarize: to.Ptr("summarize MostRecent = max(TimeGenerated), Count = count() by OperationName"), - // }, - // { - // Filter: to.Ptr("where OperationName in~ ('4725', 'Blocked from self-service password reset', '4740') or (OperationName =~ 'Update user' and DisableUser =~ 'True')"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("Count"), - // }}, - // Project: to.Ptr("project Title = OperationName, MostRecent, Count"), - // Summarize: to.Ptr("summarize MostRecent = max(TimeGenerated), Count = count() by OperationName"), - // }, - // { - // Filter: to.Ptr("where OperationName in~ ('4722', '4767') or (OperationName =~ 'Update user' and DisableUser =~ 'False')"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("Count"), - // }}, - // Project: to.Ptr("project Title = OperationName, MostRecent, Count"), - // Summarize: to.Ptr("summarize MostRecent = max(TimeGenerated), Count = count() by OperationName"), - // }, - // { - // Filter: to.Ptr("where OperationName in~ ('Update user','4738')"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("Count"), - // }}, - // Project: to.Ptr("project Title = OperationName, MostRecent, Count"), - // Summarize: to.Ptr("summarize MostRecent = max(TimeGenerated), Count = count() by OperationName"), - // }}, - // }, - // }, - // }, - // &armsecurityinsights.InsightQueryItem{ - // Name: to.Ptr("0a5d7b14-b485-450a-a0ac-4100c860ac32"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities/queries"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1/queries/0a5d7b14-b485-450a-a0ac-4100c860ac32"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryKindInsight), - // Properties: &armsecurityinsights.InsightQueryItemProperties{ - // DataTypes: []*armsecurityinsights.EntityQueryItemPropertiesDataTypesItem{ - // { - // DataType: to.Ptr("OfficeActivity"), - // }}, - // EntitiesFilter: map[string]any{ - // }, - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeAccount), - // RequiredInputFieldsSets: [][]*string{ - // []*string{ - // to.Ptr("Account_Name"), - // to.Ptr("Account_UPNSuffix")}}, - // Description: to.Ptr("Highlight office operations of the user with anomalously high count compared to those observed in the preceding 14 days."), - // AdditionalQuery: &armsecurityinsights.InsightQueryItemPropertiesAdditionalQuery{ - // Query: to.Ptr("make-series count() default=0 on TimeGenerated from (StartTime - BeforeRange) to EndTime step 1d by Operation \n| extend (anomalies,anomalyScore, expectedCount)=series_decompose_anomalies(count_,AScoreThresh,7,'linefit',numDays, 'ctukey') \n| extend count1=count_, TimeGenerated1=TimeGenerated, anomalyScore1=anomalyScore\n| mv-apply count1 to typeof(long), TimeGenerated1 to typeof(datetime), anomalyScore1 to typeof(double), anomalies to typeof(long) on (summarize totAnomalies=sumif(abs(anomalies), TimeGenerated1 < StartTime), baseStd=stdevif(count1, TimeGenerated1 < StartTime), baseAvg=avgif(count1, TimeGenerated1 < StartTime), maxCountPost=maxif(count1,TimeGenerated1 >= StartTime), maxAnomalyScorePost = maxif(anomalyScore1, TimeGenerated1 >= StartTime)) \n| extend count1=count_\n| mv-apply count1 to typeof(long), anomalyScore to typeof(double), expectedCount to typeof(double) on ( summarize (dummy, postExpectedCount, postActualCount)=arg_min(abs(anomalyScore - maxAnomalyScorePost), expectedCount, count1) ) \n| where totAnomalies < maxAnomalies\n| extend postAnomalyScore=iff(baseStd == 0 and maxCountPost > tolong(count_[0]),1000.0,maxAnomalyScorePost), postExpectedCount=iff(postExpectedCount < 0,0.0,postExpectedCount) \n| where maxAnomalyScorePost > AScoreThresh | order by maxAnomalyScorePost desc \n| project Operation, expectedCount=round(postExpectedCount,2), actualCount=postActualCount, anomalyScore=round(postAnomalyScore,2)\n"), - // Text: to.Ptr("Query all anomalous operations"), - // }, - // BaseQuery: to.Ptr("let AScoreThresh = 3; \nlet maxAnomalies = 3;\nlet BeforeRange = 12d; \nlet EndTime = todatetime('{{EndTimeUTC}}'); \nlet StartTime = todatetime('{{StartTimeUTC}}');\nlet numDays = tolong((EndTime-StartTime)/1d); \nlet userData = (v_Account_Name:string, v_Account_UPNSuffix:string) { \n OfficeActivity \n | extend splitUserId=split(UserId, '@')\n | extend Account_Name = tostring(splitUserId[0]), Account_UPNSuffix = tostring(splitUserId[1])\n | where Account_Name =~ v_Account_Name and Account_UPNSuffix =~ v_Account_UPNSuffix }; \nuserData('CTFFUser4', 'seccxp.ninja')\n"), - // ChartQuery: map[string]any{ - // "type": "LineChart", - // "dataSets":[]any{ - // map[string]any{ - // "legendColumnName": "Operation", - // "query": "make-series count() default=0 on TimeGenerated from (StartTime - BeforeRange) to EndTime step 1d by Operation \n| extend (anomalies,anomalyScore, expectedCount)=series_decompose_anomalies(count_,AScoreThresh,7,'linefit',numDays, 'ctukey') \n| extend count1=count_, TimeGenerated1=TimeGenerated, anomalyScore1=anomalyScore\n| mv-apply count1 to typeof(long), TimeGenerated1 to typeof(datetime), anomalyScore1 to typeof(double), anomalies to typeof(long) on (summarize totAnomalies=sumif(abs(anomalies), TimeGenerated1 < StartTime), baseStd=stdevif(count1, TimeGenerated1 < StartTime), baseAvg=avgif(count1, TimeGenerated1 < StartTime), maxCountPost=maxif(count1,TimeGenerated1 >= StartTime), maxAnomalyScorePost=maxif(anomalyScore1, TimeGenerated1 >= StartTime)) \n| extend count1=count_ \n| mv-apply count1 to typeof(long), anomalyScore to typeof(double), expectedCount to typeof(double) on ( summarize (dummy, postExpectedCount, postActualCount)=arg_min(abs(anomalyScore-maxAnomalyScorePost), expectedCount, count1) ) \n| where totAnomalies < maxAnomalies \n| extend postAnomalyScore=iff(baseStd == 0 and maxCountPost > tolong(count_[0]),1000.0,maxAnomalyScorePost), postExpectedCount=iff(postExpectedCount < 0,0.0,round(postExpectedCount,2)) \n| where maxAnomalyScorePost > AScoreThresh \n| order by maxAnomalyScorePost desc \n| take 1 \n| project Operation, TimeGenerated, count_\n| mvexpand TimeGenerated, count_ | project todatetime(TimeGenerated), toint(count_), Operation\n", - // "xColumnName": "TimeGenerated", - // "yColumnName": "count_", - // }, - // }, - // "title": "Anomalous operation timeline", - // }, - // DefaultTimeRange: &armsecurityinsights.InsightQueryItemPropertiesDefaultTimeRange{ - // AfterRange: to.Ptr("0d"), - // BeforeRange: to.Ptr("1d"), - // }, - // DisplayName: to.Ptr("Anomalously high office operation count"), - // ReferenceTimeRange: &armsecurityinsights.InsightQueryItemPropertiesReferenceTimeRange{ - // BeforeRange: to.Ptr("12d"), - // }, - // TableQuery: &armsecurityinsights.InsightQueryItemPropertiesTableQuery{ - // ColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem{ - // { - // Header: to.Ptr("Operation"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeString), - // SupportDeepLink: to.Ptr(true), - // }, - // { - // Header: to.Ptr("Expected Count"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeNumber), - // SupportDeepLink: to.Ptr(false), - // }, - // { - // Header: to.Ptr("Actual Count"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeNumber), - // SupportDeepLink: to.Ptr(false), - // }}, - // QueriesDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem{ - // { - // Filter: to.Ptr("make-series count() default=0 on TimeGenerated from (StartTime - BeforeRange) to EndTime step 1d by Operation \n| extend (anomalies,anomalyScore, expectedCount)=series_decompose_anomalies(count_,AScoreThresh,7,'linefit',numDays, 'ctukey') \n| extend count1=count_, TimeGenerated1=TimeGenerated, anomalyScore1=anomalyScore\n| mv-apply count1 to typeof(long), TimeGenerated1 to typeof(datetime), anomalyScore1 to typeof(double), anomalies to typeof(long) on (summarize totAnomalies=sumif(abs(anomalies), TimeGenerated1 < StartTime), baseStd=stdevif(count1, TimeGenerated1 < StartTime), baseAvg=avgif(count1, TimeGenerated1 < StartTime), maxCountPost=maxif(count1,TimeGenerated1 >= StartTime), maxAnomalyScorePost=maxif(anomalyScore1, TimeGenerated1 >= StartTime)) \n| extend count1=count_ \n| mv-apply count1 to typeof(long), anomalyScore to typeof(double), expectedCount to typeof(double) on ( summarize (dummy, postExpectedCount, postActualCount)=arg_min(abs(anomalyScore-maxAnomalyScorePost), expectedCount, count1) ) \n| where totAnomalies < maxAnomalies \n| extend postAnomalyScore=iff(baseStd == 0 and maxCountPost > tolong(count_[0]),1000.0,maxAnomalyScorePost), postExpectedCount=iff(postExpectedCount < 0,0.0,postExpectedCount) \n| where maxAnomalyScorePost > AScoreThresh \n| order by maxAnomalyScorePost desc\n"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} \n| where TimeGenerated between (StartTime .. EndTime) \n| where Operation == ''\n"), - // ProjectedName: to.Ptr("Operation"), - // }}, - // Project: to.Ptr("project Operation, expectedCount=round(postExpectedCount,2), actualCount=postActualCount, anomalyScore=round(postAnomalyScore,2)"), - // Summarize: to.Ptr("take 1"), - // }}, - // }, - // }, - // }, - // &armsecurityinsights.InsightQueryItem{ - // Name: to.Ptr("e6cf68e6-1eca-4fbb-9fad-6280f2a9476e"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities/queries"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1/queries/e6cf68e6-1eca-4fbb-9fad-6280f2a9476e"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryKindInsight), - // Properties: &armsecurityinsights.InsightQueryItemProperties{ - // DataTypes: []*armsecurityinsights.EntityQueryItemPropertiesDataTypesItem{ - // { - // DataType: to.Ptr("OfficeActivity"), - // }}, - // EntitiesFilter: map[string]any{ - // }, - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeAccount), - // RequiredInputFieldsSets: [][]*string{ - // []*string{ - // to.Ptr("Account_Name"), - // to.Ptr("Account_UPNSuffix")}, - // []*string{ - // to.Ptr("Account_AADUserId")}}, - // Description: to.Ptr("Provides the count and distinct resource accesses by a given user account\n"), - // AdditionalQuery: &armsecurityinsights.InsightQueryItemPropertiesAdditionalQuery{ - // Query: to.Ptr("where Operation in~ (Operations)"), - // Text: to.Ptr("See all resource activity"), - // }, - // BaseQuery: to.Ptr("let Operations = dynamic([\"FileDownloaded\", \"FileUploaded\"]);\nlet UserOperationToSharePoint = (v_Account_Name:string, v_Account_UPNSuffix:string) {\nOfficeActivity\n// Select sharepoint activity that is relevant\n| where RecordType in~ ('SharePointFileOperation')\n| where Operation in~ (Operations)\n| extend Account_Name = tostring(split(UserId, '@')[0])\n| extend Account_UPNSuffix = tostring(split(UserId, '@')[1])\n| where Account_Name =~ v_Account_Name and Account_UPNSuffix =~ v_Account_UPNSuffix\n| project TimeGenerated, Account_Name, Account_UPNSuffix, UserId, OfficeId, RecordType, Operation, OrganizationId, UserType, UserKey, OfficeWorkload, OfficeObjectId, ClientIP, ItemType, UserAgent, Site_Url, SourceRelativeUrl, SourceFileName, SourceFileExtension , Start_Time , ElevationTime , TenantId, SourceSystem , Type\n};\nUserOperationToSharePoint ('CTFFUser4','seccxp.ninja')\n"), - // ChartQuery: map[string]any{ - // "type": "LineChart", - // "dataSets":[]any{ - // map[string]any{ - // "legendColumnName": "Legend", - // "query": "summarize DistinctResources = dcountif(Operation, Operation =~ 'FileUploaded'), TotalResources = countif(Operation =~ 'FileUploaded') by bin(TimeGenerated, 1h) | extend Legend = 'File Uploads'", - // "xColumnName": "TimeGenerated", - // "yColumnName": "TotalResources", - // }, - // map[string]any{ - // "legendColumnName": "Legend", - // "query": "summarize DistinctResources = dcountif(Operation, Operation =~ 'FileDownloaded'), TotalResources = countif(Operation =~ 'FileDownloaded') by bin(TimeGenerated, 1h) | extend Legend = 'File Downloads'", - // "xColumnName": "TimeGenerated", - // "yColumnName": "TotalResources", - // }, - // }, - // "title": "Resource access over time", - // }, - // DefaultTimeRange: &armsecurityinsights.InsightQueryItemPropertiesDefaultTimeRange{ - // AfterRange: to.Ptr("12h"), - // BeforeRange: to.Ptr("12h"), - // }, - // DisplayName: to.Ptr("Resource access"), - // TableQuery: &armsecurityinsights.InsightQueryItemPropertiesTableQuery{ - // ColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem{ - // { - // Header: to.Ptr("Resource Type"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeString), - // SupportDeepLink: to.Ptr(false), - // }, - // { - // Header: to.Ptr("Distinct Resources"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeNumber), - // SupportDeepLink: to.Ptr(true), - // }, - // { - // Header: to.Ptr("Total Resources"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeNumber), - // SupportDeepLink: to.Ptr(true), - // }, - // { - // Header: to.Ptr("IPAddress(es)"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeString), - // SupportDeepLink: to.Ptr(false), - // }}, - // QueriesDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem{ - // { - // Filter: to.Ptr("where Operation =~ 'FileUploaded'"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("DistinctResources"), - // }, - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("TotalResources"), - // }}, - // Project: to.Ptr("project Title = Operation, DistinctResources, TotalResources, IPAddresses = case(array_length(IPAddresses) == 1, tostring(IPAddresses[0]), array_length(IPAddresses) > 1, 'Many', 'None')"), - // Summarize: to.Ptr("summarize DistinctResources = dcount(SourceFileName), TotalResources = count(SourceFileName), IPAddresses = make_set(ClientIP) by Operation"), - // }, - // { - // Filter: to.Ptr("where Operation =~ 'FileDownloaded'"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("DistinctResources"), - // }, - // { - // Query: to.Ptr("{{BaseQuery}} | "), - // ProjectedName: to.Ptr("TotalResources"), - // }}, - // Project: to.Ptr("project Title = Operation, DistinctResources, TotalResources, IPAddresses = case(array_length(IPAddresses) == 1, tostring(IPAddresses[0]), array_length(IPAddresses) > 1, 'Many', 'None')"), - // Summarize: to.Ptr("summarize DistinctResources = dcount(SourceFileName), TotalResources = count(SourceFileName), IPAddresses = make_set(ClientIP) by Operation"), - // }}, - // }, - // }, - // }, - // &armsecurityinsights.InsightQueryItem{ - // Name: to.Ptr("cae8d0aa-aa45-4d53-8d88-17dd64ffd4e4"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities/queries"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/e1d3d618-e11f-478b-98e3-bb381539a8e1/queries/cae8d0aa-aa45-4d53-8d88-17dd64ffd4e4"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryKindInsight), - // Properties: &armsecurityinsights.InsightQueryItemProperties{ - // DataTypes: []*armsecurityinsights.EntityQueryItemPropertiesDataTypesItem{ - // { - // DataType: to.Ptr("SigninLogs"), - // }}, - // EntitiesFilter: map[string]any{ - // }, - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeAccount), - // RequiredInputFieldsSets: [][]*string{ - // []*string{ - // to.Ptr("Account_Name"), - // to.Ptr("Account_UPNSuffix")}, - // []*string{ - // to.Ptr("Account_AADUserId")}}, - // Description: to.Ptr("Highlight Azure sign-in results by the user principal with anomalously high count compared to those observed in the preceding 14 days."), - // AdditionalQuery: &armsecurityinsights.InsightQueryItemPropertiesAdditionalQuery{ - // Query: to.Ptr("make-series count() default=0 on TimeGenerated from (StartTime - BeforeRange) to EndTime step 1d by ResultDescription \n| extend (anomalies,anomalyScore, expectedCount)=series_decompose_anomalies(count_,AScoreThresh,7,'linefit',numDays, 'ctukey') \n| extend count1=count_, TimeGenerated1=TimeGenerated, anomalyScore1=anomalyScore\n| mv-apply count1 to typeof(long), TimeGenerated1 to typeof(datetime), anomalyScore1 to typeof(double), anomalies to typeof(long) on (summarize totAnomalies=sumif(abs(anomalies), TimeGenerated1 < StartTime), baseStd=stdevif(count1, TimeGenerated1 < StartTime), baseAvg=avgif(count1, TimeGenerated1 < StartTime), maxCountPost=maxif(count1,TimeGenerated1 >= StartTime), maxAnomalyScorePost = maxif(anomalyScore1, TimeGenerated1 >= StartTime)) \n| extend count1=count_\n| mv-apply count1 to typeof(long), anomalyScore to typeof(double), expectedCount to typeof(double) on ( summarize (dummy, postExpectedCount, postActualCount)=arg_min(abs(anomalyScore - maxAnomalyScorePost), expectedCount, count1) ) \n| where totAnomalies < maxAnomalies\n| extend postAnomalyScore=iff(baseStd == 0 and maxCountPost > tolong(count_[0]),1000.0,maxAnomalyScorePost), postExpectedCount=iff(postExpectedCount < 0,0.0,postExpectedCount) \n| where maxAnomalyScorePost > AScoreThresh \n| order by maxAnomalyScorePost desc \n| project ResultDescription, expectedCount=round(postExpectedCount,2), actualCount=postActualCount, anomalyScore=round(postAnomalyScore,2)\n"), - // Text: to.Ptr("Query all anomalous sign-in results"), - // }, - // BaseQuery: to.Ptr("let AScoreThresh=3; \nlet maxAnomalies=3; \nlet BeforeRange = 12d; \nlet EndTime=todatetime('{{EndTimeUTC}}');\nlet StartTime = todatetime('{{StartTimeUTC}}'); \nlet numDays = tolong((EndTime-StartTime)/1d); \nlet userData = (v_Account_Name:string, v_Account_UPNSuffix:string, v_Account_AADUserId:string) { \n SigninLogs \n | where TimeGenerated between ((StartTime-BeforeRange) .. EndTime)\n | extend splitUserId=split(UserPrincipalName, '@')\n | extend Account_Name = tostring(splitUserId[0]), Account_UPNSuffix = tostring(splitUserId[1])\n | where (Account_Name =~ v_Account_Name and Account_UPNSuffix =~ v_Account_UPNSuffix) or UserId =~ v_Account_AADUserId };\nuserData('CTFFUser4', 'seccxp.ninja', '')\n"), - // ChartQuery: map[string]any{ - // "type": "LineChart", - // "dataSets":[]any{ - // map[string]any{ - // "legendColumnName": "ResultDescription", - // "query": "make-series count() default=0 on TimeGenerated from (StartTime - BeforeRange) to EndTime step 1d by ResultDescription \n| extend (anomalies,anomalyScore, expectedCount)=series_decompose_anomalies(count_,AScoreThresh,7,'linefit',numDays, 'ctukey') \n| extend count1=count_, TimeGenerated1=TimeGenerated, anomalyScore1=anomalyScore\n| mv-apply count1 to typeof(long), TimeGenerated1 to typeof(datetime), anomalyScore1 to typeof(double), anomalies to typeof(long) on (summarize totAnomalies=sumif(abs(anomalies), TimeGenerated1 < StartTime), baseStd=stdevif(count1, TimeGenerated1 < StartTime), baseAvg=avgif(count1, TimeGenerated1 < StartTime), maxCountPost=maxif(count1,TimeGenerated1 >= StartTime), maxAnomalyScorePost = maxif(anomalyScore1, TimeGenerated1 >= StartTime)) \n| extend count1=count_ \n| mv-apply count1 to typeof(long), anomalyScore to typeof(double), expectedCount to typeof(double) on ( summarize (dummy, postExpectedCount, postActualCount)=arg_min(abs(anomalyScore - maxAnomalyScorePost), expectedCount, count1) ) \n| where totAnomalies < maxAnomalies \n| extend postAnomalyScore=iff(baseStd == 0 and maxCountPost > tolong(count_[0]),1000.0,maxAnomalyScorePost), postExpectedCount=iff(postExpectedCount < 0,0.0,round(postExpectedCount,2)) \n| where maxAnomalyScorePost > AScoreThresh \n| order by maxAnomalyScorePost desc \n| take 1 \n| project ResultDescription, TimeGenerated, count_ \n| mvexpand TimeGenerated, count_ \n| project todatetime(TimeGenerated), toint(count_), ResultDescription \n", - // "xColumnName": "TimeGenerated", - // "yColumnName": "count_", - // }, - // }, - // "title": "Anomalous sign-in result timeline", - // }, - // DefaultTimeRange: &armsecurityinsights.InsightQueryItemPropertiesDefaultTimeRange{ - // AfterRange: to.Ptr("0d"), - // BeforeRange: to.Ptr("1d"), - // }, - // DisplayName: to.Ptr("Anomalously high Azure sign-in result count"), - // ReferenceTimeRange: &armsecurityinsights.InsightQueryItemPropertiesReferenceTimeRange{ - // BeforeRange: to.Ptr("12d"), - // }, - // TableQuery: &armsecurityinsights.InsightQueryItemPropertiesTableQuery{ - // ColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem{ - // { - // Header: to.Ptr("Result Description"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeString), - // SupportDeepLink: to.Ptr(true), - // }, - // { - // Header: to.Ptr("Expected Count"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeNumber), - // SupportDeepLink: to.Ptr(false), - // }, - // { - // Header: to.Ptr("Actual Count"), - // OutputType: to.Ptr(armsecurityinsights.OutputTypeNumber), - // SupportDeepLink: to.Ptr(false), - // }}, - // QueriesDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem{ - // { - // Filter: to.Ptr("make-series count() default=0 on TimeGenerated from (StartTime - BeforeRange) to EndTime step 1d by ResultDescription \n| extend (anomalies,anomalyScore, expectedCount)=series_decompose_anomalies(count_,AScoreThresh,7,'linefit',numDays, 'ctukey') \n| extend count1=count_, TimeGenerated1=TimeGenerated, anomalyScore1=anomalyScore\n| mv-apply count1 to typeof(long), TimeGenerated1 to typeof(datetime), anomalyScore1 to typeof(double), anomalies to typeof(long) on (summarize totAnomalies=sumif(abs(anomalies), TimeGenerated1 < StartTime), baseStd=stdevif(count1, TimeGenerated1 < StartTime), baseAvg=avgif(count1, TimeGenerated1 < StartTime), maxCountPost=maxif(count1,TimeGenerated1 >= StartTime), maxAnomalyScorePost = maxif(anomalyScore1, TimeGenerated1 >= StartTime)) \n| extend count1=count_ \n| mv-apply count1 to typeof(long), anomalyScore to typeof(double), expectedCount to typeof(double) on ( summarize (dummy, postExpectedCount, postActualCount)=arg_min(abs(anomalyScore - maxAnomalyScorePost), expectedCount, count1) ) \n| where totAnomalies < maxAnomalies \n| extend postAnomalyScore=iff(baseStd == 0 and maxCountPost > tolong(count_[0]),1000.0,maxAnomalyScorePost), postExpectedCount=iff(postExpectedCount < 0,0.0,postExpectedCount) \n| where maxAnomalyScorePost > AScoreThresh \n| order by maxAnomalyScorePost desc\n"), - // LinkColumnsDefinitions: []*armsecurityinsights.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem{ - // { - // Query: to.Ptr("{{BaseQuery}} \n| where TimeGenerated between (StartTime .. EndTime) \n| where ResultDescription == ''\n"), - // ProjectedName: to.Ptr("ResultDescription"), - // }}, - // Project: to.Ptr("project ResultDescription, expectedCount=round(postExpectedCount,2), actualCount=postActualCount, anomalyScore=round(postAnomalyScore,2)"), - // Summarize: to.Ptr("take 1"), - // }}, - // }, - // }, - // }}, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/insights/PostGetInsights.json -func ExampleEntitiesClient_GetInsights() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesClient().GetInsights(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", armsecurityinsights.EntityGetInsightsParameters{ - AddDefaultExtendedTimeRange: to.Ptr(false), - EndTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-10-01T00:00:00.000Z"); return t }()), - InsightQueryIDs: []*string{ - to.Ptr("cae8d0aa-aa45-4d53-8d88-17dd64ffd4e4")}, - StartTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T00:00:00.000Z"); return t }()), - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.EntityGetInsightsResponse = armsecurityinsights.EntityGetInsightsResponse{ - // MetaData: &armsecurityinsights.GetInsightsResultsMetadata{ - // Errors: []*armsecurityinsights.GetInsightsErrorKind{ - // { - // ErrorMessage: to.Ptr("Internal server error"), - // Kind: to.Ptr(armsecurityinsights.GetInsightsErrorInsight), - // QueryID: to.Ptr("4a70a63d-25c4-6312-b73e-4f302a90c06a"), - // }}, - // TotalCount: to.Ptr[int32](7), - // }, - // Value: []*armsecurityinsights.EntityInsightItem{ - // { - // ChartQueryResults: []*armsecurityinsights.InsightsTableResult{ - // { - // Columns: []*armsecurityinsights.InsightsTableResultColumnsItem{ - // { - // Name: to.Ptr("TimeGenerated"), - // Type: to.Ptr("datetime"), - // }, - // { - // Name: to.Ptr("Count"), - // Type: to.Ptr("long"), - // }, - // { - // Name: to.Ptr("Legend"), - // Type: to.Ptr("string"), - // }}, - // Rows: [][]*string{ - // []*string{ - // to.Ptr("2021-09-01T00:00:00.000Z"), - // to.Ptr("55"), - // to.Ptr("SomeLegend")}}, - // }}, - // QueryID: to.Ptr("e29ee1ef-7445-455e-85f1-269f2d536d61"), - // QueryTimeInterval: &armsecurityinsights.EntityInsightItemQueryTimeInterval{ - // EndTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T23:35:20.000Z"); return t}()), - // StartTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T23:35:20.000Z"); return t}()), - // }, - // TableQueryResults: &armsecurityinsights.InsightsTableResult{ - // Columns: []*armsecurityinsights.InsightsTableResultColumnsItem{ - // { - // Name: to.Ptr("Title"), - // Type: to.Ptr("string"), - // }, - // { - // Name: to.Ptr("NameCount"), - // Type: to.Ptr("long"), - // }, - // { - // Name: to.Ptr("SIDCount"), - // Type: to.Ptr("long"), - // }, - // { - // Name: to.Ptr("InternalOrder"), - // Type: to.Ptr("long"), - // }, - // { - // Name: to.Ptr("Index"), - // Type: to.Ptr("long"), - // }}, - // Rows: [][]*string{ - // []*string{ - // to.Ptr("MyTitle"), - // to.Ptr("15"), - // to.Ptr("SID"), - // to.Ptr("1"), - // to.Ptr("1")}}, - // }, - // }}, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client.go index 7b586d5896d0..6aaa165ed617 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type EntitiesGetTimelineClient struct { } // NewEntitiesGetTimelineClient creates a new instance of EntitiesGetTimelineClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewEntitiesGetTimelineClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntitiesGetTimelineClient, error) { @@ -46,7 +43,7 @@ func NewEntitiesGetTimelineClient(subscriptionID string, credential azcore.Token // List - Timeline for an entity. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityID - entity ID @@ -76,7 +73,7 @@ func (client *EntitiesGetTimelineClient) List(ctx context.Context, resourceGroup } // listCreateRequest creates the List request. -func (client *EntitiesGetTimelineClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityTimelineParameters, options *EntitiesGetTimelineClientListOptions) (*policy.Request, error) { +func (client *EntitiesGetTimelineClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityTimelineParameters, _ *EntitiesGetTimelineClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/getTimeline" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -99,7 +96,7 @@ func (client *EntitiesGetTimelineClient) listCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, parameters); err != nil { diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client_example_test.go deleted file mode 100644 index 4454d1154e5c..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client_example_test.go +++ /dev/null @@ -1,113 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/timeline/PostTimelineEntity.json -func ExampleEntitiesGetTimelineClient_List() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntitiesGetTimelineClient().List(ctx, "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", armsecurityinsights.EntityTimelineParameters{ - EndTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-10-01T00:00:00.000Z"); return t }()), - NumberOfBucket: to.Ptr[int32](4), - StartTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T00:00:00.000Z"); return t }()), - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.EntityTimelineResponse = armsecurityinsights.EntityTimelineResponse{ - // MetaData: &armsecurityinsights.TimelineResultsMetadata{ - // Aggregations: []*armsecurityinsights.TimelineAggregation{ - // { - // Count: to.Ptr[int32](4), - // Kind: to.Ptr(armsecurityinsights.EntityTimelineKindActivity), - // }, - // { - // Count: to.Ptr[int32](2), - // Kind: to.Ptr(armsecurityinsights.EntityTimelineKindSecurityAlert), - // }, - // { - // Count: to.Ptr[int32](1), - // Kind: to.Ptr(armsecurityinsights.EntityTimelineKindAnomaly), - // }}, - // Errors: []*armsecurityinsights.TimelineError{ - // { - // ErrorMessage: to.Ptr("syntax error"), - // Kind: to.Ptr(armsecurityinsights.EntityTimelineKindActivity), - // QueryID: to.Ptr("11067f9f-d6a7-4488-887f-0ba564268879"), - // }, - // { - // ErrorMessage: to.Ptr("internal server error"), - // Kind: to.Ptr(armsecurityinsights.EntityTimelineKindSecurityAlert), - // }}, - // TotalCount: to.Ptr[int32](6), - // }, - // Value: []armsecurityinsights.EntityTimelineItemClassification{ - // &armsecurityinsights.SecurityAlertTimelineItem{ - // Kind: to.Ptr(armsecurityinsights.EntityTimelineKindSecurityAlert), - // Description: to.Ptr("The alert description"), - // AlertType: to.Ptr("4467341f-fb73-4f99-a9b3-29473532cf5a_c93bf33e-055e-4972-9e7d-f84fe3fb61ae"), - // AzureResourceID: to.Ptr("4467341f-fb73-4f99-a9b3-29473532cf5a_bf7c3a2f-b743-6410-3ff0-ec64b5995d50"), - // DisplayName: to.Ptr("Alert display name"), - // EndTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T23:31:28.020Z"); return t}()), - // ProductName: to.Ptr("Azure Sentinel"), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityMedium), - // StartTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T23:32:28.010Z"); return t}()), - // TimeGenerated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T23:37:25.813Z"); return t}()), - // }, - // &armsecurityinsights.ActivityTimelineItem{ - // Kind: to.Ptr(armsecurityinsights.EntityTimelineKindActivity), - // BucketEndTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T23:31:28.020Z"); return t}()), - // BucketStartTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T21:31:28.020Z"); return t}()), - // Content: to.Ptr("he user has deleted the account 3 time(s)"), - // FirstActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T21:35:28.020Z"); return t}()), - // LastActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T21:35:28.020Z"); return t}()), - // QueryID: to.Ptr("e0459780-ac9d-4b72-8bd4-fecf6b46a0a1"), - // Title: to.Ptr("The user has deleted an account"), - // }, - // &armsecurityinsights.AnomalyTimelineItem{ - // Kind: to.Ptr(armsecurityinsights.EntityTimelineKindAnomaly), - // Description: to.Ptr("Anomalous private to public port scanning activity with high destination port count along with low port ratio. The ratios are normalized by multiplying them by 10,000 to get them to a more usable value between 0.0 and 1.0."), - // AzureResourceID: to.Ptr("4467341f-fb73-4f99-a9b3-29473532cf5a_d56430ef-f421-2c9c-0b7d-d082285843c6"), - // DisplayName: to.Ptr("(Preview) Anomalous scanning activity"), - // EndTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T23:31:28.020Z"); return t}()), - // Intent: to.Ptr("Discovery"), - // ProductName: to.Ptr("Azure Sentinel"), - // Reasons: []*string{ - // to.Ptr("High destination port count"), - // to.Ptr("Low port ratio")}, - // StartTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T23:32:28.010Z"); return t}()), - // Techniques: []*string{ - // to.Ptr("T1046")}, - // TimeGenerated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-01T23:37:25.813Z"); return t}()), - // Vendor: to.Ptr("Microsoft"), - // }}, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client.go index 1fbece7e7ea0..7ca2111648b9 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -29,7 +26,7 @@ type EntitiesRelationsClient struct { } // NewEntitiesRelationsClient creates a new instance of EntitiesRelationsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewEntitiesRelationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntitiesRelationsClient, error) { @@ -46,7 +43,7 @@ func NewEntitiesRelationsClient(subscriptionID string, credential azcore.TokenCr // NewListPager - Gets all relations of an entity. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityID - entity ID @@ -111,7 +108,7 @@ func (client *EntitiesRelationsClient) listCreateRequest(ctx context.Context, re if options != nil && options.Top != nil { reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) } - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client_example_test.go deleted file mode 100644 index 8e780504294d..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client_example_test.go +++ /dev/null @@ -1,61 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/relations/GetAllEntityRelations.json -func ExampleEntitiesRelationsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewEntitiesRelationsClient().NewListPager("myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", &armsecurityinsights.EntitiesRelationsClientListOptions{Filter: nil, - Orderby: nil, - Top: nil, - SkipToken: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.RelationList = armsecurityinsights.RelationList{ - // Value: []*armsecurityinsights.Relation{ - // { - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/afbd324f-6c48-459c-8710-8d1e1cd03812/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceName: to.Ptr("2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/incidents"), - // }, - // }}, - // } - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client.go index 7716fa1050ae..42c7c87c476c 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type EntityQueriesClient struct { } // NewEntityQueriesClient creates a new instance of EntityQueriesClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewEntityQueriesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntityQueriesClient, error) { @@ -46,7 +43,7 @@ func NewEntityQueriesClient(subscriptionID string, credential azcore.TokenCreden // CreateOrUpdate - Creates or updates the entity query. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityQueryID - entity query ID @@ -76,7 +73,7 @@ func (client *EntityQueriesClient) CreateOrUpdate(ctx context.Context, resourceG } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *EntityQueriesClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, entityQuery CustomEntityQueryClassification, options *EntityQueriesClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *EntityQueriesClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, entityQuery CustomEntityQueryClassification, _ *EntityQueriesClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -99,7 +96,7 @@ func (client *EntityQueriesClient) createOrUpdateCreateRequest(ctx context.Conte return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, entityQuery); err != nil { @@ -120,7 +117,7 @@ func (client *EntityQueriesClient) createOrUpdateHandleResponse(resp *http.Respo // Delete - Delete the entity query. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityQueryID - entity query ID @@ -147,7 +144,7 @@ func (client *EntityQueriesClient) Delete(ctx context.Context, resourceGroupName } // deleteCreateRequest creates the Delete request. -func (client *EntityQueriesClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, options *EntityQueriesClientDeleteOptions) (*policy.Request, error) { +func (client *EntityQueriesClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, _ *EntityQueriesClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -170,7 +167,7 @@ func (client *EntityQueriesClient) deleteCreateRequest(ctx context.Context, reso return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -179,7 +176,7 @@ func (client *EntityQueriesClient) deleteCreateRequest(ctx context.Context, reso // Get - Gets an entity query. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityQueryID - entity query ID @@ -207,7 +204,7 @@ func (client *EntityQueriesClient) Get(ctx context.Context, resourceGroupName st } // getCreateRequest creates the Get request. -func (client *EntityQueriesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, options *EntityQueriesClientGetOptions) (*policy.Request, error) { +func (client *EntityQueriesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, _ *EntityQueriesClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -230,7 +227,7 @@ func (client *EntityQueriesClient) getCreateRequest(ctx context.Context, resourc return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -247,7 +244,7 @@ func (client *EntityQueriesClient) getHandleResponse(resp *http.Response) (Entit // NewListPager - Gets all entity queries. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - EntityQueriesClientListOptions contains the optional parameters for the EntityQueriesClient.NewListPager method. @@ -294,7 +291,7 @@ func (client *EntityQueriesClient) listCreateRequest(ctx context.Context, resour return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") if options != nil && options.Kind != nil { reqQP.Set("kind", string(*options.Kind)) } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client_example_test.go deleted file mode 100644 index 22bf401bfbb2..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client_example_test.go +++ /dev/null @@ -1,276 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueries/GetEntityQueries.json -func ExampleEntityQueriesClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewEntityQueriesClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.EntityQueriesClientListOptions{Kind: to.Ptr(armsecurityinsights.Enum13Expansion)}) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.EntityQueryList = armsecurityinsights.EntityQueryList{ - // Value: []armsecurityinsights.EntityQueryClassification{ - // &armsecurityinsights.ExpansionEntityQuery{ - // Name: to.Ptr("37ca3555-c135-4a73-a65e-9c1d00323f5d"), - // Type: to.Ptr("Microsoft.SecurityInsights/entityQueries"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entityQueries/37ca3555-c135-4a73-a65e-9c1d00323f5d"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryKindExpansion), - // Properties: &armsecurityinsights.ExpansionEntityQueriesProperties{ - // DataSources: []*string{ - // to.Ptr("AzureActivity")}, - // DisplayName: to.Ptr("Least active accounts on Azure from this IP"), - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeIP), - // InputFields: []*string{ - // to.Ptr("address")}, - // OutputEntityTypes: []*armsecurityinsights.EntityType{ - // to.Ptr(armsecurityinsights.EntityTypeAccount)}, - // QueryTemplate: to.Ptr("let AccountActivity_byIP = (v_IP_Address:string){\r\n AzureActivity\r\n | where Caller != '' and CallerIpAddress == v_IP_Address\r\n | summarize Account_Aux_StartTime = min(TimeGenerated), Account_Aux_EndTime = max(TimeGenerated), Count = count() by Caller, TenantId\r\n | top 10 by Count asc nulls last \r\n | extend UPN = iff(Caller contains '@', Caller, ''), Account_AadUserId = iff(Caller !contains '@', Caller,'')\r\n | extend Account_Name = split(UPN,'@')[0] , Account_UPNSuffix = split(UPN,'@')[1]\r\n | project Account_Name, Account_UPNSuffix, Account_AadUserId, Account_AadTenantId=TenantId, Account_Aux_StartTime , Account_Aux_EndTime};\r\n AccountActivity_byIP('
')"), - // }, - // }, - // &armsecurityinsights.ExpansionEntityQuery{ - // Name: to.Ptr("97a1d515-abf2-4231-9a35-985f9de0bb91"), - // Type: to.Ptr("Microsoft.SecurityInsights/entityQueries"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entityQueries/97a1d515-abf2-4231-9a35-985f9de0bb91"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryKindExpansion), - // Properties: &armsecurityinsights.ExpansionEntityQueriesProperties{ - // DataSources: []*string{ - // to.Ptr("AzureActivity")}, - // DisplayName: to.Ptr("Most active accounts on Azure from this IP"), - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeIP), - // InputFields: []*string{ - // to.Ptr("address")}, - // OutputEntityTypes: []*armsecurityinsights.EntityType{ - // to.Ptr(armsecurityinsights.EntityTypeAccount)}, - // QueryTemplate: to.Ptr("let AccountActivity_byIP = (v_IP_Address:string){\r\n AzureActivity\r\n | where Caller != '' and CallerIpAddress == v_IP_Address\r\n | summarize Account_Aux_StartTime = min(TimeGenerated), Account_Aux_EndTime = max(TimeGenerated), Count = count() by Caller, TenantId\r\n | top 10 by Count desc nulls last \r\n | extend UPN = iff(Caller contains '@', Caller, ''), Account_AadUserId = iff(Caller !contains '@', Caller,'')\r\n | extend Account_Name = split(UPN,'@')[0] , Account_UPNSuffix = split(UPN,'@')[1]\r\n | project Account_Name, Account_UPNSuffix, Account_AadUserId, Account_AadTenantId=TenantId, Account_Aux_StartTime , Account_Aux_EndTime};\r\n AccountActivity_byIP('
')"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueries/GetActivityEntityQueryById.json -func ExampleEntityQueriesClient_Get_getAnActivityEntityQuery() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntityQueriesClient().Get(ctx, "myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntityQueriesClientGetResponse{ - // EntityQueryClassification: &armsecurityinsights.ActivityEntityQuery{ - // Name: to.Ptr("07da3cc8-c8ad-4710-a44e-334cdcb7882b"), - // Type: to.Ptr("Microsoft.SecurityInsights/entityQueries"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entityQueries/07da3cc8-c8ad-4710-a44e-334cdcb7882b"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryKindActivity), - // Properties: &armsecurityinsights.ActivityEntityQueriesProperties{ - // Description: to.Ptr("Account deleted on host"), - // Content: to.Ptr("On '{{Computer}}' the account '{{TargetAccount}}' was deleted by '{{AddedBy}}'"), - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Enabled: to.Ptr(true), - // EntitiesFilter: map[string][]*string{ - // "Host_OsFamily": []*string{ - // to.Ptr("Windows")}, - // }, - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeHost), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // QueryDefinitions: &armsecurityinsights.ActivityEntityQueriesPropertiesQueryDefinitions{ - // Query: to.Ptr("let GetAccountActions = (v_Host_Name:string, v_Host_NTDomain:string, v_Host_DnsDomain:string, v_Host_AzureID:string, v_Host_OMSAgentID:string){\nSecurityEvent\n| where EventID in (4725, 4726, 4767, 4720, 4722, 4723, 4724)\n// parsing for Host to handle variety of conventions coming from data\n| extend Host_HostName = case(\nComputer has '@', tostring(split(Computer, '@')[0]),\nComputer has '\\\\', tostring(split(Computer, '\\\\')[1]),\nComputer has '.', tostring(split(Computer, '.')[0]),\nComputer\n)\n| extend Host_NTDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', tostring(split(Computer, '.')[-2]), \nComputer\n)\n| extend Host_DnsDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', strcat_array(array_slice(split(Computer,'.'),-2,-1),'.'), \nComputer\n)\n| where (Host_HostName =~ v_Host_Name and Host_NTDomain =~ v_Host_NTDomain) \nor (Host_HostName =~ v_Host_Name and Host_DnsDomain =~ v_Host_DnsDomain) \nor v_Host_AzureID =~ _ResourceId \nor v_Host_OMSAgentID == SourceComputerId\n| project TimeGenerated, EventID, Activity, Computer, TargetAccount, TargetUserName, TargetDomainName, TargetSid, SubjectUserName, SubjectUserSid, _ResourceId, SourceComputerId\n| extend AddedBy = SubjectUserName\n// Future support for Activities\n| extend timestamp = TimeGenerated, HostCustomEntity = Computer, AccountCustomEntity = TargetAccount\n};\nGetAccountActions('{{Host_HostName}}', '{{Host_NTDomain}}', '{{Host_DnsDomain}}', '{{Host_AzureID}}', '{{Host_OMSAgentID}}')\n \n| where EventID == 4726 "), - // }, - // RequiredInputFieldsSets: [][]*string{ - // []*string{ - // to.Ptr("Host_HostName"), - // to.Ptr("Host_NTDomain")}, - // []*string{ - // to.Ptr("Host_HostName"), - // to.Ptr("Host_DnsDomain")}, - // []*string{ - // to.Ptr("Host_AzureID")}, - // []*string{ - // to.Ptr("Host_OMSAgentID")}}, - // Title: to.Ptr("An account was deleted on this host"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueries/GetExpansionEntityQueryById.json -func ExampleEntityQueriesClient_Get_getAnExpansionEntityQuery() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntityQueriesClient().Get(ctx, "myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntityQueriesClientGetResponse{ - // EntityQueryClassification: &armsecurityinsights.ExpansionEntityQuery{ - // Name: to.Ptr("07da3cc8-c8ad-4710-a44e-334cdcb7882b"), - // Type: to.Ptr("Microsoft.SecurityInsights/entityQueries"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entityQueries/07da3cc8-c8ad-4710-a44e-334cdcb7882b"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryKindExpansion), - // Properties: &armsecurityinsights.ExpansionEntityQueriesProperties{ - // DataSources: []*string{ - // to.Ptr("SecurityEvent")}, - // DisplayName: to.Ptr("Parent processes running on host"), - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeHost), - // InputFields: []*string{ - // to.Ptr("hostName")}, - // OutputEntityTypes: []*armsecurityinsights.EntityType{ - // to.Ptr(armsecurityinsights.EntityTypeProcess)}, - // QueryTemplate: to.Ptr("let GetParentProcessesOnHost = (v_Host_HostName:string){\r\n SecurityEvent \r\n | where EventID == 4688 \r\n | where isnotempty(ParentProcessName)\r\n | where NewProcessName !contains ':\\\\Windows\\\\System32\\\\conhost.exe' and ParentProcessName !contains ':\\\\Windows\\\\System32\\\\conhost.exe'\r\n and NewProcessName !contains ':\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v2.0.50727\\\\csc.exe' and ParentProcessName !contains ':\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v2.0.50727\\\\csc.exe'\r\n and NewProcessName !contains ':\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v2.0.50727\\\\cvtres.exe' and ParentProcessName !contains ':\\\\Windows\\\\Microsoft.NET\\\\Framework64\\\\v2.0.50727\\\\cvtres.exe'\r\n and NewProcessName!contains ':\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe' and ParentProcessName !contains ':\\\\Program Files\\\\Microsoft Monitoring Agent\\\\Agent\\\\MonitoringHost.exe'\r\n and ParentProcessName !contains ':\\\\Windows\\\\CCM\\\\CcmExec.exe'\r\n | where(ParentProcessName !contains ':\\\\Windows\\\\System32\\\\svchost.exe' and (NewProcessName !contains ':\\\\Windows\\\\System32\\\\wbem\\\\WmiPrvSE.exe' or NewProcessName !contains ':\\\\Windows\\\\SysWOW64\\\\wbem\\\\WmiPrvSE.exe'))\r\n | where(ParentProcessName !contains ':\\\\Windows\\\\System32\\\\services.exe' and NewProcessName !contains ':\\\\Windows\\\\servicing\\\\TrustedInstaller.exe')\r\n | where toupper(Computer) contains v_Host_HostName or toupper(WorkstationName) contains v_Host_HostName\r\n | summarize min(TimeGenerated), max(TimeGenerated) by Account, Computer, ParentProcessName, NewProcessName, CommandLine, ProcessId\r\n | project min_TimeGenerated, max_TimeGenerated, Account, Computer, ParentProcessName, NewProcessName, CommandLine, ProcessId\r\n | project-rename Process_Host_UnstructuredName=Computer, Process_Account_UnstructuredName=Account, Process_CommandLine=CommandLine, Process_ProcessId=ProcessId, Process_ImageFile_FullPath=NewProcessName, Process_ParentProcess_ImageFile_FullPath=ParentProcessName\r\n | top 10 by min_TimeGenerated asc};\r\n GetParentProcessesOnHost(toupper(''))"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueries/CreateEntityQueryActivity.json -func ExampleEntityQueriesClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntityQueriesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", &armsecurityinsights.ActivityCustomEntityQuery{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Kind: to.Ptr(armsecurityinsights.CustomEntityQueryKindActivity), - Properties: &armsecurityinsights.ActivityEntityQueriesProperties{ - Description: to.Ptr("Account deleted on host"), - Content: to.Ptr("On '{{Computer}}' the account '{{TargetAccount}}' was deleted by '{{AddedBy}}'"), - Enabled: to.Ptr(true), - EntitiesFilter: map[string][]*string{ - "Host_OsFamily": { - to.Ptr("Windows")}, - }, - InputEntityType: to.Ptr(armsecurityinsights.EntityTypeHost), - QueryDefinitions: &armsecurityinsights.ActivityEntityQueriesPropertiesQueryDefinitions{ - Query: to.Ptr("let GetAccountActions = (v_Host_Name:string, v_Host_NTDomain:string, v_Host_DnsDomain:string, v_Host_AzureID:string, v_Host_OMSAgentID:string){\nSecurityEvent\n| where EventID in (4725, 4726, 4767, 4720, 4722, 4723, 4724)\n// parsing for Host to handle variety of conventions coming from data\n| extend Host_HostName = case(\nComputer has '@', tostring(split(Computer, '@')[0]),\nComputer has '\\\\', tostring(split(Computer, '\\\\')[1]),\nComputer has '.', tostring(split(Computer, '.')[0]),\nComputer\n)\n| extend Host_NTDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', tostring(split(Computer, '.')[-2]), \nComputer\n)\n| extend Host_DnsDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', strcat_array(array_slice(split(Computer,'.'),-2,-1),'.'), \nComputer\n)\n| where (Host_HostName =~ v_Host_Name and Host_NTDomain =~ v_Host_NTDomain) \nor (Host_HostName =~ v_Host_Name and Host_DnsDomain =~ v_Host_DnsDomain) \nor v_Host_AzureID =~ _ResourceId \nor v_Host_OMSAgentID == SourceComputerId\n| project TimeGenerated, EventID, Activity, Computer, TargetAccount, TargetUserName, TargetDomainName, TargetSid, SubjectUserName, SubjectUserSid, _ResourceId, SourceComputerId\n| extend AddedBy = SubjectUserName\n// Future support for Activities\n| extend timestamp = TimeGenerated, HostCustomEntity = Computer, AccountCustomEntity = TargetAccount\n};\nGetAccountActions('{{Host_HostName}}', '{{Host_NTDomain}}', '{{Host_DnsDomain}}', '{{Host_AzureID}}', '{{Host_OMSAgentID}}')\n \n| where EventID == 4726 "), - }, - RequiredInputFieldsSets: [][]*string{ - { - to.Ptr("Host_HostName"), - to.Ptr("Host_NTDomain")}, - { - to.Ptr("Host_HostName"), - to.Ptr("Host_DnsDomain")}, - { - to.Ptr("Host_AzureID")}, - { - to.Ptr("Host_OMSAgentID")}}, - Title: to.Ptr("An account was deleted on this host"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntityQueriesClientCreateOrUpdateResponse{ - // EntityQueryClassification: &armsecurityinsights.ActivityEntityQuery{ - // Name: to.Ptr("07da3cc8-c8ad-4710-a44e-334cdcb7882b"), - // Type: to.Ptr("Microsoft.SecurityInsights/entityQueries"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entityQueries/07da3cc8-c8ad-4710-a44e-334cdcb7882b"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.EntityQueryKindActivity), - // Properties: &armsecurityinsights.ActivityEntityQueriesProperties{ - // Description: to.Ptr("Account deleted on host"), - // Content: to.Ptr("On '{{Computer}}' the account '{{TargetAccount}}' was deleted by '{{AddedBy}}'"), - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Enabled: to.Ptr(true), - // EntitiesFilter: map[string][]*string{ - // "Host_OsFamily": []*string{ - // to.Ptr("Windows")}, - // }, - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeHost), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // QueryDefinitions: &armsecurityinsights.ActivityEntityQueriesPropertiesQueryDefinitions{ - // Query: to.Ptr("let GetAccountActions = (v_Host_Name:string, v_Host_NTDomain:string, v_Host_DnsDomain:string, v_Host_AzureID:string, v_Host_OMSAgentID:string){\nSecurityEvent\n| where EventID in (4725, 4726, 4767, 4720, 4722, 4723, 4724)\n// parsing for Host to handle variety of conventions coming from data\n| extend Host_HostName = case(\nComputer has '@', tostring(split(Computer, '@')[0]),\nComputer has '\\\\', tostring(split(Computer, '\\\\')[1]),\nComputer has '.', tostring(split(Computer, '.')[0]),\nComputer\n)\n| extend Host_NTDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', tostring(split(Computer, '.')[-2]), \nComputer\n)\n| extend Host_DnsDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', strcat_array(array_slice(split(Computer,'.'),-2,-1),'.'), \nComputer\n)\n| where (Host_HostName =~ v_Host_Name and Host_NTDomain =~ v_Host_NTDomain) \nor (Host_HostName =~ v_Host_Name and Host_DnsDomain =~ v_Host_DnsDomain) \nor v_Host_AzureID =~ _ResourceId \nor v_Host_OMSAgentID == SourceComputerId\n| project TimeGenerated, EventID, Activity, Computer, TargetAccount, TargetUserName, TargetDomainName, TargetSid, SubjectUserName, SubjectUserSid, _ResourceId, SourceComputerId\n| extend AddedBy = SubjectUserName\n// Future support for Activities\n| extend timestamp = TimeGenerated, HostCustomEntity = Computer, AccountCustomEntity = TargetAccount\n};\nGetAccountActions('{{Host_HostName}}', '{{Host_NTDomain}}', '{{Host_DnsDomain}}', '{{Host_AzureID}}', '{{Host_OMSAgentID}}')\n \n| where EventID == 4726 "), - // }, - // RequiredInputFieldsSets: [][]*string{ - // []*string{ - // to.Ptr("Host_HostName"), - // to.Ptr("Host_NTDomain")}, - // []*string{ - // to.Ptr("Host_HostName"), - // to.Ptr("Host_DnsDomain")}, - // []*string{ - // to.Ptr("Host_AzureID")}, - // []*string{ - // to.Ptr("Host_OMSAgentID")}}, - // Title: to.Ptr("An account was deleted on this host"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueries/DeleteEntityQuery.json -func ExampleEntityQueriesClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewEntityQueriesClient().Delete(ctx, "myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client.go index 7e309dbf45b1..114fc29f4ad4 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type EntityQueryTemplatesClient struct { } // NewEntityQueryTemplatesClient creates a new instance of EntityQueryTemplatesClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewEntityQueryTemplatesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntityQueryTemplatesClient, error) { @@ -46,7 +43,7 @@ func NewEntityQueryTemplatesClient(subscriptionID string, credential azcore.Toke // Get - Gets an entity query. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityQueryTemplateID - entity query template ID @@ -75,7 +72,7 @@ func (client *EntityQueryTemplatesClient) Get(ctx context.Context, resourceGroup } // getCreateRequest creates the Get request. -func (client *EntityQueryTemplatesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryTemplateID string, options *EntityQueryTemplatesClientGetOptions) (*policy.Request, error) { +func (client *EntityQueryTemplatesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryTemplateID string, _ *EntityQueryTemplatesClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueryTemplates/{entityQueryTemplateId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -98,7 +95,7 @@ func (client *EntityQueryTemplatesClient) getCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -115,7 +112,7 @@ func (client *EntityQueryTemplatesClient) getHandleResponse(resp *http.Response) // NewListPager - Gets all entity query templates. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - EntityQueryTemplatesClientListOptions contains the optional parameters for the EntityQueryTemplatesClient.NewListPager @@ -163,7 +160,7 @@ func (client *EntityQueryTemplatesClient) listCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") if options != nil && options.Kind != nil { reqQP.Set("kind", string(*options.Kind)) } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client_example_test.go deleted file mode 100644 index a4a5af17a8b1..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client_example_test.go +++ /dev/null @@ -1,180 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueryTemplates/GetEntityQueryTemplates.json -func ExampleEntityQueryTemplatesClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewEntityQueryTemplatesClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.EntityQueryTemplatesClientListOptions{Kind: to.Ptr(armsecurityinsights.Enum15Activity)}) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.EntityQueryTemplateList = armsecurityinsights.EntityQueryTemplateList{ - // Value: []armsecurityinsights.EntityQueryTemplateClassification{ - // &armsecurityinsights.ActivityEntityQueryTemplate{ - // Name: to.Ptr("37ca3555-c135-4a73-a65e-9c1d00323f5d"), - // Type: to.Ptr("Microsoft.SecurityInsights/entityQueryTemplates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entityQueryTemplates/37ca3555-c135-4a73-a65e-9c1d00323f5d"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryTemplateKindActivity), - // Properties: &armsecurityinsights.ActivityEntityQueryTemplateProperties{ - // Description: to.Ptr("Account deleted on host"), - // Content: to.Ptr("On '{{Computer}}' the account '{{TargetAccount}}' was deleted by '{{AddedBy}}'"), - // DataTypes: []*armsecurityinsights.DataTypeDefinitions{ - // { - // DataType: to.Ptr("AuditLogs"), - // }, - // { - // DataType: to.Ptr("SecurityEvent"), - // }}, - // EntitiesFilter: map[string][]*string{ - // "Host_OsFamily": []*string{ - // to.Ptr("Windows")}, - // }, - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeHost), - // QueryDefinitions: &armsecurityinsights.ActivityEntityQueryTemplatePropertiesQueryDefinitions{ - // Query: to.Ptr("let GetAccountActions = (v_Host_Name:string, v_Host_NTDomain:string, v_Host_DnsDomain:string, v_Host_AzureID:string, v_Host_OMSAgentID:string){\nSecurityEvent\n| where EventID in (4725, 4726, 4767, 4720, 4722, 4723, 4724)\n// parsing for Host to handle variety of conventions coming from data\n| extend Host_HostName = case(\nComputer has '@', tostring(split(Computer, '@')[0]),\nComputer has '\\\\', tostring(split(Computer, '\\\\')[1]),\nComputer has '.', tostring(split(Computer, '.')[0]),\nComputer\n)\n| extend Host_NTDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', tostring(split(Computer, '.')[-2]), \nComputer\n)\n| extend Host_DnsDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', strcat_array(array_slice(split(Computer,'.'),-2,-1),'.'), \nComputer\n)\n| where (Host_HostName =~ v_Host_Name and Host_NTDomain =~ v_Host_NTDomain) \nor (Host_HostName =~ v_Host_Name and Host_DnsDomain =~ v_Host_DnsDomain) \nor v_Host_AzureID =~ _ResourceId \nor v_Host_OMSAgentID == SourceComputerId\n| project TimeGenerated, EventID, Activity, Computer, TargetAccount, TargetUserName, TargetDomainName, TargetSid, SubjectUserName, SubjectUserSid, _ResourceId, SourceComputerId\n| extend AddedBy = SubjectUserName\n// Future support for Activities\n| extend timestamp = TimeGenerated, HostCustomEntity = Computer, AccountCustomEntity = TargetAccount\n};\nGetAccountActions('{{Host_HostName}}', '{{Host_NTDomain}}', '{{Host_DnsDomain}}', '{{Host_AzureID}}', '{{Host_OMSAgentID}}')\n \n| where EventID == 4726 "), - // }, - // RequiredInputFieldsSets: [][]*string{ - // []*string{ - // to.Ptr("Host_HostName"), - // to.Ptr("Host_NTDomain")}, - // []*string{ - // to.Ptr("Host_HostName"), - // to.Ptr("Host_DnsDomain")}, - // []*string{ - // to.Ptr("Host_AzureID")}, - // []*string{ - // to.Ptr("Host_OMSAgentID")}}, - // Title: to.Ptr("An account was deleted on this host"), - // }, - // }, - // &armsecurityinsights.ActivityEntityQueryTemplate{ - // Name: to.Ptr("97a1d515-abf2-4231-9a35-985f9de0bb91"), - // Type: to.Ptr("Microsoft.SecurityInsights/entityQueryTemplates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entityQueryTemplates/97a1d515-abf2-4231-9a35-985f9de0bb91"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryTemplateKindActivity), - // Properties: &armsecurityinsights.ActivityEntityQueryTemplateProperties{ - // Description: to.Ptr("Account deleted on host"), - // Content: to.Ptr("On '{{Computer}}' the account '{{TargetAccount}}' was deleted by '{{AddedBy}}'"), - // DataTypes: []*armsecurityinsights.DataTypeDefinitions{ - // { - // DataType: to.Ptr("AuditLogs"), - // }, - // { - // DataType: to.Ptr("SecurityEvent"), - // }}, - // EntitiesFilter: map[string][]*string{ - // "Host_OsFamily": []*string{ - // to.Ptr("Windows")}, - // }, - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeHost), - // QueryDefinitions: &armsecurityinsights.ActivityEntityQueryTemplatePropertiesQueryDefinitions{ - // Query: to.Ptr("let GetAccountActions = (v_Host_Name:string, v_Host_NTDomain:string, v_Host_DnsDomain:string, v_Host_AzureID:string, v_Host_OMSAgentID:string){\nSecurityEvent\n| where EventID in (4725, 4726, 4767, 4720, 4722, 4723, 4724)\n// parsing for Host to handle variety of conventions coming from data\n| extend Host_HostName = case(\nComputer has '@', tostring(split(Computer, '@')[0]),\nComputer has '\\\\', tostring(split(Computer, '\\\\')[1]),\nComputer has '.', tostring(split(Computer, '.')[0]),\nComputer\n)\n| extend Host_NTDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', tostring(split(Computer, '.')[-2]), \nComputer\n)\n| extend Host_DnsDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', strcat_array(array_slice(split(Computer,'.'),-2,-1),'.'), \nComputer\n)\n| where (Host_HostName =~ v_Host_Name and Host_NTDomain =~ v_Host_NTDomain) \nor (Host_HostName =~ v_Host_Name and Host_DnsDomain =~ v_Host_DnsDomain) \nor v_Host_AzureID =~ _ResourceId \nor v_Host_OMSAgentID == SourceComputerId\n| project TimeGenerated, EventID, Activity, Computer, TargetAccount, TargetUserName, TargetDomainName, TargetSid, SubjectUserName, SubjectUserSid, _ResourceId, SourceComputerId\n| extend AddedBy = SubjectUserName\n// Future support for Activities\n| extend timestamp = TimeGenerated, HostCustomEntity = Computer, AccountCustomEntity = TargetAccount\n};\nGetAccountActions('{{Host_HostName}}', '{{Host_NTDomain}}', '{{Host_DnsDomain}}', '{{Host_AzureID}}', '{{Host_OMSAgentID}}')\n \n| where EventID == 4726 "), - // }, - // RequiredInputFieldsSets: [][]*string{ - // []*string{ - // to.Ptr("Host_HostName"), - // to.Ptr("Host_NTDomain")}, - // []*string{ - // to.Ptr("Host_HostName"), - // to.Ptr("Host_DnsDomain")}, - // []*string{ - // to.Ptr("Host_AzureID")}, - // []*string{ - // to.Ptr("Host_OMSAgentID")}}, - // Title: to.Ptr("An account was deleted on this host"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueryTemplates/GetActivityEntityQueryTemplateById.json -func ExampleEntityQueryTemplatesClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntityQueryTemplatesClient().Get(ctx, "myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.EntityQueryTemplatesClientGetResponse{ - // EntityQueryTemplateClassification: &armsecurityinsights.ActivityEntityQueryTemplate{ - // Name: to.Ptr("07da3cc8-c8ad-4710-a44e-334cdcb7882b"), - // Type: to.Ptr("Microsoft.SecurityInsights/entityQueryTemplate"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entityQueryTemplates/07da3cc8-c8ad-4710-a44e-334cdcb7882b"), - // Kind: to.Ptr(armsecurityinsights.EntityQueryTemplateKindActivity), - // Properties: &armsecurityinsights.ActivityEntityQueryTemplateProperties{ - // Description: to.Ptr("Account deleted on host"), - // Content: to.Ptr("On '{{Computer}}' the account '{{TargetAccount}}' was deleted by '{{AddedBy}}'"), - // DataTypes: []*armsecurityinsights.DataTypeDefinitions{ - // { - // DataType: to.Ptr("AuditLogs"), - // }, - // { - // DataType: to.Ptr("SecurityEvent"), - // }}, - // EntitiesFilter: map[string][]*string{ - // "Host_OsFamily": []*string{ - // to.Ptr("Windows")}, - // }, - // InputEntityType: to.Ptr(armsecurityinsights.EntityTypeHost), - // QueryDefinitions: &armsecurityinsights.ActivityEntityQueryTemplatePropertiesQueryDefinitions{ - // Query: to.Ptr("let GetAccountActions = (v_Host_Name:string, v_Host_NTDomain:string, v_Host_DnsDomain:string, v_Host_AzureID:string, v_Host_OMSAgentID:string){\nSecurityEvent\n| where EventID in (4725, 4726, 4767, 4720, 4722, 4723, 4724)\n// parsing for Host to handle variety of conventions coming from data\n| extend Host_HostName = case(\nComputer has '@', tostring(split(Computer, '@')[0]),\nComputer has '\\\\', tostring(split(Computer, '\\\\')[1]),\nComputer has '.', tostring(split(Computer, '.')[0]),\nComputer\n)\n| extend Host_NTDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', tostring(split(Computer, '.')[-2]), \nComputer\n)\n| extend Host_DnsDomain = case(\nComputer has '\\\\', tostring(split(Computer, '\\\\')[0]), \nComputer has '.', strcat_array(array_slice(split(Computer,'.'),-2,-1),'.'), \nComputer\n)\n| where (Host_HostName =~ v_Host_Name and Host_NTDomain =~ v_Host_NTDomain) \nor (Host_HostName =~ v_Host_Name and Host_DnsDomain =~ v_Host_DnsDomain) \nor v_Host_AzureID =~ _ResourceId \nor v_Host_OMSAgentID == SourceComputerId\n| project TimeGenerated, EventID, Activity, Computer, TargetAccount, TargetUserName, TargetDomainName, TargetSid, SubjectUserName, SubjectUserSid, _ResourceId, SourceComputerId\n| extend AddedBy = SubjectUserName\n// Future support for Activities\n| extend timestamp = TimeGenerated, HostCustomEntity = Computer, AccountCustomEntity = TargetAccount\n};\nGetAccountActions('{{Host_HostName}}', '{{Host_NTDomain}}', '{{Host_DnsDomain}}', '{{Host_AzureID}}', '{{Host_OMSAgentID}}')\n \n| where EventID == 4726 "), - // }, - // RequiredInputFieldsSets: [][]*string{ - // []*string{ - // to.Ptr("Host_HostName"), - // to.Ptr("Host_NTDomain")}, - // []*string{ - // to.Ptr("Host_HostName"), - // to.Ptr("Host_DnsDomain")}, - // []*string{ - // to.Ptr("Host_AzureID")}, - // []*string{ - // to.Ptr("Host_OMSAgentID")}}, - // Title: to.Ptr("An account was deleted on this host"), - // }, - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client.go index 4dc731209d9e..73d9e2ffc870 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type EntityRelationsClient struct { } // NewEntityRelationsClient creates a new instance of EntityRelationsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewEntityRelationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntityRelationsClient, error) { @@ -46,7 +43,7 @@ func NewEntityRelationsClient(subscriptionID string, credential azcore.TokenCred // GetRelation - Gets an entity relation. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - entityID - entity ID @@ -76,7 +73,7 @@ func (client *EntityRelationsClient) GetRelation(ctx context.Context, resourceGr } // getRelationCreateRequest creates the GetRelation request. -func (client *EntityRelationsClient) getRelationCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, relationName string, options *EntityRelationsClientGetRelationOptions) (*policy.Request, error) { +func (client *EntityRelationsClient) getRelationCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, relationName string, _ *EntityRelationsClientGetRelationOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations/{relationName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -103,7 +100,7 @@ func (client *EntityRelationsClient) getRelationCreateRequest(ctx context.Contex return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client_example_test.go deleted file mode 100644 index e34f6031dbb8..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client_example_test.go +++ /dev/null @@ -1,49 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/relations/GetEntityRelationByName.json -func ExampleEntityRelationsClient_GetRelation() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewEntityRelationsClient().GetRelation(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Relation = armsecurityinsights.Relation{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/entities/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/afbd324f-6c48-459c-8710-8d1e1cd03812/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceName: to.Ptr("2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/incidents"), - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/actions_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/actions_server.go index 309130bc5925..0071cee9a079 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/actions_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/actions_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -66,27 +63,46 @@ func (a *ActionsServerTransport) Do(req *http.Request) (*http.Response, error) { return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return a.dispatchToMethodFake(req, method) +} - switch method { - case "ActionsClient.CreateOrUpdate": - resp, err = a.dispatchCreateOrUpdate(req) - case "ActionsClient.Delete": - resp, err = a.dispatchDelete(req) - case "ActionsClient.Get": - resp, err = a.dispatchGet(req) - case "ActionsClient.NewListByAlertRulePager": - resp, err = a.dispatchNewListByAlertRulePager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (a *ActionsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if actionsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = actionsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ActionsClient.CreateOrUpdate": + res.resp, res.err = a.dispatchCreateOrUpdate(req) + case "ActionsClient.Delete": + res.resp, res.err = a.dispatchDelete(req) + case "ActionsClient.Get": + res.resp, res.err = a.dispatchGet(req) + case "ActionsClient.NewListByAlertRulePager": + res.resp, res.err = a.dispatchNewListByAlertRulePager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (a *ActionsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -260,3 +276,9 @@ func (a *ActionsServerTransport) dispatchNewListByAlertRulePager(req *http.Reque } return resp, nil } + +// set this to conditionally intercept incoming requests to ActionsServerTransport +var actionsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrule_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrule_server.go new file mode 100644 index 000000000000..673886bb38b3 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrule_server.go @@ -0,0 +1,145 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// AlertRuleServer is a fake server for instances of the armsecurityinsights.AlertRuleClient type. +type AlertRuleServer struct { + // BeginTriggerRuleRun is the fake for method AlertRuleClient.BeginTriggerRuleRun + // HTTP status codes to indicate success: http.StatusOK, http.StatusAccepted, http.StatusNoContent + BeginTriggerRuleRun func(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, analyticsRuleRunTriggerParameter armsecurityinsights.AnalyticsRuleRunTrigger, options *armsecurityinsights.AlertRuleClientBeginTriggerRuleRunOptions) (resp azfake.PollerResponder[armsecurityinsights.AlertRuleClientTriggerRuleRunResponse], errResp azfake.ErrorResponder) +} + +// NewAlertRuleServerTransport creates a new instance of AlertRuleServerTransport with the provided implementation. +// The returned AlertRuleServerTransport instance is connected to an instance of armsecurityinsights.AlertRuleClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewAlertRuleServerTransport(srv *AlertRuleServer) *AlertRuleServerTransport { + return &AlertRuleServerTransport{ + srv: srv, + beginTriggerRuleRun: newTracker[azfake.PollerResponder[armsecurityinsights.AlertRuleClientTriggerRuleRunResponse]](), + } +} + +// AlertRuleServerTransport connects instances of armsecurityinsights.AlertRuleClient to instances of AlertRuleServer. +// Don't use this type directly, use NewAlertRuleServerTransport instead. +type AlertRuleServerTransport struct { + srv *AlertRuleServer + beginTriggerRuleRun *tracker[azfake.PollerResponder[armsecurityinsights.AlertRuleClientTriggerRuleRunResponse]] +} + +// Do implements the policy.Transporter interface for AlertRuleServerTransport. +func (a *AlertRuleServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return a.dispatchToMethodFake(req, method) +} + +func (a *AlertRuleServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if alertRuleServerTransportInterceptor != nil { + res.resp, res.err, intercepted = alertRuleServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "AlertRuleClient.BeginTriggerRuleRun": + res.resp, res.err = a.dispatchBeginTriggerRuleRun(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (a *AlertRuleServerTransport) dispatchBeginTriggerRuleRun(req *http.Request) (*http.Response, error) { + if a.srv.BeginTriggerRuleRun == nil { + return nil, &nonRetriableError{errors.New("fake for method BeginTriggerRuleRun not implemented")} + } + beginTriggerRuleRun := a.beginTriggerRuleRun.get(req) + if beginTriggerRuleRun == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/alertRules/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/triggerRuleRun` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.AnalyticsRuleRunTrigger](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + ruleIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("ruleId")]) + if err != nil { + return nil, err + } + respr, errRespr := a.srv.BeginTriggerRuleRun(req.Context(), resourceGroupNameParam, workspaceNameParam, ruleIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + beginTriggerRuleRun = &respr + a.beginTriggerRuleRun.add(req, beginTriggerRuleRun) + } + + resp, err := server.PollerResponderNext(beginTriggerRuleRun, req) + if err != nil { + return nil, err + } + + if !contains([]int{http.StatusOK, http.StatusAccepted, http.StatusNoContent}, resp.StatusCode) { + a.beginTriggerRuleRun.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusAccepted, http.StatusNoContent", resp.StatusCode)} + } + if !server.PollerResponderMore(beginTriggerRuleRun) { + a.beginTriggerRuleRun.remove(req) + } + + return resp, nil +} + +// set this to conditionally intercept incoming requests to AlertRuleServerTransport +var alertRuleServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrules_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrules_server.go index de09abccc636..6eec45bcc636 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrules_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrules_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -66,27 +63,46 @@ func (a *AlertRulesServerTransport) Do(req *http.Request) (*http.Response, error return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return a.dispatchToMethodFake(req, method) +} - switch method { - case "AlertRulesClient.CreateOrUpdate": - resp, err = a.dispatchCreateOrUpdate(req) - case "AlertRulesClient.Delete": - resp, err = a.dispatchDelete(req) - case "AlertRulesClient.Get": - resp, err = a.dispatchGet(req) - case "AlertRulesClient.NewListPager": - resp, err = a.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (a *AlertRulesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if alertRulesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = alertRulesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "AlertRulesClient.CreateOrUpdate": + res.resp, res.err = a.dispatchCreateOrUpdate(req) + case "AlertRulesClient.Delete": + res.resp, res.err = a.dispatchDelete(req) + case "AlertRulesClient.Get": + res.resp, res.err = a.dispatchGet(req) + case "AlertRulesClient.NewListPager": + res.resp, res.err = a.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (a *AlertRulesServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -248,3 +264,9 @@ func (a *AlertRulesServerTransport) dispatchNewListPager(req *http.Request) (*ht } return resp, nil } + +// set this to conditionally intercept incoming requests to AlertRulesServerTransport +var alertRulesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertruletemplates_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertruletemplates_server.go index 833aae678dff..4029b74a4205 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertruletemplates_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertruletemplates_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -58,23 +55,42 @@ func (a *AlertRuleTemplatesServerTransport) Do(req *http.Request) (*http.Respons return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return a.dispatchToMethodFake(req, method) +} - switch method { - case "AlertRuleTemplatesClient.Get": - resp, err = a.dispatchGet(req) - case "AlertRuleTemplatesClient.NewListPager": - resp, err = a.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (a *AlertRuleTemplatesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if alertRuleTemplatesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = alertRuleTemplatesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "AlertRuleTemplatesClient.Get": + res.resp, res.err = a.dispatchGet(req) + case "AlertRuleTemplatesClient.NewListPager": + res.resp, res.err = a.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (a *AlertRuleTemplatesServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { @@ -154,3 +170,9 @@ func (a *AlertRuleTemplatesServerTransport) dispatchNewListPager(req *http.Reque } return resp, nil } + +// set this to conditionally intercept incoming requests to AlertRuleTemplatesServerTransport +var alertRuleTemplatesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/automationrules_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/automationrules_server.go index 6782e390b727..c5178aec2c30 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/automationrules_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/automationrules_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -67,27 +64,46 @@ func (a *AutomationRulesServerTransport) Do(req *http.Request) (*http.Response, return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return a.dispatchToMethodFake(req, method) +} - switch method { - case "AutomationRulesClient.CreateOrUpdate": - resp, err = a.dispatchCreateOrUpdate(req) - case "AutomationRulesClient.Delete": - resp, err = a.dispatchDelete(req) - case "AutomationRulesClient.Get": - resp, err = a.dispatchGet(req) - case "AutomationRulesClient.NewListPager": - resp, err = a.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (a *AutomationRulesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if automationRulesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = automationRulesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "AutomationRulesClient.CreateOrUpdate": + res.resp, res.err = a.dispatchCreateOrUpdate(req) + case "AutomationRulesClient.Delete": + res.resp, res.err = a.dispatchDelete(req) + case "AutomationRulesClient.Get": + res.resp, res.err = a.dispatchGet(req) + case "AutomationRulesClient.NewListPager": + res.resp, res.err = a.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (a *AutomationRulesServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -251,3 +267,9 @@ func (a *AutomationRulesServerTransport) dispatchNewListPager(req *http.Request) } return resp, nil } + +// set this to conditionally intercept incoming requests to AutomationRulesServerTransport +var automationRulesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/billingstatistics_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/billingstatistics_server.go new file mode 100644 index 000000000000..e147ff379c1e --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/billingstatistics_server.go @@ -0,0 +1,178 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// BillingStatisticsServer is a fake server for instances of the armsecurityinsights.BillingStatisticsClient type. +type BillingStatisticsServer struct { + // Get is the fake for method BillingStatisticsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, billingStatisticName string, options *armsecurityinsights.BillingStatisticsClientGetOptions) (resp azfake.Responder[armsecurityinsights.BillingStatisticsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method BillingStatisticsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.BillingStatisticsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.BillingStatisticsClientListResponse]) +} + +// NewBillingStatisticsServerTransport creates a new instance of BillingStatisticsServerTransport with the provided implementation. +// The returned BillingStatisticsServerTransport instance is connected to an instance of armsecurityinsights.BillingStatisticsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewBillingStatisticsServerTransport(srv *BillingStatisticsServer) *BillingStatisticsServerTransport { + return &BillingStatisticsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.BillingStatisticsClientListResponse]](), + } +} + +// BillingStatisticsServerTransport connects instances of armsecurityinsights.BillingStatisticsClient to instances of BillingStatisticsServer. +// Don't use this type directly, use NewBillingStatisticsServerTransport instead. +type BillingStatisticsServerTransport struct { + srv *BillingStatisticsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.BillingStatisticsClientListResponse]] +} + +// Do implements the policy.Transporter interface for BillingStatisticsServerTransport. +func (b *BillingStatisticsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return b.dispatchToMethodFake(req, method) +} + +func (b *BillingStatisticsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if billingStatisticsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = billingStatisticsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "BillingStatisticsClient.Get": + res.resp, res.err = b.dispatchGet(req) + case "BillingStatisticsClient.NewListPager": + res.resp, res.err = b.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (b *BillingStatisticsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if b.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/billingStatistics/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + billingStatisticNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("billingStatisticName")]) + if err != nil { + return nil, err + } + respr, errRespr := b.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, billingStatisticNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).BillingStatisticClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (b *BillingStatisticsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if b.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := b.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/billingStatistics` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := b.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + b.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.BillingStatisticsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + b.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + b.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to BillingStatisticsServerTransport +var billingStatisticsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmark_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmark_server.go index e005536c606a..ca9802703e7e 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmark_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmark_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -49,21 +46,40 @@ func (b *BookmarkServerTransport) Do(req *http.Request) (*http.Response, error) return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return b.dispatchToMethodFake(req, method) +} - switch method { - case "BookmarkClient.Expand": - resp, err = b.dispatchExpand(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (b *BookmarkServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if bookmarkServerTransportInterceptor != nil { + res.resp, res.err, intercepted = bookmarkServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "BookmarkClient.Expand": + res.resp, res.err = b.dispatchExpand(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (b *BookmarkServerTransport) dispatchExpand(req *http.Request) (*http.Response, error) { @@ -106,3 +122,9 @@ func (b *BookmarkServerTransport) dispatchExpand(req *http.Request) (*http.Respo } return resp, nil } + +// set this to conditionally intercept incoming requests to BookmarkServerTransport +var bookmarkServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarkrelations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarkrelations_server.go index e97bb37915f4..0caacd76e452 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarkrelations_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarkrelations_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -67,27 +64,46 @@ func (b *BookmarkRelationsServerTransport) Do(req *http.Request) (*http.Response return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return b.dispatchToMethodFake(req, method) +} - switch method { - case "BookmarkRelationsClient.CreateOrUpdate": - resp, err = b.dispatchCreateOrUpdate(req) - case "BookmarkRelationsClient.Delete": - resp, err = b.dispatchDelete(req) - case "BookmarkRelationsClient.Get": - resp, err = b.dispatchGet(req) - case "BookmarkRelationsClient.NewListPager": - resp, err = b.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (b *BookmarkRelationsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if bookmarkRelationsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = bookmarkRelationsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "BookmarkRelationsClient.CreateOrUpdate": + res.resp, res.err = b.dispatchCreateOrUpdate(req) + case "BookmarkRelationsClient.Delete": + res.resp, res.err = b.dispatchDelete(req) + case "BookmarkRelationsClient.Get": + res.resp, res.err = b.dispatchGet(req) + case "BookmarkRelationsClient.NewListPager": + res.resp, res.err = b.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (b *BookmarkRelationsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -300,3 +316,9 @@ func (b *BookmarkRelationsServerTransport) dispatchNewListPager(req *http.Reques } return resp, nil } + +// set this to conditionally intercept incoming requests to BookmarkRelationsServerTransport +var bookmarkRelationsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarks_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarks_server.go index 49c724fbd577..5c3fa897369d 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarks_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarks_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -66,27 +63,46 @@ func (b *BookmarksServerTransport) Do(req *http.Request) (*http.Response, error) return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return b.dispatchToMethodFake(req, method) +} - switch method { - case "BookmarksClient.CreateOrUpdate": - resp, err = b.dispatchCreateOrUpdate(req) - case "BookmarksClient.Delete": - resp, err = b.dispatchDelete(req) - case "BookmarksClient.Get": - resp, err = b.dispatchGet(req) - case "BookmarksClient.NewListPager": - resp, err = b.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (b *BookmarksServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if bookmarksServerTransportInterceptor != nil { + res.resp, res.err, intercepted = bookmarksServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "BookmarksClient.CreateOrUpdate": + res.resp, res.err = b.dispatchCreateOrUpdate(req) + case "BookmarksClient.Delete": + res.resp, res.err = b.dispatchDelete(req) + case "BookmarksClient.Get": + res.resp, res.err = b.dispatchGet(req) + case "BookmarksClient.NewListPager": + res.resp, res.err = b.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (b *BookmarksServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -244,3 +260,9 @@ func (b *BookmarksServerTransport) dispatchNewListPager(req *http.Request) (*htt } return resp, nil } + +// set this to conditionally intercept incoming requests to BookmarksServerTransport +var bookmarksServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/businessapplicationagent_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/businessapplicationagent_server.go new file mode 100644 index 000000000000..b29b8c2385ed --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/businessapplicationagent_server.go @@ -0,0 +1,126 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// BusinessApplicationAgentServer is a fake server for instances of the armsecurityinsights.BusinessApplicationAgentClient type. +type BusinessApplicationAgentServer struct { + // Get is the fake for method BusinessApplicationAgentClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, options *armsecurityinsights.BusinessApplicationAgentClientGetOptions) (resp azfake.Responder[armsecurityinsights.BusinessApplicationAgentClientGetResponse], errResp azfake.ErrorResponder) +} + +// NewBusinessApplicationAgentServerTransport creates a new instance of BusinessApplicationAgentServerTransport with the provided implementation. +// The returned BusinessApplicationAgentServerTransport instance is connected to an instance of armsecurityinsights.BusinessApplicationAgentClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewBusinessApplicationAgentServerTransport(srv *BusinessApplicationAgentServer) *BusinessApplicationAgentServerTransport { + return &BusinessApplicationAgentServerTransport{srv: srv} +} + +// BusinessApplicationAgentServerTransport connects instances of armsecurityinsights.BusinessApplicationAgentClient to instances of BusinessApplicationAgentServer. +// Don't use this type directly, use NewBusinessApplicationAgentServerTransport instead. +type BusinessApplicationAgentServerTransport struct { + srv *BusinessApplicationAgentServer +} + +// Do implements the policy.Transporter interface for BusinessApplicationAgentServerTransport. +func (b *BusinessApplicationAgentServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return b.dispatchToMethodFake(req, method) +} + +func (b *BusinessApplicationAgentServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if businessApplicationAgentServerTransportInterceptor != nil { + res.resp, res.err, intercepted = businessApplicationAgentServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "BusinessApplicationAgentClient.Get": + res.resp, res.err = b.dispatchGet(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (b *BusinessApplicationAgentServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if b.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + agentResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("agentResourceName")]) + if err != nil { + return nil, err + } + respr, errRespr := b.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, agentResourceNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).BusinessApplicationAgentResource, req) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to BusinessApplicationAgentServerTransport +var businessApplicationAgentServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/businessapplicationagents_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/businessapplicationagents_server.go new file mode 100644 index 000000000000..8ea8081a943e --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/businessapplicationagents_server.go @@ -0,0 +1,250 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "reflect" + "regexp" +) + +// BusinessApplicationAgentsServer is a fake server for instances of the armsecurityinsights.BusinessApplicationAgentsClient type. +type BusinessApplicationAgentsServer struct { + // CreateOrUpdate is the fake for method BusinessApplicationAgentsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, options *armsecurityinsights.BusinessApplicationAgentsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.BusinessApplicationAgentsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method BusinessApplicationAgentsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, options *armsecurityinsights.BusinessApplicationAgentsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.BusinessApplicationAgentsClientDeleteResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method BusinessApplicationAgentsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.BusinessApplicationAgentsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.BusinessApplicationAgentsClientListResponse]) +} + +// NewBusinessApplicationAgentsServerTransport creates a new instance of BusinessApplicationAgentsServerTransport with the provided implementation. +// The returned BusinessApplicationAgentsServerTransport instance is connected to an instance of armsecurityinsights.BusinessApplicationAgentsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewBusinessApplicationAgentsServerTransport(srv *BusinessApplicationAgentsServer) *BusinessApplicationAgentsServerTransport { + return &BusinessApplicationAgentsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.BusinessApplicationAgentsClientListResponse]](), + } +} + +// BusinessApplicationAgentsServerTransport connects instances of armsecurityinsights.BusinessApplicationAgentsClient to instances of BusinessApplicationAgentsServer. +// Don't use this type directly, use NewBusinessApplicationAgentsServerTransport instead. +type BusinessApplicationAgentsServerTransport struct { + srv *BusinessApplicationAgentsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.BusinessApplicationAgentsClientListResponse]] +} + +// Do implements the policy.Transporter interface for BusinessApplicationAgentsServerTransport. +func (b *BusinessApplicationAgentsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return b.dispatchToMethodFake(req, method) +} + +func (b *BusinessApplicationAgentsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if businessApplicationAgentsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = businessApplicationAgentsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "BusinessApplicationAgentsClient.CreateOrUpdate": + res.resp, res.err = b.dispatchCreateOrUpdate(req) + case "BusinessApplicationAgentsClient.Delete": + res.resp, res.err = b.dispatchDelete(req) + case "BusinessApplicationAgentsClient.NewListPager": + res.resp, res.err = b.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (b *BusinessApplicationAgentsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if b.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.BusinessApplicationAgentResource](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + agentResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("agentResourceName")]) + if err != nil { + return nil, err + } + var options *armsecurityinsights.BusinessApplicationAgentsClientCreateOrUpdateOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.BusinessApplicationAgentsClientCreateOrUpdateOptions{ + AgentToUpsert: &body, + } + } + respr, errRespr := b.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, agentResourceNameParam, options) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).BusinessApplicationAgentResource, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (b *BusinessApplicationAgentsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if b.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + agentResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("agentResourceName")]) + if err != nil { + return nil, err + } + respr, errRespr := b.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, agentResourceNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (b *BusinessApplicationAgentsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if b.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := b.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.BusinessApplicationAgentsClientListOptions + if filterParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.BusinessApplicationAgentsClientListOptions{ + Filter: filterParam, + SkipToken: skipTokenParam, + } + } + resp := b.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + b.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.BusinessApplicationAgentsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + b.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + b.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to BusinessApplicationAgentsServerTransport +var businessApplicationAgentsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackage_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackage_server.go new file mode 100644 index 000000000000..666fba750871 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackage_server.go @@ -0,0 +1,173 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ContentPackageServer is a fake server for instances of the armsecurityinsights.ContentPackageClient type. +type ContentPackageServer struct { + // Install is the fake for method ContentPackageClient.Install + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + Install func(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, packageInstallationProperties armsecurityinsights.PackageModel, options *armsecurityinsights.ContentPackageClientInstallOptions) (resp azfake.Responder[armsecurityinsights.ContentPackageClientInstallResponse], errResp azfake.ErrorResponder) + + // Uninstall is the fake for method ContentPackageClient.Uninstall + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Uninstall func(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *armsecurityinsights.ContentPackageClientUninstallOptions) (resp azfake.Responder[armsecurityinsights.ContentPackageClientUninstallResponse], errResp azfake.ErrorResponder) +} + +// NewContentPackageServerTransport creates a new instance of ContentPackageServerTransport with the provided implementation. +// The returned ContentPackageServerTransport instance is connected to an instance of armsecurityinsights.ContentPackageClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewContentPackageServerTransport(srv *ContentPackageServer) *ContentPackageServerTransport { + return &ContentPackageServerTransport{srv: srv} +} + +// ContentPackageServerTransport connects instances of armsecurityinsights.ContentPackageClient to instances of ContentPackageServer. +// Don't use this type directly, use NewContentPackageServerTransport instead. +type ContentPackageServerTransport struct { + srv *ContentPackageServer +} + +// Do implements the policy.Transporter interface for ContentPackageServerTransport. +func (c *ContentPackageServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return c.dispatchToMethodFake(req, method) +} + +func (c *ContentPackageServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if contentPackageServerTransportInterceptor != nil { + res.resp, res.err, intercepted = contentPackageServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ContentPackageClient.Install": + res.resp, res.err = c.dispatchInstall(req) + case "ContentPackageClient.Uninstall": + res.resp, res.err = c.dispatchUninstall(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (c *ContentPackageServerTransport) dispatchInstall(req *http.Request) (*http.Response, error) { + if c.srv.Install == nil { + return nil, &nonRetriableError{errors.New("fake for method Install not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentPackages/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.PackageModel](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + packageIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("packageId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Install(req.Context(), resourceGroupNameParam, workspaceNameParam, packageIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).PackageModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (c *ContentPackageServerTransport) dispatchUninstall(req *http.Request) (*http.Response, error) { + if c.srv.Uninstall == nil { + return nil, &nonRetriableError{errors.New("fake for method Uninstall not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentPackages/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + packageIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("packageId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Uninstall(req.Context(), resourceGroupNameParam, workspaceNameParam, packageIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ContentPackageServerTransport +var contentPackageServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackages_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackages_server.go new file mode 100644 index 000000000000..7cc1d6608bb4 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackages_server.go @@ -0,0 +1,248 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// ContentPackagesServer is a fake server for instances of the armsecurityinsights.ContentPackagesClient type. +type ContentPackagesServer struct { + // Get is the fake for method ContentPackagesClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *armsecurityinsights.ContentPackagesClientGetOptions) (resp azfake.Responder[armsecurityinsights.ContentPackagesClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method ContentPackagesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.ContentPackagesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.ContentPackagesClientListResponse]) +} + +// NewContentPackagesServerTransport creates a new instance of ContentPackagesServerTransport with the provided implementation. +// The returned ContentPackagesServerTransport instance is connected to an instance of armsecurityinsights.ContentPackagesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewContentPackagesServerTransport(srv *ContentPackagesServer) *ContentPackagesServerTransport { + return &ContentPackagesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.ContentPackagesClientListResponse]](), + } +} + +// ContentPackagesServerTransport connects instances of armsecurityinsights.ContentPackagesClient to instances of ContentPackagesServer. +// Don't use this type directly, use NewContentPackagesServerTransport instead. +type ContentPackagesServerTransport struct { + srv *ContentPackagesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.ContentPackagesClientListResponse]] +} + +// Do implements the policy.Transporter interface for ContentPackagesServerTransport. +func (c *ContentPackagesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return c.dispatchToMethodFake(req, method) +} + +func (c *ContentPackagesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if contentPackagesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = contentPackagesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ContentPackagesClient.Get": + res.resp, res.err = c.dispatchGet(req) + case "ContentPackagesClient.NewListPager": + res.resp, res.err = c.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (c *ContentPackagesServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if c.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentPackages/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + packageIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("packageId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, packageIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).PackageModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (c *ContentPackagesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if c.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := c.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentPackages` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + searchUnescaped, err := url.QueryUnescape(qp.Get("$search")) + if err != nil { + return nil, err + } + searchParam := getOptional(searchUnescaped) + countUnescaped, err := url.QueryUnescape(qp.Get("$count")) + if err != nil { + return nil, err + } + countParam, err := parseOptional(countUnescaped, strconv.ParseBool) + if err != nil { + return nil, err + } + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipUnescaped, err := url.QueryUnescape(qp.Get("$skip")) + if err != nil { + return nil, err + } + skipParam, err := parseOptional(skipUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.ContentPackagesClientListOptions + if filterParam != nil || orderbyParam != nil || searchParam != nil || countParam != nil || topParam != nil || skipParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.ContentPackagesClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Search: searchParam, + Count: countParam, + Top: topParam, + Skip: skipParam, + SkipToken: skipTokenParam, + } + } + resp := c.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + c.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.ContentPackagesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + c.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + c.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ContentPackagesServerTransport +var contentPackagesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplate_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplate_server.go new file mode 100644 index 000000000000..4b8c69126175 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplate_server.go @@ -0,0 +1,216 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ContentTemplateServer is a fake server for instances of the armsecurityinsights.ContentTemplateClient type. +type ContentTemplateServer struct { + // Delete is the fake for method ContentTemplateClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *armsecurityinsights.ContentTemplateClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.ContentTemplateClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method ContentTemplateClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *armsecurityinsights.ContentTemplateClientGetOptions) (resp azfake.Responder[armsecurityinsights.ContentTemplateClientGetResponse], errResp azfake.ErrorResponder) + + // Install is the fake for method ContentTemplateClient.Install + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + Install func(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, templateInstallationProperties armsecurityinsights.TemplateModel, options *armsecurityinsights.ContentTemplateClientInstallOptions) (resp azfake.Responder[armsecurityinsights.ContentTemplateClientInstallResponse], errResp azfake.ErrorResponder) +} + +// NewContentTemplateServerTransport creates a new instance of ContentTemplateServerTransport with the provided implementation. +// The returned ContentTemplateServerTransport instance is connected to an instance of armsecurityinsights.ContentTemplateClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewContentTemplateServerTransport(srv *ContentTemplateServer) *ContentTemplateServerTransport { + return &ContentTemplateServerTransport{srv: srv} +} + +// ContentTemplateServerTransport connects instances of armsecurityinsights.ContentTemplateClient to instances of ContentTemplateServer. +// Don't use this type directly, use NewContentTemplateServerTransport instead. +type ContentTemplateServerTransport struct { + srv *ContentTemplateServer +} + +// Do implements the policy.Transporter interface for ContentTemplateServerTransport. +func (c *ContentTemplateServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return c.dispatchToMethodFake(req, method) +} + +func (c *ContentTemplateServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if contentTemplateServerTransportInterceptor != nil { + res.resp, res.err, intercepted = contentTemplateServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ContentTemplateClient.Delete": + res.resp, res.err = c.dispatchDelete(req) + case "ContentTemplateClient.Get": + res.resp, res.err = c.dispatchGet(req) + case "ContentTemplateClient.Install": + res.resp, res.err = c.dispatchInstall(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (c *ContentTemplateServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if c.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentTemplates/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + templateIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("templateId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, templateIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (c *ContentTemplateServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if c.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentTemplates/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + templateIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("templateId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, templateIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).TemplateModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (c *ContentTemplateServerTransport) dispatchInstall(req *http.Request) (*http.Response, error) { + if c.srv.Install == nil { + return nil, &nonRetriableError{errors.New("fake for method Install not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentTemplates/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.TemplateModel](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + templateIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("templateId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Install(req.Context(), resourceGroupNameParam, workspaceNameParam, templateIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).TemplateModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ContentTemplateServerTransport +var contentTemplateServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplates_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplates_server.go new file mode 100644 index 000000000000..a0df52c32abd --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplates_server.go @@ -0,0 +1,210 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// ContentTemplatesServer is a fake server for instances of the armsecurityinsights.ContentTemplatesClient type. +type ContentTemplatesServer struct { + // NewListPager is the fake for method ContentTemplatesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.ContentTemplatesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.ContentTemplatesClientListResponse]) +} + +// NewContentTemplatesServerTransport creates a new instance of ContentTemplatesServerTransport with the provided implementation. +// The returned ContentTemplatesServerTransport instance is connected to an instance of armsecurityinsights.ContentTemplatesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewContentTemplatesServerTransport(srv *ContentTemplatesServer) *ContentTemplatesServerTransport { + return &ContentTemplatesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.ContentTemplatesClientListResponse]](), + } +} + +// ContentTemplatesServerTransport connects instances of armsecurityinsights.ContentTemplatesClient to instances of ContentTemplatesServer. +// Don't use this type directly, use NewContentTemplatesServerTransport instead. +type ContentTemplatesServerTransport struct { + srv *ContentTemplatesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.ContentTemplatesClientListResponse]] +} + +// Do implements the policy.Transporter interface for ContentTemplatesServerTransport. +func (c *ContentTemplatesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return c.dispatchToMethodFake(req, method) +} + +func (c *ContentTemplatesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if contentTemplatesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = contentTemplatesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ContentTemplatesClient.NewListPager": + res.resp, res.err = c.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (c *ContentTemplatesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if c.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := c.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentTemplates` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + expandUnescaped, err := url.QueryUnescape(qp.Get("$expand")) + if err != nil { + return nil, err + } + expandParam := getOptional(expandUnescaped) + searchUnescaped, err := url.QueryUnescape(qp.Get("$search")) + if err != nil { + return nil, err + } + searchParam := getOptional(searchUnescaped) + countUnescaped, err := url.QueryUnescape(qp.Get("$count")) + if err != nil { + return nil, err + } + countParam, err := parseOptional(countUnescaped, strconv.ParseBool) + if err != nil { + return nil, err + } + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipUnescaped, err := url.QueryUnescape(qp.Get("$skip")) + if err != nil { + return nil, err + } + skipParam, err := parseOptional(skipUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.ContentTemplatesClientListOptions + if filterParam != nil || orderbyParam != nil || expandParam != nil || searchParam != nil || countParam != nil || topParam != nil || skipParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.ContentTemplatesClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Expand: expandParam, + Search: searchParam, + Count: countParam, + Top: topParam, + Skip: skipParam, + SkipToken: skipTokenParam, + } + } + resp := c.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + c.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.ContentTemplatesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + c.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + c.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ContentTemplatesServerTransport +var contentTemplatesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectordefinitions_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectordefinitions_server.go new file mode 100644 index 000000000000..ae075fb05784 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectordefinitions_server.go @@ -0,0 +1,272 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// DataConnectorDefinitionsServer is a fake server for instances of the armsecurityinsights.DataConnectorDefinitionsClient type. +type DataConnectorDefinitionsServer struct { + // CreateOrUpdate is the fake for method DataConnectorDefinitionsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, connectorDefinitionInput armsecurityinsights.DataConnectorDefinitionClassification, options *armsecurityinsights.DataConnectorDefinitionsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorDefinitionsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method DataConnectorDefinitionsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, options *armsecurityinsights.DataConnectorDefinitionsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorDefinitionsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method DataConnectorDefinitionsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, options *armsecurityinsights.DataConnectorDefinitionsClientGetOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorDefinitionsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method DataConnectorDefinitionsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.DataConnectorDefinitionsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.DataConnectorDefinitionsClientListResponse]) +} + +// NewDataConnectorDefinitionsServerTransport creates a new instance of DataConnectorDefinitionsServerTransport with the provided implementation. +// The returned DataConnectorDefinitionsServerTransport instance is connected to an instance of armsecurityinsights.DataConnectorDefinitionsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewDataConnectorDefinitionsServerTransport(srv *DataConnectorDefinitionsServer) *DataConnectorDefinitionsServerTransport { + return &DataConnectorDefinitionsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.DataConnectorDefinitionsClientListResponse]](), + } +} + +// DataConnectorDefinitionsServerTransport connects instances of armsecurityinsights.DataConnectorDefinitionsClient to instances of DataConnectorDefinitionsServer. +// Don't use this type directly, use NewDataConnectorDefinitionsServerTransport instead. +type DataConnectorDefinitionsServerTransport struct { + srv *DataConnectorDefinitionsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.DataConnectorDefinitionsClientListResponse]] +} + +// Do implements the policy.Transporter interface for DataConnectorDefinitionsServerTransport. +func (d *DataConnectorDefinitionsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return d.dispatchToMethodFake(req, method) +} + +func (d *DataConnectorDefinitionsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if dataConnectorDefinitionsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = dataConnectorDefinitionsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "DataConnectorDefinitionsClient.CreateOrUpdate": + res.resp, res.err = d.dispatchCreateOrUpdate(req) + case "DataConnectorDefinitionsClient.Delete": + res.resp, res.err = d.dispatchDelete(req) + case "DataConnectorDefinitionsClient.Get": + res.resp, res.err = d.dispatchGet(req) + case "DataConnectorDefinitionsClient.NewListPager": + res.resp, res.err = d.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (d *DataConnectorDefinitionsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if d.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectorDefinitions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + raw, err := readRequestBody(req) + if err != nil { + return nil, err + } + body, err := unmarshalDataConnectorDefinitionClassification(raw) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + dataConnectorDefinitionNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("dataConnectorDefinitionName")]) + if err != nil { + return nil, err + } + respr, errRespr := d.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, dataConnectorDefinitionNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).DataConnectorDefinitionClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (d *DataConnectorDefinitionsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if d.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectorDefinitions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + dataConnectorDefinitionNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("dataConnectorDefinitionName")]) + if err != nil { + return nil, err + } + respr, errRespr := d.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, dataConnectorDefinitionNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (d *DataConnectorDefinitionsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if d.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectorDefinitions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + dataConnectorDefinitionNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("dataConnectorDefinitionName")]) + if err != nil { + return nil, err + } + respr, errRespr := d.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, dataConnectorDefinitionNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).DataConnectorDefinitionClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (d *DataConnectorDefinitionsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if d.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := d.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectorDefinitions` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := d.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + d.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.DataConnectorDefinitionsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + d.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + d.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to DataConnectorDefinitionsServerTransport +var dataConnectorDefinitionsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectors_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectors_server.go index 920432830b0c..016a661af598 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectors_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectors_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -74,31 +71,50 @@ func (d *DataConnectorsServerTransport) Do(req *http.Request) (*http.Response, e return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return d.dispatchToMethodFake(req, method) +} - switch method { - case "DataConnectorsClient.Connect": - resp, err = d.dispatchConnect(req) - case "DataConnectorsClient.CreateOrUpdate": - resp, err = d.dispatchCreateOrUpdate(req) - case "DataConnectorsClient.Delete": - resp, err = d.dispatchDelete(req) - case "DataConnectorsClient.Disconnect": - resp, err = d.dispatchDisconnect(req) - case "DataConnectorsClient.Get": - resp, err = d.dispatchGet(req) - case "DataConnectorsClient.NewListPager": - resp, err = d.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (d *DataConnectorsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if dataConnectorsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = dataConnectorsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "DataConnectorsClient.Connect": + res.resp, res.err = d.dispatchConnect(req) + case "DataConnectorsClient.CreateOrUpdate": + res.resp, res.err = d.dispatchCreateOrUpdate(req) + case "DataConnectorsClient.Delete": + res.resp, res.err = d.dispatchDelete(req) + case "DataConnectorsClient.Disconnect": + res.resp, res.err = d.dispatchDisconnect(req) + case "DataConnectorsClient.Get": + res.resp, res.err = d.dispatchGet(req) + case "DataConnectorsClient.NewListPager": + res.resp, res.err = d.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (d *DataConnectorsServerTransport) dispatchConnect(req *http.Request) (*http.Response, error) { @@ -338,3 +354,9 @@ func (d *DataConnectorsServerTransport) dispatchNewListPager(req *http.Request) } return resp, nil } + +// set this to conditionally intercept incoming requests to DataConnectorsServerTransport +var dataConnectorsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectorscheckrequirements_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectorscheckrequirements_server.go index 1874731e603f..ad752a424c79 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectorscheckrequirements_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectorscheckrequirements_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -49,21 +46,40 @@ func (d *DataConnectorsCheckRequirementsServerTransport) Do(req *http.Request) ( return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return d.dispatchToMethodFake(req, method) +} - switch method { - case "DataConnectorsCheckRequirementsClient.Post": - resp, err = d.dispatchPost(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (d *DataConnectorsCheckRequirementsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if dataConnectorsCheckRequirementsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = dataConnectorsCheckRequirementsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "DataConnectorsCheckRequirementsClient.Post": + res.resp, res.err = d.dispatchPost(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (d *DataConnectorsCheckRequirementsServerTransport) dispatchPost(req *http.Request) (*http.Response, error) { @@ -106,3 +122,9 @@ func (d *DataConnectorsCheckRequirementsServerTransport) dispatchPost(req *http. } return resp, nil } + +// set this to conditionally intercept incoming requests to DataConnectorsCheckRequirementsServerTransport +var dataConnectorsCheckRequirementsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/date_type.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/date_type.go deleted file mode 100644 index 6a8d61c6788c..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/date_type.go +++ /dev/null @@ -1,58 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -package fake - -import ( - "encoding/json" - "fmt" - "github.com/Azure/azure-sdk-for-go/sdk/azcore" - "reflect" - "time" -) - -const ( - fullDateJSON = `"2006-01-02"` - jsonFormat = `"%04d-%02d-%02d"` -) - -type dateType time.Time - -func (t dateType) MarshalJSON() ([]byte, error) { - return []byte(fmt.Sprintf(jsonFormat, time.Time(t).Year(), time.Time(t).Month(), time.Time(t).Day())), nil -} - -func (d *dateType) UnmarshalJSON(data []byte) (err error) { - t, err := time.Parse(fullDateJSON, string(data)) - *d = (dateType)(t) - return err -} - -func populateDateType(m map[string]any, k string, t *time.Time) { - if t == nil { - return - } else if azcore.IsNullValue(t) { - m[k] = nil - return - } else if reflect.ValueOf(t).IsNil() { - return - } - m[k] = (*dateType)(t) -} - -func unpopulateDateType(data json.RawMessage, fn string, t **time.Time) error { - if data == nil || string(data) == "null" { - return nil - } - var aux dateType - if err := json.Unmarshal(data, &aux); err != nil { - return fmt.Errorf("struct field %s: %v", fn, err) - } - *t = (*time.Time)(&aux) - return nil -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/domainwhois_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/domainwhois_server.go deleted file mode 100644 index eadbede0efd2..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/domainwhois_server.go +++ /dev/null @@ -1,101 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -package fake - -import ( - "context" - "errors" - "fmt" - azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" - "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" - "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" - "net/http" - "net/url" - "regexp" -) - -// DomainWhoisServer is a fake server for instances of the armsecurityinsights.DomainWhoisClient type. -type DomainWhoisServer struct { - // Get is the fake for method DomainWhoisClient.Get - // HTTP status codes to indicate success: http.StatusOK - Get func(ctx context.Context, resourceGroupName string, domain string, options *armsecurityinsights.DomainWhoisClientGetOptions) (resp azfake.Responder[armsecurityinsights.DomainWhoisClientGetResponse], errResp azfake.ErrorResponder) -} - -// NewDomainWhoisServerTransport creates a new instance of DomainWhoisServerTransport with the provided implementation. -// The returned DomainWhoisServerTransport instance is connected to an instance of armsecurityinsights.DomainWhoisClient via the -// azcore.ClientOptions.Transporter field in the client's constructor parameters. -func NewDomainWhoisServerTransport(srv *DomainWhoisServer) *DomainWhoisServerTransport { - return &DomainWhoisServerTransport{srv: srv} -} - -// DomainWhoisServerTransport connects instances of armsecurityinsights.DomainWhoisClient to instances of DomainWhoisServer. -// Don't use this type directly, use NewDomainWhoisServerTransport instead. -type DomainWhoisServerTransport struct { - srv *DomainWhoisServer -} - -// Do implements the policy.Transporter interface for DomainWhoisServerTransport. -func (d *DomainWhoisServerTransport) Do(req *http.Request) (*http.Response, error) { - rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) - method, ok := rawMethod.(string) - if !ok { - return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} - } - - var resp *http.Response - var err error - - switch method { - case "DomainWhoisClient.Get": - resp, err = d.dispatchGet(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } - - if err != nil { - return nil, err - } - - return resp, nil -} - -func (d *DomainWhoisServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { - if d.srv.Get == nil { - return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} - } - const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/enrichment/domain/whois/` - regex := regexp.MustCompile(regexStr) - matches := regex.FindStringSubmatch(req.URL.EscapedPath()) - if matches == nil || len(matches) < 2 { - return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) - } - qp := req.URL.Query() - resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) - if err != nil { - return nil, err - } - domainParam, err := url.QueryUnescape(qp.Get("domain")) - if err != nil { - return nil, err - } - respr, errRespr := d.srv.Get(req.Context(), resourceGroupNameParam, domainParam, nil) - if respErr := server.GetError(errRespr, req); respErr != nil { - return nil, respErr - } - respContent := server.GetResponseContent(respr) - if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} - } - resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EnrichmentDomainWhois, req) - if err != nil { - return nil, err - } - return resp, nil -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entities_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entities_server.go index eb825171dc27..099d23601fbf 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entities_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entities_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -19,6 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" + "reflect" "regexp" ) @@ -40,9 +38,13 @@ type EntitiesServer struct { // HTTP status codes to indicate success: http.StatusOK NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.EntitiesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.EntitiesClientListResponse]) - // Queries is the fake for method EntitiesClient.Queries + // NewQueriesPager is the fake for method EntitiesClient.NewQueriesPager // HTTP status codes to indicate success: http.StatusOK - Queries func(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, kind armsecurityinsights.EntityItemQueryKind, options *armsecurityinsights.EntitiesClientQueriesOptions) (resp azfake.Responder[armsecurityinsights.EntitiesClientQueriesResponse], errResp azfake.ErrorResponder) + NewQueriesPager func(resourceGroupName string, workspaceName string, entityID string, kind armsecurityinsights.EntityItemQueryKind, options *armsecurityinsights.EntitiesClientQueriesOptions) (resp azfake.PagerResponder[armsecurityinsights.EntitiesClientQueriesResponse]) + + // RunPlaybook is the fake for method EntitiesClient.RunPlaybook + // HTTP status codes to indicate success: http.StatusNoContent + RunPlaybook func(ctx context.Context, resourceGroupName string, workspaceName string, entityIdentifier string, options *armsecurityinsights.EntitiesClientRunPlaybookOptions) (resp azfake.Responder[armsecurityinsights.EntitiesClientRunPlaybookResponse], errResp azfake.ErrorResponder) } // NewEntitiesServerTransport creates a new instance of EntitiesServerTransport with the provided implementation. @@ -50,16 +52,18 @@ type EntitiesServer struct { // azcore.ClientOptions.Transporter field in the client's constructor parameters. func NewEntitiesServerTransport(srv *EntitiesServer) *EntitiesServerTransport { return &EntitiesServerTransport{ - srv: srv, - newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.EntitiesClientListResponse]](), + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.EntitiesClientListResponse]](), + newQueriesPager: newTracker[azfake.PagerResponder[armsecurityinsights.EntitiesClientQueriesResponse]](), } } // EntitiesServerTransport connects instances of armsecurityinsights.EntitiesClient to instances of EntitiesServer. // Don't use this type directly, use NewEntitiesServerTransport instead. type EntitiesServerTransport struct { - srv *EntitiesServer - newListPager *tracker[azfake.PagerResponder[armsecurityinsights.EntitiesClientListResponse]] + srv *EntitiesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.EntitiesClientListResponse]] + newQueriesPager *tracker[azfake.PagerResponder[armsecurityinsights.EntitiesClientQueriesResponse]] } // Do implements the policy.Transporter interface for EntitiesServerTransport. @@ -70,29 +74,50 @@ func (e *EntitiesServerTransport) Do(req *http.Request) (*http.Response, error) return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return e.dispatchToMethodFake(req, method) +} - switch method { - case "EntitiesClient.Expand": - resp, err = e.dispatchExpand(req) - case "EntitiesClient.Get": - resp, err = e.dispatchGet(req) - case "EntitiesClient.GetInsights": - resp, err = e.dispatchGetInsights(req) - case "EntitiesClient.NewListPager": - resp, err = e.dispatchNewListPager(req) - case "EntitiesClient.Queries": - resp, err = e.dispatchQueries(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (e *EntitiesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if entitiesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = entitiesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "EntitiesClient.Expand": + res.resp, res.err = e.dispatchExpand(req) + case "EntitiesClient.Get": + res.resp, res.err = e.dispatchGet(req) + case "EntitiesClient.GetInsights": + res.resp, res.err = e.dispatchGetInsights(req) + case "EntitiesClient.NewListPager": + res.resp, res.err = e.dispatchNewListPager(req) + case "EntitiesClient.NewQueriesPager": + res.resp, res.err = e.dispatchNewQueriesPager(req) + case "EntitiesClient.RunPlaybook": + res.resp, res.err = e.dispatchRunPlaybook(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (e *EntitiesServerTransport) dispatchExpand(req *http.Request) (*http.Response, error) { @@ -255,17 +280,73 @@ func (e *EntitiesServerTransport) dispatchNewListPager(req *http.Request) (*http return resp, nil } -func (e *EntitiesServerTransport) dispatchQueries(req *http.Request) (*http.Response, error) { - if e.srv.Queries == nil { - return nil, &nonRetriableError{errors.New("fake for method Queries not implemented")} +func (e *EntitiesServerTransport) dispatchNewQueriesPager(req *http.Request) (*http.Response, error) { + if e.srv.NewQueriesPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewQueriesPager not implemented")} + } + newQueriesPager := e.newQueriesPager.get(req) + if newQueriesPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/queries` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityId")]) + if err != nil { + return nil, err + } + kindParam, err := parseWithCast(qp.Get("kind"), func(v string) (armsecurityinsights.EntityItemQueryKind, error) { + p, unescapeErr := url.QueryUnescape(v) + if unescapeErr != nil { + return "", unescapeErr + } + return armsecurityinsights.EntityItemQueryKind(p), nil + }) + if err != nil { + return nil, err + } + resp := e.srv.NewQueriesPager(resourceGroupNameParam, workspaceNameParam, entityIDParam, kindParam, nil) + newQueriesPager = &resp + e.newQueriesPager.add(req, newQueriesPager) + } + resp, err := server.PagerResponderNext(newQueriesPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + e.newQueriesPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newQueriesPager) { + e.newQueriesPager.remove(req) + } + return resp, nil +} + +func (e *EntitiesServerTransport) dispatchRunPlaybook(req *http.Request) (*http.Response, error) { + if e.srv.RunPlaybook == nil { + return nil, &nonRetriableError{errors.New("fake for method RunPlaybook not implemented")} } - const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/queries` + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/runPlaybook` regex := regexp.MustCompile(regexStr) matches := regex.FindStringSubmatch(req.URL.EscapedPath()) if matches == nil || len(matches) < 4 { return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) } - qp := req.URL.Query() + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.EntityManualTriggerRequestBody](req) + if err != nil { + return nil, err + } resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) if err != nil { return nil, err @@ -274,31 +355,33 @@ func (e *EntitiesServerTransport) dispatchQueries(req *http.Request) (*http.Resp if err != nil { return nil, err } - entityIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityId")]) + entityIdentifierParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityIdentifier")]) if err != nil { return nil, err } - kindParam, err := parseWithCast(qp.Get("kind"), func(v string) (armsecurityinsights.EntityItemQueryKind, error) { - p, unescapeErr := url.QueryUnescape(v) - if unescapeErr != nil { - return "", unescapeErr + var options *armsecurityinsights.EntitiesClientRunPlaybookOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.EntitiesClientRunPlaybookOptions{ + RequestBody: &body, } - return armsecurityinsights.EntityItemQueryKind(p), nil - }) - if err != nil { - return nil, err } - respr, errRespr := e.srv.Queries(req.Context(), resourceGroupNameParam, workspaceNameParam, entityIDParam, kindParam, nil) + respr, errRespr := e.srv.RunPlaybook(req.Context(), resourceGroupNameParam, workspaceNameParam, entityIdentifierParam, options) if respErr := server.GetError(errRespr, req); respErr != nil { return nil, respErr } respContent := server.GetResponseContent(respr) - if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + if !contains([]int{http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusNoContent", respContent.HTTPStatus)} } - resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).GetQueriesResponse, req) + resp, err := server.NewResponse(respContent, req, nil) if err != nil { return nil, err } return resp, nil } + +// set this to conditionally intercept incoming requests to EntitiesServerTransport +var entitiesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesgettimeline_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesgettimeline_server.go index 8a1ebde044b4..0bd094cd8874 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesgettimeline_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesgettimeline_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -49,21 +46,40 @@ func (e *EntitiesGetTimelineServerTransport) Do(req *http.Request) (*http.Respon return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return e.dispatchToMethodFake(req, method) +} - switch method { - case "EntitiesGetTimelineClient.List": - resp, err = e.dispatchList(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (e *EntitiesGetTimelineServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if entitiesGetTimelineServerTransportInterceptor != nil { + res.resp, res.err, intercepted = entitiesGetTimelineServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "EntitiesGetTimelineClient.List": + res.resp, res.err = e.dispatchList(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (e *EntitiesGetTimelineServerTransport) dispatchList(req *http.Request) (*http.Response, error) { @@ -106,3 +122,9 @@ func (e *EntitiesGetTimelineServerTransport) dispatchList(req *http.Request) (*h } return resp, nil } + +// set this to conditionally intercept incoming requests to EntitiesGetTimelineServerTransport +var entitiesGetTimelineServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesrelations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesrelations_server.go index ee3b5d06a027..a677b951f993 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesrelations_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesrelations_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -54,21 +51,40 @@ func (e *EntitiesRelationsServerTransport) Do(req *http.Request) (*http.Response return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return e.dispatchToMethodFake(req, method) +} - switch method { - case "EntitiesRelationsClient.NewListPager": - resp, err = e.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (e *EntitiesRelationsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if entitiesRelationsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = entitiesRelationsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "EntitiesRelationsClient.NewListPager": + res.resp, res.err = e.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (e *EntitiesRelationsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { @@ -154,3 +170,9 @@ func (e *EntitiesRelationsServerTransport) dispatchNewListPager(req *http.Reques } return resp, nil } + +// set this to conditionally intercept incoming requests to EntitiesRelationsServerTransport +var entitiesRelationsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityqueries_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityqueries_server.go index 54a361bc9e98..bc64de1d7496 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityqueries_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityqueries_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -66,27 +63,46 @@ func (e *EntityQueriesServerTransport) Do(req *http.Request) (*http.Response, er return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return e.dispatchToMethodFake(req, method) +} - switch method { - case "EntityQueriesClient.CreateOrUpdate": - resp, err = e.dispatchCreateOrUpdate(req) - case "EntityQueriesClient.Delete": - resp, err = e.dispatchDelete(req) - case "EntityQueriesClient.Get": - resp, err = e.dispatchGet(req) - case "EntityQueriesClient.NewListPager": - resp, err = e.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (e *EntityQueriesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if entityQueriesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = entityQueriesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "EntityQueriesClient.CreateOrUpdate": + res.resp, res.err = e.dispatchCreateOrUpdate(req) + case "EntityQueriesClient.Delete": + res.resp, res.err = e.dispatchDelete(req) + case "EntityQueriesClient.Get": + res.resp, res.err = e.dispatchGet(req) + case "EntityQueriesClient.NewListPager": + res.resp, res.err = e.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (e *EntityQueriesServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -225,7 +241,7 @@ func (e *EntityQueriesServerTransport) dispatchNewListPager(req *http.Request) ( if err != nil { return nil, err } - kindParam := getOptional(armsecurityinsights.Enum13(kindUnescaped)) + kindParam := getOptional(armsecurityinsights.EntityQueryTemplateKind(kindUnescaped)) resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) if err != nil { return nil, err @@ -260,3 +276,9 @@ func (e *EntityQueriesServerTransport) dispatchNewListPager(req *http.Request) ( } return resp, nil } + +// set this to conditionally intercept incoming requests to EntityQueriesServerTransport +var entityQueriesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityquerytemplates_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityquerytemplates_server.go index ec5c4c5da8fd..a88d78779c54 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityquerytemplates_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityquerytemplates_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -58,23 +55,42 @@ func (e *EntityQueryTemplatesServerTransport) Do(req *http.Request) (*http.Respo return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return e.dispatchToMethodFake(req, method) +} - switch method { - case "EntityQueryTemplatesClient.Get": - resp, err = e.dispatchGet(req) - case "EntityQueryTemplatesClient.NewListPager": - resp, err = e.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (e *EntityQueryTemplatesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if entityQueryTemplatesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = entityQueryTemplatesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "EntityQueryTemplatesClient.Get": + res.resp, res.err = e.dispatchGet(req) + case "EntityQueryTemplatesClient.NewListPager": + res.resp, res.err = e.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (e *EntityQueryTemplatesServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { @@ -131,7 +147,7 @@ func (e *EntityQueryTemplatesServerTransport) dispatchNewListPager(req *http.Req if err != nil { return nil, err } - kindParam := getOptional(armsecurityinsights.Enum15(kindUnescaped)) + kindParam := getOptional(armsecurityinsights.EntityQueryTemplateKind(kindUnescaped)) resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) if err != nil { return nil, err @@ -166,3 +182,9 @@ func (e *EntityQueryTemplatesServerTransport) dispatchNewListPager(req *http.Req } return resp, nil } + +// set this to conditionally intercept incoming requests to EntityQueryTemplatesServerTransport +var entityQueryTemplatesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityrelations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityrelations_server.go index 07f5d3c8c8a6..04550720063e 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityrelations_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityrelations_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -49,21 +46,40 @@ func (e *EntityRelationsServerTransport) Do(req *http.Request) (*http.Response, return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return e.dispatchToMethodFake(req, method) +} - switch method { - case "EntityRelationsClient.GetRelation": - resp, err = e.dispatchGetRelation(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (e *EntityRelationsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if entityRelationsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = entityRelationsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "EntityRelationsClient.GetRelation": + res.resp, res.err = e.dispatchGetRelation(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (e *EntityRelationsServerTransport) dispatchGetRelation(req *http.Request) (*http.Response, error) { @@ -106,3 +122,9 @@ func (e *EntityRelationsServerTransport) dispatchGetRelation(req *http.Request) } return resp, nil } + +// set this to conditionally intercept incoming requests to EntityRelationsServerTransport +var entityRelationsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/fileimports_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/fileimports_server.go index e60d2229974d..ed3c755f6420 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/fileimports_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/fileimports_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -26,11 +23,11 @@ import ( // FileImportsServer is a fake server for instances of the armsecurityinsights.FileImportsClient type. type FileImportsServer struct { // Create is the fake for method FileImportsClient.Create - // HTTP status codes to indicate success: http.StatusCreated + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated Create func(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, fileImport armsecurityinsights.FileImport, options *armsecurityinsights.FileImportsClientCreateOptions) (resp azfake.Responder[armsecurityinsights.FileImportsClientCreateResponse], errResp azfake.ErrorResponder) // BeginDelete is the fake for method FileImportsClient.BeginDelete - // HTTP status codes to indicate success: http.StatusAccepted, http.StatusNoContent + // HTTP status codes to indicate success: http.StatusOK, http.StatusAccepted, http.StatusNoContent BeginDelete func(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *armsecurityinsights.FileImportsClientBeginDeleteOptions) (resp azfake.PollerResponder[armsecurityinsights.FileImportsClientDeleteResponse], errResp azfake.ErrorResponder) // Get is the fake for method FileImportsClient.Get @@ -69,27 +66,46 @@ func (f *FileImportsServerTransport) Do(req *http.Request) (*http.Response, erro return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return f.dispatchToMethodFake(req, method) +} - switch method { - case "FileImportsClient.Create": - resp, err = f.dispatchCreate(req) - case "FileImportsClient.BeginDelete": - resp, err = f.dispatchBeginDelete(req) - case "FileImportsClient.Get": - resp, err = f.dispatchGet(req) - case "FileImportsClient.NewListPager": - resp, err = f.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (f *FileImportsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if fileImportsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = fileImportsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "FileImportsClient.Create": + res.resp, res.err = f.dispatchCreate(req) + case "FileImportsClient.BeginDelete": + res.resp, res.err = f.dispatchBeginDelete(req) + case "FileImportsClient.Get": + res.resp, res.err = f.dispatchGet(req) + case "FileImportsClient.NewListPager": + res.resp, res.err = f.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (f *FileImportsServerTransport) dispatchCreate(req *http.Request) (*http.Response, error) { @@ -123,8 +139,8 @@ func (f *FileImportsServerTransport) dispatchCreate(req *http.Request) (*http.Re return nil, respErr } respContent := server.GetResponseContent(respr) - if !contains([]int{http.StatusCreated}, respContent.HTTPStatus) { - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusCreated", respContent.HTTPStatus)} + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} } resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).FileImport, req) if err != nil { @@ -170,9 +186,9 @@ func (f *FileImportsServerTransport) dispatchBeginDelete(req *http.Request) (*ht return nil, err } - if !contains([]int{http.StatusAccepted, http.StatusNoContent}, resp.StatusCode) { + if !contains([]int{http.StatusOK, http.StatusAccepted, http.StatusNoContent}, resp.StatusCode) { f.beginDelete.remove(req) - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusAccepted, http.StatusNoContent", resp.StatusCode)} + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusAccepted, http.StatusNoContent", resp.StatusCode)} } if !server.PollerResponderMore(beginDelete) { f.beginDelete.remove(req) @@ -297,3 +313,9 @@ func (f *FileImportsServerTransport) dispatchNewListPager(req *http.Request) (*h } return resp, nil } + +// set this to conditionally intercept incoming requests to FileImportsServerTransport +var fileImportsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/get_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/get_server.go new file mode 100644 index 000000000000..ace53f3de6a1 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/get_server.go @@ -0,0 +1,126 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// GetServer is a fake server for instances of the armsecurityinsights.GetClient type. +type GetServer struct { + // SingleRecommendation is the fake for method GetClient.SingleRecommendation + // HTTP status codes to indicate success: http.StatusOK + SingleRecommendation func(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, options *armsecurityinsights.GetClientSingleRecommendationOptions) (resp azfake.Responder[armsecurityinsights.GetClientSingleRecommendationResponse], errResp azfake.ErrorResponder) +} + +// NewGetServerTransport creates a new instance of GetServerTransport with the provided implementation. +// The returned GetServerTransport instance is connected to an instance of armsecurityinsights.GetClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewGetServerTransport(srv *GetServer) *GetServerTransport { + return &GetServerTransport{srv: srv} +} + +// GetServerTransport connects instances of armsecurityinsights.GetClient to instances of GetServer. +// Don't use this type directly, use NewGetServerTransport instead. +type GetServerTransport struct { + srv *GetServer +} + +// Do implements the policy.Transporter interface for GetServerTransport. +func (g *GetServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return g.dispatchToMethodFake(req, method) +} + +func (g *GetServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if getServerTransportInterceptor != nil { + res.resp, res.err, intercepted = getServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "GetClient.SingleRecommendation": + res.resp, res.err = g.dispatchSingleRecommendation(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (g *GetServerTransport) dispatchSingleRecommendation(req *http.Request) (*http.Response, error) { + if g.srv.SingleRecommendation == nil { + return nil, &nonRetriableError{errors.New("fake for method SingleRecommendation not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/recommendations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + recommendationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("recommendationId")]) + if err != nil { + return nil, err + } + respr, errRespr := g.srv.SingleRecommendation(req.Context(), resourceGroupNameParam, workspaceNameParam, recommendationIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Recommendation, req) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to GetServerTransport +var getServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/getrecommendations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/getrecommendations_server.go new file mode 100644 index 000000000000..d51fe827642e --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/getrecommendations_server.go @@ -0,0 +1,134 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// GetRecommendationsServer is a fake server for instances of the armsecurityinsights.GetRecommendationsClient type. +type GetRecommendationsServer struct { + // NewListPager is the fake for method GetRecommendationsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.GetRecommendationsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.GetRecommendationsClientListResponse]) +} + +// NewGetRecommendationsServerTransport creates a new instance of GetRecommendationsServerTransport with the provided implementation. +// The returned GetRecommendationsServerTransport instance is connected to an instance of armsecurityinsights.GetRecommendationsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewGetRecommendationsServerTransport(srv *GetRecommendationsServer) *GetRecommendationsServerTransport { + return &GetRecommendationsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.GetRecommendationsClientListResponse]](), + } +} + +// GetRecommendationsServerTransport connects instances of armsecurityinsights.GetRecommendationsClient to instances of GetRecommendationsServer. +// Don't use this type directly, use NewGetRecommendationsServerTransport instead. +type GetRecommendationsServerTransport struct { + srv *GetRecommendationsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.GetRecommendationsClientListResponse]] +} + +// Do implements the policy.Transporter interface for GetRecommendationsServerTransport. +func (g *GetRecommendationsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return g.dispatchToMethodFake(req, method) +} + +func (g *GetRecommendationsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if getRecommendationsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = getRecommendationsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "GetRecommendationsClient.NewListPager": + res.resp, res.err = g.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (g *GetRecommendationsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if g.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := g.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/recommendations` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := g.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + g.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.GetRecommendationsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + g.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + g.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to GetRecommendationsServerTransport +var getRecommendationsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/gettriggeredanalyticsruleruns_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/gettriggeredanalyticsruleruns_server.go new file mode 100644 index 000000000000..5e03fc706148 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/gettriggeredanalyticsruleruns_server.go @@ -0,0 +1,134 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// GetTriggeredAnalyticsRuleRunsServer is a fake server for instances of the armsecurityinsights.GetTriggeredAnalyticsRuleRunsClient type. +type GetTriggeredAnalyticsRuleRunsServer struct { + // NewListPager is the fake for method GetTriggeredAnalyticsRuleRunsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.GetTriggeredAnalyticsRuleRunsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.GetTriggeredAnalyticsRuleRunsClientListResponse]) +} + +// NewGetTriggeredAnalyticsRuleRunsServerTransport creates a new instance of GetTriggeredAnalyticsRuleRunsServerTransport with the provided implementation. +// The returned GetTriggeredAnalyticsRuleRunsServerTransport instance is connected to an instance of armsecurityinsights.GetTriggeredAnalyticsRuleRunsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewGetTriggeredAnalyticsRuleRunsServerTransport(srv *GetTriggeredAnalyticsRuleRunsServer) *GetTriggeredAnalyticsRuleRunsServerTransport { + return &GetTriggeredAnalyticsRuleRunsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.GetTriggeredAnalyticsRuleRunsClientListResponse]](), + } +} + +// GetTriggeredAnalyticsRuleRunsServerTransport connects instances of armsecurityinsights.GetTriggeredAnalyticsRuleRunsClient to instances of GetTriggeredAnalyticsRuleRunsServer. +// Don't use this type directly, use NewGetTriggeredAnalyticsRuleRunsServerTransport instead. +type GetTriggeredAnalyticsRuleRunsServerTransport struct { + srv *GetTriggeredAnalyticsRuleRunsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.GetTriggeredAnalyticsRuleRunsClientListResponse]] +} + +// Do implements the policy.Transporter interface for GetTriggeredAnalyticsRuleRunsServerTransport. +func (g *GetTriggeredAnalyticsRuleRunsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return g.dispatchToMethodFake(req, method) +} + +func (g *GetTriggeredAnalyticsRuleRunsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if getTriggeredAnalyticsRuleRunsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = getTriggeredAnalyticsRuleRunsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "GetTriggeredAnalyticsRuleRunsClient.NewListPager": + res.resp, res.err = g.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (g *GetTriggeredAnalyticsRuleRunsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if g.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := g.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/triggeredAnalyticsRuleRuns` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := g.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + g.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.GetTriggeredAnalyticsRuleRunsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + g.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + g.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to GetTriggeredAnalyticsRuleRunsServerTransport +var getTriggeredAnalyticsRuleRunsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntcomments_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntcomments_server.go new file mode 100644 index 000000000000..41eb0c34e7a7 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntcomments_server.go @@ -0,0 +1,324 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// HuntCommentsServer is a fake server for instances of the armsecurityinsights.HuntCommentsClient type. +type HuntCommentsServer struct { + // CreateOrUpdate is the fake for method HuntCommentsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, huntComment armsecurityinsights.HuntComment, options *armsecurityinsights.HuntCommentsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.HuntCommentsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method HuntCommentsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, options *armsecurityinsights.HuntCommentsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.HuntCommentsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method HuntCommentsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, options *armsecurityinsights.HuntCommentsClientGetOptions) (resp azfake.Responder[armsecurityinsights.HuntCommentsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method HuntCommentsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, huntID string, options *armsecurityinsights.HuntCommentsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.HuntCommentsClientListResponse]) +} + +// NewHuntCommentsServerTransport creates a new instance of HuntCommentsServerTransport with the provided implementation. +// The returned HuntCommentsServerTransport instance is connected to an instance of armsecurityinsights.HuntCommentsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewHuntCommentsServerTransport(srv *HuntCommentsServer) *HuntCommentsServerTransport { + return &HuntCommentsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.HuntCommentsClientListResponse]](), + } +} + +// HuntCommentsServerTransport connects instances of armsecurityinsights.HuntCommentsClient to instances of HuntCommentsServer. +// Don't use this type directly, use NewHuntCommentsServerTransport instead. +type HuntCommentsServerTransport struct { + srv *HuntCommentsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.HuntCommentsClientListResponse]] +} + +// Do implements the policy.Transporter interface for HuntCommentsServerTransport. +func (h *HuntCommentsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return h.dispatchToMethodFake(req, method) +} + +func (h *HuntCommentsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if huntCommentsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = huntCommentsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "HuntCommentsClient.CreateOrUpdate": + res.resp, res.err = h.dispatchCreateOrUpdate(req) + case "HuntCommentsClient.Delete": + res.resp, res.err = h.dispatchDelete(req) + case "HuntCommentsClient.Get": + res.resp, res.err = h.dispatchGet(req) + case "HuntCommentsClient.NewListPager": + res.resp, res.err = h.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (h *HuntCommentsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if h.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/comments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.HuntComment](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntCommentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntCommentId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntCommentIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).HuntComment, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntCommentsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if h.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/comments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntCommentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntCommentId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntCommentIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntCommentsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if h.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/comments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntCommentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntCommentId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntCommentIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).HuntComment, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntCommentsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if h.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := h.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/comments` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.HuntCommentsClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.HuntCommentsClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := h.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, huntIDParam, options) + newListPager = &resp + h.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.HuntCommentsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + h.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + h.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to HuntCommentsServerTransport +var huntCommentsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntrelations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntrelations_server.go new file mode 100644 index 000000000000..9fd3668ec7e2 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntrelations_server.go @@ -0,0 +1,324 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// HuntRelationsServer is a fake server for instances of the armsecurityinsights.HuntRelationsClient type. +type HuntRelationsServer struct { + // CreateOrUpdate is the fake for method HuntRelationsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, huntRelation armsecurityinsights.HuntRelation, options *armsecurityinsights.HuntRelationsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.HuntRelationsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method HuntRelationsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, options *armsecurityinsights.HuntRelationsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.HuntRelationsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method HuntRelationsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, options *armsecurityinsights.HuntRelationsClientGetOptions) (resp azfake.Responder[armsecurityinsights.HuntRelationsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method HuntRelationsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, huntID string, options *armsecurityinsights.HuntRelationsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.HuntRelationsClientListResponse]) +} + +// NewHuntRelationsServerTransport creates a new instance of HuntRelationsServerTransport with the provided implementation. +// The returned HuntRelationsServerTransport instance is connected to an instance of armsecurityinsights.HuntRelationsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewHuntRelationsServerTransport(srv *HuntRelationsServer) *HuntRelationsServerTransport { + return &HuntRelationsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.HuntRelationsClientListResponse]](), + } +} + +// HuntRelationsServerTransport connects instances of armsecurityinsights.HuntRelationsClient to instances of HuntRelationsServer. +// Don't use this type directly, use NewHuntRelationsServerTransport instead. +type HuntRelationsServerTransport struct { + srv *HuntRelationsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.HuntRelationsClientListResponse]] +} + +// Do implements the policy.Transporter interface for HuntRelationsServerTransport. +func (h *HuntRelationsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return h.dispatchToMethodFake(req, method) +} + +func (h *HuntRelationsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if huntRelationsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = huntRelationsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "HuntRelationsClient.CreateOrUpdate": + res.resp, res.err = h.dispatchCreateOrUpdate(req) + case "HuntRelationsClient.Delete": + res.resp, res.err = h.dispatchDelete(req) + case "HuntRelationsClient.Get": + res.resp, res.err = h.dispatchGet(req) + case "HuntRelationsClient.NewListPager": + res.resp, res.err = h.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (h *HuntRelationsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if h.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.HuntRelation](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntRelationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntRelationId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntRelationIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).HuntRelation, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntRelationsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if h.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntRelationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntRelationId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntRelationIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntRelationsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if h.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntRelationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntRelationId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntRelationIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).HuntRelation, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntRelationsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if h.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := h.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.HuntRelationsClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.HuntRelationsClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := h.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, huntIDParam, options) + newListPager = &resp + h.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.HuntRelationsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + h.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + h.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to HuntRelationsServerTransport +var huntRelationsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/hunts_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/hunts_server.go new file mode 100644 index 000000000000..ed3901f0e538 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/hunts_server.go @@ -0,0 +1,308 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// HuntsServer is a fake server for instances of the armsecurityinsights.HuntsClient type. +type HuntsServer struct { + // CreateOrUpdate is the fake for method HuntsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, hunt armsecurityinsights.Hunt, options *armsecurityinsights.HuntsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.HuntsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method HuntsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *armsecurityinsights.HuntsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.HuntsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method HuntsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *armsecurityinsights.HuntsClientGetOptions) (resp azfake.Responder[armsecurityinsights.HuntsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method HuntsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.HuntsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.HuntsClientListResponse]) +} + +// NewHuntsServerTransport creates a new instance of HuntsServerTransport with the provided implementation. +// The returned HuntsServerTransport instance is connected to an instance of armsecurityinsights.HuntsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewHuntsServerTransport(srv *HuntsServer) *HuntsServerTransport { + return &HuntsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.HuntsClientListResponse]](), + } +} + +// HuntsServerTransport connects instances of armsecurityinsights.HuntsClient to instances of HuntsServer. +// Don't use this type directly, use NewHuntsServerTransport instead. +type HuntsServerTransport struct { + srv *HuntsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.HuntsClientListResponse]] +} + +// Do implements the policy.Transporter interface for HuntsServerTransport. +func (h *HuntsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return h.dispatchToMethodFake(req, method) +} + +func (h *HuntsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if huntsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = huntsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "HuntsClient.CreateOrUpdate": + res.resp, res.err = h.dispatchCreateOrUpdate(req) + case "HuntsClient.Delete": + res.resp, res.err = h.dispatchDelete(req) + case "HuntsClient.Get": + res.resp, res.err = h.dispatchGet(req) + case "HuntsClient.NewListPager": + res.resp, res.err = h.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (h *HuntsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if h.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.Hunt](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Hunt, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if h.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if h.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Hunt, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if h.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := h.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.HuntsClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.HuntsClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := h.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + h.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.HuntsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + h.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + h.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to HuntsServerTransport +var huntsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentcomments_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentcomments_server.go index c934acb05cc6..6a5a3652f2e1 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentcomments_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentcomments_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -67,27 +64,46 @@ func (i *IncidentCommentsServerTransport) Do(req *http.Request) (*http.Response, return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return i.dispatchToMethodFake(req, method) +} - switch method { - case "IncidentCommentsClient.CreateOrUpdate": - resp, err = i.dispatchCreateOrUpdate(req) - case "IncidentCommentsClient.Delete": - resp, err = i.dispatchDelete(req) - case "IncidentCommentsClient.Get": - resp, err = i.dispatchGet(req) - case "IncidentCommentsClient.NewListPager": - resp, err = i.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (i *IncidentCommentsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if incidentCommentsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = incidentCommentsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "IncidentCommentsClient.CreateOrUpdate": + res.resp, res.err = i.dispatchCreateOrUpdate(req) + case "IncidentCommentsClient.Delete": + res.resp, res.err = i.dispatchDelete(req) + case "IncidentCommentsClient.Get": + res.resp, res.err = i.dispatchGet(req) + case "IncidentCommentsClient.NewListPager": + res.resp, res.err = i.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (i *IncidentCommentsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -300,3 +316,9 @@ func (i *IncidentCommentsServerTransport) dispatchNewListPager(req *http.Request } return resp, nil } + +// set this to conditionally intercept incoming requests to IncidentCommentsServerTransport +var incidentCommentsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentrelations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentrelations_server.go index 5e86e0aac780..a29ef20191a9 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentrelations_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentrelations_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -67,27 +64,46 @@ func (i *IncidentRelationsServerTransport) Do(req *http.Request) (*http.Response return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return i.dispatchToMethodFake(req, method) +} - switch method { - case "IncidentRelationsClient.CreateOrUpdate": - resp, err = i.dispatchCreateOrUpdate(req) - case "IncidentRelationsClient.Delete": - resp, err = i.dispatchDelete(req) - case "IncidentRelationsClient.Get": - resp, err = i.dispatchGet(req) - case "IncidentRelationsClient.NewListPager": - resp, err = i.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (i *IncidentRelationsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if incidentRelationsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = incidentRelationsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "IncidentRelationsClient.CreateOrUpdate": + res.resp, res.err = i.dispatchCreateOrUpdate(req) + case "IncidentRelationsClient.Delete": + res.resp, res.err = i.dispatchDelete(req) + case "IncidentRelationsClient.Get": + res.resp, res.err = i.dispatchGet(req) + case "IncidentRelationsClient.NewListPager": + res.resp, res.err = i.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (i *IncidentRelationsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -300,3 +316,9 @@ func (i *IncidentRelationsServerTransport) dispatchNewListPager(req *http.Reques } return resp, nil } + +// set this to conditionally intercept incoming requests to IncidentRelationsServerTransport +var incidentRelationsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidents_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidents_server.go index 56fa35ef8417..54b720ac86d7 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidents_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidents_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -30,10 +27,6 @@ type IncidentsServer struct { // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incident armsecurityinsights.Incident, options *armsecurityinsights.IncidentsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.IncidentsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) - // CreateTeam is the fake for method IncidentsClient.CreateTeam - // HTTP status codes to indicate success: http.StatusOK - CreateTeam func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, teamProperties armsecurityinsights.TeamProperties, options *armsecurityinsights.IncidentsClientCreateTeamOptions) (resp azfake.Responder[armsecurityinsights.IncidentsClientCreateTeamResponse], errResp azfake.ErrorResponder) - // Delete is the fake for method IncidentsClient.Delete // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent Delete func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, options *armsecurityinsights.IncidentsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.IncidentsClientDeleteResponse], errResp azfake.ErrorResponder) @@ -88,37 +81,54 @@ func (i *IncidentsServerTransport) Do(req *http.Request) (*http.Response, error) return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return i.dispatchToMethodFake(req, method) +} - switch method { - case "IncidentsClient.CreateOrUpdate": - resp, err = i.dispatchCreateOrUpdate(req) - case "IncidentsClient.CreateTeam": - resp, err = i.dispatchCreateTeam(req) - case "IncidentsClient.Delete": - resp, err = i.dispatchDelete(req) - case "IncidentsClient.Get": - resp, err = i.dispatchGet(req) - case "IncidentsClient.NewListPager": - resp, err = i.dispatchNewListPager(req) - case "IncidentsClient.ListAlerts": - resp, err = i.dispatchListAlerts(req) - case "IncidentsClient.ListBookmarks": - resp, err = i.dispatchListBookmarks(req) - case "IncidentsClient.ListEntities": - resp, err = i.dispatchListEntities(req) - case "IncidentsClient.RunPlaybook": - resp, err = i.dispatchRunPlaybook(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (i *IncidentsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if incidentsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = incidentsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "IncidentsClient.CreateOrUpdate": + res.resp, res.err = i.dispatchCreateOrUpdate(req) + case "IncidentsClient.Delete": + res.resp, res.err = i.dispatchDelete(req) + case "IncidentsClient.Get": + res.resp, res.err = i.dispatchGet(req) + case "IncidentsClient.NewListPager": + res.resp, res.err = i.dispatchNewListPager(req) + case "IncidentsClient.ListAlerts": + res.resp, res.err = i.dispatchListAlerts(req) + case "IncidentsClient.ListBookmarks": + res.resp, res.err = i.dispatchListBookmarks(req) + case "IncidentsClient.ListEntities": + res.resp, res.err = i.dispatchListEntities(req) + case "IncidentsClient.RunPlaybook": + res.resp, res.err = i.dispatchRunPlaybook(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (i *IncidentsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -162,47 +172,6 @@ func (i *IncidentsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*h return resp, nil } -func (i *IncidentsServerTransport) dispatchCreateTeam(req *http.Request) (*http.Response, error) { - if i.srv.CreateTeam == nil { - return nil, &nonRetriableError{errors.New("fake for method CreateTeam not implemented")} - } - const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/createTeam` - regex := regexp.MustCompile(regexStr) - matches := regex.FindStringSubmatch(req.URL.EscapedPath()) - if matches == nil || len(matches) < 4 { - return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) - } - body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.TeamProperties](req) - if err != nil { - return nil, err - } - resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) - if err != nil { - return nil, err - } - workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) - if err != nil { - return nil, err - } - incidentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentId")]) - if err != nil { - return nil, err - } - respr, errRespr := i.srv.CreateTeam(req.Context(), resourceGroupNameParam, workspaceNameParam, incidentIDParam, body, nil) - if respErr := server.GetError(errRespr, req); respErr != nil { - return nil, respErr - } - respContent := server.GetResponseContent(respr) - if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} - } - resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).TeamInformation, req) - if err != nil { - return nil, err - } - return resp, nil -} - func (i *IncidentsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { if i.srv.Delete == nil { return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} @@ -514,3 +483,9 @@ func (i *IncidentsServerTransport) dispatchRunPlaybook(req *http.Request) (*http } return resp, nil } + +// set this to conditionally intercept incoming requests to IncidentsServerTransport +var incidentsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidenttasks_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidenttasks_server.go new file mode 100644 index 000000000000..e5d66f9c665c --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidenttasks_server.go @@ -0,0 +1,284 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// IncidentTasksServer is a fake server for instances of the armsecurityinsights.IncidentTasksClient type. +type IncidentTasksServer struct { + // CreateOrUpdate is the fake for method IncidentTasksClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, incidentTask armsecurityinsights.IncidentTask, options *armsecurityinsights.IncidentTasksClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.IncidentTasksClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method IncidentTasksClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, options *armsecurityinsights.IncidentTasksClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.IncidentTasksClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method IncidentTasksClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, options *armsecurityinsights.IncidentTasksClientGetOptions) (resp azfake.Responder[armsecurityinsights.IncidentTasksClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method IncidentTasksClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, incidentID string, options *armsecurityinsights.IncidentTasksClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.IncidentTasksClientListResponse]) +} + +// NewIncidentTasksServerTransport creates a new instance of IncidentTasksServerTransport with the provided implementation. +// The returned IncidentTasksServerTransport instance is connected to an instance of armsecurityinsights.IncidentTasksClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewIncidentTasksServerTransport(srv *IncidentTasksServer) *IncidentTasksServerTransport { + return &IncidentTasksServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.IncidentTasksClientListResponse]](), + } +} + +// IncidentTasksServerTransport connects instances of armsecurityinsights.IncidentTasksClient to instances of IncidentTasksServer. +// Don't use this type directly, use NewIncidentTasksServerTransport instead. +type IncidentTasksServerTransport struct { + srv *IncidentTasksServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.IncidentTasksClientListResponse]] +} + +// Do implements the policy.Transporter interface for IncidentTasksServerTransport. +func (i *IncidentTasksServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return i.dispatchToMethodFake(req, method) +} + +func (i *IncidentTasksServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if incidentTasksServerTransportInterceptor != nil { + res.resp, res.err, intercepted = incidentTasksServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "IncidentTasksClient.CreateOrUpdate": + res.resp, res.err = i.dispatchCreateOrUpdate(req) + case "IncidentTasksClient.Delete": + res.resp, res.err = i.dispatchDelete(req) + case "IncidentTasksClient.Get": + res.resp, res.err = i.dispatchGet(req) + case "IncidentTasksClient.NewListPager": + res.resp, res.err = i.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (i *IncidentTasksServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if i.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/tasks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.IncidentTask](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + incidentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentId")]) + if err != nil { + return nil, err + } + incidentTaskIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentTaskId")]) + if err != nil { + return nil, err + } + respr, errRespr := i.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, incidentIDParam, incidentTaskIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).IncidentTask, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (i *IncidentTasksServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if i.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/tasks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + incidentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentId")]) + if err != nil { + return nil, err + } + incidentTaskIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentTaskId")]) + if err != nil { + return nil, err + } + respr, errRespr := i.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, incidentIDParam, incidentTaskIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (i *IncidentTasksServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if i.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/tasks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + incidentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentId")]) + if err != nil { + return nil, err + } + incidentTaskIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentTaskId")]) + if err != nil { + return nil, err + } + respr, errRespr := i.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, incidentIDParam, incidentTaskIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).IncidentTask, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (i *IncidentTasksServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if i.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := i.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/tasks` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + incidentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentId")]) + if err != nil { + return nil, err + } + resp := i.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, incidentIDParam, nil) + newListPager = &resp + i.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.IncidentTasksClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + i.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + i.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to IncidentTasksServerTransport +var incidentTasksServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/internal.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/internal.go index 40041750dbe9..561a0a7001bf 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/internal.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/internal.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -16,6 +13,11 @@ import ( "sync" ) +type result struct { + resp *http.Response + err error +} + type nonRetriableError struct { error } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/ipgeodata_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/ipgeodata_server.go deleted file mode 100644 index 5061bb3e244c..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/ipgeodata_server.go +++ /dev/null @@ -1,101 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -package fake - -import ( - "context" - "errors" - "fmt" - azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" - "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" - "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" - "net/http" - "net/url" - "regexp" -) - -// IPGeodataServer is a fake server for instances of the armsecurityinsights.IPGeodataClient type. -type IPGeodataServer struct { - // Get is the fake for method IPGeodataClient.Get - // HTTP status codes to indicate success: http.StatusOK - Get func(ctx context.Context, resourceGroupName string, ipAddress string, options *armsecurityinsights.IPGeodataClientGetOptions) (resp azfake.Responder[armsecurityinsights.IPGeodataClientGetResponse], errResp azfake.ErrorResponder) -} - -// NewIPGeodataServerTransport creates a new instance of IPGeodataServerTransport with the provided implementation. -// The returned IPGeodataServerTransport instance is connected to an instance of armsecurityinsights.IPGeodataClient via the -// azcore.ClientOptions.Transporter field in the client's constructor parameters. -func NewIPGeodataServerTransport(srv *IPGeodataServer) *IPGeodataServerTransport { - return &IPGeodataServerTransport{srv: srv} -} - -// IPGeodataServerTransport connects instances of armsecurityinsights.IPGeodataClient to instances of IPGeodataServer. -// Don't use this type directly, use NewIPGeodataServerTransport instead. -type IPGeodataServerTransport struct { - srv *IPGeodataServer -} - -// Do implements the policy.Transporter interface for IPGeodataServerTransport. -func (i *IPGeodataServerTransport) Do(req *http.Request) (*http.Response, error) { - rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) - method, ok := rawMethod.(string) - if !ok { - return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} - } - - var resp *http.Response - var err error - - switch method { - case "IPGeodataClient.Get": - resp, err = i.dispatchGet(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } - - if err != nil { - return nil, err - } - - return resp, nil -} - -func (i *IPGeodataServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { - if i.srv.Get == nil { - return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} - } - const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/enrichment/ip/geodata/` - regex := regexp.MustCompile(regexStr) - matches := regex.FindStringSubmatch(req.URL.EscapedPath()) - if matches == nil || len(matches) < 2 { - return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) - } - qp := req.URL.Query() - resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) - if err != nil { - return nil, err - } - ipAddressParam, err := url.QueryUnescape(qp.Get("ipAddress")) - if err != nil { - return nil, err - } - respr, errRespr := i.srv.Get(req.Context(), resourceGroupNameParam, ipAddressParam, nil) - if respErr := server.GetError(errRespr, req); respErr != nil { - return nil, respErr - } - respContent := server.GetResponseContent(respr) - if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} - } - resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EnrichmentIPGeodata, req) - if err != nil { - return nil, err - } - return resp, nil -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/metadata_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/metadata_server.go index 83b2e9bd0153..5f70d2b61f67 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/metadata_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/metadata_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -71,29 +68,48 @@ func (m *MetadataServerTransport) Do(req *http.Request) (*http.Response, error) return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return m.dispatchToMethodFake(req, method) +} - switch method { - case "MetadataClient.Create": - resp, err = m.dispatchCreate(req) - case "MetadataClient.Delete": - resp, err = m.dispatchDelete(req) - case "MetadataClient.Get": - resp, err = m.dispatchGet(req) - case "MetadataClient.NewListPager": - resp, err = m.dispatchNewListPager(req) - case "MetadataClient.Update": - resp, err = m.dispatchUpdate(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (m *MetadataServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if metadataServerTransportInterceptor != nil { + res.resp, res.err, intercepted = metadataServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "MetadataClient.Create": + res.resp, res.err = m.dispatchCreate(req) + case "MetadataClient.Delete": + res.resp, res.err = m.dispatchDelete(req) + case "MetadataClient.Get": + res.resp, res.err = m.dispatchGet(req) + case "MetadataClient.NewListPager": + res.resp, res.err = m.dispatchNewListPager(req) + case "MetadataClient.Update": + res.resp, res.err = m.dispatchUpdate(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (m *MetadataServerTransport) dispatchCreate(req *http.Request) (*http.Response, error) { @@ -340,3 +356,9 @@ func (m *MetadataServerTransport) dispatchUpdate(req *http.Request) (*http.Respo } return resp, nil } + +// set this to conditionally intercept incoming requests to MetadataServerTransport +var metadataServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/officeconsents_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/officeconsents_server.go index 819c595f3d81..54733002a9e5 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/officeconsents_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/officeconsents_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -62,25 +59,44 @@ func (o *OfficeConsentsServerTransport) Do(req *http.Request) (*http.Response, e return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return o.dispatchToMethodFake(req, method) +} - switch method { - case "OfficeConsentsClient.Delete": - resp, err = o.dispatchDelete(req) - case "OfficeConsentsClient.Get": - resp, err = o.dispatchGet(req) - case "OfficeConsentsClient.NewListPager": - resp, err = o.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (o *OfficeConsentsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if officeConsentsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = officeConsentsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "OfficeConsentsClient.Delete": + res.resp, res.err = o.dispatchDelete(req) + case "OfficeConsentsClient.Get": + res.resp, res.err = o.dispatchGet(req) + case "OfficeConsentsClient.NewListPager": + res.resp, res.err = o.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (o *OfficeConsentsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { @@ -197,3 +213,9 @@ func (o *OfficeConsentsServerTransport) dispatchNewListPager(req *http.Request) } return resp, nil } + +// set this to conditionally intercept incoming requests to OfficeConsentsServerTransport +var officeConsentsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/operations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/operations_server.go index ed1be8860513..9dbfad4d168a 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/operations_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/operations_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -51,21 +48,40 @@ func (o *OperationsServerTransport) Do(req *http.Request) (*http.Response, error return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return o.dispatchToMethodFake(req, method) +} - switch method { - case "OperationsClient.NewListPager": - resp, err = o.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (o *OperationsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if operationsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = operationsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "OperationsClient.NewListPager": + res.resp, res.err = o.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (o *OperationsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { @@ -94,3 +110,9 @@ func (o *OperationsServerTransport) dispatchNewListPager(req *http.Request) (*ht } return resp, nil } + +// set this to conditionally intercept incoming requests to OperationsServerTransport +var operationsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/polymorphic_helpers.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/polymorphic_helpers.go index f58543fe9858..469b19f727d3 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/polymorphic_helpers.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/polymorphic_helpers.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -89,6 +86,8 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (armsecurityin b = &armsecurityinsights.ASCDataConnector{} case string(armsecurityinsights.DataConnectorKindDynamics365): b = &armsecurityinsights.Dynamics365DataConnector{} + case string(armsecurityinsights.DataConnectorKindGCP): + b = &armsecurityinsights.GCPDataConnector{} case string(armsecurityinsights.DataConnectorKindGenericUI): b = &armsecurityinsights.CodelessUIDataConnector{} case string(armsecurityinsights.DataConnectorKindIOT): @@ -97,6 +96,8 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (armsecurityin b = &armsecurityinsights.MCASDataConnector{} case string(armsecurityinsights.DataConnectorKindMicrosoftDefenderAdvancedThreatProtection): b = &armsecurityinsights.MDATPDataConnector{} + case string(armsecurityinsights.DataConnectorKindMicrosoftPurviewInformationProtection): + b = &armsecurityinsights.MicrosoftPurviewInformationProtectionDataConnector{} case string(armsecurityinsights.DataConnectorKindMicrosoftThreatIntelligence): b = &armsecurityinsights.MSTIDataConnector{} case string(armsecurityinsights.DataConnectorKindMicrosoftThreatProtection): @@ -111,6 +112,10 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (armsecurityin b = &armsecurityinsights.OfficeIRMDataConnector{} case string(armsecurityinsights.DataConnectorKindOfficePowerBI): b = &armsecurityinsights.OfficePowerBIDataConnector{} + case string(armsecurityinsights.DataConnectorKindPurviewAudit): + b = &armsecurityinsights.PurviewAuditDataConnector{} + case string(armsecurityinsights.DataConnectorKindRestAPIPoller): + b = &armsecurityinsights.RestAPIPollerDataConnector{} case string(armsecurityinsights.DataConnectorKindThreatIntelligence): b = &armsecurityinsights.TIDataConnector{} case string(armsecurityinsights.DataConnectorKindThreatIntelligenceTaxii): @@ -124,6 +129,27 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (armsecurityin return b, nil } +func unmarshalDataConnectorDefinitionClassification(rawMsg json.RawMessage) (armsecurityinsights.DataConnectorDefinitionClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b armsecurityinsights.DataConnectorDefinitionClassification + switch m["kind"] { + case string(armsecurityinsights.DataConnectorDefinitionKindCustomizable): + b = &armsecurityinsights.CustomizableConnectorDefinition{} + default: + b = &armsecurityinsights.DataConnectorDefinition{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + func unmarshalDataConnectorsCheckRequirementsClassification(rawMsg json.RawMessage) (armsecurityinsights.DataConnectorsCheckRequirementsClassification, error) { if rawMsg == nil || string(rawMsg) == "null" { return nil, nil @@ -152,6 +178,8 @@ func unmarshalDataConnectorsCheckRequirementsClassification(rawMsg json.RawMessa b = &armsecurityinsights.MCASCheckRequirements{} case string(armsecurityinsights.DataConnectorKindMicrosoftDefenderAdvancedThreatProtection): b = &armsecurityinsights.MDATPCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindMicrosoftPurviewInformationProtection): + b = &armsecurityinsights.MicrosoftPurviewInformationProtectionCheckRequirements{} case string(armsecurityinsights.DataConnectorKindMicrosoftThreatIntelligence): b = &armsecurityinsights.MSTICheckRequirements{} case string(armsecurityinsights.DataConnectorKindMicrosoftThreatProtection): @@ -164,6 +192,8 @@ func unmarshalDataConnectorsCheckRequirementsClassification(rawMsg json.RawMessa b = &armsecurityinsights.OfficeIRMCheckRequirements{} case string(armsecurityinsights.DataConnectorKindOfficePowerBI): b = &armsecurityinsights.OfficePowerBICheckRequirements{} + case string(armsecurityinsights.DataConnectorKindPurviewAudit): + b = &armsecurityinsights.PurviewAuditCheckRequirements{} case string(armsecurityinsights.DataConnectorKindThreatIntelligence): b = &armsecurityinsights.TICheckRequirements{} case string(armsecurityinsights.DataConnectorKindThreatIntelligenceTaxii): diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackage_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackage_server.go new file mode 100644 index 000000000000..089fb8e97231 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackage_server.go @@ -0,0 +1,126 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ProductPackageServer is a fake server for instances of the armsecurityinsights.ProductPackageClient type. +type ProductPackageServer struct { + // Get is the fake for method ProductPackageClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *armsecurityinsights.ProductPackageClientGetOptions) (resp azfake.Responder[armsecurityinsights.ProductPackageClientGetResponse], errResp azfake.ErrorResponder) +} + +// NewProductPackageServerTransport creates a new instance of ProductPackageServerTransport with the provided implementation. +// The returned ProductPackageServerTransport instance is connected to an instance of armsecurityinsights.ProductPackageClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewProductPackageServerTransport(srv *ProductPackageServer) *ProductPackageServerTransport { + return &ProductPackageServerTransport{srv: srv} +} + +// ProductPackageServerTransport connects instances of armsecurityinsights.ProductPackageClient to instances of ProductPackageServer. +// Don't use this type directly, use NewProductPackageServerTransport instead. +type ProductPackageServerTransport struct { + srv *ProductPackageServer +} + +// Do implements the policy.Transporter interface for ProductPackageServerTransport. +func (p *ProductPackageServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return p.dispatchToMethodFake(req, method) +} + +func (p *ProductPackageServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if productPackageServerTransportInterceptor != nil { + res.resp, res.err, intercepted = productPackageServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ProductPackageClient.Get": + res.resp, res.err = p.dispatchGet(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (p *ProductPackageServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if p.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentProductPackages/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + packageIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("packageId")]) + if err != nil { + return nil, err + } + respr, errRespr := p.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, packageIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).ProductPackageModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ProductPackageServerTransport +var productPackageServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackages_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackages_server.go new file mode 100644 index 000000000000..cf686cf11e22 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackages_server.go @@ -0,0 +1,180 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// ProductPackagesServer is a fake server for instances of the armsecurityinsights.ProductPackagesClient type. +type ProductPackagesServer struct { + // NewListPager is the fake for method ProductPackagesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.ProductPackagesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.ProductPackagesClientListResponse]) +} + +// NewProductPackagesServerTransport creates a new instance of ProductPackagesServerTransport with the provided implementation. +// The returned ProductPackagesServerTransport instance is connected to an instance of armsecurityinsights.ProductPackagesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewProductPackagesServerTransport(srv *ProductPackagesServer) *ProductPackagesServerTransport { + return &ProductPackagesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.ProductPackagesClientListResponse]](), + } +} + +// ProductPackagesServerTransport connects instances of armsecurityinsights.ProductPackagesClient to instances of ProductPackagesServer. +// Don't use this type directly, use NewProductPackagesServerTransport instead. +type ProductPackagesServerTransport struct { + srv *ProductPackagesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.ProductPackagesClientListResponse]] +} + +// Do implements the policy.Transporter interface for ProductPackagesServerTransport. +func (p *ProductPackagesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return p.dispatchToMethodFake(req, method) +} + +func (p *ProductPackagesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if productPackagesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = productPackagesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ProductPackagesClient.NewListPager": + res.resp, res.err = p.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (p *ProductPackagesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if p.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := p.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentProductPackages` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + searchUnescaped, err := url.QueryUnescape(qp.Get("$search")) + if err != nil { + return nil, err + } + searchParam := getOptional(searchUnescaped) + var options *armsecurityinsights.ProductPackagesClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil || searchParam != nil { + options = &armsecurityinsights.ProductPackagesClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + Search: searchParam, + } + } + resp := p.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + p.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.ProductPackagesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + p.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + p.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ProductPackagesServerTransport +var productPackagesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productsettings_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productsettings_server.go index 7f79620a1305..ba84eb9649f9 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productsettings_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productsettings_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -15,6 +12,7 @@ import ( azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" @@ -31,12 +29,12 @@ type ProductSettingsServer struct { // HTTP status codes to indicate success: http.StatusOK Get func(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, options *armsecurityinsights.ProductSettingsClientGetOptions) (resp azfake.Responder[armsecurityinsights.ProductSettingsClientGetResponse], errResp azfake.ErrorResponder) - // List is the fake for method ProductSettingsClient.List + // NewListPager is the fake for method ProductSettingsClient.NewListPager // HTTP status codes to indicate success: http.StatusOK - List func(ctx context.Context, resourceGroupName string, workspaceName string, options *armsecurityinsights.ProductSettingsClientListOptions) (resp azfake.Responder[armsecurityinsights.ProductSettingsClientListResponse], errResp azfake.ErrorResponder) + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.ProductSettingsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.ProductSettingsClientListResponse]) // Update is the fake for method ProductSettingsClient.Update - // HTTP status codes to indicate success: http.StatusOK + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated Update func(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, settings armsecurityinsights.SettingsClassification, options *armsecurityinsights.ProductSettingsClientUpdateOptions) (resp azfake.Responder[armsecurityinsights.ProductSettingsClientUpdateResponse], errResp azfake.ErrorResponder) } @@ -44,13 +42,17 @@ type ProductSettingsServer struct { // The returned ProductSettingsServerTransport instance is connected to an instance of armsecurityinsights.ProductSettingsClient via the // azcore.ClientOptions.Transporter field in the client's constructor parameters. func NewProductSettingsServerTransport(srv *ProductSettingsServer) *ProductSettingsServerTransport { - return &ProductSettingsServerTransport{srv: srv} + return &ProductSettingsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.ProductSettingsClientListResponse]](), + } } // ProductSettingsServerTransport connects instances of armsecurityinsights.ProductSettingsClient to instances of ProductSettingsServer. // Don't use this type directly, use NewProductSettingsServerTransport instead. type ProductSettingsServerTransport struct { - srv *ProductSettingsServer + srv *ProductSettingsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.ProductSettingsClientListResponse]] } // Do implements the policy.Transporter interface for ProductSettingsServerTransport. @@ -61,27 +63,46 @@ func (p *ProductSettingsServerTransport) Do(req *http.Request) (*http.Response, return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return p.dispatchToMethodFake(req, method) +} - switch method { - case "ProductSettingsClient.Delete": - resp, err = p.dispatchDelete(req) - case "ProductSettingsClient.Get": - resp, err = p.dispatchGet(req) - case "ProductSettingsClient.List": - resp, err = p.dispatchList(req) - case "ProductSettingsClient.Update": - resp, err = p.dispatchUpdate(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (p *ProductSettingsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if productSettingsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = productSettingsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ProductSettingsClient.Delete": + res.resp, res.err = p.dispatchDelete(req) + case "ProductSettingsClient.Get": + res.resp, res.err = p.dispatchGet(req) + case "ProductSettingsClient.NewListPager": + res.resp, res.err = p.dispatchNewListPager(req) + case "ProductSettingsClient.Update": + res.resp, res.err = p.dispatchUpdate(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (p *ProductSettingsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { @@ -158,35 +179,43 @@ func (p *ProductSettingsServerTransport) dispatchGet(req *http.Request) (*http.R return resp, nil } -func (p *ProductSettingsServerTransport) dispatchList(req *http.Request) (*http.Response, error) { - if p.srv.List == nil { - return nil, &nonRetriableError{errors.New("fake for method List not implemented")} - } - const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/settings` - regex := regexp.MustCompile(regexStr) - matches := regex.FindStringSubmatch(req.URL.EscapedPath()) - if matches == nil || len(matches) < 3 { - return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) - } - resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) +func (p *ProductSettingsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if p.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := p.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/settings` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := p.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + p.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.ProductSettingsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) if err != nil { return nil, err } - workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) - if err != nil { - return nil, err - } - respr, errRespr := p.srv.List(req.Context(), resourceGroupNameParam, workspaceNameParam, nil) - if respErr := server.GetError(errRespr, req); respErr != nil { - return nil, respErr - } - respContent := server.GetResponseContent(respr) - if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + if !contains([]int{http.StatusOK}, resp.StatusCode) { + p.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} } - resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SettingList, req) - if err != nil { - return nil, err + if !server.PagerResponderMore(newListPager) { + p.newListPager.remove(req) } return resp, nil } @@ -226,8 +255,8 @@ func (p *ProductSettingsServerTransport) dispatchUpdate(req *http.Request) (*htt return nil, respErr } respContent := server.GetResponseContent(respr) - if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} } resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SettingsClassification, req) if err != nil { @@ -235,3 +264,9 @@ func (p *ProductSettingsServerTransport) dispatchUpdate(req *http.Request) (*htt } return resp, nil } + +// set this to conditionally intercept incoming requests to ProductSettingsServerTransport +var productSettingsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplate_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplate_server.go new file mode 100644 index 000000000000..9f1e238bc904 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplate_server.go @@ -0,0 +1,126 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ProductTemplateServer is a fake server for instances of the armsecurityinsights.ProductTemplateClient type. +type ProductTemplateServer struct { + // Get is the fake for method ProductTemplateClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *armsecurityinsights.ProductTemplateClientGetOptions) (resp azfake.Responder[armsecurityinsights.ProductTemplateClientGetResponse], errResp azfake.ErrorResponder) +} + +// NewProductTemplateServerTransport creates a new instance of ProductTemplateServerTransport with the provided implementation. +// The returned ProductTemplateServerTransport instance is connected to an instance of armsecurityinsights.ProductTemplateClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewProductTemplateServerTransport(srv *ProductTemplateServer) *ProductTemplateServerTransport { + return &ProductTemplateServerTransport{srv: srv} +} + +// ProductTemplateServerTransport connects instances of armsecurityinsights.ProductTemplateClient to instances of ProductTemplateServer. +// Don't use this type directly, use NewProductTemplateServerTransport instead. +type ProductTemplateServerTransport struct { + srv *ProductTemplateServer +} + +// Do implements the policy.Transporter interface for ProductTemplateServerTransport. +func (p *ProductTemplateServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return p.dispatchToMethodFake(req, method) +} + +func (p *ProductTemplateServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if productTemplateServerTransportInterceptor != nil { + res.resp, res.err, intercepted = productTemplateServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ProductTemplateClient.Get": + res.resp, res.err = p.dispatchGet(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (p *ProductTemplateServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if p.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentproducttemplates/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + templateIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("templateId")]) + if err != nil { + return nil, err + } + respr, errRespr := p.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, templateIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).ProductTemplateModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ProductTemplateServerTransport +var productTemplateServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplates_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplates_server.go new file mode 100644 index 000000000000..56254bcd40fe --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplates_server.go @@ -0,0 +1,204 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// ProductTemplatesServer is a fake server for instances of the armsecurityinsights.ProductTemplatesClient type. +type ProductTemplatesServer struct { + // NewListPager is the fake for method ProductTemplatesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.ProductTemplatesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.ProductTemplatesClientListResponse]) +} + +// NewProductTemplatesServerTransport creates a new instance of ProductTemplatesServerTransport with the provided implementation. +// The returned ProductTemplatesServerTransport instance is connected to an instance of armsecurityinsights.ProductTemplatesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewProductTemplatesServerTransport(srv *ProductTemplatesServer) *ProductTemplatesServerTransport { + return &ProductTemplatesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.ProductTemplatesClientListResponse]](), + } +} + +// ProductTemplatesServerTransport connects instances of armsecurityinsights.ProductTemplatesClient to instances of ProductTemplatesServer. +// Don't use this type directly, use NewProductTemplatesServerTransport instead. +type ProductTemplatesServerTransport struct { + srv *ProductTemplatesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.ProductTemplatesClientListResponse]] +} + +// Do implements the policy.Transporter interface for ProductTemplatesServerTransport. +func (p *ProductTemplatesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return p.dispatchToMethodFake(req, method) +} + +func (p *ProductTemplatesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if productTemplatesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = productTemplatesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ProductTemplatesClient.NewListPager": + res.resp, res.err = p.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (p *ProductTemplatesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if p.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := p.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentProductTemplates` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + searchUnescaped, err := url.QueryUnescape(qp.Get("$search")) + if err != nil { + return nil, err + } + searchParam := getOptional(searchUnescaped) + countUnescaped, err := url.QueryUnescape(qp.Get("$count")) + if err != nil { + return nil, err + } + countParam, err := parseOptional(countUnescaped, strconv.ParseBool) + if err != nil { + return nil, err + } + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipUnescaped, err := url.QueryUnescape(qp.Get("$skip")) + if err != nil { + return nil, err + } + skipParam, err := parseOptional(skipUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.ProductTemplatesClientListOptions + if filterParam != nil || orderbyParam != nil || searchParam != nil || countParam != nil || topParam != nil || skipParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.ProductTemplatesClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Search: searchParam, + Count: countParam, + Top: topParam, + Skip: skipParam, + SkipToken: skipTokenParam, + } + } + resp := p.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + p.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.ProductTemplatesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + p.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + p.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ProductTemplatesServerTransport +var productTemplatesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/reevaluate_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/reevaluate_server.go new file mode 100644 index 000000000000..5172b10d201f --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/reevaluate_server.go @@ -0,0 +1,126 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ReevaluateServer is a fake server for instances of the armsecurityinsights.ReevaluateClient type. +type ReevaluateServer struct { + // Recommendation is the fake for method ReevaluateClient.Recommendation + // HTTP status codes to indicate success: http.StatusOK + Recommendation func(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, options *armsecurityinsights.ReevaluateClientRecommendationOptions) (resp azfake.Responder[armsecurityinsights.ReevaluateClientRecommendationResponse], errResp azfake.ErrorResponder) +} + +// NewReevaluateServerTransport creates a new instance of ReevaluateServerTransport with the provided implementation. +// The returned ReevaluateServerTransport instance is connected to an instance of armsecurityinsights.ReevaluateClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewReevaluateServerTransport(srv *ReevaluateServer) *ReevaluateServerTransport { + return &ReevaluateServerTransport{srv: srv} +} + +// ReevaluateServerTransport connects instances of armsecurityinsights.ReevaluateClient to instances of ReevaluateServer. +// Don't use this type directly, use NewReevaluateServerTransport instead. +type ReevaluateServerTransport struct { + srv *ReevaluateServer +} + +// Do implements the policy.Transporter interface for ReevaluateServerTransport. +func (r *ReevaluateServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return r.dispatchToMethodFake(req, method) +} + +func (r *ReevaluateServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if reevaluateServerTransportInterceptor != nil { + res.resp, res.err, intercepted = reevaluateServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ReevaluateClient.Recommendation": + res.resp, res.err = r.dispatchRecommendation(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (r *ReevaluateServerTransport) dispatchRecommendation(req *http.Request) (*http.Response, error) { + if r.srv.Recommendation == nil { + return nil, &nonRetriableError{errors.New("fake for method Recommendation not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/recommendations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/triggerEvaluation` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + recommendationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("recommendationId")]) + if err != nil { + return nil, err + } + respr, errRespr := r.srv.Recommendation(req.Context(), resourceGroupNameParam, workspaceNameParam, recommendationIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).ReevaluateResponse, req) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ReevaluateServerTransport +var reevaluateServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/securitymlanalyticssettings_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/securitymlanalyticssettings_server.go index 678668451045..a170fab3b384 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/securitymlanalyticssettings_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/securitymlanalyticssettings_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -66,27 +63,46 @@ func (s *SecurityMLAnalyticsSettingsServerTransport) Do(req *http.Request) (*htt return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return s.dispatchToMethodFake(req, method) +} - switch method { - case "SecurityMLAnalyticsSettingsClient.CreateOrUpdate": - resp, err = s.dispatchCreateOrUpdate(req) - case "SecurityMLAnalyticsSettingsClient.Delete": - resp, err = s.dispatchDelete(req) - case "SecurityMLAnalyticsSettingsClient.Get": - resp, err = s.dispatchGet(req) - case "SecurityMLAnalyticsSettingsClient.NewListPager": - resp, err = s.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (s *SecurityMLAnalyticsSettingsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if securityMlAnalyticsSettingsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = securityMlAnalyticsSettingsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "SecurityMLAnalyticsSettingsClient.CreateOrUpdate": + res.resp, res.err = s.dispatchCreateOrUpdate(req) + case "SecurityMLAnalyticsSettingsClient.Delete": + res.resp, res.err = s.dispatchDelete(req) + case "SecurityMLAnalyticsSettingsClient.Get": + res.resp, res.err = s.dispatchGet(req) + case "SecurityMLAnalyticsSettingsClient.NewListPager": + res.resp, res.err = s.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (s *SecurityMLAnalyticsSettingsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -248,3 +264,9 @@ func (s *SecurityMLAnalyticsSettingsServerTransport) dispatchNewListPager(req *h } return resp, nil } + +// set this to conditionally intercept incoming requests to SecurityMLAnalyticsSettingsServerTransport +var securityMlAnalyticsSettingsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sentinelonboardingstates_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sentinelonboardingstates_server.go index 70d308f2fdef..5bcd0ac0f190 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sentinelonboardingstates_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sentinelonboardingstates_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -62,27 +59,46 @@ func (s *SentinelOnboardingStatesServerTransport) Do(req *http.Request) (*http.R return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return s.dispatchToMethodFake(req, method) +} - switch method { - case "SentinelOnboardingStatesClient.Create": - resp, err = s.dispatchCreate(req) - case "SentinelOnboardingStatesClient.Delete": - resp, err = s.dispatchDelete(req) - case "SentinelOnboardingStatesClient.Get": - resp, err = s.dispatchGet(req) - case "SentinelOnboardingStatesClient.List": - resp, err = s.dispatchList(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (s *SentinelOnboardingStatesServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if sentinelOnboardingStatesServerTransportInterceptor != nil { + res.resp, res.err, intercepted = sentinelOnboardingStatesServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "SentinelOnboardingStatesClient.Create": + res.resp, res.err = s.dispatchCreate(req) + case "SentinelOnboardingStatesClient.Delete": + res.resp, res.err = s.dispatchDelete(req) + case "SentinelOnboardingStatesClient.Get": + res.resp, res.err = s.dispatchGet(req) + case "SentinelOnboardingStatesClient.List": + res.resp, res.err = s.dispatchList(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (s *SentinelOnboardingStatesServerTransport) dispatchCreate(req *http.Request) (*http.Response, error) { @@ -238,3 +254,9 @@ func (s *SentinelOnboardingStatesServerTransport) dispatchList(req *http.Request } return resp, nil } + +// set this to conditionally intercept incoming requests to SentinelOnboardingStatesServerTransport +var sentinelOnboardingStatesServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server.go new file mode 100644 index 000000000000..56d74b87833d --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server.go @@ -0,0 +1,189 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// Server is a fake server for instances of the armsecurityinsights.Client type. +type Server struct { + // ListGeodataByIP is the fake for method Client.ListGeodataByIP + // HTTP status codes to indicate success: http.StatusOK + ListGeodataByIP func(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType armsecurityinsights.EnrichmentType, ipAddressBody armsecurityinsights.EnrichmentIPAddressBody, options *armsecurityinsights.ClientListGeodataByIPOptions) (resp azfake.Responder[armsecurityinsights.ClientListGeodataByIPResponse], errResp azfake.ErrorResponder) + + // ListWhoisByDomain is the fake for method Client.ListWhoisByDomain + // HTTP status codes to indicate success: http.StatusOK + ListWhoisByDomain func(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType armsecurityinsights.EnrichmentType, domainBody armsecurityinsights.EnrichmentDomainBody, options *armsecurityinsights.ClientListWhoisByDomainOptions) (resp azfake.Responder[armsecurityinsights.ClientListWhoisByDomainResponse], errResp azfake.ErrorResponder) +} + +// NewServerTransport creates a new instance of ServerTransport with the provided implementation. +// The returned ServerTransport instance is connected to an instance of armsecurityinsights.Client via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewServerTransport(srv *Server) *ServerTransport { + return &ServerTransport{srv: srv} +} + +// ServerTransport connects instances of armsecurityinsights.Client to instances of Server. +// Don't use this type directly, use NewServerTransport instead. +type ServerTransport struct { + srv *Server +} + +// Do implements the policy.Transporter interface for ServerTransport. +func (s *ServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return s.dispatchToMethodFake(req, method) +} + +func (s *ServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if serverTransportInterceptor != nil { + res.resp, res.err, intercepted = serverTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "Client.ListGeodataByIP": + res.resp, res.err = s.dispatchListGeodataByIP(req) + case "Client.ListWhoisByDomain": + res.resp, res.err = s.dispatchListWhoisByDomain(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (s *ServerTransport) dispatchListGeodataByIP(req *http.Request) (*http.Response, error) { + if s.srv.ListGeodataByIP == nil { + return nil, &nonRetriableError{errors.New("fake for method ListGeodataByIP not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/enrichment/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/listGeodataByIp` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.EnrichmentIPAddressBody](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + enrichmentTypeParam, err := parseWithCast(matches[regex.SubexpIndex("enrichmentType")], func(v string) (armsecurityinsights.EnrichmentType, error) { + p, unescapeErr := url.PathUnescape(v) + if unescapeErr != nil { + return "", unescapeErr + } + return armsecurityinsights.EnrichmentType(p), nil + }) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.ListGeodataByIP(req.Context(), resourceGroupNameParam, workspaceNameParam, enrichmentTypeParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EnrichmentIPGeodata, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *ServerTransport) dispatchListWhoisByDomain(req *http.Request) (*http.Response, error) { + if s.srv.ListWhoisByDomain == nil { + return nil, &nonRetriableError{errors.New("fake for method ListWhoisByDomain not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/enrichment/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/listWhoisByDomain` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.EnrichmentDomainBody](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + enrichmentTypeParam, err := parseWithCast(matches[regex.SubexpIndex("enrichmentType")], func(v string) (armsecurityinsights.EnrichmentType, error) { + p, unescapeErr := url.PathUnescape(v) + if unescapeErr != nil { + return "", unescapeErr + } + return armsecurityinsights.EnrichmentType(p), nil + }) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.ListWhoisByDomain(req.Context(), resourceGroupNameParam, workspaceNameParam, enrichmentTypeParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EnrichmentDomainWhois, req) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ServerTransport +var serverTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server_factory.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server_factory.go index 2adc83b81ccd..450d9784f4eb 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server_factory.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server_factory.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -19,40 +16,194 @@ import ( // ServerFactory is a fake server for instances of the armsecurityinsights.ClientFactory type. type ServerFactory struct { - ActionsServer ActionsServer - AlertRuleTemplatesServer AlertRuleTemplatesServer - AlertRulesServer AlertRulesServer - AutomationRulesServer AutomationRulesServer - BookmarkServer BookmarkServer - BookmarkRelationsServer BookmarkRelationsServer - BookmarksServer BookmarksServer - DataConnectorsCheckRequirementsServer DataConnectorsCheckRequirementsServer - DataConnectorsServer DataConnectorsServer - DomainWhoisServer DomainWhoisServer - EntitiesServer EntitiesServer - EntitiesGetTimelineServer EntitiesGetTimelineServer - EntitiesRelationsServer EntitiesRelationsServer - EntityQueriesServer EntityQueriesServer - EntityQueryTemplatesServer EntityQueryTemplatesServer - EntityRelationsServer EntityRelationsServer - FileImportsServer FileImportsServer - IPGeodataServer IPGeodataServer - IncidentCommentsServer IncidentCommentsServer - IncidentRelationsServer IncidentRelationsServer - IncidentsServer IncidentsServer - MetadataServer MetadataServer - OfficeConsentsServer OfficeConsentsServer - OperationsServer OperationsServer - ProductSettingsServer ProductSettingsServer - SecurityMLAnalyticsSettingsServer SecurityMLAnalyticsSettingsServer - SentinelOnboardingStatesServer SentinelOnboardingStatesServer - SourceControlServer SourceControlServer - SourceControlsServer SourceControlsServer - ThreatIntelligenceIndicatorServer ThreatIntelligenceIndicatorServer + // ActionsServer contains the fakes for client ActionsClient + ActionsServer ActionsServer + + // AlertRuleServer contains the fakes for client AlertRuleClient + AlertRuleServer AlertRuleServer + + // AlertRuleTemplatesServer contains the fakes for client AlertRuleTemplatesClient + AlertRuleTemplatesServer AlertRuleTemplatesServer + + // AlertRulesServer contains the fakes for client AlertRulesClient + AlertRulesServer AlertRulesServer + + // AutomationRulesServer contains the fakes for client AutomationRulesClient + AutomationRulesServer AutomationRulesServer + + // BillingStatisticsServer contains the fakes for client BillingStatisticsClient + BillingStatisticsServer BillingStatisticsServer + + // BookmarkServer contains the fakes for client BookmarkClient + BookmarkServer BookmarkServer + + // BookmarkRelationsServer contains the fakes for client BookmarkRelationsClient + BookmarkRelationsServer BookmarkRelationsServer + + // BookmarksServer contains the fakes for client BookmarksClient + BookmarksServer BookmarksServer + + // BusinessApplicationAgentServer contains the fakes for client BusinessApplicationAgentClient + BusinessApplicationAgentServer BusinessApplicationAgentServer + + // BusinessApplicationAgentsServer contains the fakes for client BusinessApplicationAgentsClient + BusinessApplicationAgentsServer BusinessApplicationAgentsServer + + // Server contains the fakes for client Client + Server Server + + // ContentPackageServer contains the fakes for client ContentPackageClient + ContentPackageServer ContentPackageServer + + // ContentPackagesServer contains the fakes for client ContentPackagesClient + ContentPackagesServer ContentPackagesServer + + // ContentTemplateServer contains the fakes for client ContentTemplateClient + ContentTemplateServer ContentTemplateServer + + // ContentTemplatesServer contains the fakes for client ContentTemplatesClient + ContentTemplatesServer ContentTemplatesServer + + // DataConnectorDefinitionsServer contains the fakes for client DataConnectorDefinitionsClient + DataConnectorDefinitionsServer DataConnectorDefinitionsServer + + // DataConnectorsCheckRequirementsServer contains the fakes for client DataConnectorsCheckRequirementsClient + DataConnectorsCheckRequirementsServer DataConnectorsCheckRequirementsServer + + // DataConnectorsServer contains the fakes for client DataConnectorsClient + DataConnectorsServer DataConnectorsServer + + // EntitiesServer contains the fakes for client EntitiesClient + EntitiesServer EntitiesServer + + // EntitiesGetTimelineServer contains the fakes for client EntitiesGetTimelineClient + EntitiesGetTimelineServer EntitiesGetTimelineServer + + // EntitiesRelationsServer contains the fakes for client EntitiesRelationsClient + EntitiesRelationsServer EntitiesRelationsServer + + // EntityQueriesServer contains the fakes for client EntityQueriesClient + EntityQueriesServer EntityQueriesServer + + // EntityQueryTemplatesServer contains the fakes for client EntityQueryTemplatesClient + EntityQueryTemplatesServer EntityQueryTemplatesServer + + // EntityRelationsServer contains the fakes for client EntityRelationsClient + EntityRelationsServer EntityRelationsServer + + // FileImportsServer contains the fakes for client FileImportsClient + FileImportsServer FileImportsServer + + // GetServer contains the fakes for client GetClient + GetServer GetServer + + // GetRecommendationsServer contains the fakes for client GetRecommendationsClient + GetRecommendationsServer GetRecommendationsServer + + // GetTriggeredAnalyticsRuleRunsServer contains the fakes for client GetTriggeredAnalyticsRuleRunsClient + GetTriggeredAnalyticsRuleRunsServer GetTriggeredAnalyticsRuleRunsServer + + // HuntCommentsServer contains the fakes for client HuntCommentsClient + HuntCommentsServer HuntCommentsServer + + // HuntRelationsServer contains the fakes for client HuntRelationsClient + HuntRelationsServer HuntRelationsServer + + // HuntsServer contains the fakes for client HuntsClient + HuntsServer HuntsServer + + // IncidentCommentsServer contains the fakes for client IncidentCommentsClient + IncidentCommentsServer IncidentCommentsServer + + // IncidentRelationsServer contains the fakes for client IncidentRelationsClient + IncidentRelationsServer IncidentRelationsServer + + // IncidentTasksServer contains the fakes for client IncidentTasksClient + IncidentTasksServer IncidentTasksServer + + // IncidentsServer contains the fakes for client IncidentsClient + IncidentsServer IncidentsServer + + // MetadataServer contains the fakes for client MetadataClient + MetadataServer MetadataServer + + // OfficeConsentsServer contains the fakes for client OfficeConsentsClient + OfficeConsentsServer OfficeConsentsServer + + // OperationsServer contains the fakes for client OperationsClient + OperationsServer OperationsServer + + // ProductPackageServer contains the fakes for client ProductPackageClient + ProductPackageServer ProductPackageServer + + // ProductPackagesServer contains the fakes for client ProductPackagesClient + ProductPackagesServer ProductPackagesServer + + // ProductSettingsServer contains the fakes for client ProductSettingsClient + ProductSettingsServer ProductSettingsServer + + // ProductTemplateServer contains the fakes for client ProductTemplateClient + ProductTemplateServer ProductTemplateServer + + // ProductTemplatesServer contains the fakes for client ProductTemplatesClient + ProductTemplatesServer ProductTemplatesServer + + // ReevaluateServer contains the fakes for client ReevaluateClient + ReevaluateServer ReevaluateServer + + // SecurityMLAnalyticsSettingsServer contains the fakes for client SecurityMLAnalyticsSettingsClient + SecurityMLAnalyticsSettingsServer SecurityMLAnalyticsSettingsServer + + // SentinelOnboardingStatesServer contains the fakes for client SentinelOnboardingStatesClient + SentinelOnboardingStatesServer SentinelOnboardingStatesServer + + // SourceControlServer contains the fakes for client SourceControlClient + SourceControlServer SourceControlServer + + // SourceControlsServer contains the fakes for client SourceControlsClient + SourceControlsServer SourceControlsServer + + // SystemsServer contains the fakes for client SystemsClient + SystemsServer SystemsServer + + // ThreatIntelligenceServer contains the fakes for client ThreatIntelligenceClient + ThreatIntelligenceServer ThreatIntelligenceServer + + // ThreatIntelligenceIndicatorServer contains the fakes for client ThreatIntelligenceIndicatorClient + ThreatIntelligenceIndicatorServer ThreatIntelligenceIndicatorServer + + // ThreatIntelligenceIndicatorMetricsServer contains the fakes for client ThreatIntelligenceIndicatorMetricsClient ThreatIntelligenceIndicatorMetricsServer ThreatIntelligenceIndicatorMetricsServer - ThreatIntelligenceIndicatorsServer ThreatIntelligenceIndicatorsServer - WatchlistItemsServer WatchlistItemsServer - WatchlistsServer WatchlistsServer + + // ThreatIntelligenceIndicatorsServer contains the fakes for client ThreatIntelligenceIndicatorsClient + ThreatIntelligenceIndicatorsServer ThreatIntelligenceIndicatorsServer + + // TriggeredAnalyticsRuleRunServer contains the fakes for client TriggeredAnalyticsRuleRunClient + TriggeredAnalyticsRuleRunServer TriggeredAnalyticsRuleRunServer + + // UpdateServer contains the fakes for client UpdateClient + UpdateServer UpdateServer + + // WatchlistItemsServer contains the fakes for client WatchlistItemsClient + WatchlistItemsServer WatchlistItemsServer + + // WatchlistsServer contains the fakes for client WatchlistsClient + WatchlistsServer WatchlistsServer + + // WorkspaceManagerAssignmentJobsServer contains the fakes for client WorkspaceManagerAssignmentJobsClient + WorkspaceManagerAssignmentJobsServer WorkspaceManagerAssignmentJobsServer + + // WorkspaceManagerAssignmentsServer contains the fakes for client WorkspaceManagerAssignmentsClient + WorkspaceManagerAssignmentsServer WorkspaceManagerAssignmentsServer + + // WorkspaceManagerConfigurationsServer contains the fakes for client WorkspaceManagerConfigurationsClient + WorkspaceManagerConfigurationsServer WorkspaceManagerConfigurationsServer + + // WorkspaceManagerGroupsServer contains the fakes for client WorkspaceManagerGroupsClient + WorkspaceManagerGroupsServer WorkspaceManagerGroupsServer + + // WorkspaceManagerMembersServer contains the fakes for client WorkspaceManagerMembersClient + WorkspaceManagerMembersServer WorkspaceManagerMembersServer } // NewServerFactoryTransport creates a new instance of ServerFactoryTransport with the provided implementation. @@ -70,15 +221,24 @@ type ServerFactoryTransport struct { srv *ServerFactory trMu sync.Mutex trActionsServer *ActionsServerTransport + trAlertRuleServer *AlertRuleServerTransport trAlertRuleTemplatesServer *AlertRuleTemplatesServerTransport trAlertRulesServer *AlertRulesServerTransport trAutomationRulesServer *AutomationRulesServerTransport + trBillingStatisticsServer *BillingStatisticsServerTransport trBookmarkServer *BookmarkServerTransport trBookmarkRelationsServer *BookmarkRelationsServerTransport trBookmarksServer *BookmarksServerTransport + trBusinessApplicationAgentServer *BusinessApplicationAgentServerTransport + trBusinessApplicationAgentsServer *BusinessApplicationAgentsServerTransport + trServer *ServerTransport + trContentPackageServer *ContentPackageServerTransport + trContentPackagesServer *ContentPackagesServerTransport + trContentTemplateServer *ContentTemplateServerTransport + trContentTemplatesServer *ContentTemplatesServerTransport + trDataConnectorDefinitionsServer *DataConnectorDefinitionsServerTransport trDataConnectorsCheckRequirementsServer *DataConnectorsCheckRequirementsServerTransport trDataConnectorsServer *DataConnectorsServerTransport - trDomainWhoisServer *DomainWhoisServerTransport trEntitiesServer *EntitiesServerTransport trEntitiesGetTimelineServer *EntitiesGetTimelineServerTransport trEntitiesRelationsServer *EntitiesRelationsServerTransport @@ -86,23 +246,43 @@ type ServerFactoryTransport struct { trEntityQueryTemplatesServer *EntityQueryTemplatesServerTransport trEntityRelationsServer *EntityRelationsServerTransport trFileImportsServer *FileImportsServerTransport - trIPGeodataServer *IPGeodataServerTransport + trGetServer *GetServerTransport + trGetRecommendationsServer *GetRecommendationsServerTransport + trGetTriggeredAnalyticsRuleRunsServer *GetTriggeredAnalyticsRuleRunsServerTransport + trHuntCommentsServer *HuntCommentsServerTransport + trHuntRelationsServer *HuntRelationsServerTransport + trHuntsServer *HuntsServerTransport trIncidentCommentsServer *IncidentCommentsServerTransport trIncidentRelationsServer *IncidentRelationsServerTransport + trIncidentTasksServer *IncidentTasksServerTransport trIncidentsServer *IncidentsServerTransport trMetadataServer *MetadataServerTransport trOfficeConsentsServer *OfficeConsentsServerTransport trOperationsServer *OperationsServerTransport + trProductPackageServer *ProductPackageServerTransport + trProductPackagesServer *ProductPackagesServerTransport trProductSettingsServer *ProductSettingsServerTransport + trProductTemplateServer *ProductTemplateServerTransport + trProductTemplatesServer *ProductTemplatesServerTransport + trReevaluateServer *ReevaluateServerTransport trSecurityMLAnalyticsSettingsServer *SecurityMLAnalyticsSettingsServerTransport trSentinelOnboardingStatesServer *SentinelOnboardingStatesServerTransport trSourceControlServer *SourceControlServerTransport trSourceControlsServer *SourceControlsServerTransport + trSystemsServer *SystemsServerTransport + trThreatIntelligenceServer *ThreatIntelligenceServerTransport trThreatIntelligenceIndicatorServer *ThreatIntelligenceIndicatorServerTransport trThreatIntelligenceIndicatorMetricsServer *ThreatIntelligenceIndicatorMetricsServerTransport trThreatIntelligenceIndicatorsServer *ThreatIntelligenceIndicatorsServerTransport + trTriggeredAnalyticsRuleRunServer *TriggeredAnalyticsRuleRunServerTransport + trUpdateServer *UpdateServerTransport trWatchlistItemsServer *WatchlistItemsServerTransport trWatchlistsServer *WatchlistsServerTransport + trWorkspaceManagerAssignmentJobsServer *WorkspaceManagerAssignmentJobsServerTransport + trWorkspaceManagerAssignmentsServer *WorkspaceManagerAssignmentsServerTransport + trWorkspaceManagerConfigurationsServer *WorkspaceManagerConfigurationsServerTransport + trWorkspaceManagerGroupsServer *WorkspaceManagerGroupsServerTransport + trWorkspaceManagerMembersServer *WorkspaceManagerMembersServerTransport } // Do implements the policy.Transporter interface for ServerFactoryTransport. @@ -121,6 +301,9 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { case "ActionsClient": initServer(s, &s.trActionsServer, func() *ActionsServerTransport { return NewActionsServerTransport(&s.srv.ActionsServer) }) resp, err = s.trActionsServer.Do(req) + case "AlertRuleClient": + initServer(s, &s.trAlertRuleServer, func() *AlertRuleServerTransport { return NewAlertRuleServerTransport(&s.srv.AlertRuleServer) }) + resp, err = s.trAlertRuleServer.Do(req) case "AlertRuleTemplatesClient": initServer(s, &s.trAlertRuleTemplatesServer, func() *AlertRuleTemplatesServerTransport { return NewAlertRuleTemplatesServerTransport(&s.srv.AlertRuleTemplatesServer) @@ -134,6 +317,11 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { return NewAutomationRulesServerTransport(&s.srv.AutomationRulesServer) }) resp, err = s.trAutomationRulesServer.Do(req) + case "BillingStatisticsClient": + initServer(s, &s.trBillingStatisticsServer, func() *BillingStatisticsServerTransport { + return NewBillingStatisticsServerTransport(&s.srv.BillingStatisticsServer) + }) + resp, err = s.trBillingStatisticsServer.Do(req) case "BookmarkClient": initServer(s, &s.trBookmarkServer, func() *BookmarkServerTransport { return NewBookmarkServerTransport(&s.srv.BookmarkServer) }) resp, err = s.trBookmarkServer.Do(req) @@ -145,6 +333,44 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { case "BookmarksClient": initServer(s, &s.trBookmarksServer, func() *BookmarksServerTransport { return NewBookmarksServerTransport(&s.srv.BookmarksServer) }) resp, err = s.trBookmarksServer.Do(req) + case "BusinessApplicationAgentClient": + initServer(s, &s.trBusinessApplicationAgentServer, func() *BusinessApplicationAgentServerTransport { + return NewBusinessApplicationAgentServerTransport(&s.srv.BusinessApplicationAgentServer) + }) + resp, err = s.trBusinessApplicationAgentServer.Do(req) + case "BusinessApplicationAgentsClient": + initServer(s, &s.trBusinessApplicationAgentsServer, func() *BusinessApplicationAgentsServerTransport { + return NewBusinessApplicationAgentsServerTransport(&s.srv.BusinessApplicationAgentsServer) + }) + resp, err = s.trBusinessApplicationAgentsServer.Do(req) + case "Client": + initServer(s, &s.trServer, func() *ServerTransport { return NewServerTransport(&s.srv.Server) }) + resp, err = s.trServer.Do(req) + case "ContentPackageClient": + initServer(s, &s.trContentPackageServer, func() *ContentPackageServerTransport { + return NewContentPackageServerTransport(&s.srv.ContentPackageServer) + }) + resp, err = s.trContentPackageServer.Do(req) + case "ContentPackagesClient": + initServer(s, &s.trContentPackagesServer, func() *ContentPackagesServerTransport { + return NewContentPackagesServerTransport(&s.srv.ContentPackagesServer) + }) + resp, err = s.trContentPackagesServer.Do(req) + case "ContentTemplateClient": + initServer(s, &s.trContentTemplateServer, func() *ContentTemplateServerTransport { + return NewContentTemplateServerTransport(&s.srv.ContentTemplateServer) + }) + resp, err = s.trContentTemplateServer.Do(req) + case "ContentTemplatesClient": + initServer(s, &s.trContentTemplatesServer, func() *ContentTemplatesServerTransport { + return NewContentTemplatesServerTransport(&s.srv.ContentTemplatesServer) + }) + resp, err = s.trContentTemplatesServer.Do(req) + case "DataConnectorDefinitionsClient": + initServer(s, &s.trDataConnectorDefinitionsServer, func() *DataConnectorDefinitionsServerTransport { + return NewDataConnectorDefinitionsServerTransport(&s.srv.DataConnectorDefinitionsServer) + }) + resp, err = s.trDataConnectorDefinitionsServer.Do(req) case "DataConnectorsCheckRequirementsClient": initServer(s, &s.trDataConnectorsCheckRequirementsServer, func() *DataConnectorsCheckRequirementsServerTransport { return NewDataConnectorsCheckRequirementsServerTransport(&s.srv.DataConnectorsCheckRequirementsServer) @@ -155,9 +381,6 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { return NewDataConnectorsServerTransport(&s.srv.DataConnectorsServer) }) resp, err = s.trDataConnectorsServer.Do(req) - case "DomainWhoisClient": - initServer(s, &s.trDomainWhoisServer, func() *DomainWhoisServerTransport { return NewDomainWhoisServerTransport(&s.srv.DomainWhoisServer) }) - resp, err = s.trDomainWhoisServer.Do(req) case "EntitiesClient": initServer(s, &s.trEntitiesServer, func() *EntitiesServerTransport { return NewEntitiesServerTransport(&s.srv.EntitiesServer) }) resp, err = s.trEntitiesServer.Do(req) @@ -189,9 +412,30 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { case "FileImportsClient": initServer(s, &s.trFileImportsServer, func() *FileImportsServerTransport { return NewFileImportsServerTransport(&s.srv.FileImportsServer) }) resp, err = s.trFileImportsServer.Do(req) - case "IPGeodataClient": - initServer(s, &s.trIPGeodataServer, func() *IPGeodataServerTransport { return NewIPGeodataServerTransport(&s.srv.IPGeodataServer) }) - resp, err = s.trIPGeodataServer.Do(req) + case "GetClient": + initServer(s, &s.trGetServer, func() *GetServerTransport { return NewGetServerTransport(&s.srv.GetServer) }) + resp, err = s.trGetServer.Do(req) + case "GetRecommendationsClient": + initServer(s, &s.trGetRecommendationsServer, func() *GetRecommendationsServerTransport { + return NewGetRecommendationsServerTransport(&s.srv.GetRecommendationsServer) + }) + resp, err = s.trGetRecommendationsServer.Do(req) + case "GetTriggeredAnalyticsRuleRunsClient": + initServer(s, &s.trGetTriggeredAnalyticsRuleRunsServer, func() *GetTriggeredAnalyticsRuleRunsServerTransport { + return NewGetTriggeredAnalyticsRuleRunsServerTransport(&s.srv.GetTriggeredAnalyticsRuleRunsServer) + }) + resp, err = s.trGetTriggeredAnalyticsRuleRunsServer.Do(req) + case "HuntCommentsClient": + initServer(s, &s.trHuntCommentsServer, func() *HuntCommentsServerTransport { return NewHuntCommentsServerTransport(&s.srv.HuntCommentsServer) }) + resp, err = s.trHuntCommentsServer.Do(req) + case "HuntRelationsClient": + initServer(s, &s.trHuntRelationsServer, func() *HuntRelationsServerTransport { + return NewHuntRelationsServerTransport(&s.srv.HuntRelationsServer) + }) + resp, err = s.trHuntRelationsServer.Do(req) + case "HuntsClient": + initServer(s, &s.trHuntsServer, func() *HuntsServerTransport { return NewHuntsServerTransport(&s.srv.HuntsServer) }) + resp, err = s.trHuntsServer.Do(req) case "IncidentCommentsClient": initServer(s, &s.trIncidentCommentsServer, func() *IncidentCommentsServerTransport { return NewIncidentCommentsServerTransport(&s.srv.IncidentCommentsServer) @@ -202,6 +446,11 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { return NewIncidentRelationsServerTransport(&s.srv.IncidentRelationsServer) }) resp, err = s.trIncidentRelationsServer.Do(req) + case "IncidentTasksClient": + initServer(s, &s.trIncidentTasksServer, func() *IncidentTasksServerTransport { + return NewIncidentTasksServerTransport(&s.srv.IncidentTasksServer) + }) + resp, err = s.trIncidentTasksServer.Do(req) case "IncidentsClient": initServer(s, &s.trIncidentsServer, func() *IncidentsServerTransport { return NewIncidentsServerTransport(&s.srv.IncidentsServer) }) resp, err = s.trIncidentsServer.Do(req) @@ -216,11 +465,34 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { case "OperationsClient": initServer(s, &s.trOperationsServer, func() *OperationsServerTransport { return NewOperationsServerTransport(&s.srv.OperationsServer) }) resp, err = s.trOperationsServer.Do(req) + case "ProductPackageClient": + initServer(s, &s.trProductPackageServer, func() *ProductPackageServerTransport { + return NewProductPackageServerTransport(&s.srv.ProductPackageServer) + }) + resp, err = s.trProductPackageServer.Do(req) + case "ProductPackagesClient": + initServer(s, &s.trProductPackagesServer, func() *ProductPackagesServerTransport { + return NewProductPackagesServerTransport(&s.srv.ProductPackagesServer) + }) + resp, err = s.trProductPackagesServer.Do(req) case "ProductSettingsClient": initServer(s, &s.trProductSettingsServer, func() *ProductSettingsServerTransport { return NewProductSettingsServerTransport(&s.srv.ProductSettingsServer) }) resp, err = s.trProductSettingsServer.Do(req) + case "ProductTemplateClient": + initServer(s, &s.trProductTemplateServer, func() *ProductTemplateServerTransport { + return NewProductTemplateServerTransport(&s.srv.ProductTemplateServer) + }) + resp, err = s.trProductTemplateServer.Do(req) + case "ProductTemplatesClient": + initServer(s, &s.trProductTemplatesServer, func() *ProductTemplatesServerTransport { + return NewProductTemplatesServerTransport(&s.srv.ProductTemplatesServer) + }) + resp, err = s.trProductTemplatesServer.Do(req) + case "ReevaluateClient": + initServer(s, &s.trReevaluateServer, func() *ReevaluateServerTransport { return NewReevaluateServerTransport(&s.srv.ReevaluateServer) }) + resp, err = s.trReevaluateServer.Do(req) case "SecurityMLAnalyticsSettingsClient": initServer(s, &s.trSecurityMLAnalyticsSettingsServer, func() *SecurityMLAnalyticsSettingsServerTransport { return NewSecurityMLAnalyticsSettingsServerTransport(&s.srv.SecurityMLAnalyticsSettingsServer) @@ -241,6 +513,14 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { return NewSourceControlsServerTransport(&s.srv.SourceControlsServer) }) resp, err = s.trSourceControlsServer.Do(req) + case "SystemsClient": + initServer(s, &s.trSystemsServer, func() *SystemsServerTransport { return NewSystemsServerTransport(&s.srv.SystemsServer) }) + resp, err = s.trSystemsServer.Do(req) + case "ThreatIntelligenceClient": + initServer(s, &s.trThreatIntelligenceServer, func() *ThreatIntelligenceServerTransport { + return NewThreatIntelligenceServerTransport(&s.srv.ThreatIntelligenceServer) + }) + resp, err = s.trThreatIntelligenceServer.Do(req) case "ThreatIntelligenceIndicatorClient": initServer(s, &s.trThreatIntelligenceIndicatorServer, func() *ThreatIntelligenceIndicatorServerTransport { return NewThreatIntelligenceIndicatorServerTransport(&s.srv.ThreatIntelligenceIndicatorServer) @@ -256,6 +536,14 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { return NewThreatIntelligenceIndicatorsServerTransport(&s.srv.ThreatIntelligenceIndicatorsServer) }) resp, err = s.trThreatIntelligenceIndicatorsServer.Do(req) + case "TriggeredAnalyticsRuleRunClient": + initServer(s, &s.trTriggeredAnalyticsRuleRunServer, func() *TriggeredAnalyticsRuleRunServerTransport { + return NewTriggeredAnalyticsRuleRunServerTransport(&s.srv.TriggeredAnalyticsRuleRunServer) + }) + resp, err = s.trTriggeredAnalyticsRuleRunServer.Do(req) + case "UpdateClient": + initServer(s, &s.trUpdateServer, func() *UpdateServerTransport { return NewUpdateServerTransport(&s.srv.UpdateServer) }) + resp, err = s.trUpdateServer.Do(req) case "WatchlistItemsClient": initServer(s, &s.trWatchlistItemsServer, func() *WatchlistItemsServerTransport { return NewWatchlistItemsServerTransport(&s.srv.WatchlistItemsServer) @@ -264,6 +552,31 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { case "WatchlistsClient": initServer(s, &s.trWatchlistsServer, func() *WatchlistsServerTransport { return NewWatchlistsServerTransport(&s.srv.WatchlistsServer) }) resp, err = s.trWatchlistsServer.Do(req) + case "WorkspaceManagerAssignmentJobsClient": + initServer(s, &s.trWorkspaceManagerAssignmentJobsServer, func() *WorkspaceManagerAssignmentJobsServerTransport { + return NewWorkspaceManagerAssignmentJobsServerTransport(&s.srv.WorkspaceManagerAssignmentJobsServer) + }) + resp, err = s.trWorkspaceManagerAssignmentJobsServer.Do(req) + case "WorkspaceManagerAssignmentsClient": + initServer(s, &s.trWorkspaceManagerAssignmentsServer, func() *WorkspaceManagerAssignmentsServerTransport { + return NewWorkspaceManagerAssignmentsServerTransport(&s.srv.WorkspaceManagerAssignmentsServer) + }) + resp, err = s.trWorkspaceManagerAssignmentsServer.Do(req) + case "WorkspaceManagerConfigurationsClient": + initServer(s, &s.trWorkspaceManagerConfigurationsServer, func() *WorkspaceManagerConfigurationsServerTransport { + return NewWorkspaceManagerConfigurationsServerTransport(&s.srv.WorkspaceManagerConfigurationsServer) + }) + resp, err = s.trWorkspaceManagerConfigurationsServer.Do(req) + case "WorkspaceManagerGroupsClient": + initServer(s, &s.trWorkspaceManagerGroupsServer, func() *WorkspaceManagerGroupsServerTransport { + return NewWorkspaceManagerGroupsServerTransport(&s.srv.WorkspaceManagerGroupsServer) + }) + resp, err = s.trWorkspaceManagerGroupsServer.Do(req) + case "WorkspaceManagerMembersClient": + initServer(s, &s.trWorkspaceManagerMembersServer, func() *WorkspaceManagerMembersServerTransport { + return NewWorkspaceManagerMembersServerTransport(&s.srv.WorkspaceManagerMembersServer) + }) + resp, err = s.trWorkspaceManagerMembersServer.Do(req) default: err = fmt.Errorf("unhandled client %s", client) } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrol_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrol_server.go index 8f8f11d5b931..97e5105ad6e4 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrol_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrol_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -25,7 +22,7 @@ import ( type SourceControlServer struct { // NewListRepositoriesPager is the fake for method SourceControlClient.NewListRepositoriesPager // HTTP status codes to indicate success: http.StatusOK - NewListRepositoriesPager func(resourceGroupName string, workspaceName string, repoType armsecurityinsights.RepoType, options *armsecurityinsights.SourceControlClientListRepositoriesOptions) (resp azfake.PagerResponder[armsecurityinsights.SourceControlClientListRepositoriesResponse]) + NewListRepositoriesPager func(resourceGroupName string, workspaceName string, repositoryAccess armsecurityinsights.RepositoryAccessProperties, options *armsecurityinsights.SourceControlClientListRepositoriesOptions) (resp azfake.PagerResponder[armsecurityinsights.SourceControlClientListRepositoriesResponse]) } // NewSourceControlServerTransport creates a new instance of SourceControlServerTransport with the provided implementation. @@ -53,21 +50,40 @@ func (s *SourceControlServerTransport) Do(req *http.Request) (*http.Response, er return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return s.dispatchToMethodFake(req, method) +} - switch method { - case "SourceControlClient.NewListRepositoriesPager": - resp, err = s.dispatchNewListRepositoriesPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (s *SourceControlServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if sourceControlServerTransportInterceptor != nil { + res.resp, res.err, intercepted = sourceControlServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "SourceControlClient.NewListRepositoriesPager": + res.resp, res.err = s.dispatchNewListRepositoriesPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (s *SourceControlServerTransport) dispatchNewListRepositoriesPager(req *http.Request) (*http.Response, error) { @@ -82,7 +98,7 @@ func (s *SourceControlServerTransport) dispatchNewListRepositoriesPager(req *htt if matches == nil || len(matches) < 3 { return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) } - body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.RepoType](req) + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.RepositoryAccessProperties](req) if err != nil { return nil, err } @@ -114,3 +130,9 @@ func (s *SourceControlServerTransport) dispatchNewListRepositoriesPager(req *htt } return resp, nil } + +// set this to conditionally intercept incoming requests to SourceControlServerTransport +var sourceControlServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrols_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrols_server.go index 7b13fa09f450..d6df5cf5df1b 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrols_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrols_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -29,8 +26,8 @@ type SourceControlsServer struct { Create func(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, sourceControl armsecurityinsights.SourceControl, options *armsecurityinsights.SourceControlsClientCreateOptions) (resp azfake.Responder[armsecurityinsights.SourceControlsClientCreateResponse], errResp azfake.ErrorResponder) // Delete is the fake for method SourceControlsClient.Delete - // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent - Delete func(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, options *armsecurityinsights.SourceControlsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.SourceControlsClientDeleteResponse], errResp azfake.ErrorResponder) + // HTTP status codes to indicate success: http.StatusOK + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, repositoryAccess armsecurityinsights.RepositoryAccessProperties, options *armsecurityinsights.SourceControlsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.SourceControlsClientDeleteResponse], errResp azfake.ErrorResponder) // Get is the fake for method SourceControlsClient.Get // HTTP status codes to indicate success: http.StatusOK @@ -66,27 +63,46 @@ func (s *SourceControlsServerTransport) Do(req *http.Request) (*http.Response, e return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return s.dispatchToMethodFake(req, method) +} - switch method { - case "SourceControlsClient.Create": - resp, err = s.dispatchCreate(req) - case "SourceControlsClient.Delete": - resp, err = s.dispatchDelete(req) - case "SourceControlsClient.Get": - resp, err = s.dispatchGet(req) - case "SourceControlsClient.NewListPager": - resp, err = s.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (s *SourceControlsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if sourceControlsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = sourceControlsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "SourceControlsClient.Create": + res.resp, res.err = s.dispatchCreate(req) + case "SourceControlsClient.Delete": + res.resp, res.err = s.dispatchDelete(req) + case "SourceControlsClient.Get": + res.resp, res.err = s.dispatchGet(req) + case "SourceControlsClient.NewListPager": + res.resp, res.err = s.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (s *SourceControlsServerTransport) dispatchCreate(req *http.Request) (*http.Response, error) { @@ -134,12 +150,16 @@ func (s *SourceControlsServerTransport) dispatchDelete(req *http.Request) (*http if s.srv.Delete == nil { return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} } - const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/sourcecontrols/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/sourcecontrols/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/delete` regex := regexp.MustCompile(regexStr) matches := regex.FindStringSubmatch(req.URL.EscapedPath()) if matches == nil || len(matches) < 4 { return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.RepositoryAccessProperties](req) + if err != nil { + return nil, err + } resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) if err != nil { return nil, err @@ -152,15 +172,15 @@ func (s *SourceControlsServerTransport) dispatchDelete(req *http.Request) (*http if err != nil { return nil, err } - respr, errRespr := s.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, sourceControlIDParam, nil) + respr, errRespr := s.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, sourceControlIDParam, body, nil) if respErr := server.GetError(errRespr, req); respErr != nil { return nil, respErr } respContent := server.GetResponseContent(respr) - if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} } - resp, err := server.NewResponse(respContent, req, nil) + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Warning, req) if err != nil { return nil, err } @@ -244,3 +264,9 @@ func (s *SourceControlsServerTransport) dispatchNewListPager(req *http.Request) } return resp, nil } + +// set this to conditionally intercept incoming requests to SourceControlsServerTransport +var sourceControlsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/systems_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/systems_server.go new file mode 100644 index 000000000000..d303caf7a89f --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/systems_server.go @@ -0,0 +1,480 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "reflect" + "regexp" +) + +// SystemsServer is a fake server for instances of the armsecurityinsights.SystemsClient type. +type SystemsServer struct { + // CreateOrUpdate is the fake for method SystemsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *armsecurityinsights.SystemsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.SystemsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method SystemsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *armsecurityinsights.SystemsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.SystemsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method SystemsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *armsecurityinsights.SystemsClientGetOptions) (resp azfake.Responder[armsecurityinsights.SystemsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method SystemsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, agentResourceName string, options *armsecurityinsights.SystemsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.SystemsClientListResponse]) + + // NewListActionsPager is the fake for method SystemsClient.NewListActionsPager + // HTTP status codes to indicate success: http.StatusOK + NewListActionsPager func(resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *armsecurityinsights.SystemsClientListActionsOptions) (resp azfake.PagerResponder[armsecurityinsights.SystemsClientListActionsResponse]) + + // ReportActionStatus is the fake for method SystemsClient.ReportActionStatus + // HTTP status codes to indicate success: http.StatusNoContent + ReportActionStatus func(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *armsecurityinsights.SystemsClientReportActionStatusOptions) (resp azfake.Responder[armsecurityinsights.SystemsClientReportActionStatusResponse], errResp azfake.ErrorResponder) + + // UndoAction is the fake for method SystemsClient.UndoAction + // HTTP status codes to indicate success: http.StatusNoContent + UndoAction func(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *armsecurityinsights.SystemsClientUndoActionOptions) (resp azfake.Responder[armsecurityinsights.SystemsClientUndoActionResponse], errResp azfake.ErrorResponder) +} + +// NewSystemsServerTransport creates a new instance of SystemsServerTransport with the provided implementation. +// The returned SystemsServerTransport instance is connected to an instance of armsecurityinsights.SystemsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewSystemsServerTransport(srv *SystemsServer) *SystemsServerTransport { + return &SystemsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.SystemsClientListResponse]](), + newListActionsPager: newTracker[azfake.PagerResponder[armsecurityinsights.SystemsClientListActionsResponse]](), + } +} + +// SystemsServerTransport connects instances of armsecurityinsights.SystemsClient to instances of SystemsServer. +// Don't use this type directly, use NewSystemsServerTransport instead. +type SystemsServerTransport struct { + srv *SystemsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.SystemsClientListResponse]] + newListActionsPager *tracker[azfake.PagerResponder[armsecurityinsights.SystemsClientListActionsResponse]] +} + +// Do implements the policy.Transporter interface for SystemsServerTransport. +func (s *SystemsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return s.dispatchToMethodFake(req, method) +} + +func (s *SystemsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if systemsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = systemsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "SystemsClient.CreateOrUpdate": + res.resp, res.err = s.dispatchCreateOrUpdate(req) + case "SystemsClient.Delete": + res.resp, res.err = s.dispatchDelete(req) + case "SystemsClient.Get": + res.resp, res.err = s.dispatchGet(req) + case "SystemsClient.NewListPager": + res.resp, res.err = s.dispatchNewListPager(req) + case "SystemsClient.NewListActionsPager": + res.resp, res.err = s.dispatchNewListActionsPager(req) + case "SystemsClient.ReportActionStatus": + res.resp, res.err = s.dispatchReportActionStatus(req) + case "SystemsClient.UndoAction": + res.resp, res.err = s.dispatchUndoAction(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (s *SystemsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if s.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/systems/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.SystemResource](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + agentResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("agentResourceName")]) + if err != nil { + return nil, err + } + systemResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("systemResourceName")]) + if err != nil { + return nil, err + } + var options *armsecurityinsights.SystemsClientCreateOrUpdateOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.SystemsClientCreateOrUpdateOptions{ + SystemToUpsert: &body, + } + } + respr, errRespr := s.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, agentResourceNameParam, systemResourceNameParam, options) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SystemResource, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *SystemsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if s.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/systems/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + agentResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("agentResourceName")]) + if err != nil { + return nil, err + } + systemResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("systemResourceName")]) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, agentResourceNameParam, systemResourceNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *SystemsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if s.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/systems/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + agentResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("agentResourceName")]) + if err != nil { + return nil, err + } + systemResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("systemResourceName")]) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, agentResourceNameParam, systemResourceNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SystemResource, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *SystemsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if s.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := s.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/systems` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + agentResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("agentResourceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.SystemsClientListOptions + if filterParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.SystemsClientListOptions{ + Filter: filterParam, + SkipToken: skipTokenParam, + } + } + resp := s.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, agentResourceNameParam, options) + newListPager = &resp + s.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.SystemsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + s.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + s.newListPager.remove(req) + } + return resp, nil +} + +func (s *SystemsServerTransport) dispatchNewListActionsPager(req *http.Request) (*http.Response, error) { + if s.srv.NewListActionsPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListActionsPager not implemented")} + } + newListActionsPager := s.newListActionsPager.get(req) + if newListActionsPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/systems/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/listActions` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + agentResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("agentResourceName")]) + if err != nil { + return nil, err + } + systemResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("systemResourceName")]) + if err != nil { + return nil, err + } + resp := s.srv.NewListActionsPager(resourceGroupNameParam, workspaceNameParam, agentResourceNameParam, systemResourceNameParam, nil) + newListActionsPager = &resp + s.newListActionsPager.add(req, newListActionsPager) + server.PagerResponderInjectNextLinks(newListActionsPager, req, func(page *armsecurityinsights.SystemsClientListActionsResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListActionsPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + s.newListActionsPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListActionsPager) { + s.newListActionsPager.remove(req) + } + return resp, nil +} + +func (s *SystemsServerTransport) dispatchReportActionStatus(req *http.Request) (*http.Response, error) { + if s.srv.ReportActionStatus == nil { + return nil, &nonRetriableError{errors.New("fake for method ReportActionStatus not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/systems/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/reportActionStatus` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.ReportActionStatusPayload](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + agentResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("agentResourceName")]) + if err != nil { + return nil, err + } + systemResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("systemResourceName")]) + if err != nil { + return nil, err + } + var options *armsecurityinsights.SystemsClientReportActionStatusOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.SystemsClientReportActionStatusOptions{ + Payload: &body, + } + } + respr, errRespr := s.srv.ReportActionStatus(req.Context(), resourceGroupNameParam, workspaceNameParam, agentResourceNameParam, systemResourceNameParam, options) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *SystemsServerTransport) dispatchUndoAction(req *http.Request) (*http.Response, error) { + if s.srv.UndoAction == nil { + return nil, &nonRetriableError{errors.New("fake for method UndoAction not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/businessApplicationAgents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/systems/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/undoAction` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.UndoActionPayload](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + agentResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("agentResourceName")]) + if err != nil { + return nil, err + } + systemResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("systemResourceName")]) + if err != nil { + return nil, err + } + var options *armsecurityinsights.SystemsClientUndoActionOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.SystemsClientUndoActionOptions{ + Payload: &body, + } + } + respr, errRespr := s.srv.UndoAction(req.Context(), resourceGroupNameParam, workspaceNameParam, agentResourceNameParam, systemResourceNameParam, options) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to SystemsServerTransport +var systemsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligence_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligence_server.go new file mode 100644 index 000000000000..46dd32783933 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligence_server.go @@ -0,0 +1,215 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "reflect" + "regexp" +) + +// ThreatIntelligenceServer is a fake server for instances of the armsecurityinsights.ThreatIntelligenceClient type. +type ThreatIntelligenceServer struct { + // Count is the fake for method ThreatIntelligenceClient.Count + // HTTP status codes to indicate success: http.StatusOK + Count func(ctx context.Context, resourceGroupName string, workspaceName string, tiType armsecurityinsights.TiType, options *armsecurityinsights.ThreatIntelligenceClientCountOptions) (resp azfake.Responder[armsecurityinsights.ThreatIntelligenceClientCountResponse], errResp azfake.ErrorResponder) + + // NewQueryPager is the fake for method ThreatIntelligenceClient.NewQueryPager + // HTTP status codes to indicate success: http.StatusOK + NewQueryPager func(resourceGroupName string, workspaceName string, tiType armsecurityinsights.TiType, options *armsecurityinsights.ThreatIntelligenceClientQueryOptions) (resp azfake.PagerResponder[armsecurityinsights.ThreatIntelligenceClientQueryResponse]) +} + +// NewThreatIntelligenceServerTransport creates a new instance of ThreatIntelligenceServerTransport with the provided implementation. +// The returned ThreatIntelligenceServerTransport instance is connected to an instance of armsecurityinsights.ThreatIntelligenceClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewThreatIntelligenceServerTransport(srv *ThreatIntelligenceServer) *ThreatIntelligenceServerTransport { + return &ThreatIntelligenceServerTransport{ + srv: srv, + newQueryPager: newTracker[azfake.PagerResponder[armsecurityinsights.ThreatIntelligenceClientQueryResponse]](), + } +} + +// ThreatIntelligenceServerTransport connects instances of armsecurityinsights.ThreatIntelligenceClient to instances of ThreatIntelligenceServer. +// Don't use this type directly, use NewThreatIntelligenceServerTransport instead. +type ThreatIntelligenceServerTransport struct { + srv *ThreatIntelligenceServer + newQueryPager *tracker[azfake.PagerResponder[armsecurityinsights.ThreatIntelligenceClientQueryResponse]] +} + +// Do implements the policy.Transporter interface for ThreatIntelligenceServerTransport. +func (t *ThreatIntelligenceServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return t.dispatchToMethodFake(req, method) +} + +func (t *ThreatIntelligenceServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if threatIntelligenceServerTransportInterceptor != nil { + res.resp, res.err, intercepted = threatIntelligenceServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ThreatIntelligenceClient.Count": + res.resp, res.err = t.dispatchCount(req) + case "ThreatIntelligenceClient.NewQueryPager": + res.resp, res.err = t.dispatchNewQueryPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (t *ThreatIntelligenceServerTransport) dispatchCount(req *http.Request) (*http.Response, error) { + if t.srv.Count == nil { + return nil, &nonRetriableError{errors.New("fake for method Count not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/threatIntelligence/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/count` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.CountQuery](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + tiTypeParam, err := parseWithCast(matches[regex.SubexpIndex("tiType")], func(v string) (armsecurityinsights.TiType, error) { + p, unescapeErr := url.PathUnescape(v) + if unescapeErr != nil { + return "", unescapeErr + } + return armsecurityinsights.TiType(p), nil + }) + if err != nil { + return nil, err + } + var options *armsecurityinsights.ThreatIntelligenceClientCountOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.ThreatIntelligenceClientCountOptions{ + Query: &body, + } + } + respr, errRespr := t.srv.Count(req.Context(), resourceGroupNameParam, workspaceNameParam, tiTypeParam, options) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).ThreatIntelligenceCount, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (t *ThreatIntelligenceServerTransport) dispatchNewQueryPager(req *http.Request) (*http.Response, error) { + if t.srv.NewQueryPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewQueryPager not implemented")} + } + newQueryPager := t.newQueryPager.get(req) + if newQueryPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/threatIntelligence/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/query` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.Query](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + tiTypeParam, err := parseWithCast(matches[regex.SubexpIndex("tiType")], func(v string) (armsecurityinsights.TiType, error) { + p, unescapeErr := url.PathUnescape(v) + if unescapeErr != nil { + return "", unescapeErr + } + return armsecurityinsights.TiType(p), nil + }) + if err != nil { + return nil, err + } + var options *armsecurityinsights.ThreatIntelligenceClientQueryOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.ThreatIntelligenceClientQueryOptions{ + Query: &body, + } + } + resp := t.srv.NewQueryPager(resourceGroupNameParam, workspaceNameParam, tiTypeParam, options) + newQueryPager = &resp + t.newQueryPager.add(req, newQueryPager) + server.PagerResponderInjectNextLinks(newQueryPager, req, func(page *armsecurityinsights.ThreatIntelligenceClientQueryResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newQueryPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + t.newQueryPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newQueryPager) { + t.newQueryPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to ThreatIntelligenceServerTransport +var threatIntelligenceServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicator_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicator_server.go index 8aea153a5f09..d94500c2f7c2 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicator_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicator_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -78,33 +75,52 @@ func (t *ThreatIntelligenceIndicatorServerTransport) Do(req *http.Request) (*htt return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return t.dispatchToMethodFake(req, method) +} - switch method { - case "ThreatIntelligenceIndicatorClient.AppendTags": - resp, err = t.dispatchAppendTags(req) - case "ThreatIntelligenceIndicatorClient.Create": - resp, err = t.dispatchCreate(req) - case "ThreatIntelligenceIndicatorClient.CreateIndicator": - resp, err = t.dispatchCreateIndicator(req) - case "ThreatIntelligenceIndicatorClient.Delete": - resp, err = t.dispatchDelete(req) - case "ThreatIntelligenceIndicatorClient.Get": - resp, err = t.dispatchGet(req) - case "ThreatIntelligenceIndicatorClient.NewQueryIndicatorsPager": - resp, err = t.dispatchNewQueryIndicatorsPager(req) - case "ThreatIntelligenceIndicatorClient.ReplaceTags": - resp, err = t.dispatchReplaceTags(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (t *ThreatIntelligenceIndicatorServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if threatIntelligenceIndicatorServerTransportInterceptor != nil { + res.resp, res.err, intercepted = threatIntelligenceIndicatorServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ThreatIntelligenceIndicatorClient.AppendTags": + res.resp, res.err = t.dispatchAppendTags(req) + case "ThreatIntelligenceIndicatorClient.Create": + res.resp, res.err = t.dispatchCreate(req) + case "ThreatIntelligenceIndicatorClient.CreateIndicator": + res.resp, res.err = t.dispatchCreateIndicator(req) + case "ThreatIntelligenceIndicatorClient.Delete": + res.resp, res.err = t.dispatchDelete(req) + case "ThreatIntelligenceIndicatorClient.Get": + res.resp, res.err = t.dispatchGet(req) + case "ThreatIntelligenceIndicatorClient.NewQueryIndicatorsPager": + res.resp, res.err = t.dispatchNewQueryIndicatorsPager(req) + case "ThreatIntelligenceIndicatorClient.ReplaceTags": + res.resp, res.err = t.dispatchReplaceTags(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (t *ThreatIntelligenceIndicatorServerTransport) dispatchAppendTags(req *http.Request) (*http.Response, error) { @@ -385,3 +401,9 @@ func (t *ThreatIntelligenceIndicatorServerTransport) dispatchReplaceTags(req *ht } return resp, nil } + +// set this to conditionally intercept incoming requests to ThreatIntelligenceIndicatorServerTransport +var threatIntelligenceIndicatorServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicatormetrics_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicatormetrics_server.go index c00038ab36df..48efe96d02d7 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicatormetrics_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicatormetrics_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -49,21 +46,40 @@ func (t *ThreatIntelligenceIndicatorMetricsServerTransport) Do(req *http.Request return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return t.dispatchToMethodFake(req, method) +} - switch method { - case "ThreatIntelligenceIndicatorMetricsClient.List": - resp, err = t.dispatchList(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (t *ThreatIntelligenceIndicatorMetricsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if threatIntelligenceIndicatorMetricsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = threatIntelligenceIndicatorMetricsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ThreatIntelligenceIndicatorMetricsClient.List": + res.resp, res.err = t.dispatchList(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (t *ThreatIntelligenceIndicatorMetricsServerTransport) dispatchList(req *http.Request) (*http.Response, error) { @@ -98,3 +114,9 @@ func (t *ThreatIntelligenceIndicatorMetricsServerTransport) dispatchList(req *ht } return resp, nil } + +// set this to conditionally intercept incoming requests to ThreatIntelligenceIndicatorMetricsServerTransport +var threatIntelligenceIndicatorMetricsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicators_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicators_server.go index f7c7bffdbd79..05182470f37d 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicators_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicators_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -54,21 +51,40 @@ func (t *ThreatIntelligenceIndicatorsServerTransport) Do(req *http.Request) (*ht return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return t.dispatchToMethodFake(req, method) +} - switch method { - case "ThreatIntelligenceIndicatorsClient.NewListPager": - resp, err = t.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (t *ThreatIntelligenceIndicatorsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if threatIntelligenceIndicatorsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = threatIntelligenceIndicatorsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "ThreatIntelligenceIndicatorsClient.NewListPager": + res.resp, res.err = t.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (t *ThreatIntelligenceIndicatorsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { @@ -97,11 +113,6 @@ func (t *ThreatIntelligenceIndicatorsServerTransport) dispatchNewListPager(req * return nil, err } filterParam := getOptional(filterUnescaped) - orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) - if err != nil { - return nil, err - } - orderbyParam := getOptional(orderbyUnescaped) topUnescaped, err := url.QueryUnescape(qp.Get("$top")) if err != nil { return nil, err @@ -121,13 +132,18 @@ func (t *ThreatIntelligenceIndicatorsServerTransport) dispatchNewListPager(req * return nil, err } skipTokenParam := getOptional(skipTokenUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) var options *armsecurityinsights.ThreatIntelligenceIndicatorsClientListOptions - if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + if filterParam != nil || topParam != nil || skipTokenParam != nil || orderbyParam != nil { options = &armsecurityinsights.ThreatIntelligenceIndicatorsClientListOptions{ Filter: filterParam, - Orderby: orderbyParam, Top: topParam, SkipToken: skipTokenParam, + Orderby: orderbyParam, } } resp := t.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) @@ -150,3 +166,9 @@ func (t *ThreatIntelligenceIndicatorsServerTransport) dispatchNewListPager(req * } return resp, nil } + +// set this to conditionally intercept incoming requests to ThreatIntelligenceIndicatorsServerTransport +var threatIntelligenceIndicatorsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/time_rfc3339.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/time_rfc3339.go deleted file mode 100644 index 81f308b0d343..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/time_rfc3339.go +++ /dev/null @@ -1,110 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -package fake - -import ( - "encoding/json" - "fmt" - "github.com/Azure/azure-sdk-for-go/sdk/azcore" - "reflect" - "regexp" - "strings" - "time" -) - -// Azure reports time in UTC but it doesn't include the 'Z' time zone suffix in some cases. -var tzOffsetRegex = regexp.MustCompile(`(?:Z|z|\+|-)(?:\d+:\d+)*"*$`) - -const ( - utcDateTime = "2006-01-02T15:04:05.999999999" - utcDateTimeJSON = `"` + utcDateTime + `"` - utcDateTimeNoT = "2006-01-02 15:04:05.999999999" - utcDateTimeJSONNoT = `"` + utcDateTimeNoT + `"` - dateTimeNoT = `2006-01-02 15:04:05.999999999Z07:00` - dateTimeJSON = `"` + time.RFC3339Nano + `"` - dateTimeJSONNoT = `"` + dateTimeNoT + `"` -) - -type dateTimeRFC3339 time.Time - -func (t dateTimeRFC3339) MarshalJSON() ([]byte, error) { - tt := time.Time(t) - return tt.MarshalJSON() -} - -func (t dateTimeRFC3339) MarshalText() ([]byte, error) { - tt := time.Time(t) - return tt.MarshalText() -} - -func (t *dateTimeRFC3339) UnmarshalJSON(data []byte) error { - tzOffset := tzOffsetRegex.Match(data) - hasT := strings.Contains(string(data), "T") || strings.Contains(string(data), "t") - var layout string - if tzOffset && hasT { - layout = dateTimeJSON - } else if tzOffset { - layout = dateTimeJSONNoT - } else if hasT { - layout = utcDateTimeJSON - } else { - layout = utcDateTimeJSONNoT - } - return t.Parse(layout, string(data)) -} - -func (t *dateTimeRFC3339) UnmarshalText(data []byte) error { - tzOffset := tzOffsetRegex.Match(data) - hasT := strings.Contains(string(data), "T") || strings.Contains(string(data), "t") - var layout string - if tzOffset && hasT { - layout = time.RFC3339Nano - } else if tzOffset { - layout = dateTimeNoT - } else if hasT { - layout = utcDateTime - } else { - layout = utcDateTimeNoT - } - return t.Parse(layout, string(data)) -} - -func (t *dateTimeRFC3339) Parse(layout, value string) error { - p, err := time.Parse(layout, strings.ToUpper(value)) - *t = dateTimeRFC3339(p) - return err -} - -func (t dateTimeRFC3339) String() string { - return time.Time(t).Format(time.RFC3339Nano) -} - -func populateDateTimeRFC3339(m map[string]any, k string, t *time.Time) { - if t == nil { - return - } else if azcore.IsNullValue(t) { - m[k] = nil - return - } else if reflect.ValueOf(t).IsNil() { - return - } - m[k] = (*dateTimeRFC3339)(t) -} - -func unpopulateDateTimeRFC3339(data json.RawMessage, fn string, t **time.Time) error { - if data == nil || string(data) == "null" { - return nil - } - var aux dateTimeRFC3339 - if err := json.Unmarshal(data, &aux); err != nil { - return fmt.Errorf("struct field %s: %v", fn, err) - } - *t = (*time.Time)(&aux) - return nil -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/triggeredanalyticsrulerun_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/triggeredanalyticsrulerun_server.go new file mode 100644 index 000000000000..5d07a58a67b3 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/triggeredanalyticsrulerun_server.go @@ -0,0 +1,126 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// TriggeredAnalyticsRuleRunServer is a fake server for instances of the armsecurityinsights.TriggeredAnalyticsRuleRunClient type. +type TriggeredAnalyticsRuleRunServer struct { + // Get is the fake for method TriggeredAnalyticsRuleRunClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, ruleRunID string, options *armsecurityinsights.TriggeredAnalyticsRuleRunClientGetOptions) (resp azfake.Responder[armsecurityinsights.TriggeredAnalyticsRuleRunClientGetResponse], errResp azfake.ErrorResponder) +} + +// NewTriggeredAnalyticsRuleRunServerTransport creates a new instance of TriggeredAnalyticsRuleRunServerTransport with the provided implementation. +// The returned TriggeredAnalyticsRuleRunServerTransport instance is connected to an instance of armsecurityinsights.TriggeredAnalyticsRuleRunClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewTriggeredAnalyticsRuleRunServerTransport(srv *TriggeredAnalyticsRuleRunServer) *TriggeredAnalyticsRuleRunServerTransport { + return &TriggeredAnalyticsRuleRunServerTransport{srv: srv} +} + +// TriggeredAnalyticsRuleRunServerTransport connects instances of armsecurityinsights.TriggeredAnalyticsRuleRunClient to instances of TriggeredAnalyticsRuleRunServer. +// Don't use this type directly, use NewTriggeredAnalyticsRuleRunServerTransport instead. +type TriggeredAnalyticsRuleRunServerTransport struct { + srv *TriggeredAnalyticsRuleRunServer +} + +// Do implements the policy.Transporter interface for TriggeredAnalyticsRuleRunServerTransport. +func (t *TriggeredAnalyticsRuleRunServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return t.dispatchToMethodFake(req, method) +} + +func (t *TriggeredAnalyticsRuleRunServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if triggeredAnalyticsRuleRunServerTransportInterceptor != nil { + res.resp, res.err, intercepted = triggeredAnalyticsRuleRunServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "TriggeredAnalyticsRuleRunClient.Get": + res.resp, res.err = t.dispatchGet(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (t *TriggeredAnalyticsRuleRunServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if t.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/triggeredAnalyticsRuleRuns/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + ruleRunIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("ruleRunId")]) + if err != nil { + return nil, err + } + respr, errRespr := t.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, ruleRunIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).TriggeredAnalyticsRuleRun, req) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to TriggeredAnalyticsRuleRunServerTransport +var triggeredAnalyticsRuleRunServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/update_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/update_server.go new file mode 100644 index 000000000000..fb0fdaf4ce32 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/update_server.go @@ -0,0 +1,130 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// UpdateServer is a fake server for instances of the armsecurityinsights.UpdateClient type. +type UpdateServer struct { + // Recommendation is the fake for method UpdateClient.Recommendation + // HTTP status codes to indicate success: http.StatusOK + Recommendation func(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, recommendationPatch armsecurityinsights.RecommendationPatch, options *armsecurityinsights.UpdateClientRecommendationOptions) (resp azfake.Responder[armsecurityinsights.UpdateClientRecommendationResponse], errResp azfake.ErrorResponder) +} + +// NewUpdateServerTransport creates a new instance of UpdateServerTransport with the provided implementation. +// The returned UpdateServerTransport instance is connected to an instance of armsecurityinsights.UpdateClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewUpdateServerTransport(srv *UpdateServer) *UpdateServerTransport { + return &UpdateServerTransport{srv: srv} +} + +// UpdateServerTransport connects instances of armsecurityinsights.UpdateClient to instances of UpdateServer. +// Don't use this type directly, use NewUpdateServerTransport instead. +type UpdateServerTransport struct { + srv *UpdateServer +} + +// Do implements the policy.Transporter interface for UpdateServerTransport. +func (u *UpdateServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return u.dispatchToMethodFake(req, method) +} + +func (u *UpdateServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if updateServerTransportInterceptor != nil { + res.resp, res.err, intercepted = updateServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "UpdateClient.Recommendation": + res.resp, res.err = u.dispatchRecommendation(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (u *UpdateServerTransport) dispatchRecommendation(req *http.Request) (*http.Response, error) { + if u.srv.Recommendation == nil { + return nil, &nonRetriableError{errors.New("fake for method Recommendation not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/recommendations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.RecommendationPatch](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + recommendationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("recommendationId")]) + if err != nil { + return nil, err + } + respr, errRespr := u.srv.Recommendation(req.Context(), resourceGroupNameParam, workspaceNameParam, recommendationIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Recommendation, req) + if err != nil { + return nil, err + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to UpdateServerTransport +var updateServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlistitems_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlistitems_server.go index 232fb7d36c9f..5aac937a2e3d 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlistitems_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlistitems_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -66,27 +63,46 @@ func (w *WatchlistItemsServerTransport) Do(req *http.Request) (*http.Response, e return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return w.dispatchToMethodFake(req, method) +} - switch method { - case "WatchlistItemsClient.CreateOrUpdate": - resp, err = w.dispatchCreateOrUpdate(req) - case "WatchlistItemsClient.Delete": - resp, err = w.dispatchDelete(req) - case "WatchlistItemsClient.Get": - resp, err = w.dispatchGet(req) - case "WatchlistItemsClient.NewListPager": - resp, err = w.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (w *WatchlistItemsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if watchlistItemsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = watchlistItemsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "WatchlistItemsClient.CreateOrUpdate": + res.resp, res.err = w.dispatchCreateOrUpdate(req) + case "WatchlistItemsClient.Delete": + res.resp, res.err = w.dispatchDelete(req) + case "WatchlistItemsClient.Get": + res.resp, res.err = w.dispatchGet(req) + case "WatchlistItemsClient.NewListPager": + res.resp, res.err = w.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } } func (w *WatchlistItemsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { @@ -237,15 +253,15 @@ func (w *WatchlistItemsServerTransport) dispatchNewListPager(req *http.Request) if err != nil { return nil, err } - skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + watchlistAliasParam, err := url.PathUnescape(matches[regex.SubexpIndex("watchlistAlias")]) if err != nil { return nil, err } - skipTokenParam := getOptional(skipTokenUnescaped) - watchlistAliasParam, err := url.PathUnescape(matches[regex.SubexpIndex("watchlistAlias")]) + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) if err != nil { return nil, err } + skipTokenParam := getOptional(skipTokenUnescaped) var options *armsecurityinsights.WatchlistItemsClientListOptions if skipTokenParam != nil { options = &armsecurityinsights.WatchlistItemsClientListOptions{ @@ -272,3 +288,9 @@ func (w *WatchlistItemsServerTransport) dispatchNewListPager(req *http.Request) } return resp, nil } + +// set this to conditionally intercept incoming requests to WatchlistItemsServerTransport +var watchlistItemsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlists_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlists_server.go index 5be204935ce8..10384bd672d3 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlists_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlists_server.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -24,13 +21,13 @@ import ( // WatchlistsServer is a fake server for instances of the armsecurityinsights.WatchlistsClient type. type WatchlistsServer struct { - // CreateOrUpdate is the fake for method WatchlistsClient.CreateOrUpdate + // BeginCreateOrUpdate is the fake for method WatchlistsClient.BeginCreateOrUpdate // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated - CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist armsecurityinsights.Watchlist, options *armsecurityinsights.WatchlistsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.WatchlistsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + BeginCreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist armsecurityinsights.Watchlist, options *armsecurityinsights.WatchlistsClientBeginCreateOrUpdateOptions) (resp azfake.PollerResponder[armsecurityinsights.WatchlistsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) - // Delete is the fake for method WatchlistsClient.Delete - // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent - Delete func(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, options *armsecurityinsights.WatchlistsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WatchlistsClientDeleteResponse], errResp azfake.ErrorResponder) + // BeginDelete is the fake for method WatchlistsClient.BeginDelete + // HTTP status codes to indicate success: http.StatusOK, http.StatusAccepted, http.StatusNoContent + BeginDelete func(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, options *armsecurityinsights.WatchlistsClientBeginDeleteOptions) (resp azfake.PollerResponder[armsecurityinsights.WatchlistsClientDeleteResponse], errResp azfake.ErrorResponder) // Get is the fake for method WatchlistsClient.Get // HTTP status codes to indicate success: http.StatusOK @@ -46,16 +43,20 @@ type WatchlistsServer struct { // azcore.ClientOptions.Transporter field in the client's constructor parameters. func NewWatchlistsServerTransport(srv *WatchlistsServer) *WatchlistsServerTransport { return &WatchlistsServerTransport{ - srv: srv, - newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WatchlistsClientListResponse]](), + srv: srv, + beginCreateOrUpdate: newTracker[azfake.PollerResponder[armsecurityinsights.WatchlistsClientCreateOrUpdateResponse]](), + beginDelete: newTracker[azfake.PollerResponder[armsecurityinsights.WatchlistsClientDeleteResponse]](), + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WatchlistsClientListResponse]](), } } // WatchlistsServerTransport connects instances of armsecurityinsights.WatchlistsClient to instances of WatchlistsServer. // Don't use this type directly, use NewWatchlistsServerTransport instead. type WatchlistsServerTransport struct { - srv *WatchlistsServer - newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WatchlistsClientListResponse]] + srv *WatchlistsServer + beginCreateOrUpdate *tracker[azfake.PollerResponder[armsecurityinsights.WatchlistsClientCreateOrUpdateResponse]] + beginDelete *tracker[azfake.PollerResponder[armsecurityinsights.WatchlistsClientDeleteResponse]] + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WatchlistsClientListResponse]] } // Do implements the policy.Transporter interface for WatchlistsServerTransport. @@ -66,110 +67,145 @@ func (w *WatchlistsServerTransport) Do(req *http.Request) (*http.Response, error return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} } - var resp *http.Response - var err error + return w.dispatchToMethodFake(req, method) +} - switch method { - case "WatchlistsClient.CreateOrUpdate": - resp, err = w.dispatchCreateOrUpdate(req) - case "WatchlistsClient.Delete": - resp, err = w.dispatchDelete(req) - case "WatchlistsClient.Get": - resp, err = w.dispatchGet(req) - case "WatchlistsClient.NewListPager": - resp, err = w.dispatchNewListPager(req) - default: - err = fmt.Errorf("unhandled API %s", method) - } +func (w *WatchlistsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) - if err != nil { - return nil, err - } + go func() { + var intercepted bool + var res result + if watchlistsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = watchlistsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "WatchlistsClient.BeginCreateOrUpdate": + res.resp, res.err = w.dispatchBeginCreateOrUpdate(req) + case "WatchlistsClient.BeginDelete": + res.resp, res.err = w.dispatchBeginDelete(req) + case "WatchlistsClient.Get": + res.resp, res.err = w.dispatchGet(req) + case "WatchlistsClient.NewListPager": + res.resp, res.err = w.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } - return resp, nil -} + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() -func (w *WatchlistsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { - if w.srv.CreateOrUpdate == nil { - return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} - } - const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/watchlists/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` - regex := regexp.MustCompile(regexStr) - matches := regex.FindStringSubmatch(req.URL.EscapedPath()) - if matches == nil || len(matches) < 4 { - return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err } - body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.Watchlist](req) - if err != nil { - return nil, err - } - resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) - if err != nil { - return nil, err +} + +func (w *WatchlistsServerTransport) dispatchBeginCreateOrUpdate(req *http.Request) (*http.Response, error) { + if w.srv.BeginCreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method BeginCreateOrUpdate not implemented")} } - workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) - if err != nil { - return nil, err + beginCreateOrUpdate := w.beginCreateOrUpdate.get(req) + if beginCreateOrUpdate == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/watchlists/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.Watchlist](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + watchlistAliasParam, err := url.PathUnescape(matches[regex.SubexpIndex("watchlistAlias")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.BeginCreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, watchlistAliasParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + beginCreateOrUpdate = &respr + w.beginCreateOrUpdate.add(req, beginCreateOrUpdate) } - watchlistAliasParam, err := url.PathUnescape(matches[regex.SubexpIndex("watchlistAlias")]) + + resp, err := server.PollerResponderNext(beginCreateOrUpdate, req) if err != nil { return nil, err } - respr, errRespr := w.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, watchlistAliasParam, body, nil) - if respErr := server.GetError(errRespr, req); respErr != nil { - return nil, respErr - } - respContent := server.GetResponseContent(respr) - if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} - } - resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Watchlist, req) - if err != nil { - return nil, err + + if !contains([]int{http.StatusOK, http.StatusCreated}, resp.StatusCode) { + w.beginCreateOrUpdate.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", resp.StatusCode)} } - if val := server.GetResponse(respr).AzureAsyncOperation; val != nil { - resp.Header.Set("Azure-AsyncOperation", *val) + if !server.PollerResponderMore(beginCreateOrUpdate) { + w.beginCreateOrUpdate.remove(req) } + return resp, nil } -func (w *WatchlistsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { - if w.srv.Delete == nil { - return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} - } - const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/watchlists/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` - regex := regexp.MustCompile(regexStr) - matches := regex.FindStringSubmatch(req.URL.EscapedPath()) - if matches == nil || len(matches) < 4 { - return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) +func (w *WatchlistsServerTransport) dispatchBeginDelete(req *http.Request) (*http.Response, error) { + if w.srv.BeginDelete == nil { + return nil, &nonRetriableError{errors.New("fake for method BeginDelete not implemented")} } - resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) - if err != nil { - return nil, err - } - workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) - if err != nil { - return nil, err + beginDelete := w.beginDelete.get(req) + if beginDelete == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/watchlists/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + watchlistAliasParam, err := url.PathUnescape(matches[regex.SubexpIndex("watchlistAlias")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.BeginDelete(req.Context(), resourceGroupNameParam, workspaceNameParam, watchlistAliasParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + beginDelete = &respr + w.beginDelete.add(req, beginDelete) } - watchlistAliasParam, err := url.PathUnescape(matches[regex.SubexpIndex("watchlistAlias")]) + + resp, err := server.PollerResponderNext(beginDelete, req) if err != nil { return nil, err } - respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, watchlistAliasParam, nil) - if respErr := server.GetError(errRespr, req); respErr != nil { - return nil, respErr - } - respContent := server.GetResponseContent(respr) - if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { - return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} - } - resp, err := server.NewResponse(respContent, req, nil) - if err != nil { - return nil, err + + if !contains([]int{http.StatusOK, http.StatusAccepted, http.StatusNoContent}, resp.StatusCode) { + w.beginDelete.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusAccepted, http.StatusNoContent", resp.StatusCode)} } - if val := server.GetResponse(respr).AzureAsyncOperation; val != nil { - resp.Header.Set("Azure-AsyncOperation", *val) + if !server.PollerResponderMore(beginDelete) { + w.beginDelete.remove(req) } + return resp, nil } @@ -262,3 +298,9 @@ func (w *WatchlistsServerTransport) dispatchNewListPager(req *http.Request) (*ht } return resp, nil } + +// set this to conditionally intercept incoming requests to WatchlistsServerTransport +var watchlistsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignmentjobs_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignmentjobs_server.go new file mode 100644 index 000000000000..7daf16ec40df --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignmentjobs_server.go @@ -0,0 +1,310 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// WorkspaceManagerAssignmentJobsServer is a fake server for instances of the armsecurityinsights.WorkspaceManagerAssignmentJobsClient type. +type WorkspaceManagerAssignmentJobsServer struct { + // Create is the fake for method WorkspaceManagerAssignmentJobsClient.Create + // HTTP status codes to indicate success: http.StatusOK + Create func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *armsecurityinsights.WorkspaceManagerAssignmentJobsClientCreateOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientCreateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method WorkspaceManagerAssignmentJobsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, options *armsecurityinsights.WorkspaceManagerAssignmentJobsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method WorkspaceManagerAssignmentJobsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, options *armsecurityinsights.WorkspaceManagerAssignmentJobsClientGetOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method WorkspaceManagerAssignmentJobsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *armsecurityinsights.WorkspaceManagerAssignmentJobsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientListResponse]) +} + +// NewWorkspaceManagerAssignmentJobsServerTransport creates a new instance of WorkspaceManagerAssignmentJobsServerTransport with the provided implementation. +// The returned WorkspaceManagerAssignmentJobsServerTransport instance is connected to an instance of armsecurityinsights.WorkspaceManagerAssignmentJobsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewWorkspaceManagerAssignmentJobsServerTransport(srv *WorkspaceManagerAssignmentJobsServer) *WorkspaceManagerAssignmentJobsServerTransport { + return &WorkspaceManagerAssignmentJobsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientListResponse]](), + } +} + +// WorkspaceManagerAssignmentJobsServerTransport connects instances of armsecurityinsights.WorkspaceManagerAssignmentJobsClient to instances of WorkspaceManagerAssignmentJobsServer. +// Don't use this type directly, use NewWorkspaceManagerAssignmentJobsServerTransport instead. +type WorkspaceManagerAssignmentJobsServerTransport struct { + srv *WorkspaceManagerAssignmentJobsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientListResponse]] +} + +// Do implements the policy.Transporter interface for WorkspaceManagerAssignmentJobsServerTransport. +func (w *WorkspaceManagerAssignmentJobsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return w.dispatchToMethodFake(req, method) +} + +func (w *WorkspaceManagerAssignmentJobsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if workspaceManagerAssignmentJobsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = workspaceManagerAssignmentJobsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "WorkspaceManagerAssignmentJobsClient.Create": + res.resp, res.err = w.dispatchCreate(req) + case "WorkspaceManagerAssignmentJobsClient.Delete": + res.resp, res.err = w.dispatchDelete(req) + case "WorkspaceManagerAssignmentJobsClient.Get": + res.resp, res.err = w.dispatchGet(req) + case "WorkspaceManagerAssignmentJobsClient.NewListPager": + res.resp, res.err = w.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (w *WorkspaceManagerAssignmentJobsServerTransport) dispatchCreate(req *http.Request) (*http.Response, error) { + if w.srv.Create == nil { + return nil, &nonRetriableError{errors.New("fake for method Create not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/jobs` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Create(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Job, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentJobsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if w.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/jobs/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + jobNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("jobName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, jobNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentJobsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if w.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/jobs/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + jobNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("jobName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, jobNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Job, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentJobsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if w.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := w.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/jobs` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.WorkspaceManagerAssignmentJobsClientListOptions + if orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.WorkspaceManagerAssignmentJobsClientListOptions{ + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := w.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, options) + newListPager = &resp + w.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.WorkspaceManagerAssignmentJobsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + w.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + w.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to WorkspaceManagerAssignmentJobsServerTransport +var workspaceManagerAssignmentJobsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignments_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignments_server.go new file mode 100644 index 000000000000..221afd55c4f6 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignments_server.go @@ -0,0 +1,302 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// WorkspaceManagerAssignmentsServer is a fake server for instances of the armsecurityinsights.WorkspaceManagerAssignmentsClient type. +type WorkspaceManagerAssignmentsServer struct { + // CreateOrUpdate is the fake for method WorkspaceManagerAssignmentsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, workspaceManagerAssignment armsecurityinsights.WorkspaceManagerAssignment, options *armsecurityinsights.WorkspaceManagerAssignmentsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method WorkspaceManagerAssignmentsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *armsecurityinsights.WorkspaceManagerAssignmentsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method WorkspaceManagerAssignmentsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *armsecurityinsights.WorkspaceManagerAssignmentsClientGetOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method WorkspaceManagerAssignmentsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.WorkspaceManagerAssignmentsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentsClientListResponse]) +} + +// NewWorkspaceManagerAssignmentsServerTransport creates a new instance of WorkspaceManagerAssignmentsServerTransport with the provided implementation. +// The returned WorkspaceManagerAssignmentsServerTransport instance is connected to an instance of armsecurityinsights.WorkspaceManagerAssignmentsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewWorkspaceManagerAssignmentsServerTransport(srv *WorkspaceManagerAssignmentsServer) *WorkspaceManagerAssignmentsServerTransport { + return &WorkspaceManagerAssignmentsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentsClientListResponse]](), + } +} + +// WorkspaceManagerAssignmentsServerTransport connects instances of armsecurityinsights.WorkspaceManagerAssignmentsClient to instances of WorkspaceManagerAssignmentsServer. +// Don't use this type directly, use NewWorkspaceManagerAssignmentsServerTransport instead. +type WorkspaceManagerAssignmentsServerTransport struct { + srv *WorkspaceManagerAssignmentsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentsClientListResponse]] +} + +// Do implements the policy.Transporter interface for WorkspaceManagerAssignmentsServerTransport. +func (w *WorkspaceManagerAssignmentsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return w.dispatchToMethodFake(req, method) +} + +func (w *WorkspaceManagerAssignmentsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if workspaceManagerAssignmentsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = workspaceManagerAssignmentsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "WorkspaceManagerAssignmentsClient.CreateOrUpdate": + res.resp, res.err = w.dispatchCreateOrUpdate(req) + case "WorkspaceManagerAssignmentsClient.Delete": + res.resp, res.err = w.dispatchDelete(req) + case "WorkspaceManagerAssignmentsClient.Get": + res.resp, res.err = w.dispatchGet(req) + case "WorkspaceManagerAssignmentsClient.NewListPager": + res.resp, res.err = w.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (w *WorkspaceManagerAssignmentsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if w.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.WorkspaceManagerAssignment](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerAssignment, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if w.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if w.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerAssignment, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if w.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := w.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.WorkspaceManagerAssignmentsClientListOptions + if orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.WorkspaceManagerAssignmentsClientListOptions{ + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := w.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + w.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.WorkspaceManagerAssignmentsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + w.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + w.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to WorkspaceManagerAssignmentsServerTransport +var workspaceManagerAssignmentsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerconfigurations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerconfigurations_server.go new file mode 100644 index 000000000000..2253a0769d89 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerconfigurations_server.go @@ -0,0 +1,302 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// WorkspaceManagerConfigurationsServer is a fake server for instances of the armsecurityinsights.WorkspaceManagerConfigurationsClient type. +type WorkspaceManagerConfigurationsServer struct { + // CreateOrUpdate is the fake for method WorkspaceManagerConfigurationsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, workspaceManagerConfiguration armsecurityinsights.WorkspaceManagerConfiguration, options *armsecurityinsights.WorkspaceManagerConfigurationsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerConfigurationsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method WorkspaceManagerConfigurationsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, options *armsecurityinsights.WorkspaceManagerConfigurationsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerConfigurationsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method WorkspaceManagerConfigurationsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, options *armsecurityinsights.WorkspaceManagerConfigurationsClientGetOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerConfigurationsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method WorkspaceManagerConfigurationsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.WorkspaceManagerConfigurationsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.WorkspaceManagerConfigurationsClientListResponse]) +} + +// NewWorkspaceManagerConfigurationsServerTransport creates a new instance of WorkspaceManagerConfigurationsServerTransport with the provided implementation. +// The returned WorkspaceManagerConfigurationsServerTransport instance is connected to an instance of armsecurityinsights.WorkspaceManagerConfigurationsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewWorkspaceManagerConfigurationsServerTransport(srv *WorkspaceManagerConfigurationsServer) *WorkspaceManagerConfigurationsServerTransport { + return &WorkspaceManagerConfigurationsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerConfigurationsClientListResponse]](), + } +} + +// WorkspaceManagerConfigurationsServerTransport connects instances of armsecurityinsights.WorkspaceManagerConfigurationsClient to instances of WorkspaceManagerConfigurationsServer. +// Don't use this type directly, use NewWorkspaceManagerConfigurationsServerTransport instead. +type WorkspaceManagerConfigurationsServerTransport struct { + srv *WorkspaceManagerConfigurationsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerConfigurationsClientListResponse]] +} + +// Do implements the policy.Transporter interface for WorkspaceManagerConfigurationsServerTransport. +func (w *WorkspaceManagerConfigurationsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return w.dispatchToMethodFake(req, method) +} + +func (w *WorkspaceManagerConfigurationsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if workspaceManagerConfigurationsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = workspaceManagerConfigurationsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "WorkspaceManagerConfigurationsClient.CreateOrUpdate": + res.resp, res.err = w.dispatchCreateOrUpdate(req) + case "WorkspaceManagerConfigurationsClient.Delete": + res.resp, res.err = w.dispatchDelete(req) + case "WorkspaceManagerConfigurationsClient.Get": + res.resp, res.err = w.dispatchGet(req) + case "WorkspaceManagerConfigurationsClient.NewListPager": + res.resp, res.err = w.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (w *WorkspaceManagerConfigurationsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if w.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerConfigurations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.WorkspaceManagerConfiguration](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerConfigurationNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerConfigurationName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerConfigurationNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerConfiguration, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerConfigurationsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if w.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerConfigurations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerConfigurationNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerConfigurationName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerConfigurationNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerConfigurationsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if w.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerConfigurations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerConfigurationNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerConfigurationName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerConfigurationNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerConfiguration, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerConfigurationsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if w.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := w.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerConfigurations` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.WorkspaceManagerConfigurationsClientListOptions + if orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.WorkspaceManagerConfigurationsClientListOptions{ + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := w.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + w.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.WorkspaceManagerConfigurationsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + w.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + w.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to WorkspaceManagerConfigurationsServerTransport +var workspaceManagerConfigurationsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagergroups_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagergroups_server.go new file mode 100644 index 000000000000..f5fe87628b9a --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagergroups_server.go @@ -0,0 +1,302 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// WorkspaceManagerGroupsServer is a fake server for instances of the armsecurityinsights.WorkspaceManagerGroupsClient type. +type WorkspaceManagerGroupsServer struct { + // CreateOrUpdate is the fake for method WorkspaceManagerGroupsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, workspaceManagerGroup armsecurityinsights.WorkspaceManagerGroup, options *armsecurityinsights.WorkspaceManagerGroupsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerGroupsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method WorkspaceManagerGroupsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, options *armsecurityinsights.WorkspaceManagerGroupsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerGroupsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method WorkspaceManagerGroupsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, options *armsecurityinsights.WorkspaceManagerGroupsClientGetOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerGroupsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method WorkspaceManagerGroupsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.WorkspaceManagerGroupsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.WorkspaceManagerGroupsClientListResponse]) +} + +// NewWorkspaceManagerGroupsServerTransport creates a new instance of WorkspaceManagerGroupsServerTransport with the provided implementation. +// The returned WorkspaceManagerGroupsServerTransport instance is connected to an instance of armsecurityinsights.WorkspaceManagerGroupsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewWorkspaceManagerGroupsServerTransport(srv *WorkspaceManagerGroupsServer) *WorkspaceManagerGroupsServerTransport { + return &WorkspaceManagerGroupsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerGroupsClientListResponse]](), + } +} + +// WorkspaceManagerGroupsServerTransport connects instances of armsecurityinsights.WorkspaceManagerGroupsClient to instances of WorkspaceManagerGroupsServer. +// Don't use this type directly, use NewWorkspaceManagerGroupsServerTransport instead. +type WorkspaceManagerGroupsServerTransport struct { + srv *WorkspaceManagerGroupsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerGroupsClientListResponse]] +} + +// Do implements the policy.Transporter interface for WorkspaceManagerGroupsServerTransport. +func (w *WorkspaceManagerGroupsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return w.dispatchToMethodFake(req, method) +} + +func (w *WorkspaceManagerGroupsServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if workspaceManagerGroupsServerTransportInterceptor != nil { + res.resp, res.err, intercepted = workspaceManagerGroupsServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "WorkspaceManagerGroupsClient.CreateOrUpdate": + res.resp, res.err = w.dispatchCreateOrUpdate(req) + case "WorkspaceManagerGroupsClient.Delete": + res.resp, res.err = w.dispatchDelete(req) + case "WorkspaceManagerGroupsClient.Get": + res.resp, res.err = w.dispatchGet(req) + case "WorkspaceManagerGroupsClient.NewListPager": + res.resp, res.err = w.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (w *WorkspaceManagerGroupsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if w.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.WorkspaceManagerGroup](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerGroupName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerGroupNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerGroup, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerGroupsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if w.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerGroupName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerGroupNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerGroupsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if w.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerGroupName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerGroupNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerGroup, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerGroupsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if w.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := w.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerGroups` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.WorkspaceManagerGroupsClientListOptions + if orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.WorkspaceManagerGroupsClientListOptions{ + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := w.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + w.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.WorkspaceManagerGroupsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + w.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + w.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to WorkspaceManagerGroupsServerTransport +var workspaceManagerGroupsServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagermembers_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagermembers_server.go new file mode 100644 index 000000000000..a289f9d1eb6b --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagermembers_server.go @@ -0,0 +1,302 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// WorkspaceManagerMembersServer is a fake server for instances of the armsecurityinsights.WorkspaceManagerMembersClient type. +type WorkspaceManagerMembersServer struct { + // CreateOrUpdate is the fake for method WorkspaceManagerMembersClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, workspaceManagerMember armsecurityinsights.WorkspaceManagerMember, options *armsecurityinsights.WorkspaceManagerMembersClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerMembersClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method WorkspaceManagerMembersClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, options *armsecurityinsights.WorkspaceManagerMembersClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerMembersClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method WorkspaceManagerMembersClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, options *armsecurityinsights.WorkspaceManagerMembersClientGetOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerMembersClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method WorkspaceManagerMembersClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.WorkspaceManagerMembersClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.WorkspaceManagerMembersClientListResponse]) +} + +// NewWorkspaceManagerMembersServerTransport creates a new instance of WorkspaceManagerMembersServerTransport with the provided implementation. +// The returned WorkspaceManagerMembersServerTransport instance is connected to an instance of armsecurityinsights.WorkspaceManagerMembersClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewWorkspaceManagerMembersServerTransport(srv *WorkspaceManagerMembersServer) *WorkspaceManagerMembersServerTransport { + return &WorkspaceManagerMembersServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerMembersClientListResponse]](), + } +} + +// WorkspaceManagerMembersServerTransport connects instances of armsecurityinsights.WorkspaceManagerMembersClient to instances of WorkspaceManagerMembersServer. +// Don't use this type directly, use NewWorkspaceManagerMembersServerTransport instead. +type WorkspaceManagerMembersServerTransport struct { + srv *WorkspaceManagerMembersServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerMembersClientListResponse]] +} + +// Do implements the policy.Transporter interface for WorkspaceManagerMembersServerTransport. +func (w *WorkspaceManagerMembersServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + return w.dispatchToMethodFake(req, method) +} + +func (w *WorkspaceManagerMembersServerTransport) dispatchToMethodFake(req *http.Request, method string) (*http.Response, error) { + resultChan := make(chan result) + defer close(resultChan) + + go func() { + var intercepted bool + var res result + if workspaceManagerMembersServerTransportInterceptor != nil { + res.resp, res.err, intercepted = workspaceManagerMembersServerTransportInterceptor.Do(req) + } + if !intercepted { + switch method { + case "WorkspaceManagerMembersClient.CreateOrUpdate": + res.resp, res.err = w.dispatchCreateOrUpdate(req) + case "WorkspaceManagerMembersClient.Delete": + res.resp, res.err = w.dispatchDelete(req) + case "WorkspaceManagerMembersClient.Get": + res.resp, res.err = w.dispatchGet(req) + case "WorkspaceManagerMembersClient.NewListPager": + res.resp, res.err = w.dispatchNewListPager(req) + default: + res.err = fmt.Errorf("unhandled API %s", method) + } + + } + select { + case resultChan <- res: + case <-req.Context().Done(): + } + }() + + select { + case <-req.Context().Done(): + return nil, req.Context().Err() + case res := <-resultChan: + return res.resp, res.err + } +} + +func (w *WorkspaceManagerMembersServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if w.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerMembers/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.WorkspaceManagerMember](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerMemberNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerMemberName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerMemberNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerMember, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerMembersServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if w.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerMembers/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerMemberNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerMemberName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerMemberNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerMembersServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if w.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerMembers/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerMemberNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerMemberName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerMemberNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerMember, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerMembersServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if w.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := w.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerMembers/` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.WorkspaceManagerMembersClientListOptions + if orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.WorkspaceManagerMembersClientListOptions{ + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := w.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + w.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.WorkspaceManagerMembersClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + w.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + w.newListPager.remove(req) + } + return resp, nil +} + +// set this to conditionally intercept incoming requests to WorkspaceManagerMembersServerTransport +var workspaceManagerMembersServerTransportInterceptor interface { + // Do returns true if the server transport should use the returned response/error + Do(*http.Request) (*http.Response, error, bool) +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client.go index 2b1471af04e7..11cccbf3425d 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -29,7 +26,7 @@ type FileImportsClient struct { } // NewFileImportsClient creates a new instance of FileImportsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewFileImportsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*FileImportsClient, error) { @@ -47,7 +44,7 @@ func NewFileImportsClient(subscriptionID string, credential azcore.TokenCredenti // Create - Creates the file import. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - fileImportID - File import ID @@ -67,7 +64,7 @@ func (client *FileImportsClient) Create(ctx context.Context, resourceGroupName s if err != nil { return FileImportsClientCreateResponse{}, err } - if !runtime.HasStatusCode(httpResp, http.StatusCreated) { + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { err = runtime.NewResponseError(httpResp) return FileImportsClientCreateResponse{}, err } @@ -76,7 +73,7 @@ func (client *FileImportsClient) Create(ctx context.Context, resourceGroupName s } // createCreateRequest creates the Create request. -func (client *FileImportsClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, fileImport FileImport, options *FileImportsClientCreateOptions) (*policy.Request, error) { +func (client *FileImportsClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, fileImport FileImport, _ *FileImportsClientCreateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/fileImports/{fileImportId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -99,7 +96,7 @@ func (client *FileImportsClient) createCreateRequest(ctx context.Context, resour return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, fileImport); err != nil { @@ -120,7 +117,7 @@ func (client *FileImportsClient) createHandleResponse(resp *http.Response) (File // BeginDelete - Delete the file import. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - fileImportID - File import ID @@ -146,7 +143,7 @@ func (client *FileImportsClient) BeginDelete(ctx context.Context, resourceGroupN // Delete - Delete the file import. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview func (client *FileImportsClient) deleteOperation(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *FileImportsClientBeginDeleteOptions) (*http.Response, error) { var err error const operationName = "FileImportsClient.BeginDelete" @@ -169,7 +166,7 @@ func (client *FileImportsClient) deleteOperation(ctx context.Context, resourceGr } // deleteCreateRequest creates the Delete request. -func (client *FileImportsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *FileImportsClientBeginDeleteOptions) (*policy.Request, error) { +func (client *FileImportsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, _ *FileImportsClientBeginDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/fileImports/{fileImportId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -192,7 +189,7 @@ func (client *FileImportsClient) deleteCreateRequest(ctx context.Context, resour return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -201,7 +198,7 @@ func (client *FileImportsClient) deleteCreateRequest(ctx context.Context, resour // Get - Gets a file import. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - fileImportID - File import ID @@ -229,7 +226,7 @@ func (client *FileImportsClient) Get(ctx context.Context, resourceGroupName stri } // getCreateRequest creates the Get request. -func (client *FileImportsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *FileImportsClientGetOptions) (*policy.Request, error) { +func (client *FileImportsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, _ *FileImportsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/fileImports/{fileImportId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -252,7 +249,7 @@ func (client *FileImportsClient) getCreateRequest(ctx context.Context, resourceG return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -269,7 +266,7 @@ func (client *FileImportsClient) getHandleResponse(resp *http.Response) (FileImp // NewListPager - Gets all file imports. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - FileImportsClientListOptions contains the optional parameters for the FileImportsClient.NewListPager method. @@ -328,7 +325,7 @@ func (client *FileImportsClient) listCreateRequest(ctx context.Context, resource if options != nil && options.Top != nil { reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) } - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client_example_test.go deleted file mode 100644 index 6f412f657165..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client_example_test.go +++ /dev/null @@ -1,167 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/fileImports/GetFileImports.json -func ExampleFileImportsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewFileImportsClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.FileImportsClientListOptions{Filter: nil, - Orderby: to.Ptr("properties/createdTimeUtc desc"), - Top: to.Ptr[int32](1), - SkipToken: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.FileImportList = armsecurityinsights.FileImportList{ - // Value: []*armsecurityinsights.FileImport{ - // { - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/FileImports"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/FileImports/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Properties: &armsecurityinsights.FileImportProperties{ - // ContentType: to.Ptr(armsecurityinsights.FileImportContentTypeStixIndicator), - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-03-25T21:02:38.835Z"); return t}()), - // FilesValidUntilTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-03-26T21:02:38.835Z"); return t}()), - // ImportFile: &armsecurityinsights.FileMetadata{ - // DeleteStatus: to.Ptr(armsecurityinsights.DeleteStatusNotDeleted), - // FileFormat: to.Ptr(armsecurityinsights.FileFormatJSON), - // FileName: to.Ptr("fileName.json"), - // FileSize: to.Ptr[int32](5146), - // }, - // ImportValidUntilTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-24T21:02:38.835Z"); return t}()), - // IngestedRecordCount: to.Ptr[int32](5), - // IngestionMode: to.Ptr(armsecurityinsights.IngestionModeIngestAnyValidRecords), - // Source: to.Ptr("mySource"), - // State: to.Ptr(armsecurityinsights.FileImportStateIngested), - // TotalRecordCount: to.Ptr[int32](5), - // ValidRecordCount: to.Ptr[int32](5), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/fileImports/GetFileImportById.json -func ExampleFileImportsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewFileImportsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.FileImport = armsecurityinsights.FileImport{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/FileImports"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/FileImports/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Properties: &armsecurityinsights.FileImportProperties{ - // ContentType: to.Ptr(armsecurityinsights.FileImportContentTypeStixIndicator), - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-03-25T21:02:38.835Z"); return t}()), - // FilesValidUntilTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-03-26T21:02:38.835Z"); return t}()), - // ImportFile: &armsecurityinsights.FileMetadata{ - // DeleteStatus: to.Ptr(armsecurityinsights.DeleteStatusNotDeleted), - // FileContentURI: to.Ptr("https://sentinelimportswus2.blob.core.windows.net/78c2e51a-3cd3-4ca0-a2d4-e7effb9a05fe/43967a5e-47a7-474e-afb8-2081e9b99ca1/myFile.json?skoid=40ca3ff4-ed1d-4c65-a409-8c6caff8a6d5&sktid=72f988bf-86f1-41af-91ab-2d7cd011db47&skt=2022-03-25T21%3A12%3A51Z&ske=2022-03-25T22%3A12%3A51Z&sks=b&skv=2020-10-02&sv=2020-08-04&st=2022-03-25T21%3A12%3A51Z&se=2022-03-25T22%3A12%3A51Z&sr=b&sp=c&sig=5n0D%2FERS6ZOQdfdO2adleeSVOM4b6mQeds%2FWYCGm9pU%3D"), - // FileFormat: to.Ptr(armsecurityinsights.FileFormatJSON), - // FileName: to.Ptr("myFile.json"), - // FileSize: to.Ptr[int32](5146), - // }, - // ImportValidUntilTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-24T21:02:38.835Z"); return t}()), - // IngestedRecordCount: to.Ptr[int32](5), - // IngestionMode: to.Ptr(armsecurityinsights.IngestionModeIngestAnyValidRecords), - // Source: to.Ptr("mySource"), - // State: to.Ptr(armsecurityinsights.FileImportStateIngested), - // TotalRecordCount: to.Ptr[int32](5), - // ValidRecordCount: to.Ptr[int32](5), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/fileImports/CreateFileImport.json -func ExampleFileImportsClient_Create() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewFileImportsClient().Create(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", armsecurityinsights.FileImport{ - Properties: &armsecurityinsights.FileImportProperties{ - ContentType: to.Ptr(armsecurityinsights.FileImportContentTypeStixIndicator), - ImportFile: &armsecurityinsights.FileMetadata{ - FileFormat: to.Ptr(armsecurityinsights.FileFormatJSON), - FileName: to.Ptr("myFile.json"), - FileSize: to.Ptr[int32](4653), - }, - IngestionMode: to.Ptr(armsecurityinsights.IngestionModeIngestAnyValidRecords), - Source: to.Ptr("mySource"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/fileImports/DeleteFileImport.json -func ExampleFileImportsClient_BeginDelete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - poller, err := clientFactory.NewFileImportsClient().BeginDelete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - _, err = poller.PollUntilDone(ctx, nil) - if err != nil { - log.Fatalf("failed to pull the result: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/get_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/get_client.go new file mode 100644 index 000000000000..6394f73f16c2 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/get_client.go @@ -0,0 +1,111 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// GetClient contains the methods for the Get group. +// Don't use this type directly, use NewGetClient() instead. +type GetClient struct { + internal *arm.Client + subscriptionID string +} + +// NewGetClient creates a new instance of GetClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewGetClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*GetClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &GetClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// SingleRecommendation - Gets a recommendation by its id. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - recommendationID - Recommendation Id. +// - options - GetClientSingleRecommendationOptions contains the optional parameters for the GetClient.SingleRecommendation +// method. +func (client *GetClient) SingleRecommendation(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, options *GetClientSingleRecommendationOptions) (GetClientSingleRecommendationResponse, error) { + var err error + const operationName = "GetClient.SingleRecommendation" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.singleRecommendationCreateRequest(ctx, resourceGroupName, workspaceName, recommendationID, options) + if err != nil { + return GetClientSingleRecommendationResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return GetClientSingleRecommendationResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return GetClientSingleRecommendationResponse{}, err + } + resp, err := client.singleRecommendationHandleResponse(httpResp) + return resp, err +} + +// singleRecommendationCreateRequest creates the SingleRecommendation request. +func (client *GetClient) singleRecommendationCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, _ *GetClientSingleRecommendationOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if recommendationID == "" { + return nil, errors.New("parameter recommendationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{recommendationId}", url.PathEscape(recommendationID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// singleRecommendationHandleResponse handles the SingleRecommendation response. +func (client *GetClient) singleRecommendationHandleResponse(resp *http.Response) (GetClientSingleRecommendationResponse, error) { + result := GetClientSingleRecommendationResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Recommendation); err != nil { + return GetClientSingleRecommendationResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/getrecommendations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/getrecommendations_client.go new file mode 100644 index 000000000000..6e5a1857bcc3 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/getrecommendations_client.go @@ -0,0 +1,106 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// GetRecommendationsClient contains the methods for the GetRecommendations group. +// Don't use this type directly, use NewGetRecommendationsClient() instead. +type GetRecommendationsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewGetRecommendationsClient creates a new instance of GetRecommendationsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewGetRecommendationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*GetRecommendationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &GetRecommendationsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets a list of all recommendations. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - GetRecommendationsClientListOptions contains the optional parameters for the GetRecommendationsClient.NewListPager +// method. +func (client *GetRecommendationsClient) NewListPager(resourceGroupName string, workspaceName string, options *GetRecommendationsClientListOptions) *runtime.Pager[GetRecommendationsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[GetRecommendationsClientListResponse]{ + More: func(page GetRecommendationsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *GetRecommendationsClientListResponse) (GetRecommendationsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "GetRecommendationsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return GetRecommendationsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *GetRecommendationsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *GetRecommendationsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *GetRecommendationsClient) listHandleResponse(resp *http.Response) (GetRecommendationsClientListResponse, error) { + result := GetRecommendationsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RecommendationList); err != nil { + return GetRecommendationsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/gettriggeredanalyticsruleruns_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/gettriggeredanalyticsruleruns_client.go new file mode 100644 index 000000000000..473e3b8e2e7b --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/gettriggeredanalyticsruleruns_client.go @@ -0,0 +1,106 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// GetTriggeredAnalyticsRuleRunsClient contains the methods for the GetTriggeredAnalyticsRuleRuns group. +// Don't use this type directly, use NewGetTriggeredAnalyticsRuleRunsClient() instead. +type GetTriggeredAnalyticsRuleRunsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewGetTriggeredAnalyticsRuleRunsClient creates a new instance of GetTriggeredAnalyticsRuleRunsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewGetTriggeredAnalyticsRuleRunsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*GetTriggeredAnalyticsRuleRunsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &GetTriggeredAnalyticsRuleRunsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets the triggered analytics rule runs. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - GetTriggeredAnalyticsRuleRunsClientListOptions contains the optional parameters for the GetTriggeredAnalyticsRuleRunsClient.NewListPager +// method. +func (client *GetTriggeredAnalyticsRuleRunsClient) NewListPager(resourceGroupName string, workspaceName string, options *GetTriggeredAnalyticsRuleRunsClientListOptions) *runtime.Pager[GetTriggeredAnalyticsRuleRunsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[GetTriggeredAnalyticsRuleRunsClientListResponse]{ + More: func(page GetTriggeredAnalyticsRuleRunsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *GetTriggeredAnalyticsRuleRunsClientListResponse) (GetTriggeredAnalyticsRuleRunsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "GetTriggeredAnalyticsRuleRunsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return GetTriggeredAnalyticsRuleRunsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *GetTriggeredAnalyticsRuleRunsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *GetTriggeredAnalyticsRuleRunsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *GetTriggeredAnalyticsRuleRunsClient) listHandleResponse(resp *http.Response) (GetTriggeredAnalyticsRuleRunsClientListResponse, error) { + result := GetTriggeredAnalyticsRuleRunsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TriggeredAnalyticsRuleRuns); err != nil { + return GetTriggeredAnalyticsRuleRunsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/go.mod b/sdk/resourcemanager/securityinsights/armsecurityinsights/go.mod index d0f79f86d0bd..d373f9b33ab5 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/go.mod +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/go.mod @@ -2,20 +2,10 @@ module github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/ar go 1.23.0 -require ( - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.1 - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2 -) +require github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.1 require ( github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect - github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 // indirect - github.com/golang-jwt/jwt/v5 v5.2.2 // indirect - github.com/google/uuid v1.6.0 // indirect - github.com/kylelemons/godebug v1.1.0 // indirect - github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect - golang.org/x/crypto v0.36.0 // indirect golang.org/x/net v0.38.0 // indirect - golang.org/x/sys v0.31.0 // indirect golang.org/x/text v0.23.0 // indirect ) diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/go.sum b/sdk/resourcemanager/securityinsights/armsecurityinsights/go.sum index 4bacf756f06c..4de695d9e23a 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/go.sum +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/go.sum @@ -1,44 +1,15 @@ github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.1 h1:DSDNVxqkoXJiko6x8a90zidoYqnYYa6c1MTzDKzKkTo= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.1/go.mod h1:zGqV2R4Cr/k8Uye5w+dgQ06WJtEcbQG/8J7BB6hnCr4= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2 h1:F0gBpfdPLGsw+nsgk6aqqkZS1jiixa5WwFe3fk/T3Ys= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2/go.mod h1:SqINnQ9lVVdRlyC8cd1lCI0SdX4n2paeABd2K8ggfnE= -github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2 h1:yz1bePFlP5Vws5+8ez6T3HWXPmwOK7Yvq8QxDBD3SKY= -github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2/go.mod h1:Pa9ZNPuoNu/GztvBSKk9J1cDJW6vk/n0zLtV4mgd8N8= github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY= github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY= -github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1 h1:WJTmL004Abzc5wDB5VtZG2PJk5ndYDgVacGqfirKxjM= -github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1/go.mod h1:tCcJZ0uHAmvjsVYzEFivsRTN00oz5BEsRgQHu5JZ9WE= -github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 h1:oygO0locgZJe7PpYPXT5A29ZkwJaPqcva7BVeemZOZs= -github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= -github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= -github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= -github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= -github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8= -github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= -github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= -github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6 h1:IsMZxCuZqKuao2vNdfD82fjjgPLfyHLpR41Z88viRWs= -github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6/go.mod h1:3VeWNIJaW+O5xpRQbPp0Ybqu1vJd/pm7s2F473HRrkw= -github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= -github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= -github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/redis/go-redis/v9 v9.7.0 h1:HhLSs+B6O021gwzl+locl0zEDnyNkxMtf/Z3NNBMa9E= -github.com/redis/go-redis/v9 v9.7.0/go.mod h1:f6zhXITC7JUJIlPEiBOTXxJgPLdZcA93GewI7inzyWw= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34= -golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc= golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8= golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= -golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/huntcomments_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/huntcomments_client.go new file mode 100644 index 000000000000..6cf8d491d78f --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/huntcomments_client.go @@ -0,0 +1,340 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// HuntCommentsClient contains the methods for the HuntComments group. +// Don't use this type directly, use NewHuntCommentsClient() instead. +type HuntCommentsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewHuntCommentsClient creates a new instance of HuntCommentsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewHuntCommentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*HuntCommentsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &HuntCommentsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a hunt relation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntCommentID - The hunt comment id (GUID) +// - huntComment - The hunt comment +// - options - HuntCommentsClientCreateOrUpdateOptions contains the optional parameters for the HuntCommentsClient.CreateOrUpdate +// method. +func (client *HuntCommentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, huntComment HuntComment, options *HuntCommentsClientCreateOrUpdateOptions) (HuntCommentsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "HuntCommentsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntCommentID, huntComment, options) + if err != nil { + return HuntCommentsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntCommentsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return HuntCommentsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *HuntCommentsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, huntComment HuntComment, _ *HuntCommentsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntCommentID == "" { + return nil, errors.New("parameter huntCommentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntCommentId}", url.PathEscape(huntCommentID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, huntComment); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *HuntCommentsClient) createOrUpdateHandleResponse(resp *http.Response) (HuntCommentsClientCreateOrUpdateResponse, error) { + result := HuntCommentsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntComment); err != nil { + return HuntCommentsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete a hunt comment. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntCommentID - The hunt comment id (GUID) +// - options - HuntCommentsClientDeleteOptions contains the optional parameters for the HuntCommentsClient.Delete method. +func (client *HuntCommentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, options *HuntCommentsClientDeleteOptions) (HuntCommentsClientDeleteResponse, error) { + var err error + const operationName = "HuntCommentsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntCommentID, options) + if err != nil { + return HuntCommentsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntCommentsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return HuntCommentsClientDeleteResponse{}, err + } + return HuntCommentsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *HuntCommentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, _ *HuntCommentsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntCommentID == "" { + return nil, errors.New("parameter huntCommentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntCommentId}", url.PathEscape(huntCommentID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a hunt comment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntCommentID - The hunt comment id (GUID) +// - options - HuntCommentsClientGetOptions contains the optional parameters for the HuntCommentsClient.Get method. +func (client *HuntCommentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, options *HuntCommentsClientGetOptions) (HuntCommentsClientGetResponse, error) { + var err error + const operationName = "HuntCommentsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntCommentID, options) + if err != nil { + return HuntCommentsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntCommentsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return HuntCommentsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *HuntCommentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, _ *HuntCommentsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntCommentID == "" { + return nil, errors.New("parameter huntCommentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntCommentId}", url.PathEscape(huntCommentID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *HuntCommentsClient) getHandleResponse(resp *http.Response) (HuntCommentsClientGetResponse, error) { + result := HuntCommentsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntComment); err != nil { + return HuntCommentsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all hunt comments +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - options - HuntCommentsClientListOptions contains the optional parameters for the HuntCommentsClient.NewListPager method. +func (client *HuntCommentsClient) NewListPager(resourceGroupName string, workspaceName string, huntID string, options *HuntCommentsClientListOptions) *runtime.Pager[HuntCommentsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[HuntCommentsClientListResponse]{ + More: func(page HuntCommentsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *HuntCommentsClientListResponse) (HuntCommentsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "HuntCommentsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, huntID, options) + }, nil) + if err != nil { + return HuntCommentsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *HuntCommentsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *HuntCommentsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *HuntCommentsClient) listHandleResponse(resp *http.Response) (HuntCommentsClientListResponse, error) { + result := HuntCommentsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntCommentList); err != nil { + return HuntCommentsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/huntrelations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/huntrelations_client.go new file mode 100644 index 000000000000..1bc17dfd2f25 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/huntrelations_client.go @@ -0,0 +1,340 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// HuntRelationsClient contains the methods for the HuntRelations group. +// Don't use this type directly, use NewHuntRelationsClient() instead. +type HuntRelationsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewHuntRelationsClient creates a new instance of HuntRelationsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewHuntRelationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*HuntRelationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &HuntRelationsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a hunt relation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntRelationID - The hunt relation id (GUID) +// - huntRelation - The hunt relation +// - options - HuntRelationsClientCreateOrUpdateOptions contains the optional parameters for the HuntRelationsClient.CreateOrUpdate +// method. +func (client *HuntRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, huntRelation HuntRelation, options *HuntRelationsClientCreateOrUpdateOptions) (HuntRelationsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "HuntRelationsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntRelationID, huntRelation, options) + if err != nil { + return HuntRelationsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntRelationsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return HuntRelationsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *HuntRelationsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, huntRelation HuntRelation, _ *HuntRelationsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntRelationID == "" { + return nil, errors.New("parameter huntRelationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntRelationId}", url.PathEscape(huntRelationID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, huntRelation); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *HuntRelationsClient) createOrUpdateHandleResponse(resp *http.Response) (HuntRelationsClientCreateOrUpdateResponse, error) { + result := HuntRelationsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntRelation); err != nil { + return HuntRelationsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete a hunt relation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntRelationID - The hunt relation id (GUID) +// - options - HuntRelationsClientDeleteOptions contains the optional parameters for the HuntRelationsClient.Delete method. +func (client *HuntRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, options *HuntRelationsClientDeleteOptions) (HuntRelationsClientDeleteResponse, error) { + var err error + const operationName = "HuntRelationsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntRelationID, options) + if err != nil { + return HuntRelationsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntRelationsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return HuntRelationsClientDeleteResponse{}, err + } + return HuntRelationsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *HuntRelationsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, _ *HuntRelationsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntRelationID == "" { + return nil, errors.New("parameter huntRelationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntRelationId}", url.PathEscape(huntRelationID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a hunt relation +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntRelationID - The hunt relation id (GUID) +// - options - HuntRelationsClientGetOptions contains the optional parameters for the HuntRelationsClient.Get method. +func (client *HuntRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, options *HuntRelationsClientGetOptions) (HuntRelationsClientGetResponse, error) { + var err error + const operationName = "HuntRelationsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntRelationID, options) + if err != nil { + return HuntRelationsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntRelationsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return HuntRelationsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *HuntRelationsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, _ *HuntRelationsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntRelationID == "" { + return nil, errors.New("parameter huntRelationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntRelationId}", url.PathEscape(huntRelationID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *HuntRelationsClient) getHandleResponse(resp *http.Response) (HuntRelationsClientGetResponse, error) { + result := HuntRelationsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntRelation); err != nil { + return HuntRelationsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all hunt relations +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - options - HuntRelationsClientListOptions contains the optional parameters for the HuntRelationsClient.NewListPager method. +func (client *HuntRelationsClient) NewListPager(resourceGroupName string, workspaceName string, huntID string, options *HuntRelationsClientListOptions) *runtime.Pager[HuntRelationsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[HuntRelationsClientListResponse]{ + More: func(page HuntRelationsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *HuntRelationsClientListResponse) (HuntRelationsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "HuntRelationsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, huntID, options) + }, nil) + if err != nil { + return HuntRelationsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *HuntRelationsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *HuntRelationsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *HuntRelationsClient) listHandleResponse(resp *http.Response) (HuntRelationsClientListResponse, error) { + result := HuntRelationsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntRelationList); err != nil { + return HuntRelationsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/hunts_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/hunts_client.go new file mode 100644 index 000000000000..272eb12eb3ed --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/hunts_client.go @@ -0,0 +1,319 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// HuntsClient contains the methods for the Hunts group. +// Don't use this type directly, use NewHuntsClient() instead. +type HuntsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewHuntsClient creates a new instance of HuntsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewHuntsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*HuntsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &HuntsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Create or update a hunt +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - hunt - The hunt +// - options - HuntsClientCreateOrUpdateOptions contains the optional parameters for the HuntsClient.CreateOrUpdate method. +func (client *HuntsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, hunt Hunt, options *HuntsClientCreateOrUpdateOptions) (HuntsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "HuntsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, huntID, hunt, options) + if err != nil { + return HuntsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return HuntsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *HuntsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, hunt Hunt, _ *HuntsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, hunt); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *HuntsClient) createOrUpdateHandleResponse(resp *http.Response) (HuntsClientCreateOrUpdateResponse, error) { + result := HuntsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Hunt); err != nil { + return HuntsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete a hunt. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - options - HuntsClientDeleteOptions contains the optional parameters for the HuntsClient.Delete method. +func (client *HuntsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *HuntsClientDeleteOptions) (HuntsClientDeleteResponse, error) { + var err error + const operationName = "HuntsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, huntID, options) + if err != nil { + return HuntsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return HuntsClientDeleteResponse{}, err + } + return HuntsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *HuntsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, _ *HuntsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a hunt, without relations and comments. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - options - HuntsClientGetOptions contains the optional parameters for the HuntsClient.Get method. +func (client *HuntsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *HuntsClientGetOptions) (HuntsClientGetResponse, error) { + var err error + const operationName = "HuntsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, huntID, options) + if err != nil { + return HuntsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return HuntsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *HuntsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, _ *HuntsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *HuntsClient) getHandleResponse(resp *http.Response) (HuntsClientGetResponse, error) { + result := HuntsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Hunt); err != nil { + return HuntsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all hunts, without relations and comments. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - HuntsClientListOptions contains the optional parameters for the HuntsClient.NewListPager method. +func (client *HuntsClient) NewListPager(resourceGroupName string, workspaceName string, options *HuntsClientListOptions) *runtime.Pager[HuntsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[HuntsClientListResponse]{ + More: func(page HuntsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *HuntsClientListResponse) (HuntsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "HuntsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return HuntsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *HuntsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *HuntsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *HuntsClient) listHandleResponse(resp *http.Response) (HuntsClientListResponse, error) { + result := HuntsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntList); err != nil { + return HuntsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client.go index 148c62c1878c..dd12a2836d12 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -29,7 +26,7 @@ type IncidentCommentsClient struct { } // NewIncidentCommentsClient creates a new instance of IncidentCommentsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewIncidentCommentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*IncidentCommentsClient, error) { @@ -47,7 +44,7 @@ func NewIncidentCommentsClient(subscriptionID string, credential azcore.TokenCre // CreateOrUpdate - Creates or updates the incident comment. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -78,7 +75,7 @@ func (client *IncidentCommentsClient) CreateOrUpdate(ctx context.Context, resour } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *IncidentCommentsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment, options *IncidentCommentsClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *IncidentCommentsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment, _ *IncidentCommentsClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -105,7 +102,7 @@ func (client *IncidentCommentsClient) createOrUpdateCreateRequest(ctx context.Co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, incidentComment); err != nil { @@ -126,7 +123,7 @@ func (client *IncidentCommentsClient) createOrUpdateHandleResponse(resp *http.Re // Delete - Delete the incident comment. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -154,7 +151,7 @@ func (client *IncidentCommentsClient) Delete(ctx context.Context, resourceGroupN } // deleteCreateRequest creates the Delete request. -func (client *IncidentCommentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, options *IncidentCommentsClientDeleteOptions) (*policy.Request, error) { +func (client *IncidentCommentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, _ *IncidentCommentsClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -181,7 +178,7 @@ func (client *IncidentCommentsClient) deleteCreateRequest(ctx context.Context, r return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -190,7 +187,7 @@ func (client *IncidentCommentsClient) deleteCreateRequest(ctx context.Context, r // Get - Gets an incident comment. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -219,7 +216,7 @@ func (client *IncidentCommentsClient) Get(ctx context.Context, resourceGroupName } // getCreateRequest creates the Get request. -func (client *IncidentCommentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, options *IncidentCommentsClientGetOptions) (*policy.Request, error) { +func (client *IncidentCommentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, _ *IncidentCommentsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -246,7 +243,7 @@ func (client *IncidentCommentsClient) getCreateRequest(ctx context.Context, reso return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -263,7 +260,7 @@ func (client *IncidentCommentsClient) getHandleResponse(resp *http.Response) (In // NewListPager - Gets all incident comments. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -328,7 +325,7 @@ func (client *IncidentCommentsClient) listCreateRequest(ctx context.Context, res if options != nil && options.Top != nil { reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) } - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client_example_test.go deleted file mode 100644 index 83bb0d1e1eaf..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client_example_test.go +++ /dev/null @@ -1,163 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/comments/GetAllIncidentComments.json -func ExampleIncidentCommentsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewIncidentCommentsClient().NewListPager("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.IncidentCommentsClientListOptions{Filter: nil, - Orderby: nil, - Top: nil, - SkipToken: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.IncidentCommentList = armsecurityinsights.IncidentCommentList{ - // Value: []*armsecurityinsights.IncidentComment{ - // { - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/comments"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5/comments/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.IncidentCommentProperties{ - // Author: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-03T11:10:30.000Z"); return t}()), - // Message: to.Ptr("Some message"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/comments/GetIncidentCommentById.json -func ExampleIncidentCommentsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentCommentsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.IncidentComment = armsecurityinsights.IncidentComment{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/comments"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5/comments/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.IncidentCommentProperties{ - // Author: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-03T11:10:30.000Z"); return t}()), - // Message: to.Ptr("Some message"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/comments/CreateIncidentComment.json -func ExampleIncidentCommentsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentCommentsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", armsecurityinsights.IncidentComment{ - Properties: &armsecurityinsights.IncidentCommentProperties{ - Message: to.Ptr("Some message"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.IncidentComment = armsecurityinsights.IncidentComment{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/comments"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5/comments/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.IncidentCommentProperties{ - // Author: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-03T11:10:30.000Z"); return t}()), - // Message: to.Ptr("Some message"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/comments/DeleteIncidentComment.json -func ExampleIncidentCommentsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewIncidentCommentsClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client.go index c2af227460e3..36d6a74b380c 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -29,7 +26,7 @@ type IncidentRelationsClient struct { } // NewIncidentRelationsClient creates a new instance of IncidentRelationsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewIncidentRelationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*IncidentRelationsClient, error) { @@ -47,7 +44,7 @@ func NewIncidentRelationsClient(subscriptionID string, credential azcore.TokenCr // CreateOrUpdate - Creates or updates the incident relation. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -78,7 +75,7 @@ func (client *IncidentRelationsClient) CreateOrUpdate(ctx context.Context, resou } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *IncidentRelationsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string, relation Relation, options *IncidentRelationsClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *IncidentRelationsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string, relation Relation, _ *IncidentRelationsClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -105,7 +102,7 @@ func (client *IncidentRelationsClient) createOrUpdateCreateRequest(ctx context.C return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, relation); err != nil { @@ -126,7 +123,7 @@ func (client *IncidentRelationsClient) createOrUpdateHandleResponse(resp *http.R // Delete - Delete the incident relation. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -155,7 +152,7 @@ func (client *IncidentRelationsClient) Delete(ctx context.Context, resourceGroup } // deleteCreateRequest creates the Delete request. -func (client *IncidentRelationsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string, options *IncidentRelationsClientDeleteOptions) (*policy.Request, error) { +func (client *IncidentRelationsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string, _ *IncidentRelationsClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -182,7 +179,7 @@ func (client *IncidentRelationsClient) deleteCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -191,7 +188,7 @@ func (client *IncidentRelationsClient) deleteCreateRequest(ctx context.Context, // Get - Gets an incident relation. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -220,7 +217,7 @@ func (client *IncidentRelationsClient) Get(ctx context.Context, resourceGroupNam } // getCreateRequest creates the Get request. -func (client *IncidentRelationsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string, options *IncidentRelationsClientGetOptions) (*policy.Request, error) { +func (client *IncidentRelationsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string, _ *IncidentRelationsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -247,7 +244,7 @@ func (client *IncidentRelationsClient) getCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -264,7 +261,7 @@ func (client *IncidentRelationsClient) getHandleResponse(resp *http.Response) (I // NewListPager - Gets all incident relations. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -329,7 +326,7 @@ func (client *IncidentRelationsClient) listCreateRequest(ctx context.Context, re if options != nil && options.Top != nil { reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) } - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client_example_test.go deleted file mode 100644 index b64d91f183de..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client_example_test.go +++ /dev/null @@ -1,157 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/relations/GetAllIncidentRelations.json -func ExampleIncidentRelationsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewIncidentRelationsClient().NewListPager("myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", &armsecurityinsights.IncidentRelationsClientListOptions{Filter: nil, - Orderby: nil, - Top: nil, - SkipToken: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.RelationList = armsecurityinsights.RelationList{ - // Value: []*armsecurityinsights.Relation{ - // { - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceName: to.Ptr("2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // }, - // }, - // { - // Name: to.Ptr("9673a17d-8bc7-4ca6-88ee-38a4f3efc032"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812/relations/9673a17d-8bc7-4ca6-88ee-38a4f3efc032"), - // Etag: to.Ptr("6f714025-dd7c-46aa-b5d0-b9857488d060"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/1dd267cd-8a1f-4f6f-b92c-da43ac8819af"), - // RelatedResourceKind: to.Ptr("SecurityAlert"), - // RelatedResourceName: to.Ptr("1dd267cd-8a1f-4f6f-b92c-da43ac8819af"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/entities"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/relations/GetIncidentRelationByName.json -func ExampleIncidentRelationsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentRelationsClient().Get(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Relation = armsecurityinsights.Relation{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceName: to.Ptr("2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/relations/CreateIncidentRelation.json -func ExampleIncidentRelationsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentRelationsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", armsecurityinsights.Relation{ - Properties: &armsecurityinsights.RelationProperties{ - RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Relation = armsecurityinsights.Relation{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceName: to.Ptr("2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/relations/DeleteIncidentRelation.json -func ExampleIncidentRelationsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewIncidentRelationsClient().Delete(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client.go index aaf0c006499c..dfbcce47166a 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -29,7 +26,7 @@ type IncidentsClient struct { } // NewIncidentsClient creates a new instance of IncidentsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewIncidentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*IncidentsClient, error) { @@ -47,7 +44,7 @@ func NewIncidentsClient(subscriptionID string, credential azcore.TokenCredential // CreateOrUpdate - Creates or updates the incident. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -77,7 +74,7 @@ func (client *IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroup } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *IncidentsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incident Incident, options *IncidentsClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *IncidentsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incident Incident, _ *IncidentsClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -100,7 +97,7 @@ func (client *IncidentsClient) createOrUpdateCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, incident); err != nil { @@ -118,83 +115,10 @@ func (client *IncidentsClient) createOrUpdateHandleResponse(resp *http.Response) return result, nil } -// CreateTeam - Creates a Microsoft team to investigate the incident by sharing information and insights between participants. -// If the operation fails it returns an *azcore.ResponseError type. -// -// Generated from API version 2022-09-01-preview -// - resourceGroupName - The name of the resource group. The name is case insensitive. -// - workspaceName - The name of the workspace. -// - incidentID - Incident ID -// - teamProperties - Team properties -// - options - IncidentsClientCreateTeamOptions contains the optional parameters for the IncidentsClient.CreateTeam method. -func (client *IncidentsClient) CreateTeam(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, teamProperties TeamProperties, options *IncidentsClientCreateTeamOptions) (IncidentsClientCreateTeamResponse, error) { - var err error - const operationName = "IncidentsClient.CreateTeam" - ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) - ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) - defer func() { endSpan(err) }() - req, err := client.createTeamCreateRequest(ctx, resourceGroupName, workspaceName, incidentID, teamProperties, options) - if err != nil { - return IncidentsClientCreateTeamResponse{}, err - } - httpResp, err := client.internal.Pipeline().Do(req) - if err != nil { - return IncidentsClientCreateTeamResponse{}, err - } - if !runtime.HasStatusCode(httpResp, http.StatusOK) { - err = runtime.NewResponseError(httpResp) - return IncidentsClientCreateTeamResponse{}, err - } - resp, err := client.createTeamHandleResponse(httpResp) - return resp, err -} - -// createTeamCreateRequest creates the CreateTeam request. -func (client *IncidentsClient) createTeamCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, teamProperties TeamProperties, options *IncidentsClientCreateTeamOptions) (*policy.Request, error) { - urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/createTeam" - if client.subscriptionID == "" { - return nil, errors.New("parameter client.subscriptionID cannot be empty") - } - urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) - if resourceGroupName == "" { - return nil, errors.New("parameter resourceGroupName cannot be empty") - } - urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) - if workspaceName == "" { - return nil, errors.New("parameter workspaceName cannot be empty") - } - urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) - if incidentID == "" { - return nil, errors.New("parameter incidentID cannot be empty") - } - urlPath = strings.ReplaceAll(urlPath, "{incidentId}", url.PathEscape(incidentID)) - req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) - if err != nil { - return nil, err - } - reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") - req.Raw().URL.RawQuery = reqQP.Encode() - req.Raw().Header["Accept"] = []string{"application/json"} - if err := runtime.MarshalAsJSON(req, teamProperties); err != nil { - return nil, err - } - return req, nil -} - -// createTeamHandleResponse handles the CreateTeam response. -func (client *IncidentsClient) createTeamHandleResponse(resp *http.Response) (IncidentsClientCreateTeamResponse, error) { - result := IncidentsClientCreateTeamResponse{} - if err := runtime.UnmarshalAsJSON(resp, &result.TeamInformation); err != nil { - return IncidentsClientCreateTeamResponse{}, err - } - return result, nil -} - // Delete - Delete the incident. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -221,7 +145,7 @@ func (client *IncidentsClient) Delete(ctx context.Context, resourceGroupName str } // deleteCreateRequest creates the Delete request. -func (client *IncidentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, options *IncidentsClientDeleteOptions) (*policy.Request, error) { +func (client *IncidentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, _ *IncidentsClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -244,7 +168,7 @@ func (client *IncidentsClient) deleteCreateRequest(ctx context.Context, resource return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -253,7 +177,7 @@ func (client *IncidentsClient) deleteCreateRequest(ctx context.Context, resource // Get - Gets an incident. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -281,7 +205,7 @@ func (client *IncidentsClient) Get(ctx context.Context, resourceGroupName string } // getCreateRequest creates the Get request. -func (client *IncidentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, options *IncidentsClientGetOptions) (*policy.Request, error) { +func (client *IncidentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, _ *IncidentsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -304,7 +228,7 @@ func (client *IncidentsClient) getCreateRequest(ctx context.Context, resourceGro return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -321,7 +245,7 @@ func (client *IncidentsClient) getHandleResponse(resp *http.Response) (Incidents // NewListPager - Gets all incidents. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - IncidentsClientListOptions contains the optional parameters for the IncidentsClient.NewListPager method. @@ -380,7 +304,7 @@ func (client *IncidentsClient) listCreateRequest(ctx context.Context, resourceGr if options != nil && options.Top != nil { reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) } - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -398,7 +322,7 @@ func (client *IncidentsClient) listHandleResponse(resp *http.Response) (Incident // ListAlerts - Gets all incident alerts. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -426,7 +350,7 @@ func (client *IncidentsClient) ListAlerts(ctx context.Context, resourceGroupName } // listAlertsCreateRequest creates the ListAlerts request. -func (client *IncidentsClient) listAlertsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, options *IncidentsClientListAlertsOptions) (*policy.Request, error) { +func (client *IncidentsClient) listAlertsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, _ *IncidentsClientListAlertsOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/alerts" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -449,7 +373,7 @@ func (client *IncidentsClient) listAlertsCreateRequest(ctx context.Context, reso return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -467,7 +391,7 @@ func (client *IncidentsClient) listAlertsHandleResponse(resp *http.Response) (In // ListBookmarks - Gets all incident bookmarks. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -495,7 +419,7 @@ func (client *IncidentsClient) ListBookmarks(ctx context.Context, resourceGroupN } // listBookmarksCreateRequest creates the ListBookmarks request. -func (client *IncidentsClient) listBookmarksCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, options *IncidentsClientListBookmarksOptions) (*policy.Request, error) { +func (client *IncidentsClient) listBookmarksCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, _ *IncidentsClientListBookmarksOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/bookmarks" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -518,7 +442,7 @@ func (client *IncidentsClient) listBookmarksCreateRequest(ctx context.Context, r return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -536,7 +460,7 @@ func (client *IncidentsClient) listBookmarksHandleResponse(resp *http.Response) // ListEntities - Gets all incident related entities. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -564,7 +488,7 @@ func (client *IncidentsClient) ListEntities(ctx context.Context, resourceGroupNa } // listEntitiesCreateRequest creates the ListEntities request. -func (client *IncidentsClient) listEntitiesCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, options *IncidentsClientListEntitiesOptions) (*policy.Request, error) { +func (client *IncidentsClient) listEntitiesCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, _ *IncidentsClientListEntitiesOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/entities" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -587,7 +511,7 @@ func (client *IncidentsClient) listEntitiesCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -605,7 +529,7 @@ func (client *IncidentsClient) listEntitiesHandleResponse(resp *http.Response) ( // RunPlaybook - Triggers playbook on a specific incident // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - IncidentsClientRunPlaybookOptions contains the optional parameters for the IncidentsClient.RunPlaybook method. @@ -655,7 +579,7 @@ func (client *IncidentsClient) runPlaybookCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if options != nil && options.RequestBody != nil { diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client_example_test.go deleted file mode 100644 index 67a3f4106603..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client_example_test.go +++ /dev/null @@ -1,495 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/manualTrigger/Incidents_RunPlaybook.json -func ExampleIncidentsClient_RunPlaybook() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewIncidentsClient().RunPlaybook(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ar4", &armsecurityinsights.IncidentsClientRunPlaybookOptions{RequestBody: nil}) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/GetIncidents.json -func ExampleIncidentsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewIncidentsClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.IncidentsClientListOptions{Filter: nil, - Orderby: to.Ptr("properties/createdTimeUtc desc"), - Top: to.Ptr[int32](1), - SkipToken: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.IncidentList = armsecurityinsights.IncidentList{ - // Value: []*armsecurityinsights.Incident{ - // { - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.IncidentProperties{ - // Description: to.Ptr("This is a demo incident"), - // AdditionalData: &armsecurityinsights.IncidentAdditionalData{ - // AlertProductNames: []*string{ - // }, - // AlertsCount: to.Ptr[int32](0), - // BookmarksCount: to.Ptr[int32](0), - // CommentsCount: to.Ptr[int32](3), - // ProviderIncidentURL: to.Ptr("https://security.microsoft.com/incidents/3177?tid=5b5a146c-eba8-46af-96f8-e31b50d15a3f"), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence)}, - // Techniques: []*string{ - // to.Ptr("T1053")}, - // }, - // Classification: to.Ptr(armsecurityinsights.IncidentClassificationFalsePositive), - // ClassificationComment: to.Ptr("Not a malicious activity"), - // ClassificationReason: to.Ptr(armsecurityinsights.IncidentClassificationReasonIncorrectAlertLogic), - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // FirstActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // IncidentNumber: to.Ptr[int32](3177), - // IncidentURL: to.Ptr("https://portal.azure.com/#asset/Microsoft_Azure_Security_Insights/Incident/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Labels: []*armsecurityinsights.IncidentLabel{ - // }, - // LastActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:05:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Owner: &armsecurityinsights.IncidentOwnerInfo{ - // AssignedTo: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // OwnerType: to.Ptr(armsecurityinsights.OwnerTypeUser), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // ProviderIncidentID: to.Ptr("3177"), - // ProviderName: to.Ptr("Azure Sentinel"), - // RelatedAnalyticRuleIDs: []*string{ - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/fab3d2d4-747f-46a7-8ef0-9c0be8112bf7"), - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/8deb8303-e94d-46ff-96e0-5fd94b33df1a")}, - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - // Status: to.Ptr(armsecurityinsights.IncidentStatusClosed), - // Title: to.Ptr("My incident"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/GetIncidentById.json -func ExampleIncidentsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Incident = armsecurityinsights.Incident{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.IncidentProperties{ - // Description: to.Ptr("This is a demo incident"), - // AdditionalData: &armsecurityinsights.IncidentAdditionalData{ - // AlertProductNames: []*string{ - // }, - // AlertsCount: to.Ptr[int32](0), - // BookmarksCount: to.Ptr[int32](0), - // CommentsCount: to.Ptr[int32](3), - // ProviderIncidentURL: to.Ptr("https://security.microsoft.com/incidents/3177?tid=5b5a146c-eba8-46af-96f8-e31b50d15a3f"), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticInitialAccess), - // to.Ptr(armsecurityinsights.AttackTacticPersistence)}, - // Techniques: []*string{ - // to.Ptr("T1091"), - // to.Ptr("T1133"), - // to.Ptr("T1053")}, - // }, - // Classification: to.Ptr(armsecurityinsights.IncidentClassificationFalsePositive), - // ClassificationComment: to.Ptr("Not a malicious activity"), - // ClassificationReason: to.Ptr(armsecurityinsights.IncidentClassificationReasonInaccurateData), - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // FirstActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // IncidentNumber: to.Ptr[int32](3177), - // IncidentURL: to.Ptr("https://portal.azure.com/#asset/Microsoft_Azure_Security_Insights/Incident/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Labels: []*armsecurityinsights.IncidentLabel{ - // }, - // LastActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:05:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Owner: &armsecurityinsights.IncidentOwnerInfo{ - // AssignedTo: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // OwnerType: to.Ptr(armsecurityinsights.OwnerTypeUser), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // ProviderIncidentID: to.Ptr("3177"), - // ProviderName: to.Ptr("Azure Sentinel"), - // RelatedAnalyticRuleIDs: []*string{ - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/fab3d2d4-747f-46a7-8ef0-9c0be8112bf7")}, - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - // Status: to.Ptr(armsecurityinsights.IncidentStatusClosed), - // Title: to.Ptr("My incident"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/CreateIncident.json -func ExampleIncidentsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", armsecurityinsights.Incident{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.IncidentProperties{ - Description: to.Ptr("This is a demo incident"), - Classification: to.Ptr(armsecurityinsights.IncidentClassificationFalsePositive), - ClassificationComment: to.Ptr("Not a malicious activity"), - ClassificationReason: to.Ptr(armsecurityinsights.IncidentClassificationReasonIncorrectAlertLogic), - FirstActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t }()), - LastActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:05:30.000Z"); return t }()), - Owner: &armsecurityinsights.IncidentOwnerInfo{ - ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - }, - Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - Status: to.Ptr(armsecurityinsights.IncidentStatusClosed), - Title: to.Ptr("My incident"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Incident = armsecurityinsights.Incident{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0001\""), - // Properties: &armsecurityinsights.IncidentProperties{ - // Description: to.Ptr("This is a demo incident"), - // AdditionalData: &armsecurityinsights.IncidentAdditionalData{ - // AlertProductNames: []*string{ - // }, - // AlertsCount: to.Ptr[int32](0), - // BookmarksCount: to.Ptr[int32](0), - // CommentsCount: to.Ptr[int32](3), - // ProviderIncidentURL: to.Ptr("https://security.microsoft.com/incidents/3177?tid=5b5a146c-eba8-46af-96f8-e31b50d15a3f"), - // Tactics: []*armsecurityinsights.AttackTactic{ - // }, - // Techniques: []*string{ - // }, - // }, - // Classification: to.Ptr(armsecurityinsights.IncidentClassificationFalsePositive), - // ClassificationComment: to.Ptr("Not a malicious activity"), - // ClassificationReason: to.Ptr(armsecurityinsights.IncidentClassificationReasonIncorrectAlertLogic), - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // FirstActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // IncidentNumber: to.Ptr[int32](3177), - // IncidentURL: to.Ptr("https://portal.azure.com/#asset/Microsoft_Azure_Security_Insights/Incident/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Labels: []*armsecurityinsights.IncidentLabel{ - // }, - // LastActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:05:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Owner: &armsecurityinsights.IncidentOwnerInfo{ - // AssignedTo: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // OwnerType: to.Ptr(armsecurityinsights.OwnerTypeUser), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // ProviderIncidentID: to.Ptr("3177"), - // ProviderName: to.Ptr("Azure Sentinel"), - // RelatedAnalyticRuleIDs: []*string{ - // }, - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - // Status: to.Ptr(armsecurityinsights.IncidentStatusClosed), - // Title: to.Ptr("My incident"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/DeleteIncident.json -func ExampleIncidentsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewIncidentsClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/CreateTeam.json -func ExampleIncidentsClient_CreateTeam() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().CreateTeam(ctx, "ambawolvese5resourcegroup", "AmbaE5WestCentralUS", "69a30280-6a4c-4aa7-9af0-5d63f335d600", armsecurityinsights.TeamProperties{ - TeamDescription: to.Ptr("Team description"), - TeamName: to.Ptr("Team name"), - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.TeamInformation = armsecurityinsights.TeamInformation{ - // Name: to.Ptr("Team name"), - // Description: to.Ptr("Team description"), - // PrimaryChannelURL: to.Ptr("https://teams.microsoft.com/l/team/19:80bf3b25485b4067b7d2dc4eec9e1578%40thread.tacv2/conversations?groupId=99978838-9bda-4ad4-8f93-4cf7ebc50ca5&tenantId=5b5a146c-eba8-46af-96f8-e31b50d15a3f"), - // TeamCreationTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-15T15:08:21.995Z"); return t}()), - // TeamID: to.Ptr("99978838-9bda-4ad4-8f93-4cf7ebc50ca5"), - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/GetAllIncidentAlerts.json -func ExampleIncidentsClient_ListAlerts() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().ListAlerts(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.IncidentAlertList = armsecurityinsights.IncidentAlertList{ - // Value: []*armsecurityinsights.SecurityAlert{ - // { - // Name: to.Ptr("baa8a239-6fde-4ab7-a093-d09f7b75c58c"), - // Type: to.Ptr("Microsoft.SecurityInsights/Entities"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRG/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/Entities/baa8a239-6fde-4ab7-a093-d09f7b75c58c"), - // Kind: to.Ptr(armsecurityinsights.EntityKindSecurityAlert), - // Properties: &armsecurityinsights.SecurityAlertProperties{ - // AdditionalData: map[string]any{ - // "AlertMessageEnqueueTime": "2020-07-20T18:21:57.304Z", - // }, - // FriendlyName: to.Ptr("myAlert"), - // AlertDisplayName: to.Ptr("myAlert"), - // AlertType: to.Ptr("myAlert"), - // ConfidenceLevel: to.Ptr(armsecurityinsights.ConfidenceLevelUnknown), - // EndTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-07-20T18:21:53.615Z"); return t}()), - // ProcessingEndTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-07-20T18:21:53.615Z"); return t}()), - // ProductName: to.Ptr("Azure Security Center"), - // ResourceIdentifiers: []any{ - // map[string]any{ - // "type": "LogAnalytics", - // "resourceGroup": "myRG", - // "subscriptionId": "bd794837-4d29-4647-9105-6339bfdb4e6a", - // "workspaceId": "c8c99641-985d-4e4e-8e91-fb3466cd0e5b", - // }}, - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // StartTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-07-20T18:21:53.615Z"); return t}()), - // Status: to.Ptr(armsecurityinsights.AlertStatusNew), - // SystemAlertID: to.Ptr("baa8a239-6fde-4ab7-a093-d09f7b75c58c"), - // Tactics: []*armsecurityinsights.AttackTactic{ - // }, - // TimeGenerated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-07-20T18:21:53.615Z"); return t}()), - // VendorName: to.Ptr("Microsoft"), - // }, - // }}, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/GetAllIncidentBookmarks.json -func ExampleIncidentsClient_ListBookmarks() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().ListBookmarks(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.IncidentBookmarkList = armsecurityinsights.IncidentBookmarkList{ - // Value: []*armsecurityinsights.HuntingBookmark{ - // { - // Name: to.Ptr("afbd324f-6c48-459c-8710-8d1e1cd03812"), - // Type: to.Ptr("Microsoft.SecurityInsights/Entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/afbd324f-6c48-459c-8710-8d1e1cd03812"), - // Kind: to.Ptr(armsecurityinsights.EntityKindBookmark), - // Properties: &armsecurityinsights.HuntingBookmarkProperties{ - // AdditionalData: map[string]any{ - // "ETag": "\"3b00acab-0000-0d00-0000-5f15e4ed0000\"", - // "EntityId": "afbd324f-6c48-459c-8710-8d1e1cd03812", - // }, - // FriendlyName: to.Ptr("SecurityEvent - 868f40f4698d"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("user"), - // Email: to.Ptr("user@microsoft.com"), - // ObjectID: to.Ptr("b03ca914-5eb6-45e5-9417-fe0797c372fd"), - // }, - // DisplayName: to.Ptr("SecurityEvent - 868f40f4698d"), - // EventTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // Labels: []*string{ - // }, - // Query: to.Ptr("SecurityEvent\r\n| take 1\n"), - // QueryResult: to.Ptr("{\"TimeGenerated\":\"2020-05-24T01:24:25.67Z\",\"Account\":\"\\\\ADMINISTRATOR\",\"AccountType\":\"User\",\"Computer\":\"SecurityEvents\",\"EventSourceName\":\"Microsoft-Windows-Security-Auditing\",\"Channel\":\"Security\",\"Task\":12544,\"Level\":\"16\",\"EventID\":4625,\"Activity\":\"4625 - An account failed to log on.\",\"AuthenticationPackageName\":\"NTLM\",\"FailureReason\":\"%%2313\",\"IpAddress\":\"176.113.115.73\",\"IpPort\":\"0\",\"LmPackageName\":\"-\",\"LogonProcessName\":\"NtLmSsp \",\"LogonType\":3,\"LogonTypeName\":\"3 - Network\",\"Process\":\"-\",\"ProcessId\":\"0x0\",\"__entityMapping\":{\"\\\\ADMINISTRATOR\":\"Account\",\"SecurityEvents\":\"Host\"}}"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("user"), - // Email: to.Ptr("user@microsoft.com"), - // ObjectID: to.Ptr("b03ca914-5eb6-45e5-9417-fe0797c372fd"), - // }, - // }, - // }, - // { - // Name: to.Ptr("bbbd324f-6c48-459c-8710-8d1e1cd03812"), - // Type: to.Ptr("Microsoft.SecurityInsights/Entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/bbbd324f-6c48-459c-8710-8d1e1cd03812"), - // Kind: to.Ptr(armsecurityinsights.EntityKindBookmark), - // Properties: &armsecurityinsights.HuntingBookmarkProperties{ - // AdditionalData: map[string]any{ - // "ETag": "\"3b00acab-0000-0d00-0000-5f15e4ed0000\"", - // "EntityId": "afbd324f-6c48-459c-8710-8d1e1cd03812", - // }, - // FriendlyName: to.Ptr("SecurityEvent - 868f40f4698d"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("user"), - // Email: to.Ptr("user@microsoft.com"), - // ObjectID: to.Ptr("303ca914-5eb6-45e5-9417-fe0797c372fd"), - // }, - // DisplayName: to.Ptr("SecurityEvent - 868f40f4698d"), - // EventTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // Labels: []*string{ - // }, - // Query: to.Ptr("SecurityEvent\r\n| take 1\n"), - // QueryResult: to.Ptr("{\"TimeGenerated\":\"2020-05-24T01:24:25.67Z\",\"Account\":\"\\\\ADMINISTRATOR\",\"AccountType\":\"User\",\"Computer\":\"SecurityEvents\",\"EventSourceName\":\"Microsoft-Windows-Security-Auditing\",\"Channel\":\"Security\",\"Task\":12544,\"Level\":\"16\",\"EventID\":4625,\"Activity\":\"4625 - An account failed to log on.\",\"AuthenticationPackageName\":\"NTLM\",\"FailureReason\":\"%%2313\",\"IpAddress\":\"176.113.115.73\",\"IpPort\":\"0\",\"LmPackageName\":\"-\",\"LogonProcessName\":\"NtLmSsp \",\"LogonType\":3,\"LogonTypeName\":\"3 - Network\",\"Process\":\"-\",\"ProcessId\":\"0x0\",\"__entityMapping\":{\"\\\\ADMINISTRATOR\":\"Account\",\"SecurityEvents\":\"Host\"}}"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("user"), - // Email: to.Ptr("user@microsoft.com"), - // ObjectID: to.Ptr("b03ca914-5eb6-45e5-9417-fe0797c372fd"), - // }, - // }, - // }}, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/entities/GetAllIncidentEntities.json -func ExampleIncidentsClient_ListEntities() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().ListEntities(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.IncidentEntitiesResponse = armsecurityinsights.IncidentEntitiesResponse{ - // Entities: []armsecurityinsights.EntityClassification{ - // &armsecurityinsights.AccountEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/Entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/Entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindAccount), - // Properties: &armsecurityinsights.AccountEntityProperties{ - // FriendlyName: to.Ptr("administrator"), - // AccountName: to.Ptr("administrator"), - // NtDomain: to.Ptr("domain"), - // }, - // }}, - // MetaData: []*armsecurityinsights.IncidentEntitiesResultsMetadata{ - // { - // Count: to.Ptr[int32](1), - // EntityKind: to.Ptr(armsecurityinsights.EntityKindAccount), - // }}, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidenttasks_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidenttasks_client.go new file mode 100644 index 000000000000..cfde9244cd8c --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidenttasks_client.go @@ -0,0 +1,327 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// IncidentTasksClient contains the methods for the IncidentTasks group. +// Don't use this type directly, use NewIncidentTasksClient() instead. +type IncidentTasksClient struct { + internal *arm.Client + subscriptionID string +} + +// NewIncidentTasksClient creates a new instance of IncidentTasksClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewIncidentTasksClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*IncidentTasksClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &IncidentTasksClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates the incident task. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - incidentID - Incident ID +// - incidentTaskID - Incident task ID +// - incidentTask - The incident task +// - options - IncidentTasksClientCreateOrUpdateOptions contains the optional parameters for the IncidentTasksClient.CreateOrUpdate +// method. +func (client *IncidentTasksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, incidentTask IncidentTask, options *IncidentTasksClientCreateOrUpdateOptions) (IncidentTasksClientCreateOrUpdateResponse, error) { + var err error + const operationName = "IncidentTasksClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, incidentID, incidentTaskID, incidentTask, options) + if err != nil { + return IncidentTasksClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return IncidentTasksClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return IncidentTasksClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *IncidentTasksClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, incidentTask IncidentTask, _ *IncidentTasksClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if incidentID == "" { + return nil, errors.New("parameter incidentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentId}", url.PathEscape(incidentID)) + if incidentTaskID == "" { + return nil, errors.New("parameter incidentTaskID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentTaskId}", url.PathEscape(incidentTaskID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, incidentTask); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *IncidentTasksClient) createOrUpdateHandleResponse(resp *http.Response) (IncidentTasksClientCreateOrUpdateResponse, error) { + result := IncidentTasksClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.IncidentTask); err != nil { + return IncidentTasksClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete the incident task. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - incidentID - Incident ID +// - incidentTaskID - Incident task ID +// - options - IncidentTasksClientDeleteOptions contains the optional parameters for the IncidentTasksClient.Delete method. +func (client *IncidentTasksClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, options *IncidentTasksClientDeleteOptions) (IncidentTasksClientDeleteResponse, error) { + var err error + const operationName = "IncidentTasksClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, incidentID, incidentTaskID, options) + if err != nil { + return IncidentTasksClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return IncidentTasksClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return IncidentTasksClientDeleteResponse{}, err + } + return IncidentTasksClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *IncidentTasksClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, _ *IncidentTasksClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if incidentID == "" { + return nil, errors.New("parameter incidentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentId}", url.PathEscape(incidentID)) + if incidentTaskID == "" { + return nil, errors.New("parameter incidentTaskID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentTaskId}", url.PathEscape(incidentTaskID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets an incident task. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - incidentID - Incident ID +// - incidentTaskID - Incident task ID +// - options - IncidentTasksClientGetOptions contains the optional parameters for the IncidentTasksClient.Get method. +func (client *IncidentTasksClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, options *IncidentTasksClientGetOptions) (IncidentTasksClientGetResponse, error) { + var err error + const operationName = "IncidentTasksClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, incidentID, incidentTaskID, options) + if err != nil { + return IncidentTasksClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return IncidentTasksClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return IncidentTasksClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *IncidentTasksClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, _ *IncidentTasksClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if incidentID == "" { + return nil, errors.New("parameter incidentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentId}", url.PathEscape(incidentID)) + if incidentTaskID == "" { + return nil, errors.New("parameter incidentTaskID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentTaskId}", url.PathEscape(incidentTaskID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *IncidentTasksClient) getHandleResponse(resp *http.Response) (IncidentTasksClientGetResponse, error) { + result := IncidentTasksClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.IncidentTask); err != nil { + return IncidentTasksClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all incident tasks. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - incidentID - Incident ID +// - options - IncidentTasksClientListOptions contains the optional parameters for the IncidentTasksClient.NewListPager method. +func (client *IncidentTasksClient) NewListPager(resourceGroupName string, workspaceName string, incidentID string, options *IncidentTasksClientListOptions) *runtime.Pager[IncidentTasksClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[IncidentTasksClientListResponse]{ + More: func(page IncidentTasksClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *IncidentTasksClientListResponse) (IncidentTasksClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "IncidentTasksClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, incidentID, options) + }, nil) + if err != nil { + return IncidentTasksClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *IncidentTasksClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, _ *IncidentTasksClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if incidentID == "" { + return nil, errors.New("parameter incidentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentId}", url.PathEscape(incidentID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *IncidentTasksClient) listHandleResponse(resp *http.Response) (IncidentTasksClientListResponse, error) { + result := IncidentTasksClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.IncidentTaskList); err != nil { + return IncidentTasksClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/interfaces.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/interfaces.go index 34b3a60002c9..f3e2292c324b 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/interfaces.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/interfaces.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -8,6 +5,24 @@ package armsecurityinsights +// ActionClassification provides polymorphic access to related types. +// Call the interface's GetAction() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *Action, *LockUserAction, *UnlockUserAction +type ActionClassification interface { + // GetAction returns the Action content of the underlying type. + GetAction() *Action +} + +// AgentConfigurationClassification provides polymorphic access to related types. +// Call the interface's GetAgentConfiguration() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *AgentConfiguration, *SapAgentConfiguration +type AgentConfigurationClassification interface { + // GetAgentConfiguration returns the AgentConfiguration content of the underlying type. + GetAgentConfiguration() *AgentConfiguration +} + // AlertRuleClassification provides polymorphic access to related types. // Call the interface's GetAlertRule() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: @@ -31,7 +46,7 @@ type AlertRuleTemplateClassification interface { // AutomationRuleActionClassification provides polymorphic access to related types. // Call the interface's GetAutomationRuleAction() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: -// - *AutomationRuleAction, *AutomationRuleModifyPropertiesAction, *AutomationRuleRunPlaybookAction +// - *AutomationRuleAction, *AutomationRuleAddIncidentTaskAction, *AutomationRuleModifyPropertiesAction, *AutomationRuleRunPlaybookAction type AutomationRuleActionClassification interface { // GetAutomationRuleAction returns the AutomationRuleAction content of the underlying type. GetAutomationRuleAction() *AutomationRuleAction @@ -47,6 +62,25 @@ type AutomationRuleConditionClassification interface { GetAutomationRuleCondition() *AutomationRuleCondition } +// BillingStatisticClassification provides polymorphic access to related types. +// Call the interface's GetBillingStatistic() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *BillingStatistic, *SapSolutionUsageStatistic +type BillingStatisticClassification interface { + // GetBillingStatistic returns the BillingStatistic content of the underlying type. + GetBillingStatistic() *BillingStatistic +} + +// CcpAuthConfigClassification provides polymorphic access to related types. +// Call the interface's GetCcpAuthConfig() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *APIKeyAuthModel, *AWSAuthModel, *BasicAuthModel, *CcpAuthConfig, *GCPAuthModel, *GenericBlobSbsAuthModel, *GitHubAuthModel, +// - *JwtAuthModel, *NoneAuthModel, *OAuthModel, *OracleAuthModel, *SessionAuthModel +type CcpAuthConfigClassification interface { + // GetCcpAuthConfig returns the CcpAuthConfig content of the underlying type. + GetCcpAuthConfig() *CcpAuthConfig +} + // CustomEntityQueryClassification provides polymorphic access to related types. // Call the interface's GetCustomEntityQuery() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: @@ -60,21 +94,32 @@ type CustomEntityQueryClassification interface { // Call the interface's GetDataConnector() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: // - *AADDataConnector, *AATPDataConnector, *ASCDataConnector, *AwsCloudTrailDataConnector, *AwsS3DataConnector, *CodelessAPIPollingDataConnector, -// - *CodelessUIDataConnector, *DataConnector, *Dynamics365DataConnector, *IoTDataConnector, *MCASDataConnector, *MDATPDataConnector, -// - *MSTIDataConnector, *MTPDataConnector, *Office365ProjectDataConnector, *OfficeATPDataConnector, *OfficeDataConnector, -// - *OfficeIRMDataConnector, *OfficePowerBIDataConnector, *TIDataConnector, *TiTaxiiDataConnector +// - *CodelessUIDataConnector, *DataConnector, *Dynamics365DataConnector, *GCPDataConnector, *IoTDataConnector, *MCASDataConnector, +// - *MDATPDataConnector, *MSTIDataConnector, *MTPDataConnector, *MicrosoftPurviewInformationProtectionDataConnector, *Office365ProjectDataConnector, +// - *OfficeATPDataConnector, *OfficeDataConnector, *OfficeIRMDataConnector, *OfficePowerBIDataConnector, *PurviewAuditDataConnector, +// - *RestAPIPollerDataConnector, *TIDataConnector, *TiTaxiiDataConnector type DataConnectorClassification interface { // GetDataConnector returns the DataConnector content of the underlying type. GetDataConnector() *DataConnector } +// DataConnectorDefinitionClassification provides polymorphic access to related types. +// Call the interface's GetDataConnectorDefinition() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *CustomizableConnectorDefinition, *DataConnectorDefinition +type DataConnectorDefinitionClassification interface { + // GetDataConnectorDefinition returns the DataConnectorDefinition content of the underlying type. + GetDataConnectorDefinition() *DataConnectorDefinition +} + // DataConnectorsCheckRequirementsClassification provides polymorphic access to related types. // Call the interface's GetDataConnectorsCheckRequirements() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: // - *AADCheckRequirements, *AATPCheckRequirements, *ASCCheckRequirements, *AwsCloudTrailCheckRequirements, *AwsS3CheckRequirements, // - *DataConnectorsCheckRequirements, *Dynamics365CheckRequirements, *IoTCheckRequirements, *MCASCheckRequirements, *MDATPCheckRequirements, -// - *MSTICheckRequirements, *MtpCheckRequirements, *Office365ProjectCheckRequirements, *OfficeATPCheckRequirements, *OfficeIRMCheckRequirements, -// - *OfficePowerBICheckRequirements, *TICheckRequirements, *TiTaxiiCheckRequirements +// - *MSTICheckRequirements, *MicrosoftPurviewInformationProtectionCheckRequirements, *MtpCheckRequirements, *Office365ProjectCheckRequirements, +// - *OfficeATPCheckRequirements, *OfficeIRMCheckRequirements, *OfficePowerBICheckRequirements, *PurviewAuditCheckRequirements, +// - *TICheckRequirements, *TiTaxiiCheckRequirements type DataConnectorsCheckRequirementsClassification interface { // GetDataConnectorsCheckRequirements returns the DataConnectorsCheckRequirements content of the underlying type. GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements @@ -146,6 +191,33 @@ type SettingsClassification interface { GetSettings() *Settings } +// SystemsConfigurationClassification provides polymorphic access to related types. +// Call the interface's GetSystemsConfiguration() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *SapSystemsConfiguration, *SystemsConfiguration +type SystemsConfigurationClassification interface { + // GetSystemsConfiguration returns the SystemsConfiguration content of the underlying type. + GetSystemsConfiguration() *SystemsConfiguration +} + +// SystemsConfigurationConnectorClassification provides polymorphic access to related types. +// Call the interface's GetSystemsConfigurationConnector() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *RFCConnector, *SapControlConnector, *SystemsConfigurationConnector +type SystemsConfigurationConnectorClassification interface { + // GetSystemsConfigurationConnector returns the SystemsConfigurationConnector content of the underlying type. + GetSystemsConfigurationConnector() *SystemsConfigurationConnector +} + +// TIObjectClassification provides polymorphic access to related types. +// Call the interface's GetTIObject() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *AttackPattern, *Identity, *Indicator, *Relationship, *TIObject, *ThreatActor +type TIObjectClassification interface { + // GetTIObject returns the TIObject content of the underlying type. + GetTIObject() *TIObject +} + // ThreatIntelligenceInformationClassification provides polymorphic access to related types. // Call the interface's GetThreatIntelligenceInformation() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/ipgeodata_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/ipgeodata_client_example_test.go deleted file mode 100644 index 0a0dbcc5ad45..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/ipgeodata_client_example_test.go +++ /dev/null @@ -1,56 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/enrichment/GetGeodataByIp.json -func ExampleIPGeodataClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIPGeodataClient().Get(ctx, "myRg", "1.2.3.4", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.EnrichmentIPGeodata = armsecurityinsights.EnrichmentIPGeodata{ - // Asn: to.Ptr("12345"), - // Carrier: to.Ptr("Microsoft"), - // City: to.Ptr("Redmond"), - // CityCf: to.Ptr[int32](90), - // Continent: to.Ptr("north america"), - // Country: to.Ptr("united states"), - // CountryCf: to.Ptr[int32](99), - // IPAddr: to.Ptr("1.2.3.4"), - // IPRoutingType: to.Ptr("fixed"), - // Latitude: to.Ptr("40.2436"), - // Longitude: to.Ptr("-100.8891"), - // Organization: to.Ptr("Microsoft"), - // OrganizationType: to.Ptr("tech"), - // Region: to.Ptr("western usa"), - // State: to.Ptr("washington"), - // StateCode: to.Ptr("wa"), - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client.go index 5ea8e0c8c51c..85697df6d9d0 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -29,7 +26,7 @@ type MetadataClient struct { } // NewMetadataClient creates a new instance of MetadataClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewMetadataClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*MetadataClient, error) { @@ -47,7 +44,7 @@ func NewMetadataClient(subscriptionID string, credential azcore.TokenCredential, // Create - Create a Metadata. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - metadataName - The Metadata name. @@ -76,7 +73,7 @@ func (client *MetadataClient) Create(ctx context.Context, resourceGroupName stri } // createCreateRequest creates the Create request. -func (client *MetadataClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadata MetadataModel, options *MetadataClientCreateOptions) (*policy.Request, error) { +func (client *MetadataClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadata MetadataModel, _ *MetadataClientCreateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -99,7 +96,7 @@ func (client *MetadataClient) createCreateRequest(ctx context.Context, resourceG return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, metadata); err != nil { @@ -120,7 +117,7 @@ func (client *MetadataClient) createHandleResponse(resp *http.Response) (Metadat // Delete - Delete a Metadata. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - metadataName - The Metadata name. @@ -147,7 +144,7 @@ func (client *MetadataClient) Delete(ctx context.Context, resourceGroupName stri } // deleteCreateRequest creates the Delete request. -func (client *MetadataClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, options *MetadataClientDeleteOptions) (*policy.Request, error) { +func (client *MetadataClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, _ *MetadataClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -170,7 +167,7 @@ func (client *MetadataClient) deleteCreateRequest(ctx context.Context, resourceG return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -179,7 +176,7 @@ func (client *MetadataClient) deleteCreateRequest(ctx context.Context, resourceG // Get - Get a Metadata. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - metadataName - The Metadata name. @@ -207,7 +204,7 @@ func (client *MetadataClient) Get(ctx context.Context, resourceGroupName string, } // getCreateRequest creates the Get request. -func (client *MetadataClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, options *MetadataClientGetOptions) (*policy.Request, error) { +func (client *MetadataClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, _ *MetadataClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -230,7 +227,7 @@ func (client *MetadataClient) getCreateRequest(ctx context.Context, resourceGrou return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -247,7 +244,7 @@ func (client *MetadataClient) getHandleResponse(resp *http.Response) (MetadataCl // NewListPager - List of all metadata // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - MetadataClientListOptions contains the optional parameters for the MetadataClient.NewListPager method. @@ -306,7 +303,7 @@ func (client *MetadataClient) listCreateRequest(ctx context.Context, resourceGro if options != nil && options.Top != nil { reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) } - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -324,7 +321,7 @@ func (client *MetadataClient) listHandleResponse(resp *http.Response) (MetadataC // Update - Update an existing Metadata. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - metadataName - The Metadata name. @@ -353,7 +350,7 @@ func (client *MetadataClient) Update(ctx context.Context, resourceGroupName stri } // updateCreateRequest creates the Update request. -func (client *MetadataClient) updateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadataPatch MetadataPatch, options *MetadataClientUpdateOptions) (*policy.Request, error) { +func (client *MetadataClient) updateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadataPatch MetadataPatch, _ *MetadataClientUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -376,7 +373,7 @@ func (client *MetadataClient) updateCreateRequest(ctx context.Context, resourceG return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, metadataPatch); err != nil { diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client_example_test.go deleted file mode 100644 index c414d062409d..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client_example_test.go +++ /dev/null @@ -1,541 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/GetAllMetadataOData.json -func ExampleMetadataClient_NewListPager_getAllMetadataWithODataFilterOrderbySkipTop() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewMetadataClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.MetadataClientListOptions{Filter: nil, - Orderby: nil, - Top: nil, - Skip: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.MetadataList = armsecurityinsights.MetadataList{ - // Value: []*armsecurityinsights.MetadataModel{ - // { - // Name: to.Ptr("metadataName1"), - // Type: to.Ptr("Microsoft.SecurityInsights/metadata"), - // ID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName1"), - // Properties: &armsecurityinsights.MetadataProperties{ - // ContentID: to.Ptr("c00ee137-7475-47c8-9cce-ec6f0f1bedd0"), - // Kind: to.Ptr(armsecurityinsights.KindAnalyticsRule), - // ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName1"), - // Source: &armsecurityinsights.MetadataSource{ - // Name: to.Ptr("Contoso Solution 1.0"), - // Kind: to.Ptr(armsecurityinsights.SourceKindSolution), - // SourceID: to.Ptr("b688a130-76f4-4a07-bf57-762222a3cadf"), - // }, - // Version: to.Ptr("1.0.0.0"), - // }, - // }, - // { - // Name: to.Ptr("metadataName2"), - // Type: to.Ptr("Microsoft.SecurityInsights/metadata"), - // ID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName2"), - // Properties: &armsecurityinsights.MetadataProperties{ - // ContentID: to.Ptr("f5160682-0e10-4e23-8fcf-df3df49c5522"), - // Kind: to.Ptr(armsecurityinsights.KindAnalyticsRule), - // ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName2"), - // Source: &armsecurityinsights.MetadataSource{ - // Name: to.Ptr("Contoso Solution 1.0"), - // Kind: to.Ptr(armsecurityinsights.SourceKindSolution), - // SourceID: to.Ptr("b688a130-76f4-4a07-bf57-762222a3cadf"), - // }, - // Version: to.Ptr("1.0.0.0"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/GetAllMetadata.json -func ExampleMetadataClient_NewListPager_getAllMetadata() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewMetadataClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.MetadataClientListOptions{Filter: nil, - Orderby: nil, - Top: nil, - Skip: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.MetadataList = armsecurityinsights.MetadataList{ - // Value: []*armsecurityinsights.MetadataModel{ - // { - // Name: to.Ptr("metadataName1"), - // Type: to.Ptr("Microsoft.SecurityInsights/metadata"), - // ID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName1"), - // Properties: &armsecurityinsights.MetadataProperties{ - // ContentID: to.Ptr("c00ee137-7475-47c8-9cce-ec6f0f1bedd0"), - // Kind: to.Ptr(armsecurityinsights.KindAnalyticsRule), - // ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName"), - // Source: &armsecurityinsights.MetadataSource{ - // Name: to.Ptr("Contoso Solution 1.0"), - // Kind: to.Ptr(armsecurityinsights.SourceKindSolution), - // SourceID: to.Ptr("b688a130-76f4-4a07-bf57-762222a3cadf"), - // }, - // Version: to.Ptr("1.0.0.0"), - // }, - // }, - // { - // Name: to.Ptr("metadataName2"), - // Type: to.Ptr("Microsoft.SecurityInsights/metadata"), - // ID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName2"), - // Properties: &armsecurityinsights.MetadataProperties{ - // ContentID: to.Ptr("f5160682-0e10-4e23-8fcf-df3df49c5522"), - // Kind: to.Ptr(armsecurityinsights.KindAnalyticsRule), - // ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName2"), - // Source: &armsecurityinsights.MetadataSource{ - // Name: to.Ptr("Contoso Solution 1.0"), - // Kind: to.Ptr(armsecurityinsights.SourceKindSolution), - // SourceID: to.Ptr("b688a130-76f4-4a07-bf57-762222a3cadf"), - // }, - // Version: to.Ptr("1.0.0.0"), - // }, - // }, - // { - // Name: to.Ptr("metadataName3"), - // Type: to.Ptr("Microsoft.SecurityInsights/metadata"), - // ID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.Insights/workbooks/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName3"), - // Properties: &armsecurityinsights.MetadataProperties{ - // ContentID: to.Ptr("f593501d-ec01-4057-8146-a1de35c461ef"), - // Kind: to.Ptr(armsecurityinsights.KindWorkbook), - // ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.Insights/workbooks/workbookName"), - // Source: &armsecurityinsights.MetadataSource{ - // Name: to.Ptr("Contoso Solution 1.0"), - // Kind: to.Ptr(armsecurityinsights.SourceKindSolution), - // SourceID: to.Ptr("b688a130-76f4-4a07-bf57-762222a3cadf"), - // }, - // Version: to.Ptr("1.0.0.0"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/GetMetadata.json -func ExampleMetadataClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewMetadataClient().Get(ctx, "myRg", "myWorkspace", "metadataName", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.MetadataModel = armsecurityinsights.MetadataModel{ - // Name: to.Ptr("metadataName"), - // Type: to.Ptr("Microsoft.SecurityInsights/metadata"), - // ID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName"), - // Properties: &armsecurityinsights.MetadataProperties{ - // Author: &armsecurityinsights.MetadataAuthor{ - // Name: to.Ptr("User Name"), - // Email: to.Ptr("email@microsoft.com"), - // }, - // Categories: &armsecurityinsights.MetadataCategories{ - // Domains: []*string{ - // to.Ptr("Application"), - // to.Ptr("Security – Insider Threat")}, - // Verticals: []*string{ - // to.Ptr("Healthcare")}, - // }, - // ContentID: to.Ptr("c00ee137-7475-47c8-9cce-ec6f0f1bedd0"), - // ContentSchemaVersion: to.Ptr("2.0"), - // CustomVersion: to.Ptr("1.0"), - // Dependencies: &armsecurityinsights.MetadataDependencies{ - // Criteria: []*armsecurityinsights.MetadataDependencies{ - // { - // Criteria: []*armsecurityinsights.MetadataDependencies{ - // { - // ContentID: to.Ptr("045d06d0-ee72-4794-aba4-cf5646e4c756"), - // Kind: to.Ptr(armsecurityinsights.KindDataConnector), - // }, - // { - // ContentID: to.Ptr("dbfcb2cc-d782-40ef-8d94-fe7af58a6f2d"), - // Kind: to.Ptr(armsecurityinsights.KindDataConnector), - // }, - // { - // ContentID: to.Ptr("de4dca9b-eb37-47d6-a56f-b8b06b261593"), - // Kind: to.Ptr(armsecurityinsights.KindDataConnector), - // Version: to.Ptr("2.0"), - // }}, - // Operator: to.Ptr(armsecurityinsights.OperatorOR), - // }, - // { - // ContentID: to.Ptr("31ee11cc-9989-4de8-b176-5e0ef5c4dbab"), - // Kind: to.Ptr(armsecurityinsights.KindPlaybook), - // Version: to.Ptr("1.0"), - // }, - // { - // ContentID: to.Ptr("21ba424a-9438-4444-953a-7059539a7a1b"), - // Kind: to.Ptr(armsecurityinsights.KindParser), - // }}, - // Operator: to.Ptr(armsecurityinsights.OperatorAND), - // }, - // FirstPublishDate: to.Ptr(func() time.Time { t, _ := time.Parse("2006-01-02", "2021-05-18"); return t}()), - // Kind: to.Ptr(armsecurityinsights.KindAnalyticsRule), - // LastPublishDate: to.Ptr(func() time.Time { t, _ := time.Parse("2006-01-02", "2021-05-18"); return t}()), - // ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName"), - // PreviewImages: []*string{ - // to.Ptr("firstImage.png"), - // to.Ptr("secondImage.jpeg")}, - // PreviewImagesDark: []*string{ - // to.Ptr("firstImageDark.png"), - // to.Ptr("secondImageDark.jpeg")}, - // Providers: []*string{ - // to.Ptr("Amazon"), - // to.Ptr("Microsoft")}, - // Source: &armsecurityinsights.MetadataSource{ - // Name: to.Ptr("Contoso Solution 1.0"), - // Kind: to.Ptr(armsecurityinsights.SourceKindSolution), - // SourceID: to.Ptr("b688a130-76f4-4a07-bf57-762222a3cadf"), - // }, - // Support: &armsecurityinsights.MetadataSupport{ - // Name: to.Ptr("Microsoft"), - // Email: to.Ptr("support@microsoft.com"), - // Link: to.Ptr("https://support.microsoft.com/"), - // Tier: to.Ptr(armsecurityinsights.SupportTierPartner), - // }, - // ThreatAnalysisTactics: []*string{ - // to.Ptr("reconnaissance"), - // to.Ptr("commandandcontrol")}, - // ThreatAnalysisTechniques: []*string{ - // to.Ptr("T1548"), - // to.Ptr("T1548.001")}, - // Version: to.Ptr("1.0.0.0"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/DeleteMetadata.json -func ExampleMetadataClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewMetadataClient().Delete(ctx, "myRg", "myWorkspace", "metadataName", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/PutMetadata.json -func ExampleMetadataClient_Create_createUpdateFullMetadata() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewMetadataClient().Create(ctx, "myRg", "myWorkspace", "metadataName", armsecurityinsights.MetadataModel{ - Properties: &armsecurityinsights.MetadataProperties{ - Author: &armsecurityinsights.MetadataAuthor{ - Name: to.Ptr("User Name"), - Email: to.Ptr("email@microsoft.com"), - }, - Categories: &armsecurityinsights.MetadataCategories{ - Domains: []*string{ - to.Ptr("Application"), - to.Ptr("Security – Insider Threat")}, - Verticals: []*string{ - to.Ptr("Healthcare")}, - }, - ContentID: to.Ptr("c00ee137-7475-47c8-9cce-ec6f0f1bedd0"), - ContentSchemaVersion: to.Ptr("2.0"), - CustomVersion: to.Ptr("1.0"), - Dependencies: &armsecurityinsights.MetadataDependencies{ - Criteria: []*armsecurityinsights.MetadataDependencies{ - { - Criteria: []*armsecurityinsights.MetadataDependencies{ - { - Name: to.Ptr("Microsoft Defender for Endpoint"), - ContentID: to.Ptr("045d06d0-ee72-4794-aba4-cf5646e4c756"), - Kind: to.Ptr(armsecurityinsights.KindDataConnector), - }, - { - ContentID: to.Ptr("dbfcb2cc-d782-40ef-8d94-fe7af58a6f2d"), - Kind: to.Ptr(armsecurityinsights.KindDataConnector), - }, - { - ContentID: to.Ptr("de4dca9b-eb37-47d6-a56f-b8b06b261593"), - Kind: to.Ptr(armsecurityinsights.KindDataConnector), - Version: to.Ptr("2.0"), - }}, - Operator: to.Ptr(armsecurityinsights.OperatorOR), - }, - { - ContentID: to.Ptr("31ee11cc-9989-4de8-b176-5e0ef5c4dbab"), - Kind: to.Ptr(armsecurityinsights.KindPlaybook), - Version: to.Ptr("1.0"), - }, - { - ContentID: to.Ptr("21ba424a-9438-4444-953a-7059539a7a1b"), - Kind: to.Ptr(armsecurityinsights.KindParser), - }}, - Operator: to.Ptr(armsecurityinsights.OperatorAND), - }, - FirstPublishDate: to.Ptr(func() time.Time { t, _ := time.Parse("2006-01-02", "2021-05-18"); return t }()), - Kind: to.Ptr(armsecurityinsights.KindAnalyticsRule), - LastPublishDate: to.Ptr(func() time.Time { t, _ := time.Parse("2006-01-02", "2021-05-18"); return t }()), - ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName"), - PreviewImages: []*string{ - to.Ptr("firstImage.png"), - to.Ptr("secondImage.jpeg")}, - PreviewImagesDark: []*string{ - to.Ptr("firstImageDark.png"), - to.Ptr("secondImageDark.jpeg")}, - Providers: []*string{ - to.Ptr("Amazon"), - to.Ptr("Microsoft")}, - Source: &armsecurityinsights.MetadataSource{ - Name: to.Ptr("Contoso Solution 1.0"), - Kind: to.Ptr(armsecurityinsights.SourceKindSolution), - SourceID: to.Ptr("b688a130-76f4-4a07-bf57-762222a3cadf"), - }, - Support: &armsecurityinsights.MetadataSupport{ - Name: to.Ptr("Microsoft"), - Email: to.Ptr("support@microsoft.com"), - Link: to.Ptr("https://support.microsoft.com/"), - Tier: to.Ptr(armsecurityinsights.SupportTierPartner), - }, - ThreatAnalysisTactics: []*string{ - to.Ptr("reconnaissance"), - to.Ptr("commandandcontrol")}, - ThreatAnalysisTechniques: []*string{ - to.Ptr("T1548"), - to.Ptr("T1548.001")}, - Version: to.Ptr("1.0.0.0"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.MetadataModel = armsecurityinsights.MetadataModel{ - // Name: to.Ptr("metadataName"), - // Type: to.Ptr("Microsoft.SecurityInsights/metadata"), - // ID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName"), - // Properties: &armsecurityinsights.MetadataProperties{ - // Author: &armsecurityinsights.MetadataAuthor{ - // Name: to.Ptr("User Name"), - // Email: to.Ptr("email@microsoft.com"), - // }, - // Categories: &armsecurityinsights.MetadataCategories{ - // Domains: []*string{ - // to.Ptr("Application"), - // to.Ptr("Security – Insider Threat")}, - // Verticals: []*string{ - // to.Ptr("Healthcare")}, - // }, - // ContentID: to.Ptr("c00ee137-7475-47c8-9cce-ec6f0f1bedd0"), - // ContentSchemaVersion: to.Ptr("2.0"), - // CustomVersion: to.Ptr("1.0"), - // Dependencies: &armsecurityinsights.MetadataDependencies{ - // Criteria: []*armsecurityinsights.MetadataDependencies{ - // { - // Criteria: []*armsecurityinsights.MetadataDependencies{ - // { - // ContentID: to.Ptr("045d06d0-ee72-4794-aba4-cf5646e4c756"), - // Kind: to.Ptr(armsecurityinsights.KindDataConnector), - // }, - // { - // ContentID: to.Ptr("dbfcb2cc-d782-40ef-8d94-fe7af58a6f2d"), - // Kind: to.Ptr(armsecurityinsights.KindDataConnector), - // }, - // { - // ContentID: to.Ptr("de4dca9b-eb37-47d6-a56f-b8b06b261593"), - // Kind: to.Ptr(armsecurityinsights.KindDataConnector), - // Version: to.Ptr("2.0"), - // }}, - // Operator: to.Ptr(armsecurityinsights.OperatorOR), - // }, - // { - // ContentID: to.Ptr("31ee11cc-9989-4de8-b176-5e0ef5c4dbab"), - // Kind: to.Ptr(armsecurityinsights.KindPlaybook), - // Version: to.Ptr("1.0"), - // }, - // { - // ContentID: to.Ptr("21ba424a-9438-4444-953a-7059539a7a1b"), - // Kind: to.Ptr(armsecurityinsights.KindParser), - // }}, - // Operator: to.Ptr(armsecurityinsights.OperatorAND), - // }, - // FirstPublishDate: to.Ptr(func() time.Time { t, _ := time.Parse("2006-01-02", "2021-05-18"); return t}()), - // Kind: to.Ptr(armsecurityinsights.KindAnalyticsRule), - // LastPublishDate: to.Ptr(func() time.Time { t, _ := time.Parse("2006-01-02", "2021-05-18"); return t}()), - // ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName"), - // PreviewImages: []*string{ - // to.Ptr("firstImage.png"), - // to.Ptr("secondImage.jpeg")}, - // PreviewImagesDark: []*string{ - // to.Ptr("firstImageDark.png"), - // to.Ptr("secondImageDark.jpeg")}, - // Providers: []*string{ - // to.Ptr("Amazon"), - // to.Ptr("Microsoft")}, - // Source: &armsecurityinsights.MetadataSource{ - // Name: to.Ptr("Contoso Solution 1.0"), - // Kind: to.Ptr(armsecurityinsights.SourceKindSolution), - // SourceID: to.Ptr("b688a130-76f4-4a07-bf57-762222a3cadf"), - // }, - // Support: &armsecurityinsights.MetadataSupport{ - // Name: to.Ptr("Microsoft"), - // Email: to.Ptr("support@microsoft.com"), - // Link: to.Ptr("https://support.microsoft.com/"), - // Tier: to.Ptr(armsecurityinsights.SupportTierPartner), - // }, - // ThreatAnalysisTactics: []*string{ - // to.Ptr("reconnaissance"), - // to.Ptr("commandandcontrol")}, - // ThreatAnalysisTechniques: []*string{ - // to.Ptr("T1548"), - // to.Ptr("T1548.001")}, - // Version: to.Ptr("1.0.0.0"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/PutMetadataMinimal.json -func ExampleMetadataClient_Create_createUpdateMinimalMetadata() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewMetadataClient().Create(ctx, "myRg", "myWorkspace", "metadataName", armsecurityinsights.MetadataModel{ - Properties: &armsecurityinsights.MetadataProperties{ - ContentID: to.Ptr("c00ee137-7475-47c8-9cce-ec6f0f1bedd0"), - Kind: to.Ptr(armsecurityinsights.KindAnalyticsRule), - ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.MetadataModel = armsecurityinsights.MetadataModel{ - // Name: to.Ptr("metadataName"), - // Type: to.Ptr("Microsoft.SecurityInsights/metadata"), - // ID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName"), - // Properties: &armsecurityinsights.MetadataProperties{ - // Kind: to.Ptr(armsecurityinsights.KindAnalyticsRule), - // ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/PatchMetadata.json -func ExampleMetadataClient_Update() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewMetadataClient().Update(ctx, "myRg", "myWorkspace", "metadataName", armsecurityinsights.MetadataPatch{ - Properties: &armsecurityinsights.MetadataPropertiesPatch{ - Author: &armsecurityinsights.MetadataAuthor{ - Name: to.Ptr("User Name"), - Email: to.Ptr("email@microsoft.com"), - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.MetadataModel = armsecurityinsights.MetadataModel{ - // Name: to.Ptr("metadataName"), - // Type: to.Ptr("Microsoft.SecurityInsights/metadata"), - // ID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName"), - // Properties: &armsecurityinsights.MetadataProperties{ - // Author: &armsecurityinsights.MetadataAuthor{ - // Name: to.Ptr("User Name"), - // Email: to.Ptr("email@microsoft.com"), - // }, - // ContentID: to.Ptr("c00ee137-7475-47c8-9cce-ec6f0f1bedd0"), - // Kind: to.Ptr(armsecurityinsights.KindAnalyticsRule), - // ParentID: to.Ptr("/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName"), - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/models.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/models.go index aa263f3a7aa2..bec4cf8265e3 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/models.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/models.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -10,12 +7,12 @@ package armsecurityinsights import "time" -// AADCheckRequirements - Represents AAD (Azure Active Directory) requirements check request. +// AADCheckRequirements - Represents AADIP (Azure Active Directory Identity Protection) requirements check request. type AADCheckRequirements struct { // REQUIRED; Describes the kind of connector to be checked. Kind *DataConnectorKind - // AAD (Azure Active Directory) requirements check properties. + // AADIP (Azure Active Directory Identity Protection) requirements check properties. Properties *AADCheckRequirementsProperties } @@ -26,13 +23,13 @@ func (a *AADCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnect } } -// AADCheckRequirementsProperties - AAD (Azure Active Directory) requirements check properties. +// AADCheckRequirementsProperties - AADIP (Azure Active Directory Identity Protection) requirements check properties. type AADCheckRequirementsProperties struct { // REQUIRED; The tenant id to connect to, and get the data from. TenantID *string } -// AADDataConnector - Represents AAD (Azure Active Directory) data connector. +// AADDataConnector - Represents AADIP (Azure Active Directory Identity Protection) data connector. type AADDataConnector struct { // REQUIRED; The data connector kind Kind *DataConnectorKind @@ -40,10 +37,10 @@ type AADDataConnector struct { // Etag of the azure resource Etag *string - // AAD (Azure Active Directory) data connector properties. + // AADIP (Azure Active Directory Identity Protection) data connector properties. Properties *AADDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -68,7 +65,7 @@ func (a *AADDataConnector) GetDataConnector() *DataConnector { } } -// AADDataConnectorProperties - AAD (Azure Active Directory) data connector properties. +// AADDataConnectorProperties - AADIP (Azure Active Directory Identity Protection) data connector properties. type AADDataConnectorProperties struct { // REQUIRED; The tenant id to connect to, and get the data from. TenantID *string @@ -110,7 +107,7 @@ type AATPDataConnector struct { // AATP (Azure Advanced Threat Protection) data connector properties. Properties *AATPDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -144,6 +141,33 @@ type AATPDataConnectorProperties struct { DataTypes *AlertsDataTypeOfDataConnector } +// APIKeyAuthModel - Model for authentication with the API Key. Will result in additional header on the request (default behavior) +// to the remote server: 'ApiKeyName: ApiKeyIdentifier ApiKey'. If 'IsApiKeyInPostPayload' is +// true it will send it in the body of the request and not the header. +type APIKeyAuthModel struct { + // REQUIRED; API Key for the user secret key credential + APIKey *string + + // REQUIRED; API Key name + APIKeyName *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // API Key Identifier + APIKeyIdentifier *string + + // Flag to indicate if API key is set in HTTP POST payload + IsAPIKeyInPostPayload *bool +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type APIKeyAuthModel. +func (a *APIKeyAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: a.Type, + } +} + // APIPollingParameters - Represents Codeless API Polling data connector type APIPollingParameters struct { // Config to describe the instructions blade @@ -186,7 +210,7 @@ type ASCDataConnector struct { // ASC (Azure Security Center) data connector properties. Properties *ASCDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -220,15 +244,34 @@ type ASCDataConnectorProperties struct { SubscriptionID *string } +// AWSAuthModel - Model for API authentication with AWS. +type AWSAuthModel struct { + // REQUIRED; AWS STS assume role ARN + RoleArn *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // AWS STS assume role external ID. This is used to prevent the confused deputy problem: 'https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html' + ExternalID *string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type AWSAuthModel. +func (a *AWSAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: a.Type, + } +} + // AccountEntity - Represents an account entity. type AccountEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // Account entity properties Properties *AccountEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -299,6 +342,15 @@ type AccountEntityProperties struct { UpnSuffix *string } +// Action - Represents an action to perform on a specific system. +type Action struct { + // REQUIRED; The actions kind + Kind *ListActionKind +} + +// GetAction implements the ActionClassification interface for type Action. +func (a *Action) GetAction() *Action { return a } + // ActionRequest - Action for alert rule. type ActionRequest struct { // Etag of the azure resource @@ -307,7 +359,7 @@ type ActionRequest struct { // Action properties for put request Properties *ActionRequestProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -337,7 +389,7 @@ type ActionResponse struct { // Action properties for get request Properties *ActionResponseProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -379,7 +431,7 @@ type ActivityCustomEntityQuery struct { // Activity entity query properties Properties *ActivityEntityQueriesProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -457,7 +509,7 @@ type ActivityEntityQuery struct { // Activity entity query properties Properties *ActivityEntityQueriesProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -490,7 +542,7 @@ type ActivityEntityQueryTemplate struct { // Activity entity query properties Properties *ActivityEntityQueryTemplateProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -584,6 +636,43 @@ func (a *ActivityTimelineItem) GetEntityTimelineItem() *EntityTimelineItem { } } +type AddIncidentTaskActionProperties struct { + // REQUIRED; The title of the task. + Title *string + + // The description of the task. + Description *string +} + +// AgentConfiguration - Describes the configuration of a Business Application Agent. +type AgentConfiguration struct { + // REQUIRED; Type of the agent + Type *AgentType +} + +// GetAgentConfiguration implements the AgentConfigurationClassification interface for type AgentConfiguration. +func (a *AgentConfiguration) GetAgentConfiguration() *AgentConfiguration { return a } + +type AgentProperties struct { + // REQUIRED; Describes the configuration of a Business Application Agent. + Configuration AgentConfigurationClassification + + // REQUIRED + DisplayName *string + + // READ-ONLY + AgentSystems []*AgentSystem + + // READ-ONLY + LastModifiedTimeUTC *time.Time +} + +// AgentSystem - Describes the configuration of a system inside the agent. +type AgentSystem struct { + SystemDisplayName *string + SystemResourceName *string +} + // AlertDetailsOverride - Settings for how to dynamically override alert static details type AlertDetailsOverride struct { // the format containing columns name(s) to override the alert description @@ -592,6 +681,9 @@ type AlertDetailsOverride struct { // the format containing columns name(s) to override the alert name AlertDisplayNameFormat *string + // List of additional dynamic properties to override + AlertDynamicProperties []*AlertPropertyMapping + // the column name to take the alert severity from AlertSeverityColumnName *string @@ -599,6 +691,15 @@ type AlertDetailsOverride struct { AlertTacticsColumnName *string } +// AlertPropertyMapping - A single alert property mapping to override +type AlertPropertyMapping struct { + // The V3 alert property + AlertProperty *AlertProperty + + // the column name to use to override this property + Value *string +} + // AlertRule - Alert rule. type AlertRule struct { // REQUIRED; The kind of the alert rule @@ -607,7 +708,7 @@ type AlertRule struct { // Etag of the azure resource Etag *string - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -628,7 +729,7 @@ type AlertRuleTemplate struct { // REQUIRED; The kind of the alert rule Kind *AlertRuleKind - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -677,6 +778,18 @@ type AlertsDataTypeOfDataConnector struct { Alerts *DataConnectorDataTypeCommon } +// AnalyticsRuleRunTrigger - Analytics Rule Run Trigger request +type AnalyticsRuleRunTrigger struct { + // REQUIRED; The analytics Rule Run Trigger request + Properties *AnalyticsRuleRunTriggerProperties +} + +// AnalyticsRuleRunTriggerProperties - The Analytics Rule Run Trigger properties +type AnalyticsRuleRunTriggerProperties struct { + // REQUIRED + ExecutionTimeUTC *time.Time +} + // Anomalies - Settings with single toggle. type Anomalies struct { // REQUIRED; The kind of the setting @@ -688,7 +801,7 @@ type Anomalies struct { // Anomalies properties Properties *AnomaliesSettingsProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -730,7 +843,7 @@ type AnomalySecurityMLAnalyticsSettings struct { // Anomaly Security ML Analytics Settings properties Properties *AnomalySecurityMLAnalyticsSettingsProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -847,6 +960,45 @@ func (a *AnomalyTimelineItem) GetEntityTimelineItem() *EntityTimelineItem { } } +// AssignmentItem - An entity describing a content item. +type AssignmentItem struct { + // The resource id of the content item + ResourceID *string +} + +// AttackPattern - Represents an attack pattern in Azure Security Insights. +type AttackPattern struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type AttackPattern. +func (a *AttackPattern) GetTIObject() *TIObject { + return &TIObject{ + ID: a.ID, + Kind: a.Kind, + Name: a.Name, + Properties: a.Properties, + SystemData: a.SystemData, + Type: a.Type, + } +} + type AutomationRule struct { // REQUIRED; Automation rule properties Properties *AutomationRuleProperties @@ -854,7 +1006,7 @@ type AutomationRule struct { // Etag of the azure resource Etag *string - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -879,6 +1031,24 @@ type AutomationRuleAction struct { // GetAutomationRuleAction implements the AutomationRuleActionClassification interface for type AutomationRuleAction. func (a *AutomationRuleAction) GetAutomationRuleAction() *AutomationRuleAction { return a } +// AutomationRuleAddIncidentTaskAction - Describes an automation rule action to add a task to an incident +type AutomationRuleAddIncidentTaskAction struct { + // REQUIRED; The type of the automation rule action. + ActionType *ActionType + + // REQUIRED + Order *int32 + ActionConfiguration *AddIncidentTaskActionProperties +} + +// GetAutomationRuleAction implements the AutomationRuleActionClassification interface for type AutomationRuleAddIncidentTaskAction. +func (a *AutomationRuleAddIncidentTaskAction) GetAutomationRuleAction() *AutomationRuleAction { + return &AutomationRuleAction{ + ActionType: a.ActionType, + Order: a.Order, + } +} + type AutomationRuleBooleanCondition struct { InnerConditions []AutomationRuleConditionClassification Operator *AutomationRuleBooleanConditionSupportedOperator @@ -1007,11 +1177,12 @@ type AutomationRulesList struct { // Availability - Connector Availability Status type Availability struct { + // CONSTANT; The connector Availability Status + // Field has constant value 1, any specified value is ignored. + Status *int32 + // Set connector as preview IsPreview *bool - - // The connector Availability Status - Status *int32 } // AwsCloudTrailCheckRequirements - Amazon Web Services CloudTrail requirements check request. @@ -1038,7 +1209,7 @@ type AwsCloudTrailDataConnector struct { // Amazon Web Services CloudTrail data connector properties. Properties *AwsCloudTrailDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -1108,7 +1279,7 @@ type AwsS3DataConnector struct { // Amazon Web Services S3 data connector properties. Properties *AwsS3DataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -1172,12 +1343,12 @@ type AzureDevOpsResourceInfo struct { // AzureResourceEntity - Represents an azure resource entity. type AzureResourceEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // AzureResource entity properties Properties *AzureResourceEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -1217,6 +1388,58 @@ type AzureResourceEntityProperties struct { SubscriptionID *string } +// BasicAuthModel - Model for API authentication with basic flow - user name + password. +type BasicAuthModel struct { + // REQUIRED; The password + Password *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // REQUIRED; The user name. + UserName *string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type BasicAuthModel. +func (b *BasicAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: b.Type, + } +} + +// BillingStatistic - Billing statistic +type BillingStatistic struct { + // REQUIRED; The kind of the billing statistic + Kind *BillingStatisticKind + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetBillingStatistic implements the BillingStatisticClassification interface for type BillingStatistic. +func (b *BillingStatistic) GetBillingStatistic() *BillingStatistic { return b } + +// BillingStatisticList - List of all Microsoft Sentinel billing statistics. +type BillingStatisticList struct { + // REQUIRED; Array of billing statistics. + Value []BillingStatisticClassification + + // READ-ONLY; URL to fetch the next set of billing statistics. + NextLink *string +} + // Bookmark - Represents a bookmark in Azure Security Insights. type Bookmark struct { // Etag of the azure resource @@ -1225,7 +1448,7 @@ type Bookmark struct { // Bookmark properties Properties *BookmarkProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -1388,6 +1611,80 @@ func (b *BooleanConditionProperties) GetAutomationRuleCondition() *AutomationRul } } +// BusinessApplicationAgentResource - Describes the configuration of a Business Application Agent. +type BusinessApplicationAgentResource struct { + // REQUIRED + Properties *AgentProperties + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// BusinessApplicationAgentsList - List of agents. +type BusinessApplicationAgentsList struct { + NextLink *string + Value []*BusinessApplicationAgentResource +} + +// CcpAuthConfig - Base Model for API authentication. +type CcpAuthConfig struct { + // REQUIRED; The auth type + Type *CcpAuthType +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type CcpAuthConfig. +func (c *CcpAuthConfig) GetCcpAuthConfig() *CcpAuthConfig { return c } + +// CcpResponseConfig - A custom response configuration for a rule. +type CcpResponseConfig struct { + // REQUIRED; The json paths, '$' char is the json root. + EventsJSONPaths []*string + + // The csv delimiter, in case the response format is CSV. + CSVDelimiter *string + + // The character used to escape characters in CSV. + CSVEscape *string + + // The compression algorithm. For Example: 'gzip', 'multi-gzip', 'deflate'. + CompressionAlgo *string + + // The value indicating whether the response isn't an array of events / logs. By setting this flag to true it means the remote + // server will response with an object which each property has as a value an + // array of events / logs. + ConvertChildPropertiesToArray *bool + + // The response format. possible values are json,csv,xml + Format *string + + // The value indicating whether the response has CSV boundary in case the response in CSV format. + HasCSVBoundary *bool + + // The value indicating whether the response has headers in case the response in CSV format. + HasCSVHeader *bool + + // The value indicating whether the remote server support Gzip and we should expect Gzip response. + IsGzipCompressed *bool + + // The value where the status message/code should appear in the response. + SuccessStatusJSONPath *string + + // The status value. + SuccessStatusValue *string +} + // ClientInfo - Information on the client (user or application) that made some action type ClientInfo struct { // The email of the client. @@ -1406,12 +1703,12 @@ type ClientInfo struct { // CloudApplicationEntity - Represents a cloud application entity. type CloudApplicationEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // CloudApplication entity properties Properties *CloudApplicationEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -1466,7 +1763,7 @@ type CodelessAPIPollingDataConnector struct { // Codeless poling data connector properties Properties *APIPollingParameters - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -1738,7 +2035,7 @@ type CodelessUIDataConnector struct { // Codeless UI data connector properties Properties *CodelessParameters - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -1763,6 +2060,34 @@ func (c *CodelessUIDataConnector) GetDataConnector() *DataConnector { } } +// ConditionClause - Represents a single clause to be evaluated by a NormalizedCondition. +type ConditionClause struct { + // REQUIRED; The name of the field that is evaluated. + Field *string + + // REQUIRED; Represents an operator in a ConditionClause. + Operator *Operator + + // REQUIRED; The top level connective operator for this condition. + Values []*string + + // The connective used to join all values in this ConditionClause + ClauseConnective *Connective +} + +// ConditionProperties - Represents a condition used to query for TI objects. +type ConditionProperties struct { + // REQUIRED; The list of clauses to be evaluated in disjunction or conjunction base on the specified top level connective + // operator. + Clauses []*ConditionClause + + // The top level connective operator for this condition. + ConditionConnective *Connective + + // READ-ONLY; The STIX type for the objects returned by this query. + StixObjectType *string +} + // ConnectedEntity - Expansion result connected entities type ConnectedEntity struct { // key-value pairs for a connected entity mapping @@ -1772,13 +2097,75 @@ type ConnectedEntity struct { TargetEntityID *string } -// ContentPathMap - The mapping of content type to a repo path. -type ContentPathMap struct { - // Content type. - ContentType *ContentType +// ConnectivityCriterion - The criteria by which we determine whether the connector is connected or not. For Example, use +// a KQL query to check if the expected data type is flowing). +type ConnectivityCriterion struct { + // REQUIRED; Gets or sets the type of connectivity. + Type *string + + // Gets or sets the queries for checking connectivity. + Value []*string +} + +// ConnectorDataType - The data type which is created by the connector, including a query indicated when was the last time +// that data type was received in the workspace. +type ConnectorDataType struct { + // REQUIRED; Gets or sets the query to indicate when relevant data was last received in the workspace. + LastDataReceivedQuery *string + + // REQUIRED; Gets or sets the name of the data type to show in the graph. + Name *string +} + +// ConnectorDefinitionsAvailability - The exposure status of the connector to the customers. +type ConnectorDefinitionsAvailability struct { + // Gets or sets a value indicating whether the connector is preview. + IsPreview *bool + + // The exposure status of the connector to the customers. Available values are 0-4 (0=None, 1=Available, 2=FeatureFlag, 3=Internal). + Status *int32 +} + +// ConnectorDefinitionsPermissions - The required Permissions for the connector. +type ConnectorDefinitionsPermissions struct { + // Gets or sets the customs permissions required for the user to create connections. + Customs []*CustomPermissionDetails + + // Gets or sets the required licenses for the user to create connections. + Licenses []*string + + // Gets or sets the resource provider permissions required for the user to create connections. + ResourceProvider []*ConnectorDefinitionsResourceProvider + + // Gets or sets the required tenant permissions for the connector. + Tenant []*string +} + +// ConnectorDefinitionsResourceProvider - The resource provider details include the required permissions for the user to create +// connections. The user should have the required permissions(Read\Write, ..) in the specified scope +// ProviderPermissionsScope against the specified resource provider. +type ConnectorDefinitionsResourceProvider struct { + // REQUIRED; Gets or sets the permissions description text. + PermissionsDisplayText *string + + // REQUIRED; Gets or sets the provider name. + Provider *string + + // REQUIRED; Gets or sets the permissions provider display name. + ProviderDisplayName *string + + // REQUIRED; Required permissions for the connector resource provider that define in ResourceProviders. For more information + // about the permissions see here. + RequiredPermissions *ResourceProviderRequiredPermissions + + // REQUIRED; The scope on which the user should have permissions, in order to be able to create connections. + Scope *ProviderPermissionsScope +} - // The path to the content. - Path *string +// CountQuery - Represents a query to run on the TI objects in the workspace. +type CountQuery struct { + // Query properties + Properties *QueryProperties } // CustomEntityQuery - Specific entity query that supports put requests. @@ -1789,7 +2176,7 @@ type CustomEntityQuery struct { // Etag of the azure resource Etag *string - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -1805,69 +2192,37 @@ type CustomEntityQuery struct { // GetCustomEntityQuery implements the CustomEntityQueryClassification interface for type CustomEntityQuery. func (c *CustomEntityQuery) GetCustomEntityQuery() *CustomEntityQuery { return c } -// DNSEntity - Represents a dns entity. -type DNSEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKind - - // Dns entity properties - Properties *DNSEntityProperties - - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - ID *string +// CustomPermissionDetails - The Custom permissions required for the connector. +type CustomPermissionDetails struct { + // REQUIRED; Gets or sets the custom permissions description. + Description *string - // READ-ONLY; The name of the resource + // REQUIRED; Gets or sets the custom permissions name. Name *string - - // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. - SystemData *SystemData - - // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" - Type *string -} - -// GetEntity implements the EntityClassification interface for type DNSEntity. -func (d *DNSEntity) GetEntity() *Entity { - return &Entity{ - ID: d.ID, - Kind: d.Kind, - Name: d.Name, - SystemData: d.SystemData, - Type: d.Type, - } } -// DNSEntityProperties - Dns entity property bag. -type DNSEntityProperties struct { - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any - - // READ-ONLY; An ip entity id for the dns server resolving the request - DNSServerIPEntityID *string - - // READ-ONLY; The name of the dns record associated with the alert - DomainName *string - - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string - - // READ-ONLY; An ip entity id for the dns request client - HostIPAddressEntityID *string +// CustomizableConnectionsConfig - The UiConfig for 'Customizable' connector definition kind. +type CustomizableConnectionsConfig struct { + // REQUIRED; Gets or sets the template name. The template includes ARM templates that can be created by the connector, usually + // it will be the dataConnectors ARM templates. + TemplateSpecName *string - // READ-ONLY; Ip entity identifiers for the resolved ip address. - IPAddressEntityIDs []*string + // REQUIRED; Gets or sets the template version. + TemplateSpecVersion *string } -// DataConnector - Data connector -type DataConnector struct { +// CustomizableConnectorDefinition - Connector definition for kind 'Customizable'. +type CustomizableConnectorDefinition struct { // REQUIRED; The data connector kind - Kind *DataConnectorKind + Kind *DataConnectorDefinitionKind // Etag of the azure resource Etag *string - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // Customizable properties. + Properties *CustomizableConnectorDefinitionProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -1880,11 +2235,165 @@ type DataConnector struct { Type *string } -// GetDataConnector implements the DataConnectorClassification interface for type DataConnector. -func (d *DataConnector) GetDataConnector() *DataConnector { return d } - -// DataConnectorConnectBody - Represents Codeless API Polling data connector. -type DataConnectorConnectBody struct { +// GetDataConnectorDefinition implements the DataConnectorDefinitionClassification interface for type CustomizableConnectorDefinition. +func (c *CustomizableConnectorDefinition) GetDataConnectorDefinition() *DataConnectorDefinition { + return &DataConnectorDefinition{ + Etag: c.Etag, + ID: c.ID, + Kind: c.Kind, + Name: c.Name, + SystemData: c.SystemData, + Type: c.Type, + } +} + +// CustomizableConnectorDefinitionProperties - The UiConfig for 'Customizable' connector definition kind. +type CustomizableConnectorDefinitionProperties struct { + // REQUIRED; The UiConfig for 'Customizable' connector definition kind. + ConnectorUIConfig *CustomizableConnectorUIConfig + + // The UiConfig for 'Customizable' connector definition kind. + ConnectionsConfig *CustomizableConnectionsConfig + + // Gets or sets the connector definition created date in UTC format. + CreatedTimeUTC *time.Time + + // Gets or sets the connector definition last modified date in UTC format. + LastModifiedUTC *time.Time +} + +// CustomizableConnectorUIConfig - The UiConfig for 'Customizable' connector definition kind. +type CustomizableConnectorUIConfig struct { + // REQUIRED; Gets or sets the way the connector checks whether the connector is connected. + ConnectivityCriteria []*ConnectivityCriterion + + // REQUIRED; Gets or sets the data types to check for last data received. + DataTypes []*ConnectorDataType + + // REQUIRED; Gets or sets the connector description in markdown format. + DescriptionMarkdown *string + + // REQUIRED; Gets or sets the graph queries to show the current data volume over time. + GraphQueries []*GraphQuery + + // REQUIRED; Gets or sets the instruction steps to enable the connector. + InstructionSteps []*InstructionStep + + // REQUIRED; The required Permissions for the connector. + Permissions *ConnectorDefinitionsPermissions + + // REQUIRED; Gets or sets the connector publisher name. + Publisher *string + + // REQUIRED; Gets or sets the connector blade title. + Title *string + + // The exposure status of the connector to the customers. + Availability *ConnectorDefinitionsAvailability + + // Gets or sets custom connector id. optional field. + ID *string + + // Gets or sets a value indicating whether to use 'OR'(SOME) or 'AND' between ConnectivityCriteria items. + IsConnectivityCriteriasMatchSome *bool + + // Gets or sets the connector logo to be used when displaying the connector within Azure Sentinel's connector's gallery. The + // logo value should be in SVG format. + Logo *string +} + +// DCRConfiguration - The configuration of the destination of the data. +type DCRConfiguration struct { + // REQUIRED; Represents the data collection ingestion endpoint in log analytics. + DataCollectionEndpoint *string + + // REQUIRED; The data collection rule immutable id, the rule defines the transformation and data destination. + DataCollectionRuleImmutableID *string + + // REQUIRED; The stream we are sending the data to. + StreamName *string +} + +// DNSEntity - Represents a dns entity. +type DNSEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // Dns entity properties + Properties *DNSEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type DNSEntity. +func (d *DNSEntity) GetEntity() *Entity { + return &Entity{ + ID: d.ID, + Kind: d.Kind, + Name: d.Name, + SystemData: d.SystemData, + Type: d.Type, + } +} + +// DNSEntityProperties - Dns entity property bag. +type DNSEntityProperties struct { + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; An ip entity id for the dns server resolving the request + DNSServerIPEntityID *string + + // READ-ONLY; The name of the dns record associated with the alert + DomainName *string + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; An ip entity id for the dns request client + HostIPAddressEntityID *string + + // READ-ONLY; Ip entity identifiers for the resolved ip address. + IPAddressEntityIDs []*string +} + +// DataConnector - Data connector +type DataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type DataConnector. +func (d *DataConnector) GetDataConnector() *DataConnector { return d } + +// DataConnectorConnectBody - Represents Codeless API Polling data connector. +type DataConnectorConnectBody struct { // The API key of the audit server. APIKey *string @@ -1924,6 +2433,37 @@ type DataConnectorDataTypeCommon struct { State *DataTypeState } +// DataConnectorDefinition - An Azure resource, which encapsulate the entire info requires to display a data connector page +// in Azure portal, and the info required to define data connections. +type DataConnectorDefinition struct { + // REQUIRED; The data connector kind + Kind *DataConnectorDefinitionKind + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnectorDefinition implements the DataConnectorDefinitionClassification interface for type DataConnectorDefinition. +func (d *DataConnectorDefinition) GetDataConnectorDefinition() *DataConnectorDefinition { return d } + +// DataConnectorDefinitionArmCollectionWrapper - Encapsulate the data connector definition object +type DataConnectorDefinitionArmCollectionWrapper struct { + NextLink *string + Value []DataConnectorDefinitionClassification +} + // DataConnectorList - List all the data connectors. type DataConnectorList struct { // REQUIRED; Array of data connectors. @@ -2022,7 +2562,7 @@ type Dynamics365DataConnector struct { // Dynamics365 data connector properties. Properties *Dynamics365DataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2068,6 +2608,12 @@ type Dynamics365DataConnectorProperties struct { TenantID *string } +// EnrichmentDomainBody - Domain name to be enriched +type EnrichmentDomainBody struct { + // The domain name + Domain *string +} + // EnrichmentDomainWhois - Whois information for a given domain and associated metadata type EnrichmentDomainWhois struct { // The timestamp at which this record was created @@ -2173,6 +2719,12 @@ type EnrichmentDomainWhoisRegistrarDetails struct { WhoisServer *string } +// EnrichmentIPAddressBody - IP address (v4 or v6) to be enriched +type EnrichmentIPAddressBody struct { + // The dotted-decimal or colon-separated string representation of the IP address + IPAddress *string +} + // EnrichmentIPGeodata - Geodata information for a given IP address type EnrichmentIPGeodata struct { // The autonomous system number associated with this IP address @@ -2185,7 +2737,7 @@ type EnrichmentIPGeodata struct { City *string // A numeric rating of confidence that the value in the 'city' field is correct, on a scale of 0-100 - CityCf *int32 + CityConfidenceFactor *int32 // The continent this IP address is located on Continent *string @@ -2194,7 +2746,7 @@ type EnrichmentIPGeodata struct { Country *string // A numeric rating of confidence that the value in the 'country' field is correct on a scale of 0-100 - CountryCf *int32 + CountryConfidenceFactor *int32 // The dotted-decimal or colon-separated string representation of the IP address IPAddr *string @@ -2220,19 +2772,19 @@ type EnrichmentIPGeodata struct { // The state this IP address is located in State *string - // A numeric rating of confidence that the value in the 'state' field is correct on a scale of 0-100 - StateCf *int32 - // The abbreviated name for the state this IP address is located in StateCode *string + + // A numeric rating of confidence that the value in the 'state' field is correct on a scale of 0-100 + StateConfidenceFactor *int32 } // Entity - Specific entity. type Entity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2259,7 +2811,7 @@ type EntityAnalytics struct { // EntityAnalytics properties Properties *EntityAnalyticsProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2395,6 +2947,18 @@ type EntityList struct { NextLink *string } +// EntityManualTriggerRequestBody - Describes the request body for triggering a playbook on an entity. +type EntityManualTriggerRequestBody struct { + // REQUIRED; The resource id of the playbook resource. + LogicAppsResourceID *string + + // Incident ARM id. + IncidentArmID *string + + // The tenant id of the playbook resource. + TenantID *string +} + // EntityMapping - Single entity mapping for the alert rule type EntityMapping struct { // The V3 type of the mapped entity @@ -2412,7 +2976,7 @@ type EntityQuery struct { // Etag of the azure resource Etag *string - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2465,7 +3029,7 @@ type EntityQueryTemplate struct { // REQUIRED; the entity query template kind Kind *EntityQueryTemplateKind - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2523,6 +3087,15 @@ type EntityTimelineResponse struct { Value []EntityTimelineItemClassification } +// Error - The error description for why a publication failed +type Error struct { + // REQUIRED; The error message + ErrorMessage *string + + // REQUIRED; The member resource name for which the publication error occured + MemberResourceName *string +} + // EventGroupingSettings - Event grouping settings property bag. type EventGroupingSettings struct { // The event grouping aggregation kinds @@ -2561,7 +3134,7 @@ type ExpansionEntityQuery struct { // Expansion entity query properties Properties *ExpansionEntityQueriesProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2592,7 +3165,7 @@ type ExpansionResultAggregation struct { Count *int32 // REQUIRED; The kind of the aggregated entity. - EntityKind *EntityKind + EntityKind *EntityKindEnum // The common type of the aggregation. (for e.g. entity field name) AggregationType *string @@ -2618,7 +3191,7 @@ type EyesOn struct { // EyesOn properties Properties *EyesOnSettingsProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2661,12 +3234,12 @@ type FieldMapping struct { // FileEntity - Represents a file entity. type FileEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // File entity properties Properties *FileEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2715,12 +3288,12 @@ type FileEntityProperties struct { // FileHashEntity - Represents a file hash entity. type FileHashEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // FileHash entity properties Properties *FileHashEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2765,7 +3338,7 @@ type FileImport struct { // File import properties Properties *FileImportProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2858,7 +3431,7 @@ type FusionAlertRule struct { // Fusion alert rule properties Properties *FusionAlertRuleProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2909,6 +3482,9 @@ type FusionAlertRuleProperties struct { // READ-ONLY; The severity for alerts created by this alert rule. Severity *AlertSeverity + // READ-ONLY; The sub-techniques of the alert rule + SubTechniques []*string + // READ-ONLY; The tactics of the alert rule Tactics []*AttackTactic @@ -2924,7 +3500,7 @@ type FusionAlertRuleTemplate struct { // Fusion alert rule template properties Properties *FusionAlertRuleTemplateProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -2971,6 +3547,9 @@ type FusionAlertRuleTemplateProperties struct { // The alert rule template status. Status *TemplateStatus + // The sub-techniques of the alert rule + SubTechniques []*string + // The tactics of the alert rule template Tactics []*AttackTactic @@ -3070,6 +3649,119 @@ type FusionTemplateSubTypeSeverityFilter struct { SeverityFilters []*AlertSeverity } +// GCPAuthModel - Model for API authentication for all GCP kind connectors. +type GCPAuthModel struct { + // REQUIRED; GCP Project Number + ProjectNumber *string + + // REQUIRED; GCP Service Account Email + ServiceAccountEmail *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // REQUIRED; GCP Workload Identity Provider ID + WorkloadIdentityProviderID *string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type GCPAuthModel. +func (g *GCPAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: g.Type, + } +} + +// GCPAuthProperties - Google Cloud Platform auth section properties. +type GCPAuthProperties struct { + // REQUIRED; The GCP project number. + ProjectNumber *string + + // REQUIRED; The service account that is used to access the GCP project. + ServiceAccountEmail *string + + // REQUIRED; The workload identity provider id that is used to gain access to the GCP project. + WorkloadIdentityProviderID *string +} + +// GCPDataConnector - Represents Google Cloud Platform data connector. +type GCPDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // Google Cloud Platform data connector properties. + Properties *GCPDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type GCPDataConnector. +func (g *GCPDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: g.Etag, + ID: g.ID, + Kind: g.Kind, + Name: g.Name, + SystemData: g.SystemData, + Type: g.Type, + } +} + +// GCPDataConnectorProperties - Google Cloud Platform data connector properties. +type GCPDataConnectorProperties struct { + // REQUIRED; The auth section of the connector. + Auth *GCPAuthProperties + + // REQUIRED; The name of the connector definition that represents the UI config. + ConnectorDefinitionName *string + + // REQUIRED; The request section of the connector. + Request *GCPRequestProperties + + // The configuration of the destination of the data. + DcrConfig *DCRConfiguration +} + +// GCPRequestProperties - Google Cloud Platform request section properties. +type GCPRequestProperties struct { + // REQUIRED; The GCP project id. + ProjectID *string + + // REQUIRED; The GCP pub/sub subscription names. + SubscriptionNames []*string +} + +// GenericBlobSbsAuthModel - Model for API authentication for working with service bus or storage account. +type GenericBlobSbsAuthModel struct { + // REQUIRED; The auth type + Type *CcpAuthType + + // Credentials for service bus namespace, keyvault uri for access key + CredentialsConfig map[string]*string + + // Credentials for storage account, keyvault uri for access key + StorageAccountCredentialsConfig map[string]*string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type GenericBlobSbsAuthModel. +func (g *GenericBlobSbsAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: g.Type, + } +} + // GeoLocation - The geo-location context attached to the ip entity type GeoLocation struct { // READ-ONLY; Autonomous System Number @@ -3084,14 +3776,12 @@ type GeoLocation struct { // READ-ONLY; Country name according to ISO 3166 Alpha 2: the lowercase of the English Short Name CountryName *string - // READ-ONLY; The longitude of the identified location, expressed as a floating point number with range of -180 to 180, with - // positive numbers representing East and negative numbers representing West. Latitude and - // longitude are derived from the city or postal code. + // READ-ONLY; The latitude of the identified location, expressed as a floating point number with range of - 90 to 90. Latitude + // and longitude are derived from the city or postal code. Latitude *float64 - // READ-ONLY; The latitude of the identified location, expressed as a floating point number with range of - 90 to 90, with - // positive numbers representing North and negative numbers representing South. Latitude and - // longitude are derived from the city or postal code. + // READ-ONLY; The longitude of the identified location, expressed as a floating point number with range of -180 to 180. Latitude + // and longitude are derived from the city or postal code. Longitude *float64 // READ-ONLY; State name @@ -3125,12 +3815,43 @@ type GetQueriesResponse struct { Value []EntityQueryItemClassification } +// GitHubAuthModel - Model for API authentication for GitHub. For this authentication first we need to approve the Router +// app (Microsoft Security DevOps) to access the GitHub account, Then we only need the InstallationId +// to get the access token from https://api.github.com/app/installations/{installId}/access_tokens. +type GitHubAuthModel struct { + // REQUIRED; The auth type + Type *CcpAuthType + + // The GitHubApp auth installation id. + InstallationID *string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type GitHubAuthModel. +func (g *GitHubAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: g.Type, + } +} + // GitHubResourceInfo - Resources created in GitHub repository. type GitHubResourceInfo struct { // GitHub application installation id. AppInstallationID *string } +// GraphQuery - The graph query to show the volume of data arriving into the workspace over time. +type GraphQuery struct { + // REQUIRED; Gets or sets the base query for the graph. The base query is wrapped by Sentinel UI infra with a KQL query, that + // measures the volume over time. + BaseQuery *string + + // REQUIRED; Gets or sets the legend for the graph. + Legend *string + + // REQUIRED; Gets or sets the metric name that the query is checking. For example: 'Total data receive'. + MetricName *string +} + // GroupingConfiguration - Grouping configuration property bag. type GroupingConfiguration struct { // REQUIRED; Grouping enabled @@ -3161,12 +3882,12 @@ type GroupingConfiguration struct { // HostEntity - Represents a host entity. type HostEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // Host entity properties Properties *HostEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -3228,15 +3949,15 @@ type HostEntityProperties struct { OmsAgentID *string } -// HuntingBookmark - Represents a Hunting bookmark entity. -type HuntingBookmark struct { - // REQUIRED; The kind of the entity. - Kind *EntityKind +// Hunt - Represents a Hunt in Azure Security Insights. +type Hunt struct { + // Etag of the azure resource + Etag *string - // HuntingBookmark entity properties - Properties *HuntingBookmarkProperties + // Hunt properties + Properties *HuntProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -3249,30 +3970,189 @@ type HuntingBookmark struct { Type *string } -// GetEntity implements the EntityClassification interface for type HuntingBookmark. -func (h *HuntingBookmark) GetEntity() *Entity { - return &Entity{ - ID: h.ID, - Kind: h.Kind, - Name: h.Name, - SystemData: h.SystemData, - Type: h.Type, - } -} - -// HuntingBookmarkProperties - Describes bookmark properties -type HuntingBookmarkProperties struct { - // REQUIRED; The display name of the bookmark - DisplayName *string +// HuntComment - Represents a Hunt Comment in Azure Security Insights +type HuntComment struct { + // Etag of the azure resource + Etag *string - // REQUIRED; The query of the bookmark. - Query *string + // Hunt Comment properties + Properties *HuntCommentProperties - // The time the bookmark was created - Created *time.Time + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string - // Describes a user that created the bookmark - CreatedBy *UserInfo + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// HuntCommentList - List of all hunt comments +type HuntCommentList struct { + // REQUIRED; Array of hunt comments + Value []*HuntComment + + // READ-ONLY; URL to fetch the next set of hunt comments. + NextLink *string +} + +// HuntCommentProperties - Describes a hunt comment properties +type HuntCommentProperties struct { + // REQUIRED; The message for the comment + Message *string +} + +// HuntList - List all the hunts. +type HuntList struct { + // REQUIRED; Array of hunts. + Value []*Hunt + + // READ-ONLY; URL to fetch the next set of hunts. + NextLink *string +} + +// HuntOwner - Describes a user that the hunt is assigned to +type HuntOwner struct { + // The name of the user the hunt is assigned to. + AssignedTo *string + + // The email of the user the hunt is assigned to. + Email *string + + // The object id of the user the hunt is assigned to. + ObjectID *string + + // The type of the owner the hunt is assigned to. + OwnerType *OwnerType + + // The user principal name of the user the hunt is assigned to. + UserPrincipalName *string +} + +// HuntProperties - Describes hunt properties +type HuntProperties struct { + // REQUIRED; The description of the hunt + Description *string + + // REQUIRED; The display name of the hunt + DisplayName *string + + // A list of mitre attack tactics the hunt is associated with + AttackTactics []*AttackTactic + + // A list of a mitre attack techniques the hunt is associated with + AttackTechniques []*string + + // The hypothesis status of the hunt. + HypothesisStatus *HypothesisStatus + + // List of labels relevant to this hunt + Labels []*string + + // Describes a user that the hunt is assigned to + Owner *HuntOwner + + // The status of the hunt. + Status *Status +} + +// HuntRelation - Represents a Hunt Relation in Azure Security Insights. +type HuntRelation struct { + // Etag of the azure resource + Etag *string + + // Hunt Relation properties + Properties *HuntRelationProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// HuntRelationList - List of all the hunt relations +type HuntRelationList struct { + // REQUIRED; Array of hunt relations + Value []*HuntRelation + + // READ-ONLY; URL to fetch the next set of hunt relations. + NextLink *string +} + +// HuntRelationProperties - Describes hunt relation properties +type HuntRelationProperties struct { + // REQUIRED; The id of the related resource + RelatedResourceID *string + + // List of labels relevant to this hunt + Labels []*string + + // READ-ONLY; The resource that the relation is related to + RelatedResourceKind *string + + // READ-ONLY; The name of the related resource + RelatedResourceName *string + + // READ-ONLY; The type of the hunt relation + RelationType *string +} + +// HuntingBookmark - Represents a Hunting bookmark entity. +type HuntingBookmark struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // HuntingBookmark entity properties + Properties *HuntingBookmarkProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type HuntingBookmark. +func (h *HuntingBookmark) GetEntity() *Entity { + return &Entity{ + ID: h.ID, + Kind: h.Kind, + Name: h.Name, + SystemData: h.SystemData, + Type: h.Type, + } +} + +// HuntingBookmarkProperties - Describes bookmark properties +type HuntingBookmarkProperties struct { + // REQUIRED; The display name of the bookmark + DisplayName *string + + // REQUIRED; The query of the bookmark. + Query *string + + // The time the bookmark was created + Created *time.Time + + // Describes a user that created the bookmark + CreatedBy *UserInfo // The time of the event EventTime *time.Time @@ -3306,12 +4186,12 @@ type HuntingBookmarkProperties struct { // IPEntity - Represents an ip entity. type IPEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // Ip entity properties Properties *IPEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -3354,15 +4234,45 @@ type IPEntityProperties struct { ThreatIntelligence []*ThreatIntelligence } -// Incident - Represents an incident in Azure Security Insights. +// Identity - Represents an identity in Azure Security Insights. +type Identity struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type Identity. +func (i *Identity) GetTIObject() *TIObject { + return &TIObject{ + ID: i.ID, + Kind: i.Kind, + Name: i.Name, + Properties: i.Properties, + SystemData: i.SystemData, + Type: i.Type, + } +} + type Incident struct { // Etag of the azure resource - Etag *string - - // Incident properties + Etag *string Properties *IncidentProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -3389,13 +4299,19 @@ type IncidentAdditionalData struct { // READ-ONLY; The number of comments in the incident CommentsCount *int32 + // READ-ONLY; The incident number of the incident that the current incident was merged into + MergedIncidentNumber *string + + // READ-ONLY; The URL to the incident that the current incident was merged into + MergedIncidentURL *string + // READ-ONLY; The provider incident url to the incident in Microsoft 365 Defender portal ProviderIncidentURL *string // READ-ONLY; The tactics associated with incident Tactics []*AttackTactic - // READ-ONLY; The techniques associated with incident's tactics' + // READ-ONLY; The techniques associated with incident's tactics Techniques []*string } @@ -3419,7 +4335,7 @@ type IncidentComment struct { // Incident comment properties Properties *IncidentCommentProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -3432,12 +4348,11 @@ type IncidentComment struct { Type *string } -// IncidentCommentList - List of incident comments. type IncidentCommentList struct { - // REQUIRED; Array of comments. + // REQUIRED Value []*IncidentComment - // READ-ONLY; URL to fetch the next set of comments. + // READ-ONLY NextLink *string } @@ -3480,7 +4395,7 @@ type IncidentEntitiesResultsMetadata struct { Count *int32 // REQUIRED; The kind of the aggregated entity. - EntityKind *EntityKind + EntityKind *EntityKindEnum } // IncidentInfo - Describes related incident information for the bookmark @@ -3509,7 +4424,7 @@ type IncidentLabel struct { // IncidentList - List all the incidents. type IncidentList struct { - // REQUIRED; Array of incidents. + // REQUIRED Value []*Incident // READ-ONLY; URL to fetch the next set of incidents. @@ -3534,7 +4449,6 @@ type IncidentOwnerInfo struct { UserPrincipalName *string } -// IncidentProperties - Describes incident properties type IncidentProperties struct { // REQUIRED; The severity of the incident Severity *IncidentSeverity @@ -3569,12 +4483,6 @@ type IncidentProperties struct { // Describes a user that the incident is assigned to Owner *IncidentOwnerInfo - // The incident ID assigned by the incident provider - ProviderIncidentID *string - - // The name of the source provider that generated the incident - ProviderName *string - // Describes a team for the incident TeamInformation *TeamInformation @@ -3593,6 +4501,12 @@ type IncidentProperties struct { // READ-ONLY; The last time the incident was updated LastModifiedTimeUTC *time.Time + // READ-ONLY; The incident ID assigned by the incident provider + ProviderIncidentID *string + + // READ-ONLY; The name of the source provider that generated the incident + ProviderName *string + // READ-ONLY; List of resource ids of Analytic rules related to the incident RelatedAnalyticRuleIDs []*string } @@ -3620,6 +4534,99 @@ type IncidentPropertiesAction struct { Status *IncidentStatus } +type IncidentTask struct { + // REQUIRED + Properties *IncidentTaskProperties + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +type IncidentTaskList struct { + NextLink *string + Value []*IncidentTask +} + +type IncidentTaskProperties struct { + // REQUIRED + Status *IncidentTaskStatus + + // REQUIRED; The title of the task + Title *string + + // Information on the client (user or application) that made some action + CreatedBy *ClientInfo + + // The description of the task + Description *string + + // Information on the client (user or application) that made some action + LastModifiedBy *ClientInfo + + // READ-ONLY; The time the task was created + CreatedTimeUTC *time.Time + + // READ-ONLY; The last time the task was updated + LastModifiedTimeUTC *time.Time +} + +// Indicator - Represents an indicator in Azure Security Insights. +type Indicator struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The observables of this indicator + Observables []*IndicatorObservablesItem + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type Indicator. +func (i *Indicator) GetTIObject() *TIObject { + return &TIObject{ + ID: i.ID, + Kind: i.Kind, + Name: i.Name, + Properties: i.Properties, + SystemData: i.SystemData, + Type: i.Type, + } +} + +// IndicatorObservablesItem - An observable of this indicator +type IndicatorObservablesItem struct { + // The type of the observable of this indicator + Type *string + + // The value of the observable of this indicator + Value *string +} + // InsightQueryItem - Represents Insight Query. type InsightQueryItem struct { // REQUIRED; The kind of the entity query @@ -3770,6 +4777,32 @@ type InsightsTableResultColumnsItem struct { Type *string } +// InstructionStep - Instruction steps to enable the connector. +type InstructionStep struct { + // Gets or sets the instruction step description. + Description *string + + // Gets or sets the inner instruction steps details. For Example: instruction step 1 might contain inner instruction steps: + // [instruction step 1.1, instruction step 1.2]. + InnerSteps []*InstructionStep + + // Gets or sets the instruction step details. + Instructions []*InstructionStepDetails + + // Gets or sets the instruction step title. + Title *string +} + +// InstructionStepDetails - Instruction step details, to be displayed in the Instructions steps section in the connector's +// page in Sentinel Portal. +type InstructionStepDetails struct { + // REQUIRED; Gets or sets the instruction type parameters settings. + Parameters any + + // REQUIRED; Gets or sets the instruction type name. + Type *string +} + type InstructionStepsInstructionsItem struct { // REQUIRED; The kind of the setting Type *SettingType @@ -3811,7 +4844,7 @@ type IoTDataConnector struct { // IoT data connector properties. Properties *IoTDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -3848,12 +4881,12 @@ type IoTDataConnectorProperties struct { // IoTDeviceEntity - Represents an IoT device entity. type IoTDeviceEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // IoTDevice entity properties Properties *IoTDeviceEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -3971,40 +5004,192 @@ type IoTDeviceEntityProperties struct { Zone *string } -// MCASCheckRequirements - Represents MCAS (Microsoft Cloud App Security) requirements check request. -type MCASCheckRequirements struct { - // REQUIRED; Describes the kind of connector to be checked. - Kind *DataConnectorKind - - // MCAS (Microsoft Cloud App Security) requirements check properties. - Properties *MCASCheckRequirementsProperties -} - -// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type MCASCheckRequirements. -func (m *MCASCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { - return &DataConnectorsCheckRequirements{ - Kind: m.Kind, - } -} - -// MCASCheckRequirementsProperties - MCAS (Microsoft Cloud App Security) requirements check properties. -type MCASCheckRequirementsProperties struct { - // REQUIRED; The tenant id to connect to, and get the data from. - TenantID *string -} - -// MCASDataConnector - Represents MCAS (Microsoft Cloud App Security) data connector. -type MCASDataConnector struct { - // REQUIRED; The data connector kind - Kind *DataConnectorKind - +// Job - The assignment job +type Job struct { // Etag of the azure resource Etag *string - // MCAS (Microsoft Cloud App Security) data connector properties. - Properties *MCASDataConnectorProperties + // The job object + Properties *JobProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// JobItem - An entity describing the publish status of a content item. +type JobItem struct { + // The list of error descriptions if the item publication fails. + Errors []*Error + + // The resource id of the content item + ResourceID *string + + // READ-ONLY; The time the item publishing was completed + ExecutionTime *time.Time + + // READ-ONLY; Status of the item publication + Status *Status +} + +// JobList - List of all the jobs +type JobList struct { + // REQUIRED; Array of jobs. + Value []*Job + + // READ-ONLY; URL to fetch the next set of jobs. + NextLink *string +} + +// JobProperties - The job properties +type JobProperties struct { + // List of items published by the job + Items []*JobItem + + // READ-ONLY; The time the job completed + EndTime *time.Time + + // READ-ONLY; Message to describe error, if an error exists + ErrorMessage *string + + // READ-ONLY; State of the job + ProvisioningState *ProvisioningState + + // READ-ONLY; The time the job started + StartTime *time.Time +} + +// JwtAuthModel - Model for API authentication with JWT. Simple exchange between user name + password to access token. +type JwtAuthModel struct { + // REQUIRED; The password + Password map[string]*string + + // REQUIRED; Token endpoint to request JWT + TokenEndpoint *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // REQUIRED; The user name. If user name and password sent in header request we only need to populate the value property with + // the user name (Same as basic auth). If user name and password sent in body request we + // need to specify the Key and Value. + UserName map[string]*string + + // The custom headers we want to add once we send request to token endpoint. + Headers map[string]*string + + // Flag indicating whether we want to send the user name and password to token endpoint in the headers. + IsCredentialsInHeaders *bool + + // Flag indicating whether the body request is JSON (header Content-Type = application/json), meaning its a Form URL encoded + // request (header Content-Type = application/x-www-form-urlencoded). + IsJSONRequest *bool + + // The custom query parameter we want to add once we send request to token endpoint. + QueryParameters map[string]*string + + // Request timeout in seconds. + RequestTimeoutInSeconds *int32 +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type JwtAuthModel. +func (j *JwtAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: j.Type, + } +} + +// ListActionsResponse - List all actions for a system to perform. +type ListActionsResponse struct { + // REQUIRED; Array of actions. + Value []ActionClassification + + // The link to fetch the next page of actions. + NextLink *string +} + +// LockUserAction - Represents lock user action. +type LockUserAction struct { + // REQUIRED; The actions kind + Kind *ListActionKind + + // The reason of the failure of the action. Empty if the action is successful. + FailureReason *string + + // The user to lock + User *string +} + +// GetAction implements the ActionClassification interface for type LockUserAction. +func (l *LockUserAction) GetAction() *Action { + return &Action{ + Kind: l.Kind, + } +} + +// Log - Describes a log. +type Log struct { + // REQUIRED; Types of logs and tables. + Type *LogType + + // The bulk size for the log. + BulkSize *int32 + + // The filters for the log. + Filters []*string + + // Types of ingestion. + IngestionType *IngestionType + + // The schedule interval in seconds. + ScheduleInterval *int32 + + // Types of log status. + Status *LogStatusType +} + +// MCASCheckRequirements - Represents MCAS (Microsoft Cloud App Security) requirements check request. +type MCASCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // MCAS (Microsoft Cloud App Security) requirements check properties. + Properties *MCASCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type MCASCheckRequirements. +func (m *MCASCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: m.Kind, + } +} + +// MCASCheckRequirementsProperties - MCAS (Microsoft Cloud App Security) requirements check properties. +type MCASCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// MCASDataConnector - Represents MCAS (Microsoft Cloud App Security) data connector. +type MCASDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // MCAS (Microsoft Cloud App Security) data connector properties. + Properties *MCASDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4080,7 +5265,7 @@ type MDATPDataConnector struct { // MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. Properties *MDATPDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4125,7 +5310,7 @@ type MLBehaviorAnalyticsAlertRule struct { // MLBehaviorAnalytics alert rule properties Properties *MLBehaviorAnalyticsAlertRuleProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4170,6 +5355,9 @@ type MLBehaviorAnalyticsAlertRuleProperties struct { // READ-ONLY; The severity for alerts created by this alert rule. Severity *AlertSeverity + // READ-ONLY; The sub-techniques of the alert rule + SubTechniques []*string + // READ-ONLY; The tactics of the alert rule Tactics []*AttackTactic @@ -4185,7 +5373,7 @@ type MLBehaviorAnalyticsAlertRuleTemplate struct { // MLBehaviorAnalytics alert rule template properties. Properties *MLBehaviorAnalyticsAlertRuleTemplateProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4275,7 +5463,7 @@ type MSTIDataConnector struct { // Microsoft Threat Intelligence data connector properties. Properties *MSTIDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4302,25 +5490,13 @@ func (m *MSTIDataConnector) GetDataConnector() *DataConnector { // MSTIDataConnectorDataTypes - The available data types for Microsoft Threat Intelligence Platforms data connector. type MSTIDataConnectorDataTypes struct { - // REQUIRED; Data type for Microsoft Threat Intelligence Platforms data connector. - BingSafetyPhishingURL *MSTIDataConnectorDataTypesBingSafetyPhishingURL - // REQUIRED; Data type for Microsoft Threat Intelligence Platforms data connector. MicrosoftEmergingThreatFeed *MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed } -// MSTIDataConnectorDataTypesBingSafetyPhishingURL - Data type for Microsoft Threat Intelligence Platforms data connector. -type MSTIDataConnectorDataTypesBingSafetyPhishingURL struct { - // REQUIRED; lookback period - LookbackPeriod *string - - // REQUIRED; Describe whether this data type connection is enabled or not. - State *DataTypeState -} - // MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed - Data type for Microsoft Threat Intelligence Platforms data connector. type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed struct { - // REQUIRED; lookback period + // REQUIRED; The lookback period for the feed to be imported. LookbackPeriod *string // REQUIRED; Describe whether this data type connection is enabled or not. @@ -4353,7 +5529,7 @@ type MTPDataConnector struct { // MTP (Microsoft Threat Protection) data connector properties. Properties *MTPDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4380,11 +5556,20 @@ func (m *MTPDataConnector) GetDataConnector() *DataConnector { // MTPDataConnectorDataTypes - The available data types for Microsoft Threat Protection Platforms data connector. type MTPDataConnectorDataTypes struct { - // REQUIRED; Data type for Microsoft Threat Protection Platforms data connector. + // REQUIRED; Incidents data type for Microsoft Threat Protection Platforms data connector. Incidents *MTPDataConnectorDataTypesIncidents + + // Alerts data type for Microsoft Threat Protection Platforms data connector. + Alerts *MTPDataConnectorDataTypesAlerts +} + +// MTPDataConnectorDataTypesAlerts - Alerts data type for Microsoft Threat Protection Platforms data connector. +type MTPDataConnectorDataTypesAlerts struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState } -// MTPDataConnectorDataTypesIncidents - Data type for Microsoft Threat Protection Platforms data connector. +// MTPDataConnectorDataTypesIncidents - Incidents data type for Microsoft Threat Protection Platforms data connector. type MTPDataConnectorDataTypesIncidents struct { // REQUIRED; Describe whether this data type connection is enabled or not. State *DataTypeState @@ -4397,17 +5582,20 @@ type MTPDataConnectorProperties struct { // REQUIRED; The tenant id to connect to, and get the data from. TenantID *string + + // The available filtered providers for the connector. + FilteredProviders *MtpFilteredProviders } // MailClusterEntity - Represents a mail cluster entity. type MailClusterEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // Mail cluster entity properties Properties *MailClusterEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4489,12 +5677,12 @@ type MailClusterEntityProperties struct { // MailMessageEntity - Represents a mail message entity. type MailMessageEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // Mail message entity properties Properties *MailMessageEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4607,12 +5795,12 @@ type MailMessageEntityProperties struct { // MailboxEntity - Represents a mailbox entity. type MailboxEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // Mailbox entity properties Properties *MailboxEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4662,12 +5850,12 @@ type MailboxEntityProperties struct { // MalwareEntity - Represents a malware entity. type MalwareEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // File entity properties Properties *MalwareEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4782,7 +5970,7 @@ type MetadataModel struct { // Metadata properties Properties *MetadataProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4803,7 +5991,7 @@ type MetadataPatch struct { // Metadata patch request body Properties *MetadataPropertiesPatch - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -4819,7 +6007,7 @@ type MetadataPatch struct { // MetadataProperties - Metadata property bag. type MetadataProperties struct { // REQUIRED; The kind of content the metadata is for. - Kind *Kind + Kind *string // REQUIRED; Full parent resource ID of the content item the metadata is for. This is the full resource ID including the scope // (subscription and resource group) @@ -4915,7 +6103,7 @@ type MetadataPropertiesPatch struct { Icon *string // The kind of content the metadata is for. - Kind *Kind + Kind *string // last publish date for the solution content item LastPublishDate *time.Time @@ -4978,6 +6166,89 @@ type MetadataSupport struct { Name *string } +// MicrosoftPurviewInformationProtectionCheckRequirements - Represents MicrosoftPurviewInformationProtection requirements +// check request. +type MicrosoftPurviewInformationProtectionCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // MicrosoftPurviewInformationProtection requirements check properties. + Properties *MicrosoftPurviewInformationProtectionCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type MicrosoftPurviewInformationProtectionCheckRequirements. +func (m *MicrosoftPurviewInformationProtectionCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: m.Kind, + } +} + +// MicrosoftPurviewInformationProtectionCheckRequirementsProperties - MicrosoftPurviewInformationProtection requirements check +// properties. +type MicrosoftPurviewInformationProtectionCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// MicrosoftPurviewInformationProtectionConnectorDataTypes - The available data types for Microsoft Purview Information Protection +// data connector. +type MicrosoftPurviewInformationProtectionConnectorDataTypes struct { + // REQUIRED; Logs data type. + Logs *MicrosoftPurviewInformationProtectionConnectorDataTypesLogs +} + +// MicrosoftPurviewInformationProtectionConnectorDataTypesLogs - Logs data type. +type MicrosoftPurviewInformationProtectionConnectorDataTypesLogs struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// MicrosoftPurviewInformationProtectionDataConnector - Represents Microsoft Purview Information Protection data connector. +type MicrosoftPurviewInformationProtectionDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // Microsoft Purview Information Protection data connector properties. + Properties *MicrosoftPurviewInformationProtectionDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type MicrosoftPurviewInformationProtectionDataConnector. +func (m *MicrosoftPurviewInformationProtectionDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: m.Etag, + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MicrosoftPurviewInformationProtectionDataConnectorProperties - Microsoft Purview Information Protection data connector +// properties. +type MicrosoftPurviewInformationProtectionDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *MicrosoftPurviewInformationProtectionConnectorDataTypes + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + // MicrosoftSecurityIncidentCreationAlertRule - Represents MicrosoftSecurityIncidentCreation rule. type MicrosoftSecurityIncidentCreationAlertRule struct { // REQUIRED; The kind of the alert rule @@ -4989,7 +6260,7 @@ type MicrosoftSecurityIncidentCreationAlertRule struct { // MicrosoftSecurityIncidentCreation rule properties Properties *MicrosoftSecurityIncidentCreationAlertRuleProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5052,7 +6323,7 @@ type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct { // MicrosoftSecurityIncidentCreation rule template properties Properties *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5128,15 +6399,22 @@ func (m *MtpCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnect } } +// MtpFilteredProviders - Represents the connector's Filtered providers +type MtpFilteredProviders struct { + // REQUIRED; Alerts filtered providers. When filters are not applied, all alerts will stream through the MTP pipeline, still + // in private preview for all products EXCEPT MDA and MDI, which are in GA state. + Alerts []*MtpProvider +} + // NicEntity - Represents an network interface entity. type NicEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // Network interface entity properties Properties *NicEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5179,6 +6457,19 @@ type NicEntityProperties struct { Vlans []*string } +// NoneAuthModel - Model for API authentication with no authentication method - public API. +type NoneAuthModel struct { + // REQUIRED; The auth type + Type *CcpAuthType +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type NoneAuthModel. +func (n *NoneAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: n.Type, + } +} + // NrtAlertRule - Represents NRT alert rule. type NrtAlertRule struct { // REQUIRED; The kind of the alert rule @@ -5190,7 +6481,7 @@ type NrtAlertRule struct { // NRT alert rule properties Properties *NrtAlertRuleProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5256,6 +6547,12 @@ type NrtAlertRuleProperties struct { // The settings of the incidents that created from alerts triggered by this analytics rule IncidentConfiguration *IncidentConfiguration + // Array of the sentinel entity mappings of the alert rule + SentinelEntitiesMappings []*SentinelEntityMapping + + // The sub-techniques of the alert rule + SubTechniques []*string + // The tactics of the alert rule Tactics []*AttackTactic @@ -5277,7 +6574,7 @@ type NrtAlertRuleTemplate struct { // NRT alert rule template properties Properties *NrtAlertRuleTemplateProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5330,6 +6627,9 @@ type NrtAlertRuleTemplateProperties struct { // The required data sources for this template RequiredDataConnectors []*AlertRuleTemplateDataSource + // Array of the sentinel entity mappings of the alert rule + SentinelEntitiesMappings []*SentinelEntityMapping + // The severity for alerts created by this alert rule. Severity *AlertSeverity @@ -5352,6 +6652,64 @@ type NrtAlertRuleTemplateProperties struct { LastUpdatedDateUTC *time.Time } +// OAuthModel - Model for API authentication with OAuth2. +type OAuthModel struct { + // REQUIRED; The Application (client) ID that the OAuth provider assigned to your app. + ClientID *string + + // REQUIRED; The Application (client) secret that the OAuth provider assigned to your app. + ClientSecret *string + + // REQUIRED; The grant type, usually will be 'authorization code'. + GrantType *string + + // REQUIRED; The token endpoint. Defines the OAuth2 refresh token. + TokenEndpoint *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // Access token prepend. Default is 'Bearer'. + AccessTokenPrepend *string + + // The user's authorization code. + AuthorizationCode *string + + // The authorization endpoint. + AuthorizationEndpoint *string + + // The authorization endpoint headers. + AuthorizationEndpointHeaders map[string]*string + + // The authorization endpoint query parameters. + AuthorizationEndpointQueryParameters map[string]*string + + // Indicating whether we want to send the clientId and clientSecret to token endpoint in the headers. + IsCredentialsInHeaders *bool + + // A value indicating whether it's a JWT flow. + IsJwtBearerFlow *bool + + // The Application redirect url that the user config in the OAuth provider. + RedirectURI *string + + // The Application (client) Scope that the OAuth provider assigned to your app. + Scope *string + + // The token endpoint headers. + TokenEndpointHeaders map[string]*string + + // The token endpoint query parameters. + TokenEndpointQueryParameters map[string]*string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type OAuthModel. +func (o *OAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: o.Type, + } +} + // Office365ProjectCheckRequirements - Represents Office365 Project requirements check request. type Office365ProjectCheckRequirements struct { // REQUIRED; Describes the kind of connector to be checked. @@ -5397,7 +6755,7 @@ type Office365ProjectDataConnector struct { // Office Microsoft Project data connector properties. Properties *Office365ProjectDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5464,7 +6822,7 @@ type OfficeATPDataConnector struct { // OfficeATP (Office 365 Advanced Threat Protection) data connector properties. Properties *OfficeATPDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5503,7 +6861,7 @@ type OfficeConsent struct { // Office consent properties Properties *OfficeConsentProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5545,7 +6903,7 @@ type OfficeDataConnector struct { // Office data connector properties. Properties *OfficeDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5642,7 +7000,7 @@ type OfficeIRMDataConnector struct { // OfficeIRM (Microsoft Insider Risk Management) data connector properties. Properties *OfficeIRMDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5721,7 +7079,7 @@ type OfficePowerBIDataConnector struct { // Office Microsoft PowerBI data connector properties. Properties *OfficePowerBIDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5794,57 +7152,49 @@ type OperationsList struct { NextLink *string } -// Permissions required for the connector -type Permissions struct { - // Customs permissions required for the connector - Customs []*PermissionsCustomsItem - - // Resource provider permissions required for the connector - ResourceProvider []*PermissionsResourceProviderItem -} - -type PermissionsCustomsItem struct { - // Customs permissions description - Description *string - - // Customs permissions name - Name *string -} +// OracleAuthModel - Model for API authentication for Oracle. +type OracleAuthModel struct { + // REQUIRED; Content of the PRM file + PemFile *string -type PermissionsResourceProviderItem struct { - // Permission description text - PermissionsDisplayText *string + // REQUIRED; Public Fingerprint + PublicFingerprint *string - // Provider name - Provider *ProviderName + // REQUIRED; Oracle tenant ID + TenantID *string - // Permission provider display name - ProviderDisplayName *string + // REQUIRED; The auth type + Type *CcpAuthType - // Required permissions for the connector - RequiredPermissions *RequiredPermissions + // REQUIRED; Oracle user ID + UserID *string +} - // Permission provider scope - Scope *PermissionProviderScope +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type OracleAuthModel. +func (o *OracleAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: o.Type, + } } -type PlaybookActionProperties struct { - // The resource id of the playbook resource. - LogicAppResourceID *string +// PackageList - List available packages. +type PackageList struct { + // REQUIRED; Array of packages. + Value []*PackageModel - // The tenant id of the playbook resource. - TenantID *string + // READ-ONLY; URL to fetch the next set of packages. + NextLink *string } -// ProcessEntity - Represents a process entity. -type ProcessEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKind +// PackageModel - Represents a Package in Azure Security Insights. +type PackageModel struct { + // Etag of the azure resource + Etag *string - // Process entity properties - Properties *ProcessEntityProperties + // package properties + Properties *PackageProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -5857,14 +7207,149 @@ type ProcessEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type ProcessEntity. -func (p *ProcessEntity) GetEntity() *Entity { - return &Entity{ - ID: p.ID, - Kind: p.Kind, - Name: p.Name, - SystemData: p.SystemData, - Type: p.Type, +// PackageProperties - Describes package properties +type PackageProperties struct { + // The author of the package + Author *MetadataAuthor + + // The categories of the package + Categories *MetadataCategories + + // The content id of the package + ContentID *string + + // The package kind + ContentKind *PackageKind + + // Unique ID for the content. It should be generated based on the contentId, contentKind and the contentVersion of the package + ContentProductID *string + + // The version of the content schema. + ContentSchemaVersion *string + + // The support tier of the package + Dependencies *MetadataDependencies + + // The description of the package + Description *string + + // The display name of the package + DisplayName *string + + // first publish date package item + FirstPublishDate *time.Time + + // the icon identifier. this id can later be fetched from the content metadata + Icon *string + + // Flag indicates if this template is deprecated + IsDeprecated *Flag + + // Flag indicates if this package is among the featured list. + IsFeatured *Flag + + // Flag indicates if this is a newly published package. + IsNew *Flag + + // Flag indicates if this package is in preview. + IsPreview *Flag + + // last publish date for the package item + LastPublishDate *time.Time + + // Providers for the package item + Providers []*string + + // The publisher display name of the package + PublisherDisplayName *string + + // The source of the package + Source *MetadataSource + + // The support tier of the package + Support *MetadataSupport + + // the tactics the resource covers + ThreatAnalysisTactics []*string + + // the techniques the resource covers, these have to be aligned with the tactics being used + ThreatAnalysisTechniques []*string + + // the latest version number of the package + Version *string +} + +// Permissions required for the connector +type Permissions struct { + // Customs permissions required for the connector + Customs []*PermissionsCustomsItem + + // Resource provider permissions required for the connector + ResourceProvider []*PermissionsResourceProviderItem +} + +type PermissionsCustomsItem struct { + // Customs permissions description + Description *string + + // Customs permissions name + Name *string +} + +type PermissionsResourceProviderItem struct { + // Permission description text + PermissionsDisplayText *string + + // Provider name + Provider *ProviderName + + // Permission provider display name + ProviderDisplayName *string + + // Required permissions for the connector + RequiredPermissions *RequiredPermissions + + // Permission provider scope + Scope *PermissionProviderScope +} + +type PlaybookActionProperties struct { + // REQUIRED; The resource id of the playbook resource. + LogicAppResourceID *string + + // The tenant id of the playbook resource. + TenantID *string +} + +// ProcessEntity - Represents a process entity. +type ProcessEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // Process entity properties + Properties *ProcessEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type ProcessEntity. +func (p *ProcessEntity) GetEntity() *Entity { + return &Entity{ + ID: p.ID, + Kind: p.Kind, + Name: p.Name, + SystemData: p.SystemData, + Type: p.Type, } } @@ -5905,6 +7390,237 @@ type ProcessEntityProperties struct { ProcessID *string } +// ProductPackageList - List available packages. +type ProductPackageList struct { + // REQUIRED; Array of packages. + Value []*ProductPackageModel + + // READ-ONLY; URL to fetch the next set of packages. + NextLink *string +} + +// ProductPackageModel - Represents a Package in Azure Security Insights. +type ProductPackageModel struct { + // Etag of the azure resource + Etag *string + + // package properties + Properties *ProductPackageProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// ProductPackageProperties - Describes package properties +type ProductPackageProperties struct { + // The author of the package + Author *MetadataAuthor + + // The categories of the package + Categories *MetadataCategories + + // The content id of the package + ContentID *string + + // The package kind + ContentKind *PackageKind + + // Unique ID for the content. It should be generated based on the contentId, contentKind and the contentVersion of the package + ContentProductID *string + + // The version of the content schema. + ContentSchemaVersion *string + + // The support tier of the package + Dependencies *MetadataDependencies + + // The description of the package + Description *string + + // The display name of the package + DisplayName *string + + // first publish date package item + FirstPublishDate *time.Time + + // the icon identifier. this id can later be fetched from the content metadata + Icon *string + + // The version of the installed package, null or absent means not installed. + InstalledVersion *string + + // Flag indicates if this template is deprecated + IsDeprecated *Flag + + // Flag indicates if this package is among the featured list. + IsFeatured *Flag + + // Flag indicates if this is a newly published package. + IsNew *Flag + + // Flag indicates if this package is in preview. + IsPreview *Flag + + // last publish date for the package item + LastPublishDate *time.Time + + // The metadata resource id. + MetadataResourceID *string + + // The json of the ARM template to deploy. Expandable. + PackagedContent any + + // Providers for the package item + Providers []*string + + // The publisher display name of the package + PublisherDisplayName *string + + // The source of the package + Source *MetadataSource + + // The support tier of the package + Support *MetadataSupport + + // the tactics the resource covers + ThreatAnalysisTactics []*string + + // the techniques the resource covers, these have to be aligned with the tactics being used + ThreatAnalysisTechniques []*string + + // the latest version number of the package + Version *string +} + +// ProductTemplateList - List of all the template. +type ProductTemplateList struct { + // REQUIRED; Array of templates. + Value []*ProductTemplateModel + + // READ-ONLY; URL to fetch the next page of template. + NextLink *string +} + +// ProductTemplateModel - Template resource definition. +type ProductTemplateModel struct { + // Etag of the azure resource + Etag *string + + // template properties + Properties *ProductTemplateProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// ProductTemplateProperties - Template property bag. +type ProductTemplateProperties struct { + // The creator of the content item. + Author *MetadataAuthor + + // Categories for the item + Categories *MetadataCategories + + // Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for + // out of the box content and solutions. Dynamic for user-created. This is the + // resource name + ContentID *string + + // The kind of content the template is for. + ContentKind *Kind + + // Unique ID for the content. It should be generated based on the contentId of the package, contentId of the template, contentKind + // of the template and the contentVersion of the template + ContentProductID *string + + // Schema version of the content. Can be used to distinguish between different flow based on the schema version + ContentSchemaVersion *string + + // The custom version of the content. A optional free text + CustomVersion *string + + // Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies + // using a recursive/nested structure. For a single dependency an id/kind/version + // can be supplied or operator/criteria for complex formats. + Dependencies *MetadataDependencies + + // The display name of the template + DisplayName *string + + // first publish date content item + FirstPublishDate *time.Time + + // the icon identifier. this id can later be fetched from the content metadata + Icon *string + + // last publish date for the content item + LastPublishDate *time.Time + + // the package Id contains this template + PackageID *string + + // the packageKind of the package contains this template + PackageKind *PackageKind + + // the name of the package contains this template + PackageName *string + + // Version of the package. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM metadata + // best practices. Can also be any string, but then we cannot guarantee any version + // checks + PackageVersion *string + + // The json of the ARM template to deploy + PackagedContent any + + // preview image file names. These will be taken from the solution artifacts + PreviewImages []*string + + // preview image file names. These will be taken from the solution artifacts. used for dark theme support + PreviewImagesDark []*string + + // Providers for the content item + Providers []*string + + // Source of the content. This is where/how it was created. + Source *MetadataSource + + // Support information for the template - type, name, contact information + Support *MetadataSupport + + // the tactics the resource covers + ThreatAnalysisTactics []*string + + // the techniques the resource covers, these have to be aligned with the tactics being used + ThreatAnalysisTechniques []*string + + // Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM metadata + // best practices. Can also be any string, but then we cannot guarantee any version + // checks + Version *string + + // READ-ONLY; Flag indicates if this template is deprecated + IsDeprecated *Flag +} + // PropertyArrayChangedConditionProperties - Describes an automation rule condition that evaluates an array property's value // change type PropertyArrayChangedConditionProperties struct { @@ -5920,57 +7636,339 @@ func (p *PropertyArrayChangedConditionProperties) GetAutomationRuleCondition() * } } -// PropertyArrayConditionProperties - Describes an automation rule condition that evaluates an array property's value -type PropertyArrayConditionProperties struct { - // REQUIRED - ConditionType *ConditionType - ConditionProperties *AutomationRulePropertyArrayValuesCondition -} +// PropertyArrayConditionProperties - Describes an automation rule condition that evaluates an array property's value +type PropertyArrayConditionProperties struct { + // REQUIRED + ConditionType *ConditionType + ConditionProperties *AutomationRulePropertyArrayValuesCondition +} + +// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyArrayConditionProperties. +func (p *PropertyArrayConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { + return &AutomationRuleCondition{ + ConditionType: p.ConditionType, + } +} + +// PropertyChangedConditionProperties - Describes an automation rule condition that evaluates a property's value change +type PropertyChangedConditionProperties struct { + // REQUIRED + ConditionType *ConditionType + ConditionProperties *AutomationRulePropertyValuesChangedCondition +} + +// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyChangedConditionProperties. +func (p *PropertyChangedConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { + return &AutomationRuleCondition{ + ConditionType: p.ConditionType, + } +} + +// PropertyConditionProperties - Describes an automation rule condition that evaluates a property's value +type PropertyConditionProperties struct { + // REQUIRED + ConditionType *ConditionType + ConditionProperties *AutomationRulePropertyValuesCondition +} + +// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyConditionProperties. +func (p *PropertyConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { + return &AutomationRuleCondition{ + ConditionType: p.ConditionType, + } +} + +// PullRequest - Information regarding pull request for protected branches. +type PullRequest struct { + // READ-ONLY; State of the pull request + State *State + + // READ-ONLY; URL of pull request + URL *string +} + +// PurviewAuditCheckRequirements - Represents PurviewAudit requirements check request. +type PurviewAuditCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // PurviewAudit requirements check properties. + Properties *PurviewAuditCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type PurviewAuditCheckRequirements. +func (p *PurviewAuditCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: p.Kind, + } +} + +// PurviewAuditCheckRequirementsProperties - PurviewAudit requirements check properties. +type PurviewAuditCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// PurviewAuditConnectorDataTypes - The available data types for PurviewAudit data connector. +type PurviewAuditConnectorDataTypes struct { + // REQUIRED; Logs data type. + Logs *PurviewAuditConnectorDataTypesLogs +} + +// PurviewAuditConnectorDataTypesLogs - Logs data type. +type PurviewAuditConnectorDataTypesLogs struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// PurviewAuditDataConnector - Represents PurviewAudit data connector. +type PurviewAuditDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // PurviewAudit data connector properties. + Properties *PurviewAuditDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type PurviewAuditDataConnector. +func (p *PurviewAuditDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: p.Etag, + ID: p.ID, + Kind: p.Kind, + Name: p.Name, + SystemData: p.SystemData, + Type: p.Type, + } +} + +// PurviewAuditDataConnectorProperties - PurviewAudit data connector properties. +type PurviewAuditDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *PurviewAuditConnectorDataTypes + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string + + // The connector definition name (the dataConnectorDefinition resource id). + ConnectorDefinitionName *string + + // The DCR related properties. + DcrConfig *DCRConfiguration + + // The source type indicates which kind of data is relevant for this connector. + SourceType *string +} + +// Query - Represents a query to run on the TI objects in the workspace. +type Query struct { + // Represents a condition used to query for TI objects. + Condition *QueryCondition + + // Represents the maximum size of the page that will be returned from the query API. + MaxPageSize *int32 + + // Represents the minimum size of the page that will be returned from the query API. + MinPageSize *int32 + + // Specifies how to sort the query results. + SortBy *QuerySortBy +} + +// QueryCondition - Represents a condition used to query for TI objects. +type QueryCondition struct { + // REQUIRED; The list of clauses to be evaluated in disjunction or conjunction base on the specified top level connective + // operator. + Clauses []*ConditionClause + + // The top level connective operator for this condition. + ConditionConnective *Connective + + // The STIX type for the objects returned by this query. + StixObjectType *string +} + +// QueryProperties - Describes the query properties +type QueryProperties struct { + // Represents a condition used to query for TI objects. + Condition *ConditionProperties +} + +// QuerySortBy - Specifies how to sort the query results. +type QuerySortBy struct { + // The direction to sort the results by. + Direction *SortingDirection + + // Represents the field to sort the results by. + Field *string +} + +// RFCConnector - Describes the Rfc connector. +type RFCConnector struct { + // REQUIRED; Client number of the ABAP server. Example - 001 + Client *string + + // REQUIRED; System ID of the ABAP server. Example - A4H + SystemID *string + + // REQUIRED; System number of the ABAP server. + SystemNumber *string + + // REQUIRED; Represents the types of SAP systems. + Type *SystemConfigurationConnectorType + + // FQDN, hostname, or IP address of the ABAP server. + AbapServerHost *string + + // The authentication type to SAP. + AuthenticationType *SapAuthenticationType + + // The SAP code page used for character encoding. Example - 1100 + CodePage *string + + // Logon group of the message server. + Group *string + + // FQDN, hostname, or IP address of the Message server. + MessageServerHost *string + + // Port number, or service name (from /etc/services) of the message server. + MessageServerService *string + + // SNC QOP. Options are 1, 2, 3, 8, 9. + SncQop *string +} + +// GetSystemsConfigurationConnector implements the SystemsConfigurationConnectorClassification interface for type RFCConnector. +func (r *RFCConnector) GetSystemsConfigurationConnector() *SystemsConfigurationConnector { + return &SystemsConfigurationConnector{ + Type: r.Type, + } +} + +// Recommendation object. +type Recommendation struct { + // Etag of the azure resource + Etag *string + + // Recommendation properties object. + Properties *RecommendationProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// RecommendationList - A list of recommendations +type RecommendationList struct { + // REQUIRED; An list of recommendations + Value []*Recommendation + + // READ-ONLY; Link to next page of resources. + NextLink *string +} + +// RecommendationPatch - Recommendation Fields to update. +type RecommendationPatch struct { + // Recommendation Fields Properties to update. + Properties *RecommendationPatchProperties +} + +// RecommendationPatchProperties - Recommendation Fields Properties to update. +type RecommendationPatchProperties struct { + // State of the recommendation. + State *State +} + +// RecommendationProperties - Recommendation properties object. +type RecommendationProperties struct { + // REQUIRED; The time stamp (UTC) when the recommendation was created. + CreationTimeUTC *time.Time + + // REQUIRED; Description of the recommendation. + Description *string + + // REQUIRED; The time stamp (UTC) when the recommendation was last evaluated. + LastEvaluatedTimeUTC *time.Time + + // REQUIRED; The time stamp (UTC) when the recommendation was last modified. + LastModifiedTimeUTC *time.Time + + // REQUIRED; Id of the recommendation type. + RecommendationTypeID *string + + // REQUIRED; State of the recommendation. + State *State + + // REQUIRED; List of suggestions to take for this recommendation. + Suggestions []*RecommendedSuggestion + + // REQUIRED; Title of the recommendation. + Title *string + + // Collection of additional properties for the recommendation. + AdditionalProperties map[string]*string -// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyArrayConditionProperties. -func (p *PropertyArrayConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { - return &AutomationRuleCondition{ - ConditionType: p.ConditionType, - } + // Id of the resource this recommendation refers to. + ResourceID *string } -// PropertyChangedConditionProperties - Describes an automation rule condition that evaluates a property's value change -type PropertyChangedConditionProperties struct { - // REQUIRED - ConditionType *ConditionType - ConditionProperties *AutomationRulePropertyValuesChangedCondition -} +// RecommendedSuggestion - What suggestions should be taken to complete the recommendation. +type RecommendedSuggestion struct { + // REQUIRED; Action of the suggestion. + Action *string -// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyChangedConditionProperties. -func (p *PropertyChangedConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { - return &AutomationRuleCondition{ - ConditionType: p.ConditionType, - } -} + // REQUIRED; Description of the suggestion. + Description *string -// PropertyConditionProperties - Describes an automation rule condition that evaluates a property's value -type PropertyConditionProperties struct { - // REQUIRED - ConditionType *ConditionType - ConditionProperties *AutomationRulePropertyValuesCondition + // REQUIRED; Id of the suggestion type. + SuggestionTypeID *string + + // REQUIRED; Title of the suggestion. + Title *string + + // Collection of additional properties for the suggestion. + AdditionalProperties map[string]*string } -// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyConditionProperties. -func (p *PropertyConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { - return &AutomationRuleCondition{ - ConditionType: p.ConditionType, - } +// ReevaluateResponse - Reevaluate response object. +type ReevaluateResponse struct { + // The time stamp (UTC) when the recommendation was last evaluated. + LastEvaluatedTimeUTC *time.Time } // RegistryKeyEntity - Represents a registry key entity. type RegistryKeyEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // RegistryKey entity properties Properties *RegistryKeyEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6013,12 +8011,12 @@ type RegistryKeyEntityProperties struct { // RegistryValueEntity - Represents a registry value entity. type RegistryValueEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // RegistryKey entity properties Properties *RegistryValueEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6073,7 +8071,7 @@ type Relation struct { // Relation properties Properties *RelationProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6110,6 +8108,45 @@ type RelationProperties struct { RelatedResourceType *string } +// Relationship - Represents a relationship in Azure Security Insights. +type Relationship struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type Relationship. +func (r *Relationship) GetTIObject() *TIObject { + return &TIObject{ + ID: r.ID, + Kind: r.Kind, + Name: r.Name, + Properties: r.Properties, + SystemData: r.SystemData, + Type: r.Type, + } +} + +// RelationshipHint - An object used to help follow relationships from this object to other STIX objects. +type RelationshipHint struct { + FieldName *string + Source *string +} + // Repo - Represents a repository. type Repo struct { // Array of branches. @@ -6118,6 +8155,9 @@ type Repo struct { // The name of the repository. FullName *string + // The installation id of the repository. + InstallationID *int64 + // The url to access the repository. URL *string } @@ -6131,34 +8171,76 @@ type RepoList struct { NextLink *string } +// ReportActionStatusPayload - Report the status of an action that was performed by the agent +type ReportActionStatusPayload struct { + // The action ID to perform + ActionID *string + + // The status of the action that was performed by the agent + ActionStatus *string + + // The reason of the failure of the action. Empty if the action is successful. + FailureReason *string +} + // Repository - metadata of a repository. type Repository struct { - // Branch name of repository. + // REQUIRED; Branch name of repository. Branch *string - // Url to access repository action logs. - DeploymentLogsURL *string + // REQUIRED; Url of repository. + URL *string // Display url of repository. DisplayURL *string - // Dictionary of source control content type and path mapping. - PathMapping []*ContentPathMap + // READ-ONLY; Url to access repository action logs. + DeploymentLogsURL *string +} + +// RepositoryAccess - Credentials to access repository. +type RepositoryAccess struct { + // REQUIRED; The kind of repository access credentials + Kind *RepositoryAccessKind - // Url of repository. - URL *string + // OAuth ClientId. Required when kind is OAuth + ClientID *string + + // OAuth Code. Required when kind is OAuth + Code *string + + // Application installation ID. Required when kind is App. Supported by GitHub only. + InstallationID *string + + // OAuth State. Required when kind is OAuth + State *string + + // Personal Access Token. Required when kind is PAT + Token *string +} + +// RepositoryAccessObject - Credentials to access repository. +type RepositoryAccessObject struct { + // REQUIRED; RepositoryAccess properties + RepositoryAccess *RepositoryAccess +} + +// RepositoryAccessProperties - Credentials to access repository. +type RepositoryAccessProperties struct { + // REQUIRED; RepositoryAccess properties + Properties *RepositoryAccessObject } // RepositoryResourceInfo - Resources created in user's repository for the source-control. type RepositoryResourceInfo struct { - // Resources created in Azure DevOps for this source-control. + // The webhook object created for the source-control. + Webhook *Webhook + + // READ-ONLY; Resources created in Azure DevOps for this source-control. AzureDevOpsResourceInfo *AzureDevOpsResourceInfo - // Resources created in GitHub for this source-control. + // READ-ONLY; Resources created in GitHub for this source-control. GitHubResourceInfo *GitHubResourceInfo - - // The webhook object created for the source-control. - Webhook *Webhook } // RequiredPermissions - Required permissions for the connector @@ -6176,6 +8258,278 @@ type RequiredPermissions struct { Write *bool } +// ResourceProviderRequiredPermissions - Required permissions for the connector resource provider that define in ResourceProviders. +// For more information about the permissions see here. +type ResourceProviderRequiredPermissions struct { + // Gets or sets a value indicating whether the permission is custom actions (POST). + Action *bool + + // Gets or sets a value indicating whether the permission is delete action (DELETE). + Delete *bool + + // Gets or sets a value indicating whether the permission is read action (GET). + Read *bool + + // Gets or sets a value indicating whether the permission is write action (PUT or PATCH). + Write *bool +} + +// RestAPIPollerDataConnector - Represents Rest Api Poller data connector. +type RestAPIPollerDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // Rest Api Poller data connector properties. + Properties *RestAPIPollerDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type RestAPIPollerDataConnector. +func (r *RestAPIPollerDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: r.Etag, + ID: r.ID, + Kind: r.Kind, + Name: r.Name, + SystemData: r.SystemData, + Type: r.Type, + } +} + +// RestAPIPollerDataConnectorProperties - Rest Api Poller data connector properties. +type RestAPIPollerDataConnectorProperties struct { + // REQUIRED; The a authentication model. + Auth CcpAuthConfigClassification + + // REQUIRED; The connector definition name (the dataConnectorDefinition resource id). + ConnectorDefinitionName *string + + // REQUIRED; The request configuration. + Request *RestAPIPollerRequestConfig + + // The add on attributes. The key name will become attribute name (a column) and the value will become the attribute value + // in the payload. + AddOnAttributes map[string]*string + + // The Log Analytics table destination. + DataType *string + + // The DCR related properties. + DcrConfig *DCRConfiguration + + // Indicates whether the connector is active or not. + IsActive *bool + + // The paging configuration. + Paging *RestAPIPollerRequestPagingConfig + + // The response configuration. + Response *CcpResponseConfig +} + +// RestAPIPollerRequestConfig - The request configuration. +type RestAPIPollerRequestConfig struct { + // REQUIRED; The API endpoint. + APIEndpoint *string + + // The query parameter name which the remote server expect to end query. This property goes hand to hand with startTimeAttributeName + EndTimeAttributeName *string + + // The HTTP method, default value GET. + HTTPMethod *HTTPMethodVerb + + // The header for the request for the remote server. + Headers map[string]*string + + // Flag to indicate if HTTP POST payload is in JSON format (vs form-urlencoded). + IsPostPayloadJSON *bool + + // The HTTP query parameters to RESTful API. + QueryParameters map[string]any + + // the query parameters template. Defines the query parameters template to use when passing query parameters in advanced scenarios. + QueryParametersTemplate *string + + // The query time format. A remote server can have a query to pull data from range 'start' to 'end'. This property indicate + // what is the expected time format the remote server know to parse. + QueryTimeFormat *string + + // The query parameter name which we need to send the server for query logs in time interval. Should be defined with queryTimeIntervalPrepend + // and queryTimeIntervalDelimiter + QueryTimeIntervalAttributeName *string + + // The delimiter string between 2 QueryTimeFormat in the query parameter queryTimeIntervalAttributeName. + QueryTimeIntervalDelimiter *string + + // The string prepend to the value of the query parameter in queryTimeIntervalAttributeName. + QueryTimeIntervalPrepend *string + + // The query window in minutes for the request. + QueryWindowInMin *int32 + + // The Rate limit queries per second for the request.. + RateLimitQPS *int32 + + // The retry count. + RetryCount *int32 + + // The query parameter name which the remote server expect to start query. This property goes hand to hand with endTimeAttributeName. + StartTimeAttributeName *string + + // The timeout in seconds. + TimeoutInSeconds *int32 +} + +// RestAPIPollerRequestPagingConfig - The request paging configuration. +type RestAPIPollerRequestPagingConfig struct { + // REQUIRED; Type of paging + PagingType *RestAPIPollerRequestPagingKind + + // Page size + PageSize *int32 + + // Page size parameter name + PageSizeParameterName *string +} + +// SapAgentConfiguration - Describes the configuration of a SAP Docker agent. +type SapAgentConfiguration struct { + // REQUIRED; Type of the agent + Type *AgentType + + // The name of the docker agent. only letters with numbers, underscores and hyphens are allowed example: "my-agent" + AgentContainerName *string + + // The key mode of the agent. ManagedIdentity|ApplicationIdentity are the options + KeyVaultAuthenticationMode *KeyVaultAuthenticationMode + + // The key vault resource id to access the key vault. example: "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.KeyVault/vaults/myVault" + KeyVaultResourceID *string + + // The SDK path (a file not a folder) on the agent machine. example: "/path/to/nwrfc750P_8-70002755.zip" + SdkPath *string + + // The secret source of the agent. AzureKeyVault is the option + SecretSource *SecretSource + + // The SNC path (a folder not a file) on the agent machine. example: "/path/to/snc" + SncPath *string +} + +// GetAgentConfiguration implements the AgentConfigurationClassification interface for type SapAgentConfiguration. +func (s *SapAgentConfiguration) GetAgentConfiguration() *AgentConfiguration { + return &AgentConfiguration{ + Type: s.Type, + } +} + +// SapControlConnector - Describes the SapControl connector configuration. +type SapControlConnector struct { + // REQUIRED; The instance number. Only 2 digits are allowed. + Instance *string + + // REQUIRED; The server name. FQDN or IP address. + Server *string + + // REQUIRED; Represents the types of SAP systems. + Type *SystemConfigurationConnectorType + + // Represents the types of HTTPS configuration to connect to the SapControl service. + HTTPSConfiguration *HTTPSConfigurationType + + // The port of the SOAP connection to SAP Control. + Port *string + + // The timezone. example: "GMT+0" or "GMT-8" default: "GMT+0" + Timezone *string +} + +// GetSystemsConfigurationConnector implements the SystemsConfigurationConnectorClassification interface for type SapControlConnector. +func (s *SapControlConnector) GetSystemsConfigurationConnector() *SystemsConfigurationConnector { + return &SystemsConfigurationConnector{ + Type: s.Type, + } +} + +// SapSolutionUsageStatistic - Billing statistic about the Microsoft Sentinel solution for SAP Usage +type SapSolutionUsageStatistic struct { + // REQUIRED; The kind of the billing statistic + Kind *BillingStatisticKind + + // The SAP solution usage object + Properties *SapSolutionUsageStatisticProperties + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetBillingStatistic implements the BillingStatisticClassification interface for type SapSolutionUsageStatistic. +func (s *SapSolutionUsageStatistic) GetBillingStatistic() *BillingStatistic { + return &BillingStatistic{ + Etag: s.Etag, + ID: s.ID, + Kind: s.Kind, + Name: s.Name, + SystemData: s.SystemData, + Type: s.Type, + } +} + +// SapSolutionUsageStatisticProperties - Properties of the billing statistic about the Microsoft Sentinel solution for SAP +// usage +type SapSolutionUsageStatisticProperties struct { + // READ-ONLY; The latest count of active SAP system IDs under the Microsoft Sentinel solution for SAP Usage + ActiveSystemIDCount *int64 +} + +// SapSystemsConfiguration - Describes the SAP configuration. +type SapSystemsConfiguration struct { + // REQUIRED; Base Model for SAP System Connector. + Connector SystemsConfigurationConnectorClassification + + // REQUIRED; Represents the types of configuration for a system. + Type *ConfigurationType + + // azure resource id example: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM" + AzureResourceID *string + + // The logs configuration. + Logs []*Log +} + +// GetSystemsConfiguration implements the SystemsConfigurationClassification interface for type SapSystemsConfiguration. +func (s *SapSystemsConfiguration) GetSystemsConfiguration() *SystemsConfiguration { + return &SystemsConfiguration{ + Type: s.Type, + } +} + // ScheduledAlertRule - Represents scheduled alert rule. type ScheduledAlertRule struct { // REQUIRED; The kind of the alert rule @@ -6187,7 +8541,7 @@ type ScheduledAlertRule struct { // Scheduled alert rule properties Properties *ScheduledAlertRuleProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6256,9 +8610,15 @@ type ScheduledAlertRuleProperties struct { // The period (in ISO 8601 duration format) that this alert rule looks at. QueryPeriod *string + // Array of the sentinel entity mappings of the alert rule + SentinelEntitiesMappings []*SentinelEntityMapping + // The severity for alerts created by this alert rule. Severity *AlertSeverity + // The sub-techniques of the alert rule + SubTechniques []*string + // The tactics of the alert rule Tactics []*AttackTactic @@ -6286,7 +8646,7 @@ type ScheduledAlertRuleTemplate struct { // Scheduled alert rule template properties Properties *ScheduledAlertRuleTemplateProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6345,12 +8705,18 @@ type ScheduledAlertRuleTemplateProperties struct { // The required data connectors for this template RequiredDataConnectors []*AlertRuleTemplateDataSource + // Array of the sentinel entity mappings of the alert rule + SentinelEntitiesMappings []*SentinelEntityMapping + // The severity for alerts created by this alert rule. Severity *AlertSeverity // The alert rule template status. Status *TemplateStatus + // The sub-techniques of the alert rule + SubTechniques []*string + // The tactics of the alert rule template Tactics []*AttackTactic @@ -6376,12 +8742,12 @@ type ScheduledAlertRuleTemplateProperties struct { // SecurityAlert - Represents a security alert entity. type SecurityAlert struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // SecurityAlert entity properties Properties *SecurityAlertProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6531,6 +8897,12 @@ type SecurityAlertTimelineItem struct { // The alert product name. ProductName *string + + // The techniques of the alert. + Techniques []*string + + // READ-ONLY; The intent of the alert. + Intent *KillChainIntent } // GetEntityTimelineItem implements the EntityTimelineItemClassification interface for type SecurityAlertTimelineItem. @@ -6543,12 +8915,12 @@ func (s *SecurityAlertTimelineItem) GetEntityTimelineItem() *EntityTimelineItem // SecurityGroupEntity - Represents a security group entity. type SecurityGroupEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // SecurityGroup entity properties Properties *SecurityGroupEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6599,7 +8971,7 @@ type SecurityMLAnalyticsSetting struct { // Etag of the azure resource Etag *string - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6635,6 +9007,12 @@ type SecurityMLAnalyticsSettingsList struct { NextLink *string } +// SentinelEntityMapping - A single sentinel entity mapping +type SentinelEntityMapping struct { + // the column name to be mapped to the SentinelEntities + ColumnName *string +} + // SentinelOnboardingState - Sentinel onboarding state type SentinelOnboardingState struct { // Etag of the azure resource @@ -6643,7 +9021,7 @@ type SentinelOnboardingState struct { // The Sentinel onboarding state object Properties *SentinelOnboardingStateProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6668,10 +9046,65 @@ type SentinelOnboardingStatesList struct { Value []*SentinelOnboardingState } +// ServicePrincipal - Service principal metadata. +type ServicePrincipal struct { + // Expiration time of service principal credentials. + CredentialsExpireOn *time.Time + + // READ-ONLY; App id of service principal. + AppID *string + + // READ-ONLY; Id of service principal. + ID *string + + // READ-ONLY; Tenant id of service principal. + TenantID *string +} + +// SessionAuthModel - Model for API authentication with session cookie. +type SessionAuthModel struct { + // REQUIRED; The password attribute name. + Password map[string]*string + + // REQUIRED; The auth type + Type *CcpAuthType + + // REQUIRED; The user name attribute key value. + UserName map[string]*string + + // HTTP request headers to session service endpoint. + Headers map[string]*string + + // Indicating whether API key is set in HTTP POST payload. + IsPostPayloadJSON *bool + + // Query parameters to session service endpoint. + QueryParameters map[string]any + + // Session id attribute name from HTTP response header. + SessionIDName *string + + // HTTP request URL to session service endpoint. + SessionLoginRequestURI *string + + // Session timeout in minutes. + SessionTimeoutInMinutes *int32 +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type SessionAuthModel. +func (s *SessionAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: s.Type, + } +} + // SettingList - List of all the settings. type SettingList struct { // REQUIRED; Array of settings. Value []SettingsClassification + + // READ-ONLY; URL to fetch the next set of settings. + NextLink *string } // Settings - The Setting. @@ -6682,7 +9115,7 @@ type Settings struct { // Etag of the azure resource Etag *string - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6700,13 +9133,13 @@ func (s *Settings) GetSettings() *Settings { return s } // SourceControl - Represents a SourceControl in Azure Security Insights. type SourceControl struct { + // REQUIRED; source control properties + Properties *SourceControlProperties + // Etag of the azure resource Etag *string - // source control properties - Properties *SourceControlProperties - - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6745,28 +9178,37 @@ type SourceControlProperties struct { // A description of the source control Description *string - // The id (a Guid) of the source control + // Repository access credentials. This is write-only object and it never returns back to a user. + RepositoryAccess *RepositoryAccess + + // Information regarding the resources created in user's repository. + RepositoryResourceInfo *RepositoryResourceInfo + + // Service principal metadata. + ServicePrincipal *ServicePrincipal + + // READ-ONLY; The id (a Guid) of the source control ID *string - // Information regarding the latest deployment for the source control. + // READ-ONLY; Information regarding the latest deployment for the source control. LastDeploymentInfo *DeploymentInfo - // Information regarding the resources created in user's repository. - RepositoryResourceInfo *RepositoryResourceInfo + // READ-ONLY; Information regarding the pull request of the source control. + PullRequest *PullRequest - // The version number associated with the source control + // READ-ONLY; The version number associated with the source control Version *Version } // SubmissionMailEntity - Represents a submission mail entity. type SubmissionMailEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // Submission mail entity properties Properties *SubmissionMailEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6830,61 +9272,380 @@ type SubmissionMailEntityProperties struct { Timestamp *time.Time } -// SystemData - Metadata pertaining to creation and last modification of the resource. -type SystemData struct { - // The timestamp of resource creation (UTC). - CreatedAt *time.Time +// SystemData - Metadata pertaining to creation and last modification of the resource. +type SystemData struct { + // The timestamp of resource creation (UTC). + CreatedAt *time.Time + + // The identity that created the resource. + CreatedBy *string + + // The type of identity that created the resource. + CreatedByType *CreatedByType + + // The timestamp of resource last modification (UTC) + LastModifiedAt *time.Time + + // The identity that last modified the resource. + LastModifiedBy *string + + // The type of identity that last modified the resource. + LastModifiedByType *CreatedByType +} + +// SystemProperties - The properties of the system. +type SystemProperties struct { + // REQUIRED; The configuration of the system. + Configuration SystemsConfigurationClassification + + // REQUIRED + DisplayName *string + + // The status of the system. + Status *SystemStatusType + + // READ-ONLY + LastModifiedTimeUTC *time.Time +} + +// SystemResource - Describes the system within the agent. +type SystemResource struct { + // REQUIRED; The properties of the system. + Properties *SystemProperties + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// SystemsConfiguration - The configuration of the system. +type SystemsConfiguration struct { + // REQUIRED; Represents the types of configuration for a system. + Type *ConfigurationType +} + +// GetSystemsConfiguration implements the SystemsConfigurationClassification interface for type SystemsConfiguration. +func (s *SystemsConfiguration) GetSystemsConfiguration() *SystemsConfiguration { return s } + +// SystemsConfigurationConnector - Base Model for SAP System Connector. +type SystemsConfigurationConnector struct { + // REQUIRED; Represents the types of SAP systems. + Type *SystemConfigurationConnectorType +} + +// GetSystemsConfigurationConnector implements the SystemsConfigurationConnectorClassification interface for type SystemsConfigurationConnector. +func (s *SystemsConfigurationConnector) GetSystemsConfigurationConnector() *SystemsConfigurationConnector { + return s +} + +// SystemsList - List of Agent's Systems. +type SystemsList struct { + NextLink *string + Value []*SystemResource +} + +// TICheckRequirements - Threat Intelligence Platforms data connector check requirements +type TICheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // Threat Intelligence Platforms data connector check required properties + Properties *TICheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type TICheckRequirements. +func (t *TICheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: t.Kind, + } +} + +// TICheckRequirementsProperties - Threat Intelligence Platforms data connector required properties. +type TICheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// TIDataConnector - Represents threat intelligence data connector. +type TIDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // TI (Threat Intelligence) data connector properties. + Properties *TIDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type TIDataConnector. +func (t *TIDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: t.Etag, + ID: t.ID, + Kind: t.Kind, + Name: t.Name, + SystemData: t.SystemData, + Type: t.Type, + } +} + +// TIDataConnectorDataTypes - The available data types for TI (Threat Intelligence) data connector. +type TIDataConnectorDataTypes struct { + // REQUIRED; Data type for indicators connection. + Indicators *TIDataConnectorDataTypesIndicators +} + +// TIDataConnectorDataTypesIndicators - Data type for indicators connection. +type TIDataConnectorDataTypesIndicators struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// TIDataConnectorProperties - TI (Threat Intelligence) data connector properties. +type TIDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *TIDataConnectorDataTypes + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string + + // The lookback period for the feed to be imported. + TipLookbackPeriod *time.Time +} + +// TIObject - Represents a threat intelligence object in Azure Security Insights. +type TIObject struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type TIObject. +func (t *TIObject) GetTIObject() *TIObject { return t } + +// TIObjectCommonProperties - Describes properties common to all threat intelligence objects +type TIObjectCommonProperties struct { + // READ-ONLY; The UserInfo of the user/entity which originally created this TI object. + CreatedBy *UserInfo + + // READ-ONLY; The core STIX object that this TI object represents. + Data map[string]any + + // READ-ONLY; The timestamp for the first time this object was ingested. + FirstIngestedTimeUTC *time.Time + + // READ-ONLY; The ID of the rules version that was active when this TI object was last ingested. + IngestionRulesVersion *string + + // READ-ONLY; The timestamp for the last time this object was ingested. + LastIngestedTimeUTC *time.Time + + // READ-ONLY; The UserInfo of the user/entity which last modified this TI object. + LastModifiedBy *UserInfo + + // READ-ONLY; The name of the method/application that initiated the last write to this TI object. + LastUpdateMethod *string + + // READ-ONLY; The timestamp for the last time this TI object was updated. + LastUpdatedDateTimeUTC *time.Time + + // READ-ONLY; A dictionary used to help follow relationships from this object to other STIX objects. The keys are field names + // from the STIX object (in the 'data' field), and the values are lists of sources that can + // be prepended to the object ID in order to efficiently locate the target TI object. + RelationshipHints []*RelationshipHint + + // READ-ONLY; The source name for this TI object. + Source *string +} + +// TeamInformation - Describes team information +type TeamInformation struct { + // READ-ONLY; The description of the team + Description *string + + // READ-ONLY; The name of the team + Name *string + + // READ-ONLY; The primary channel URL of the team + PrimaryChannelURL *string + + // READ-ONLY; The time the team was created + TeamCreationTimeUTC *time.Time + + // READ-ONLY; Team ID + TeamID *string +} + +// TemplateList - List of all the template. +type TemplateList struct { + // REQUIRED; Array of templates. + Value []*TemplateModel + + // READ-ONLY; URL to fetch the next page of template. + NextLink *string +} + +// TemplateModel - Template resource definition. +type TemplateModel struct { + // Etag of the azure resource + Etag *string + + // template properties + Properties *TemplateProperties + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// TemplateProperties - Template property bag. +type TemplateProperties struct { + // The creator of the content item. + Author *MetadataAuthor + + // Categories for the item + Categories *MetadataCategories + + // Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for + // out of the box content and solutions. Dynamic for user-created. This is the + // resource name + ContentID *string + + // The kind of content the template is for. + ContentKind *Kind + + // Unique ID for the content. It should be generated based on the contentId of the package, contentId of the template, contentKind + // of the template and the contentVersion of the template + ContentProductID *string + + // Schema version of the content. Can be used to distinguish between different flow based on the schema version + ContentSchemaVersion *string + + // The custom version of the content. A optional free text + CustomVersion *string + + // Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies + // using a recursive/nested structure. For a single dependency an id/kind/version + // can be supplied or operator/criteria for complex formats. + Dependencies *MetadataDependencies + + // The display name of the template + DisplayName *string + + // first publish date content item + FirstPublishDate *time.Time + + // the icon identifier. this id can later be fetched from the content metadata + Icon *string + + // last publish date for the content item + LastPublishDate *time.Time + + // The JSON of the ARM template to deploy active content. Expandable. + MainTemplate any + + // the package Id contains this template + PackageID *string + + // the packageKind of the package contains this template + PackageKind *PackageKind + + // the name of the package contains this template + PackageName *string + + // Version of the package. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM metadata + // best practices. Can also be any string, but then we cannot guarantee any version + // checks + PackageVersion *string + + // preview image file names. These will be taken from the solution artifacts + PreviewImages []*string - // The identity that created the resource. - CreatedBy *string + // preview image file names. These will be taken from the solution artifacts. used for dark theme support + PreviewImagesDark []*string - // The type of identity that created the resource. - CreatedByType *CreatedByType + // Providers for the content item + Providers []*string - // The timestamp of resource last modification (UTC) - LastModifiedAt *time.Time + // Source of the content. This is where/how it was created. + Source *MetadataSource - // The identity that last modified the resource. - LastModifiedBy *string + // Support information for the template - type, name, contact information + Support *MetadataSupport - // The type of identity that last modified the resource. - LastModifiedByType *CreatedByType -} + // the tactics the resource covers + ThreatAnalysisTactics []*string -// TICheckRequirements - Threat Intelligence Platforms data connector check requirements -type TICheckRequirements struct { - // REQUIRED; Describes the kind of connector to be checked. - Kind *DataConnectorKind + // the techniques the resource covers, these have to be aligned with the tactics being used + ThreatAnalysisTechniques []*string - // Threat Intelligence Platforms data connector check required properties - Properties *TICheckRequirementsProperties -} + // Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM metadata + // best practices. Can also be any string, but then we cannot guarantee any version + // checks + Version *string -// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type TICheckRequirements. -func (t *TICheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { - return &DataConnectorsCheckRequirements{ - Kind: t.Kind, - } -} + // READ-ONLY; Dependant templates. Expandable. + DependantTemplates []*TemplateProperties -// TICheckRequirementsProperties - Threat Intelligence Platforms data connector required properties. -type TICheckRequirementsProperties struct { - // REQUIRED; The tenant id to connect to, and get the data from. - TenantID *string + // READ-ONLY; Flag indicates if this template is deprecated + IsDeprecated *Flag } -// TIDataConnector - Represents threat intelligence data connector. -type TIDataConnector struct { - // REQUIRED; The data connector kind - Kind *DataConnectorKind - - // Etag of the azure resource - Etag *string +// ThreatActor - Represents a threat actor in Azure Security Insights. +type ThreatActor struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind - // TI (Threat Intelligence) data connector properties. - Properties *TIDataConnectorProperties + // The properties of the TI object + Properties *TIObjectCommonProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -6897,75 +9658,18 @@ type TIDataConnector struct { Type *string } -// GetDataConnector implements the DataConnectorClassification interface for type TIDataConnector. -func (t *TIDataConnector) GetDataConnector() *DataConnector { - return &DataConnector{ - Etag: t.Etag, +// GetTIObject implements the TIObjectClassification interface for type ThreatActor. +func (t *ThreatActor) GetTIObject() *TIObject { + return &TIObject{ ID: t.ID, Kind: t.Kind, Name: t.Name, + Properties: t.Properties, SystemData: t.SystemData, Type: t.Type, } } -// TIDataConnectorDataTypes - The available data types for TI (Threat Intelligence) data connector. -type TIDataConnectorDataTypes struct { - // REQUIRED; Data type for indicators connection. - Indicators *TIDataConnectorDataTypesIndicators -} - -// TIDataConnectorDataTypesIndicators - Data type for indicators connection. -type TIDataConnectorDataTypesIndicators struct { - // REQUIRED; Describe whether this data type connection is enabled or not. - State *DataTypeState -} - -// TIDataConnectorProperties - TI (Threat Intelligence) data connector properties. -type TIDataConnectorProperties struct { - // REQUIRED; The available data types for the connector. - DataTypes *TIDataConnectorDataTypes - - // REQUIRED; The tenant id to connect to, and get the data from. - TenantID *string - - // The lookback period for the feed to be imported. - TipLookbackPeriod *time.Time -} - -// TeamInformation - Describes team information -type TeamInformation struct { - // READ-ONLY; The description of the team - Description *string - - // READ-ONLY; The name of the team - Name *string - - // READ-ONLY; The primary channel URL of the team - PrimaryChannelURL *string - - // READ-ONLY; The time the team was created - TeamCreationTimeUTC *time.Time - - // READ-ONLY; Team ID - TeamID *string -} - -// TeamProperties - Describes team properties -type TeamProperties struct { - // REQUIRED; The name of the team - TeamName *string - - // List of group IDs to add their members to the team - GroupIDs []*string - - // List of member IDs to add to the team - MemberIDs []*string - - // The description of the team - TeamDescription *string -} - // ThreatIntelligence property bag. type ThreatIntelligence struct { // READ-ONLY; Confidence (must be between 0 and 1) @@ -6998,7 +9702,7 @@ type ThreatIntelligenceAlertRule struct { // Threat Intelligence alert rule properties Properties *ThreatIntelligenceAlertRuleProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -7043,6 +9747,9 @@ type ThreatIntelligenceAlertRuleProperties struct { // READ-ONLY; The severity for alerts created by this alert rule. Severity *AlertSeverity + // READ-ONLY; The sub-techniques of the alert rule + SubTechniques []*string + // READ-ONLY; The tactics of the alert rule Tactics []*AttackTactic @@ -7058,7 +9765,7 @@ type ThreatIntelligenceAlertRuleTemplate struct { // Threat Intelligence alert rule template properties Properties *ThreatIntelligenceAlertRuleTemplateProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -7121,6 +9828,12 @@ type ThreatIntelligenceAppendTags struct { ThreatIntelligenceTags []*string } +// ThreatIntelligenceCount - Count of all the threat intelligence objects on the workspace that match the provided query. +type ThreatIntelligenceCount struct { + // READ-ONLY; Count of all the threat intelligence objects on the workspace that match the provided query. + Count *int32 +} + // ThreatIntelligenceExternalReference - Describes external reference type ThreatIntelligenceExternalReference struct { // External reference description @@ -7196,7 +9909,7 @@ type ThreatIntelligenceGranularMarkingModel struct { // ThreatIntelligenceIndicatorModel - Threat intelligence indicator entity. type ThreatIntelligenceIndicatorModel struct { // REQUIRED; The kind of the entity. - Kind *ThreatIntelligenceResourceKindEnum + Kind *ThreatIntelligenceResourceInnerKind // Etag of the azure resource Etag *string @@ -7204,7 +9917,7 @@ type ThreatIntelligenceIndicatorModel struct { // Threat Intelligence Entity properties Properties *ThreatIntelligenceIndicatorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -7326,12 +10039,12 @@ type ThreatIntelligenceIndicatorProperties struct { // ThreatIntelligenceInformation - Threat intelligence information object. type ThreatIntelligenceInformation struct { // REQUIRED; The kind of the entity. - Kind *ThreatIntelligenceResourceKindEnum + Kind *ThreatIntelligenceResourceInnerKind // Etag of the azure resource Etag *string - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -7367,6 +10080,15 @@ type ThreatIntelligenceKillChainPhase struct { PhaseName *string } +// ThreatIntelligenceList - List all the threat intelligence objects on the workspace that match the provided query. +type ThreatIntelligenceList struct { + // REQUIRED; Array of threat intelligence objects on the workspace that match the provided query. + Value []TIObjectClassification + + // READ-ONLY; URL to fetch the next set of threat intelligence objects. + NextLink *string +} + // ThreatIntelligenceMetric - Describes threat intelligence metric type ThreatIntelligenceMetric struct { // Last updated indicator metric @@ -7427,7 +10149,7 @@ type ThreatIntelligenceSortingCriteria struct { ItemKey *string // Sorting order (ascending/descending/unsorted). - SortOrder *ThreatIntelligenceSortingCriteriaEnum + SortOrder *ThreatIntelligenceSortingOrder } // TiTaxiiCheckRequirements - Threat Intelligence TAXII data connector check requirements @@ -7463,7 +10185,7 @@ type TiTaxiiDataConnector struct { // Threat intelligence TAXII data connector properties. Properties *TiTaxiiDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -7566,15 +10288,63 @@ type TimelineResultsMetadata struct { Errors []*TimelineError } +// TriggeredAnalyticsRuleRun - The triggered analytics rule run +type TriggeredAnalyticsRuleRun struct { + // REQUIRED; The triggered analytics rule run Properties + Properties *TriggeredAnalyticsRuleRunProperties + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// TriggeredAnalyticsRuleRunProperties - The triggered analytics rule run Properties +type TriggeredAnalyticsRuleRunProperties struct { + // REQUIRED + ExecutionTimeUTC *time.Time + + // REQUIRED; The triggered analytics rule run provisioning state + ProvisioningState *ProvisioningState + + // REQUIRED + RuleID *string + + // REQUIRED + TriggeredAnalyticsRuleRunID *string + + // Dictionary of + RuleRunAdditionalData map[string]any +} + +// TriggeredAnalyticsRuleRuns - The triggered analytics rule run array +type TriggeredAnalyticsRuleRuns struct { + // REQUIRED + Value []*TriggeredAnalyticsRuleRun + + // READ-ONLY + NextLink *string +} + // URLEntity - Represents a url entity. type URLEntity struct { // REQUIRED; The kind of the entity. - Kind *EntityKind + Kind *EntityKindEnum // Url entity properties Properties *URLEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -7622,7 +10392,7 @@ type Ueba struct { // Ueba properties Properties *UebaProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -7653,6 +10423,31 @@ type UebaProperties struct { DataSources []*UebaDataSources } +// UndoActionPayload - Represents the undo action. +type UndoActionPayload struct { + // The action ID of the original action that was performed and now need to undo + ActionID *string +} + +// UnlockUserAction - Represents an unlock user action. +type UnlockUserAction struct { + // REQUIRED; The actions kind + Kind *ListActionKind + + // The reason of the failure of the action. Empty if the action is successful. + FailureReason *string + + // The user to unlock + User *string +} + +// GetAction implements the ActionClassification interface for type UnlockUserAction. +func (u *UnlockUserAction) GetAction() *Action { + return &Action{ + Kind: u.Kind, + } +} + // UserInfo - User information that made some action type UserInfo struct { // The object id of the user. @@ -7674,6 +10469,24 @@ type ValidationError struct { ErrorMessages []*string } +// Warning response structure. +type Warning struct { + // READ-ONLY; Warning data. + Warning *WarningBody +} + +// WarningBody - Warning details. +type WarningBody struct { + // READ-ONLY; An identifier for the warning. Codes are invariant and are intended to be consumed programmatically. + Code *WarningCode + + // READ-ONLY + Details []*WarningBody + + // READ-ONLY; A message describing the warning, intended to be suitable for display in a user interface. + Message *string +} + // Watchlist - Represents a Watchlist in Azure Security Insights. type Watchlist struct { // Etag of the azure resource @@ -7682,7 +10495,7 @@ type Watchlist struct { // Watchlist properties Properties *WatchlistProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -7703,7 +10516,7 @@ type WatchlistItem struct { // Watchlist Item properties Properties *WatchlistItemProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" ID *string // READ-ONLY; The name of the resource @@ -7728,7 +10541,7 @@ type WatchlistItemList struct { // WatchlistItemProperties - Describes watchlist item properties type WatchlistItemProperties struct { // REQUIRED; key-value pairs for a watchlist item - ItemsKeyValue map[string]any + ItemsKeyValue any // The time the watchlist item was created Created *time.Time @@ -7737,7 +10550,7 @@ type WatchlistItemProperties struct { CreatedBy *UserInfo // key-value pairs for a watchlist item entity mapping - EntityMapping map[string]any + EntityMapping any // A flag that indicates if the watchlist item is deleted or not IsDeleted *bool @@ -7804,6 +10617,9 @@ type WatchlistProperties struct { // The number of lines in a csv/tsv content to skip before the header NumberOfLinesToSkip *int32 + // The triggered analytics rule run provisioning state + ProvisioningState *ProvisioningState + // The raw content that represents to watchlist items to create. In case of csv/tsv content type, it's the content of the // file that will parsed by the endpoint RawContent *string @@ -7842,12 +10658,174 @@ type Webhook struct { // A flag to instruct the backend service to rotate webhook secret. RotateWebhookSecret *bool - // Unique identifier for the webhook. + // READ-ONLY; Unique identifier for the webhook. WebhookID *string - // Time when the webhook secret was updated. - WebhookSecretUpdateTime *string + // READ-ONLY; Time when the webhook secret was updated. + WebhookSecretUpdateTime *time.Time - // URL that gets invoked by the webhook. + // READ-ONLY; URL that gets invoked by the webhook. WebhookURL *string } + +// WorkspaceManagerAssignment - The workspace manager assignment +type WorkspaceManagerAssignment struct { + // The workspace manager assignment object + Properties *WorkspaceManagerAssignmentProperties + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// WorkspaceManagerAssignmentList - List of all the workspace manager assignments. +type WorkspaceManagerAssignmentList struct { + // REQUIRED; Array of workspace manager assignments. + Value []*WorkspaceManagerAssignment + + // READ-ONLY; URL to fetch the next set of workspace manager assignments. + NextLink *string +} + +// WorkspaceManagerAssignmentProperties - The workspace manager assignment properties +type WorkspaceManagerAssignmentProperties struct { + // REQUIRED; List of resources included in this workspace manager assignment + Items []*AssignmentItem + + // REQUIRED; The resource name of the workspace manager group targeted by the workspace manager assignment + TargetResourceName *string + + // READ-ONLY; The time the last job associated to this assignment ended at + LastJobEndTime *time.Time + + // READ-ONLY; State of the last job associated to this assignment + LastJobProvisioningState *ProvisioningState +} + +// WorkspaceManagerConfiguration - The workspace manager configuration +type WorkspaceManagerConfiguration struct { + // The workspace manager configuration object + Properties *WorkspaceManagerConfigurationProperties + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// WorkspaceManagerConfigurationList - List all the workspace manager configurations for the workspace. +type WorkspaceManagerConfigurationList struct { + // REQUIRED; Array of workspace manager configurations. + Value []*WorkspaceManagerConfiguration + + // READ-ONLY; URL to fetch the next set of workspace manager configurations. + NextLink *string +} + +// WorkspaceManagerConfigurationProperties - The workspace manager configuration properties +type WorkspaceManagerConfigurationProperties struct { + // REQUIRED; The current mode of the workspace manager configuration + Mode *Mode +} + +// WorkspaceManagerGroup - The workspace manager group +type WorkspaceManagerGroup struct { + // The workspace manager group object + Properties *WorkspaceManagerGroupProperties + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// WorkspaceManagerGroupList - List of all the workspace manager groups. +type WorkspaceManagerGroupList struct { + // REQUIRED; Array of workspace manager groups. + Value []*WorkspaceManagerGroup + + // READ-ONLY; URL to fetch the next set of workspace manager groups. + NextLink *string +} + +// WorkspaceManagerGroupProperties - The workspace manager group properties +type WorkspaceManagerGroupProperties struct { + // REQUIRED; The display name of the workspace manager group + DisplayName *string + + // REQUIRED; The names of the workspace manager members participating in this group. + MemberResourceNames []*string + + // The description of the workspace manager group + Description *string +} + +// WorkspaceManagerMember - The workspace manager member +type WorkspaceManagerMember struct { + // The workspace manager member object + Properties *WorkspaceManagerMemberProperties + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// WorkspaceManagerMemberProperties - The workspace manager member properties +type WorkspaceManagerMemberProperties struct { + // REQUIRED; Fully qualified resource ID of the target Sentinel workspace joining the given Sentinel workspace manager + TargetWorkspaceResourceID *string + + // REQUIRED; Tenant id of the target Sentinel workspace joining the given Sentinel workspace manager + TargetWorkspaceTenantID *string +} + +// WorkspaceManagerMembersList - List of workspace manager members +type WorkspaceManagerMembersList struct { + // REQUIRED; Array of workspace manager members + Value []*WorkspaceManagerMember + + // READ-ONLY; URL to fetch the next set of workspace manager members + NextLink *string +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/models_serde.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/models_serde.go index 26b859816022..e6555eeee08f 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/models_serde.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/models_serde.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -295,6 +292,49 @@ func (a *AATPDataConnectorProperties) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type APIKeyAuthModel. +func (a APIKeyAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "apiKey", a.APIKey) + populate(objectMap, "apiKeyIdentifier", a.APIKeyIdentifier) + populate(objectMap, "apiKeyName", a.APIKeyName) + populate(objectMap, "isApiKeyInPostPayload", a.IsAPIKeyInPostPayload) + objectMap["type"] = CcpAuthTypeAPIKey + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type APIKeyAuthModel. +func (a *APIKeyAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "apiKey": + err = unpopulate(val, "APIKey", &a.APIKey) + delete(rawMsg, key) + case "apiKeyIdentifier": + err = unpopulate(val, "APIKeyIdentifier", &a.APIKeyIdentifier) + delete(rawMsg, key) + case "apiKeyName": + err = unpopulate(val, "APIKeyName", &a.APIKeyName) + delete(rawMsg, key) + case "isApiKeyInPostPayload": + err = unpopulate(val, "IsAPIKeyInPostPayload", &a.IsAPIKeyInPostPayload) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type APIPollingParameters. func (a APIPollingParameters) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -466,11 +506,46 @@ func (a *ASCDataConnectorProperties) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type AWSAuthModel. +func (a AWSAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "externalId", a.ExternalID) + populate(objectMap, "roleArn", a.RoleArn) + objectMap["type"] = CcpAuthTypeAWS + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AWSAuthModel. +func (a *AWSAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "externalId": + err = unpopulate(val, "ExternalID", &a.ExternalID) + delete(rawMsg, key) + case "roleArn": + err = unpopulate(val, "RoleArn", &a.RoleArn) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type AccountEntity. func (a AccountEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "id", a.ID) - objectMap["kind"] = EntityKindAccount + objectMap["kind"] = EntityKindEnumAccount populate(objectMap, "name", a.Name) populate(objectMap, "properties", a.Properties) populate(objectMap, "systemData", a.SystemData) @@ -592,6 +667,33 @@ func (a *AccountEntityProperties) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type Action. +func (a Action) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = a.Kind + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Action. +func (a *Action) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &a.Kind) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type ActionRequest. func (a ActionRequest) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -1163,11 +1265,140 @@ func (a *ActivityTimelineItem) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type AddIncidentTaskActionProperties. +func (a AddIncidentTaskActionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", a.Description) + populate(objectMap, "title", a.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AddIncidentTaskActionProperties. +func (a *AddIncidentTaskActionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &a.Description) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &a.Title) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AgentConfiguration. +func (a AgentConfiguration) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["type"] = a.Type + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AgentConfiguration. +func (a *AgentConfiguration) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AgentProperties. +func (a AgentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "agentSystems", a.AgentSystems) + populate(objectMap, "configuration", a.Configuration) + populate(objectMap, "displayName", a.DisplayName) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", a.LastModifiedTimeUTC) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AgentProperties. +func (a *AgentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "agentSystems": + err = unpopulate(val, "AgentSystems", &a.AgentSystems) + delete(rawMsg, key) + case "configuration": + a.Configuration, err = unmarshalAgentConfigurationClassification(val) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &a.LastModifiedTimeUTC) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AgentSystem. +func (a AgentSystem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "systemDisplayName", a.SystemDisplayName) + populate(objectMap, "systemResourceName", a.SystemResourceName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AgentSystem. +func (a *AgentSystem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "systemDisplayName": + err = unpopulate(val, "SystemDisplayName", &a.SystemDisplayName) + delete(rawMsg, key) + case "systemResourceName": + err = unpopulate(val, "SystemResourceName", &a.SystemResourceName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type AlertDetailsOverride. func (a AlertDetailsOverride) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "alertDescriptionFormat", a.AlertDescriptionFormat) populate(objectMap, "alertDisplayNameFormat", a.AlertDisplayNameFormat) + populate(objectMap, "alertDynamicProperties", a.AlertDynamicProperties) populate(objectMap, "alertSeverityColumnName", a.AlertSeverityColumnName) populate(objectMap, "alertTacticsColumnName", a.AlertTacticsColumnName) return json.Marshal(objectMap) @@ -1188,6 +1419,9 @@ func (a *AlertDetailsOverride) UnmarshalJSON(data []byte) error { case "alertDisplayNameFormat": err = unpopulate(val, "AlertDisplayNameFormat", &a.AlertDisplayNameFormat) delete(rawMsg, key) + case "alertDynamicProperties": + err = unpopulate(val, "AlertDynamicProperties", &a.AlertDynamicProperties) + delete(rawMsg, key) case "alertSeverityColumnName": err = unpopulate(val, "AlertSeverityColumnName", &a.AlertSeverityColumnName) delete(rawMsg, key) @@ -1202,6 +1436,37 @@ func (a *AlertDetailsOverride) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type AlertPropertyMapping. +func (a AlertPropertyMapping) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertProperty", a.AlertProperty) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertPropertyMapping. +func (a *AlertPropertyMapping) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertProperty": + err = unpopulate(val, "AlertProperty", &a.AlertProperty) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type AlertRule. func (a AlertRule) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -1412,6 +1677,60 @@ func (a *AlertsDataTypeOfDataConnector) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type AnalyticsRuleRunTrigger. +func (a AnalyticsRuleRunTrigger) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "properties", a.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AnalyticsRuleRunTrigger. +func (a *AnalyticsRuleRunTrigger) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AnalyticsRuleRunTriggerProperties. +func (a AnalyticsRuleRunTriggerProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "executionTimeUtc", a.ExecutionTimeUTC) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AnalyticsRuleRunTriggerProperties. +func (a *AnalyticsRuleRunTriggerProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "executionTimeUtc": + err = unpopulateDateTimeRFC3339(val, "ExecutionTimeUTC", &a.ExecutionTimeUTC) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type Anomalies. func (a Anomalies) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -1691,14 +2010,88 @@ func (a *AnomalyTimelineItem) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AutomationRule. -func (a AutomationRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AssignmentItem. +func (a AssignmentItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", a.Etag) - populate(objectMap, "id", a.ID) - populate(objectMap, "name", a.Name) - populate(objectMap, "properties", a.Properties) - populate(objectMap, "systemData", a.SystemData) + populate(objectMap, "resourceId", a.ResourceID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AssignmentItem. +func (a *AssignmentItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "resourceId": + err = unpopulate(val, "ResourceID", &a.ResourceID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AttackPattern. +func (a AttackPattern) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + objectMap["kind"] = TIObjectKindAttackPattern + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "systemData", a.SystemData) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AttackPattern. +func (a *AttackPattern) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &a.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &a.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AutomationRule. +func (a AutomationRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", a.Etag) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "systemData", a.SystemData) populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } @@ -1769,6 +2162,41 @@ func (a *AutomationRuleAction) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type AutomationRuleAddIncidentTaskAction. +func (a AutomationRuleAddIncidentTaskAction) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "actionConfiguration", a.ActionConfiguration) + objectMap["actionType"] = ActionTypeAddIncidentTask + populate(objectMap, "order", a.Order) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleAddIncidentTaskAction. +func (a *AutomationRuleAddIncidentTaskAction) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "actionConfiguration": + err = unpopulate(val, "ActionConfiguration", &a.ActionConfiguration) + delete(rawMsg, key) + case "actionType": + err = unpopulate(val, "ActionType", &a.ActionType) + delete(rawMsg, key) + case "order": + err = unpopulate(val, "Order", &a.Order) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type AutomationRuleBooleanCondition. func (a AutomationRuleBooleanCondition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -2566,7 +2994,7 @@ func (a *AzureDevOpsResourceInfo) UnmarshalJSON(data []byte) error { func (a AzureResourceEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "id", a.ID) - objectMap["kind"] = EntityKindAzureResource + objectMap["kind"] = EntityKindEnumAzureResource populate(objectMap, "name", a.Name) populate(objectMap, "properties", a.Properties) populate(objectMap, "systemData", a.SystemData) @@ -2648,6 +3076,119 @@ func (a *AzureResourceEntityProperties) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type BasicAuthModel. +func (b BasicAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "password", b.Password) + objectMap["type"] = CcpAuthTypeBasic + populate(objectMap, "userName", b.UserName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type BasicAuthModel. +func (b *BasicAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", b, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "password": + err = unpopulate(val, "Password", &b.Password) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &b.Type) + delete(rawMsg, key) + case "userName": + err = unpopulate(val, "UserName", &b.UserName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", b, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type BillingStatistic. +func (b BillingStatistic) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", b.Etag) + populate(objectMap, "id", b.ID) + objectMap["kind"] = b.Kind + populate(objectMap, "name", b.Name) + populate(objectMap, "systemData", b.SystemData) + populate(objectMap, "type", b.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type BillingStatistic. +func (b *BillingStatistic) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", b, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &b.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &b.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &b.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &b.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &b.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &b.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", b, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type BillingStatisticList. +func (b BillingStatisticList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", b.NextLink) + populate(objectMap, "value", b.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type BillingStatisticList. +func (b *BillingStatisticList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", b, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &b.NextLink) + delete(rawMsg, key) + case "value": + b.Value, err = unmarshalBillingStatisticClassificationArray(val) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", b, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type Bookmark. func (b Bookmark) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -3031,73 +3572,245 @@ func (b *BooleanConditionProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ClientInfo. -func (c ClientInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BusinessApplicationAgentResource. +func (b BusinessApplicationAgentResource) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "email", c.Email) - populate(objectMap, "name", c.Name) - populate(objectMap, "objectId", c.ObjectID) - populate(objectMap, "userPrincipalName", c.UserPrincipalName) + populate(objectMap, "etag", b.Etag) + populate(objectMap, "id", b.ID) + populate(objectMap, "name", b.Name) + populate(objectMap, "properties", b.Properties) + populate(objectMap, "systemData", b.SystemData) + populate(objectMap, "type", b.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ClientInfo. -func (c *ClientInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BusinessApplicationAgentResource. +func (b *BusinessApplicationAgentResource) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "email": - err = unpopulate(val, "Email", &c.Email) + case "etag": + err = unpopulate(val, "Etag", &b.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &b.ID) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &c.Name) + err = unpopulate(val, "Name", &b.Name) delete(rawMsg, key) - case "objectId": - err = unpopulate(val, "ObjectID", &c.ObjectID) + case "properties": + err = unpopulate(val, "Properties", &b.Properties) delete(rawMsg, key) - case "userPrincipalName": - err = unpopulate(val, "UserPrincipalName", &c.UserPrincipalName) + case "systemData": + err = unpopulate(val, "SystemData", &b.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &b.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type CloudApplicationEntity. -func (c CloudApplicationEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BusinessApplicationAgentsList. +func (b BusinessApplicationAgentsList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", c.ID) - objectMap["kind"] = EntityKindCloudApplication - populate(objectMap, "name", c.Name) - populate(objectMap, "properties", c.Properties) - populate(objectMap, "systemData", c.SystemData) - populate(objectMap, "type", c.Type) + populate(objectMap, "nextLink", b.NextLink) + populate(objectMap, "value", b.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type CloudApplicationEntity. -func (c *CloudApplicationEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BusinessApplicationAgentsList. +func (b *BusinessApplicationAgentsList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &c.ID) + case "nextLink": + err = unpopulate(val, "NextLink", &b.NextLink) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &c.Kind) + case "value": + err = unpopulate(val, "Value", &b.Value) delete(rawMsg, key) - case "name": + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", b, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type CcpAuthConfig. +func (c CcpAuthConfig) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["type"] = c.Type + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type CcpAuthConfig. +func (c *CcpAuthConfig) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "type": + err = unpopulate(val, "Type", &c.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type CcpResponseConfig. +func (c CcpResponseConfig) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "csvDelimiter", c.CSVDelimiter) + populate(objectMap, "csvEscape", c.CSVEscape) + populate(objectMap, "compressionAlgo", c.CompressionAlgo) + populate(objectMap, "convertChildPropertiesToArray", c.ConvertChildPropertiesToArray) + populate(objectMap, "eventsJsonPaths", c.EventsJSONPaths) + populate(objectMap, "format", c.Format) + populate(objectMap, "hasCsvBoundary", c.HasCSVBoundary) + populate(objectMap, "hasCsvHeader", c.HasCSVHeader) + populate(objectMap, "isGzipCompressed", c.IsGzipCompressed) + populate(objectMap, "successStatusJsonPath", c.SuccessStatusJSONPath) + populate(objectMap, "successStatusValue", c.SuccessStatusValue) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type CcpResponseConfig. +func (c *CcpResponseConfig) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "csvDelimiter": + err = unpopulate(val, "CSVDelimiter", &c.CSVDelimiter) + delete(rawMsg, key) + case "csvEscape": + err = unpopulate(val, "CSVEscape", &c.CSVEscape) + delete(rawMsg, key) + case "compressionAlgo": + err = unpopulate(val, "CompressionAlgo", &c.CompressionAlgo) + delete(rawMsg, key) + case "convertChildPropertiesToArray": + err = unpopulate(val, "ConvertChildPropertiesToArray", &c.ConvertChildPropertiesToArray) + delete(rawMsg, key) + case "eventsJsonPaths": + err = unpopulate(val, "EventsJSONPaths", &c.EventsJSONPaths) + delete(rawMsg, key) + case "format": + err = unpopulate(val, "Format", &c.Format) + delete(rawMsg, key) + case "hasCsvBoundary": + err = unpopulate(val, "HasCSVBoundary", &c.HasCSVBoundary) + delete(rawMsg, key) + case "hasCsvHeader": + err = unpopulate(val, "HasCSVHeader", &c.HasCSVHeader) + delete(rawMsg, key) + case "isGzipCompressed": + err = unpopulate(val, "IsGzipCompressed", &c.IsGzipCompressed) + delete(rawMsg, key) + case "successStatusJsonPath": + err = unpopulate(val, "SuccessStatusJSONPath", &c.SuccessStatusJSONPath) + delete(rawMsg, key) + case "successStatusValue": + err = unpopulate(val, "SuccessStatusValue", &c.SuccessStatusValue) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ClientInfo. +func (c ClientInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "email", c.Email) + populate(objectMap, "name", c.Name) + populate(objectMap, "objectId", c.ObjectID) + populate(objectMap, "userPrincipalName", c.UserPrincipalName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ClientInfo. +func (c *ClientInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "email": + err = unpopulate(val, "Email", &c.Email) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &c.Name) + delete(rawMsg, key) + case "objectId": + err = unpopulate(val, "ObjectID", &c.ObjectID) + delete(rawMsg, key) + case "userPrincipalName": + err = unpopulate(val, "UserPrincipalName", &c.UserPrincipalName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type CloudApplicationEntity. +func (c CloudApplicationEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", c.ID) + objectMap["kind"] = EntityKindEnumCloudApplication + populate(objectMap, "name", c.Name) + populate(objectMap, "properties", c.Properties) + populate(objectMap, "systemData", c.SystemData) + populate(objectMap, "type", c.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type CloudApplicationEntity. +func (c *CloudApplicationEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &c.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &c.Kind) + delete(rawMsg, key) + case "name": err = unpopulate(val, "Name", &c.Name) delete(rawMsg, key) case "properties": @@ -3810,6 +4523,80 @@ func (c *CodelessUIDataConnector) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type ConditionClause. +func (c ConditionClause) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "clauseConnective", c.ClauseConnective) + populate(objectMap, "field", c.Field) + populate(objectMap, "operator", c.Operator) + populate(objectMap, "values", c.Values) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ConditionClause. +func (c *ConditionClause) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "clauseConnective": + err = unpopulate(val, "ClauseConnective", &c.ClauseConnective) + delete(rawMsg, key) + case "field": + err = unpopulate(val, "Field", &c.Field) + delete(rawMsg, key) + case "operator": + err = unpopulate(val, "Operator", &c.Operator) + delete(rawMsg, key) + case "values": + err = unpopulate(val, "Values", &c.Values) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ConditionProperties. +func (c ConditionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "clauses", c.Clauses) + populate(objectMap, "conditionConnective", c.ConditionConnective) + populate(objectMap, "stixObjectType", c.StixObjectType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ConditionProperties. +func (c *ConditionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "clauses": + err = unpopulate(val, "Clauses", &c.Clauses) + delete(rawMsg, key) + case "conditionConnective": + err = unpopulate(val, "ConditionConnective", &c.ConditionConnective) + delete(rawMsg, key) + case "stixObjectType": + err = unpopulate(val, "StixObjectType", &c.StixObjectType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type ConnectedEntity. func (c ConnectedEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -3841,16 +4628,16 @@ func (c *ConnectedEntity) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ContentPathMap. -func (c ContentPathMap) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConnectivityCriterion. +func (c ConnectivityCriterion) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "contentType", c.ContentType) - populate(objectMap, "path", c.Path) + populate(objectMap, "type", c.Type) + populate(objectMap, "value", c.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ContentPathMap. -func (c *ContentPathMap) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectivityCriterion. +func (c *ConnectivityCriterion) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", c, err) @@ -3858,11 +4645,11 @@ func (c *ContentPathMap) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "contentType": - err = unpopulate(val, "ContentType", &c.ContentType) + case "type": + err = unpopulate(val, "Type", &c.Type) delete(rawMsg, key) - case "path": - err = unpopulate(val, "Path", &c.Path) + case "value": + err = unpopulate(val, "Value", &c.Value) delete(rawMsg, key) } if err != nil { @@ -3872,20 +4659,16 @@ func (c *ContentPathMap) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type CustomEntityQuery. -func (c CustomEntityQuery) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConnectorDataType. +func (c ConnectorDataType) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", c.Etag) - populate(objectMap, "id", c.ID) - objectMap["kind"] = c.Kind + populate(objectMap, "lastDataReceivedQuery", c.LastDataReceivedQuery) populate(objectMap, "name", c.Name) - populate(objectMap, "systemData", c.SystemData) - populate(objectMap, "type", c.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type CustomEntityQuery. -func (c *CustomEntityQuery) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectorDataType. +func (c *ConnectorDataType) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", c, err) @@ -3893,24 +4676,12 @@ func (c *CustomEntityQuery) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &c.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &c.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &c.Kind) + case "lastDataReceivedQuery": + err = unpopulate(val, "LastDataReceivedQuery", &c.LastDataReceivedQuery) delete(rawMsg, key) case "name": err = unpopulate(val, "Name", &c.Name) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &c.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &c.Type) - delete(rawMsg, key) } if err != nil { return fmt.Errorf("unmarshalling type %T: %v", c, err) @@ -3919,411 +4690,427 @@ func (c *CustomEntityQuery) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type DNSEntity. -func (d DNSEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConnectorDefinitionsAvailability. +func (c ConnectorDefinitionsAvailability) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", d.ID) - objectMap["kind"] = EntityKindDNSResolution - populate(objectMap, "name", d.Name) - populate(objectMap, "properties", d.Properties) - populate(objectMap, "systemData", d.SystemData) - populate(objectMap, "type", d.Type) + populate(objectMap, "isPreview", c.IsPreview) + populate(objectMap, "status", c.Status) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DNSEntity. -func (d *DNSEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectorDefinitionsAvailability. +func (c *ConnectorDefinitionsAvailability) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &d.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &d.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &d.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &d.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &d.SystemData) + case "isPreview": + err = unpopulate(val, "IsPreview", &c.IsPreview) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &d.Type) + case "status": + err = unpopulate(val, "Status", &c.Status) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DNSEntityProperties. -func (d DNSEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConnectorDefinitionsPermissions. +func (c ConnectorDefinitionsPermissions) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", d.AdditionalData) - populate(objectMap, "dnsServerIpEntityId", d.DNSServerIPEntityID) - populate(objectMap, "domainName", d.DomainName) - populate(objectMap, "friendlyName", d.FriendlyName) - populate(objectMap, "hostIpAddressEntityId", d.HostIPAddressEntityID) - populate(objectMap, "ipAddressEntityIds", d.IPAddressEntityIDs) + populate(objectMap, "customs", c.Customs) + populate(objectMap, "licenses", c.Licenses) + populate(objectMap, "resourceProvider", c.ResourceProvider) + populate(objectMap, "tenant", c.Tenant) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DNSEntityProperties. -func (d *DNSEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectorDefinitionsPermissions. +func (c *ConnectorDefinitionsPermissions) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &d.AdditionalData) - delete(rawMsg, key) - case "dnsServerIpEntityId": - err = unpopulate(val, "DNSServerIPEntityID", &d.DNSServerIPEntityID) - delete(rawMsg, key) - case "domainName": - err = unpopulate(val, "DomainName", &d.DomainName) + case "customs": + err = unpopulate(val, "Customs", &c.Customs) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &d.FriendlyName) + case "licenses": + err = unpopulate(val, "Licenses", &c.Licenses) delete(rawMsg, key) - case "hostIpAddressEntityId": - err = unpopulate(val, "HostIPAddressEntityID", &d.HostIPAddressEntityID) + case "resourceProvider": + err = unpopulate(val, "ResourceProvider", &c.ResourceProvider) delete(rawMsg, key) - case "ipAddressEntityIds": - err = unpopulate(val, "IPAddressEntityIDs", &d.IPAddressEntityIDs) + case "tenant": + err = unpopulate(val, "Tenant", &c.Tenant) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DataConnector. -func (d DataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConnectorDefinitionsResourceProvider. +func (c ConnectorDefinitionsResourceProvider) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", d.Etag) - populate(objectMap, "id", d.ID) - objectMap["kind"] = d.Kind - populate(objectMap, "name", d.Name) - populate(objectMap, "systemData", d.SystemData) - populate(objectMap, "type", d.Type) + populate(objectMap, "permissionsDisplayText", c.PermissionsDisplayText) + populate(objectMap, "provider", c.Provider) + populate(objectMap, "providerDisplayName", c.ProviderDisplayName) + populate(objectMap, "requiredPermissions", c.RequiredPermissions) + populate(objectMap, "scope", c.Scope) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnector. -func (d *DataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectorDefinitionsResourceProvider. +func (c *ConnectorDefinitionsResourceProvider) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &d.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &d.ID) + case "permissionsDisplayText": + err = unpopulate(val, "PermissionsDisplayText", &c.PermissionsDisplayText) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &d.Kind) + case "provider": + err = unpopulate(val, "Provider", &c.Provider) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &d.Name) + case "providerDisplayName": + err = unpopulate(val, "ProviderDisplayName", &c.ProviderDisplayName) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &d.SystemData) + case "requiredPermissions": + err = unpopulate(val, "RequiredPermissions", &c.RequiredPermissions) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &d.Type) + case "scope": + err = unpopulate(val, "Scope", &c.Scope) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DataConnectorConnectBody. -func (d DataConnectorConnectBody) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CountQuery. +func (c CountQuery) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "apiKey", d.APIKey) - populate(objectMap, "authorizationCode", d.AuthorizationCode) - populate(objectMap, "clientId", d.ClientID) - populate(objectMap, "clientSecret", d.ClientSecret) - populate(objectMap, "dataCollectionEndpoint", d.DataCollectionEndpoint) - populate(objectMap, "dataCollectionRuleImmutableId", d.DataCollectionRuleImmutableID) - populate(objectMap, "kind", d.Kind) - populate(objectMap, "outputStream", d.OutputStream) - populate(objectMap, "password", d.Password) - populate(objectMap, "requestConfigUserInputValues", d.RequestConfigUserInputValues) - populate(objectMap, "userName", d.UserName) + populate(objectMap, "properties", c.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorConnectBody. -func (d *DataConnectorConnectBody) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CountQuery. +func (c *CountQuery) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "apiKey": - err = unpopulate(val, "APIKey", &d.APIKey) - delete(rawMsg, key) - case "authorizationCode": - err = unpopulate(val, "AuthorizationCode", &d.AuthorizationCode) - delete(rawMsg, key) - case "clientId": - err = unpopulate(val, "ClientID", &d.ClientID) - delete(rawMsg, key) - case "clientSecret": - err = unpopulate(val, "ClientSecret", &d.ClientSecret) - delete(rawMsg, key) - case "dataCollectionEndpoint": - err = unpopulate(val, "DataCollectionEndpoint", &d.DataCollectionEndpoint) - delete(rawMsg, key) - case "dataCollectionRuleImmutableId": - err = unpopulate(val, "DataCollectionRuleImmutableID", &d.DataCollectionRuleImmutableID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &d.Kind) - delete(rawMsg, key) - case "outputStream": - err = unpopulate(val, "OutputStream", &d.OutputStream) - delete(rawMsg, key) - case "password": - err = unpopulate(val, "Password", &d.Password) - delete(rawMsg, key) - case "requestConfigUserInputValues": - err = unpopulate(val, "RequestConfigUserInputValues", &d.RequestConfigUserInputValues) - delete(rawMsg, key) - case "userName": - err = unpopulate(val, "UserName", &d.UserName) + case "properties": + err = unpopulate(val, "Properties", &c.Properties) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DataConnectorDataTypeCommon. -func (d DataConnectorDataTypeCommon) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomEntityQuery. +func (c CustomEntityQuery) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", d.State) + populate(objectMap, "etag", c.Etag) + populate(objectMap, "id", c.ID) + objectMap["kind"] = c.Kind + populate(objectMap, "name", c.Name) + populate(objectMap, "systemData", c.SystemData) + populate(objectMap, "type", c.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDataTypeCommon. -func (d *DataConnectorDataTypeCommon) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomEntityQuery. +func (c *CustomEntityQuery) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &d.State) + case "etag": + err = unpopulate(val, "Etag", &c.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &c.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &c.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &c.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &c.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &c.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DataConnectorList. -func (d DataConnectorList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomPermissionDetails. +func (c CustomPermissionDetails) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", d.NextLink) - populate(objectMap, "value", d.Value) + populate(objectMap, "description", c.Description) + populate(objectMap, "name", c.Name) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorList. -func (d *DataConnectorList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomPermissionDetails. +func (c *CustomPermissionDetails) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &d.NextLink) + case "description": + err = unpopulate(val, "Description", &c.Description) delete(rawMsg, key) - case "value": - d.Value, err = unmarshalDataConnectorClassificationArray(val) + case "name": + err = unpopulate(val, "Name", &c.Name) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DataConnectorRequirementsState. -func (d DataConnectorRequirementsState) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomizableConnectionsConfig. +func (c CustomizableConnectionsConfig) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "authorizationState", d.AuthorizationState) - populate(objectMap, "licenseState", d.LicenseState) + populate(objectMap, "templateSpecName", c.TemplateSpecName) + populate(objectMap, "templateSpecVersion", c.TemplateSpecVersion) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorRequirementsState. -func (d *DataConnectorRequirementsState) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomizableConnectionsConfig. +func (c *CustomizableConnectionsConfig) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "authorizationState": - err = unpopulate(val, "AuthorizationState", &d.AuthorizationState) + case "templateSpecName": + err = unpopulate(val, "TemplateSpecName", &c.TemplateSpecName) delete(rawMsg, key) - case "licenseState": - err = unpopulate(val, "LicenseState", &d.LicenseState) + case "templateSpecVersion": + err = unpopulate(val, "TemplateSpecVersion", &c.TemplateSpecVersion) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DataConnectorsCheckRequirements. -func (d DataConnectorsCheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomizableConnectorDefinition. +func (c CustomizableConnectorDefinition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = d.Kind + populate(objectMap, "etag", c.Etag) + populate(objectMap, "id", c.ID) + objectMap["kind"] = DataConnectorDefinitionKindCustomizable + populate(objectMap, "name", c.Name) + populate(objectMap, "properties", c.Properties) + populate(objectMap, "systemData", c.SystemData) + populate(objectMap, "type", c.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsCheckRequirements. -func (d *DataConnectorsCheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomizableConnectorDefinition. +func (c *CustomizableConnectorDefinition) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { + case "etag": + err = unpopulate(val, "Etag", &c.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &c.ID) + delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &d.Kind) + err = unpopulate(val, "Kind", &c.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &c.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &c.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &c.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &c.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DataTypeDefinitions. -func (d DataTypeDefinitions) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomizableConnectorDefinitionProperties. +func (c CustomizableConnectorDefinitionProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataType", d.DataType) + populate(objectMap, "connectionsConfig", c.ConnectionsConfig) + populate(objectMap, "connectorUiConfig", c.ConnectorUIConfig) + populateDateTimeRFC3339(objectMap, "createdTimeUtc", c.CreatedTimeUTC) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", c.LastModifiedUTC) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataTypeDefinitions. -func (d *DataTypeDefinitions) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomizableConnectorDefinitionProperties. +func (c *CustomizableConnectorDefinitionProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "dataType": - err = unpopulate(val, "DataType", &d.DataType) + case "connectionsConfig": + err = unpopulate(val, "ConnectionsConfig", &c.ConnectionsConfig) + delete(rawMsg, key) + case "connectorUiConfig": + err = unpopulate(val, "ConnectorUIConfig", &c.ConnectorUIConfig) + delete(rawMsg, key) + case "createdTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &c.CreatedTimeUTC) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &c.LastModifiedUTC) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Deployment. -func (d Deployment) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomizableConnectorUIConfig. +func (c CustomizableConnectorUIConfig) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "deploymentId", d.DeploymentID) - populate(objectMap, "deploymentLogsUrl", d.DeploymentLogsURL) - populate(objectMap, "deploymentResult", d.DeploymentResult) - populate(objectMap, "deploymentState", d.DeploymentState) - populateDateTimeRFC3339(objectMap, "deploymentTime", d.DeploymentTime) + populate(objectMap, "availability", c.Availability) + populate(objectMap, "connectivityCriteria", c.ConnectivityCriteria) + populate(objectMap, "dataTypes", c.DataTypes) + populate(objectMap, "descriptionMarkdown", c.DescriptionMarkdown) + populate(objectMap, "graphQueries", c.GraphQueries) + populate(objectMap, "id", c.ID) + populate(objectMap, "instructionSteps", c.InstructionSteps) + populate(objectMap, "isConnectivityCriteriasMatchSome", c.IsConnectivityCriteriasMatchSome) + populate(objectMap, "logo", c.Logo) + populate(objectMap, "permissions", c.Permissions) + populate(objectMap, "publisher", c.Publisher) + populate(objectMap, "title", c.Title) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Deployment. -func (d *Deployment) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomizableConnectorUIConfig. +func (c *CustomizableConnectorUIConfig) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "deploymentId": - err = unpopulate(val, "DeploymentID", &d.DeploymentID) + case "availability": + err = unpopulate(val, "Availability", &c.Availability) delete(rawMsg, key) - case "deploymentLogsUrl": - err = unpopulate(val, "DeploymentLogsURL", &d.DeploymentLogsURL) + case "connectivityCriteria": + err = unpopulate(val, "ConnectivityCriteria", &c.ConnectivityCriteria) delete(rawMsg, key) - case "deploymentResult": - err = unpopulate(val, "DeploymentResult", &d.DeploymentResult) + case "dataTypes": + err = unpopulate(val, "DataTypes", &c.DataTypes) delete(rawMsg, key) - case "deploymentState": - err = unpopulate(val, "DeploymentState", &d.DeploymentState) + case "descriptionMarkdown": + err = unpopulate(val, "DescriptionMarkdown", &c.DescriptionMarkdown) delete(rawMsg, key) - case "deploymentTime": - err = unpopulateDateTimeRFC3339(val, "DeploymentTime", &d.DeploymentTime) + case "graphQueries": + err = unpopulate(val, "GraphQueries", &c.GraphQueries) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &c.ID) + delete(rawMsg, key) + case "instructionSteps": + err = unpopulate(val, "InstructionSteps", &c.InstructionSteps) + delete(rawMsg, key) + case "isConnectivityCriteriasMatchSome": + err = unpopulate(val, "IsConnectivityCriteriasMatchSome", &c.IsConnectivityCriteriasMatchSome) + delete(rawMsg, key) + case "logo": + err = unpopulate(val, "Logo", &c.Logo) + delete(rawMsg, key) + case "permissions": + err = unpopulate(val, "Permissions", &c.Permissions) + delete(rawMsg, key) + case "publisher": + err = unpopulate(val, "Publisher", &c.Publisher) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &c.Title) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DeploymentInfo. -func (d DeploymentInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DCRConfiguration. +func (d DCRConfiguration) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "deployment", d.Deployment) - populate(objectMap, "deploymentFetchStatus", d.DeploymentFetchStatus) - populate(objectMap, "message", d.Message) + populate(objectMap, "dataCollectionEndpoint", d.DataCollectionEndpoint) + populate(objectMap, "dataCollectionRuleImmutableId", d.DataCollectionRuleImmutableID) + populate(objectMap, "streamName", d.StreamName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DeploymentInfo. -func (d *DeploymentInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DCRConfiguration. +func (d *DCRConfiguration) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -4331,14 +5118,14 @@ func (d *DeploymentInfo) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "deployment": - err = unpopulate(val, "Deployment", &d.Deployment) + case "dataCollectionEndpoint": + err = unpopulate(val, "DataCollectionEndpoint", &d.DataCollectionEndpoint) delete(rawMsg, key) - case "deploymentFetchStatus": - err = unpopulate(val, "DeploymentFetchStatus", &d.DeploymentFetchStatus) + case "dataCollectionRuleImmutableId": + err = unpopulate(val, "DataCollectionRuleImmutableID", &d.DataCollectionRuleImmutableID) delete(rawMsg, key) - case "message": - err = unpopulate(val, "Message", &d.Message) + case "streamName": + err = unpopulate(val, "StreamName", &d.StreamName) delete(rawMsg, key) } if err != nil { @@ -4348,16 +5135,20 @@ func (d *DeploymentInfo) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type Dynamics365CheckRequirements. -func (d Dynamics365CheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DNSEntity. +func (d DNSEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindDynamics365 + populate(objectMap, "id", d.ID) + objectMap["kind"] = EntityKindEnumDNSResolution + populate(objectMap, "name", d.Name) populate(objectMap, "properties", d.Properties) + populate(objectMap, "systemData", d.SystemData) + populate(objectMap, "type", d.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365CheckRequirements. -func (d *Dynamics365CheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DNSEntity. +func (d *DNSEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -4365,12 +5156,24 @@ func (d *Dynamics365CheckRequirements) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { + case "id": + err = unpopulate(val, "ID", &d.ID) + delete(rawMsg, key) case "kind": err = unpopulate(val, "Kind", &d.Kind) delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &d.Name) + delete(rawMsg, key) case "properties": err = unpopulate(val, "Properties", &d.Properties) delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &d.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &d.Type) + delete(rawMsg, key) } if err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -4379,15 +5182,20 @@ func (d *Dynamics365CheckRequirements) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type Dynamics365CheckRequirementsProperties. -func (d Dynamics365CheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DNSEntityProperties. +func (d DNSEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", d.TenantID) + populate(objectMap, "additionalData", d.AdditionalData) + populate(objectMap, "dnsServerIpEntityId", d.DNSServerIPEntityID) + populate(objectMap, "domainName", d.DomainName) + populate(objectMap, "friendlyName", d.FriendlyName) + populate(objectMap, "hostIpAddressEntityId", d.HostIPAddressEntityID) + populate(objectMap, "ipAddressEntityIds", d.IPAddressEntityIDs) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365CheckRequirementsProperties. -func (d *Dynamics365CheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DNSEntityProperties. +func (d *DNSEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -4395,8 +5203,23 @@ func (d *Dynamics365CheckRequirementsProperties) UnmarshalJSON(data []byte) erro for key, val := range rawMsg { var err error switch key { - case "tenantId": - err = unpopulate(val, "TenantID", &d.TenantID) + case "additionalData": + err = unpopulate(val, "AdditionalData", &d.AdditionalData) + delete(rawMsg, key) + case "dnsServerIpEntityId": + err = unpopulate(val, "DNSServerIPEntityID", &d.DNSServerIPEntityID) + delete(rawMsg, key) + case "domainName": + err = unpopulate(val, "DomainName", &d.DomainName) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &d.FriendlyName) + delete(rawMsg, key) + case "hostIpAddressEntityId": + err = unpopulate(val, "HostIPAddressEntityID", &d.HostIPAddressEntityID) + delete(rawMsg, key) + case "ipAddressEntityIds": + err = unpopulate(val, "IPAddressEntityIDs", &d.IPAddressEntityIDs) delete(rawMsg, key) } if err != nil { @@ -4406,21 +5229,20 @@ func (d *Dynamics365CheckRequirementsProperties) UnmarshalJSON(data []byte) erro return nil } -// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnector. -func (d Dynamics365DataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnector. +func (d DataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "etag", d.Etag) populate(objectMap, "id", d.ID) - objectMap["kind"] = DataConnectorKindDynamics365 + objectMap["kind"] = d.Kind populate(objectMap, "name", d.Name) - populate(objectMap, "properties", d.Properties) populate(objectMap, "systemData", d.SystemData) populate(objectMap, "type", d.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnector. -func (d *Dynamics365DataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnector. +func (d *DataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -4440,9 +5262,6 @@ func (d *Dynamics365DataConnector) UnmarshalJSON(data []byte) error { case "name": err = unpopulate(val, "Name", &d.Name) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &d.Properties) - delete(rawMsg, key) case "systemData": err = unpopulate(val, "SystemData", &d.SystemData) delete(rawMsg, key) @@ -4457,15 +5276,25 @@ func (d *Dynamics365DataConnector) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnectorDataTypes. -func (d Dynamics365DataConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorConnectBody. +func (d DataConnectorConnectBody) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dynamics365CdsActivities", d.Dynamics365CdsActivities) + populate(objectMap, "apiKey", d.APIKey) + populate(objectMap, "authorizationCode", d.AuthorizationCode) + populate(objectMap, "clientId", d.ClientID) + populate(objectMap, "clientSecret", d.ClientSecret) + populate(objectMap, "dataCollectionEndpoint", d.DataCollectionEndpoint) + populate(objectMap, "dataCollectionRuleImmutableId", d.DataCollectionRuleImmutableID) + populate(objectMap, "kind", d.Kind) + populate(objectMap, "outputStream", d.OutputStream) + populate(objectMap, "password", d.Password) + populate(objectMap, "requestConfigUserInputValues", d.RequestConfigUserInputValues) + populate(objectMap, "userName", d.UserName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnectorDataTypes. -func (d *Dynamics365DataConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorConnectBody. +func (d *DataConnectorConnectBody) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -4473,8 +5302,38 @@ func (d *Dynamics365DataConnectorDataTypes) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "dynamics365CdsActivities": - err = unpopulate(val, "Dynamics365CdsActivities", &d.Dynamics365CdsActivities) + case "apiKey": + err = unpopulate(val, "APIKey", &d.APIKey) + delete(rawMsg, key) + case "authorizationCode": + err = unpopulate(val, "AuthorizationCode", &d.AuthorizationCode) + delete(rawMsg, key) + case "clientId": + err = unpopulate(val, "ClientID", &d.ClientID) + delete(rawMsg, key) + case "clientSecret": + err = unpopulate(val, "ClientSecret", &d.ClientSecret) + delete(rawMsg, key) + case "dataCollectionEndpoint": + err = unpopulate(val, "DataCollectionEndpoint", &d.DataCollectionEndpoint) + delete(rawMsg, key) + case "dataCollectionRuleImmutableId": + err = unpopulate(val, "DataCollectionRuleImmutableID", &d.DataCollectionRuleImmutableID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &d.Kind) + delete(rawMsg, key) + case "outputStream": + err = unpopulate(val, "OutputStream", &d.OutputStream) + delete(rawMsg, key) + case "password": + err = unpopulate(val, "Password", &d.Password) + delete(rawMsg, key) + case "requestConfigUserInputValues": + err = unpopulate(val, "RequestConfigUserInputValues", &d.RequestConfigUserInputValues) + delete(rawMsg, key) + case "userName": + err = unpopulate(val, "UserName", &d.UserName) delete(rawMsg, key) } if err != nil { @@ -4484,15 +5343,15 @@ func (d *Dynamics365DataConnectorDataTypes) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnectorDataTypesDynamics365CdsActivities. -func (d Dynamics365DataConnectorDataTypesDynamics365CdsActivities) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorDataTypeCommon. +func (d DataConnectorDataTypeCommon) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "state", d.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnectorDataTypesDynamics365CdsActivities. -func (d *Dynamics365DataConnectorDataTypesDynamics365CdsActivities) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDataTypeCommon. +func (d *DataConnectorDataTypeCommon) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -4511,16 +5370,20 @@ func (d *Dynamics365DataConnectorDataTypesDynamics365CdsActivities) UnmarshalJSO return nil } -// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnectorProperties. -func (d Dynamics365DataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorDefinition. +func (d DataConnectorDefinition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", d.DataTypes) - populate(objectMap, "tenantId", d.TenantID) + populate(objectMap, "etag", d.Etag) + populate(objectMap, "id", d.ID) + objectMap["kind"] = d.Kind + populate(objectMap, "name", d.Name) + populate(objectMap, "systemData", d.SystemData) + populate(objectMap, "type", d.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnectorProperties. -func (d *Dynamics365DataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDefinition. +func (d *DataConnectorDefinition) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -4528,11 +5391,23 @@ func (d *Dynamics365DataConnectorProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &d.DataTypes) + case "etag": + err = unpopulate(val, "Etag", &d.Etag) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &d.TenantID) + case "id": + err = unpopulate(val, "ID", &d.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &d.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &d.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &d.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &d.Type) delete(rawMsg, key) } if err != nil { @@ -4542,591 +5417,434 @@ func (d *Dynamics365DataConnectorProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhois. -func (e EnrichmentDomainWhois) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorDefinitionArmCollectionWrapper. +func (d DataConnectorDefinitionArmCollectionWrapper) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateDateTimeRFC3339(objectMap, "created", e.Created) - populate(objectMap, "domain", e.Domain) - populateDateTimeRFC3339(objectMap, "expires", e.Expires) - populate(objectMap, "parsedWhois", e.ParsedWhois) - populate(objectMap, "server", e.Server) - populateDateTimeRFC3339(objectMap, "updated", e.Updated) + populate(objectMap, "nextLink", d.NextLink) + populate(objectMap, "value", d.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhois. -func (e *EnrichmentDomainWhois) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDefinitionArmCollectionWrapper. +func (d *DataConnectorDefinitionArmCollectionWrapper) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "created": - err = unpopulateDateTimeRFC3339(val, "Created", &e.Created) - delete(rawMsg, key) - case "domain": - err = unpopulate(val, "Domain", &e.Domain) - delete(rawMsg, key) - case "expires": - err = unpopulateDateTimeRFC3339(val, "Expires", &e.Expires) - delete(rawMsg, key) - case "parsedWhois": - err = unpopulate(val, "ParsedWhois", &e.ParsedWhois) + case "nextLink": + err = unpopulate(val, "NextLink", &d.NextLink) delete(rawMsg, key) - case "server": - err = unpopulate(val, "Server", &e.Server) - delete(rawMsg, key) - case "updated": - err = unpopulateDateTimeRFC3339(val, "Updated", &e.Updated) + case "value": + d.Value, err = unmarshalDataConnectorDefinitionClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisContact. -func (e EnrichmentDomainWhoisContact) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorList. +func (d DataConnectorList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "city", e.City) - populate(objectMap, "country", e.Country) - populate(objectMap, "email", e.Email) - populate(objectMap, "fax", e.Fax) - populate(objectMap, "name", e.Name) - populate(objectMap, "org", e.Org) - populate(objectMap, "phone", e.Phone) - populate(objectMap, "postal", e.Postal) - populate(objectMap, "state", e.State) - populate(objectMap, "street", e.Street) + populate(objectMap, "nextLink", d.NextLink) + populate(objectMap, "value", d.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisContact. -func (e *EnrichmentDomainWhoisContact) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorList. +func (d *DataConnectorList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "city": - err = unpopulate(val, "City", &e.City) - delete(rawMsg, key) - case "country": - err = unpopulate(val, "Country", &e.Country) - delete(rawMsg, key) - case "email": - err = unpopulate(val, "Email", &e.Email) - delete(rawMsg, key) - case "fax": - err = unpopulate(val, "Fax", &e.Fax) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &e.Name) - delete(rawMsg, key) - case "org": - err = unpopulate(val, "Org", &e.Org) - delete(rawMsg, key) - case "phone": - err = unpopulate(val, "Phone", &e.Phone) - delete(rawMsg, key) - case "postal": - err = unpopulate(val, "Postal", &e.Postal) - delete(rawMsg, key) - case "state": - err = unpopulate(val, "State", &e.State) + case "nextLink": + err = unpopulate(val, "NextLink", &d.NextLink) delete(rawMsg, key) - case "street": - err = unpopulate(val, "Street", &e.Street) + case "value": + d.Value, err = unmarshalDataConnectorClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisContacts. -func (e EnrichmentDomainWhoisContacts) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorRequirementsState. +func (d DataConnectorRequirementsState) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "admin", e.Admin) - populate(objectMap, "billing", e.Billing) - populate(objectMap, "registrant", e.Registrant) - populate(objectMap, "tech", e.Tech) + populate(objectMap, "authorizationState", d.AuthorizationState) + populate(objectMap, "licenseState", d.LicenseState) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisContacts. -func (e *EnrichmentDomainWhoisContacts) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorRequirementsState. +func (d *DataConnectorRequirementsState) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "admin": - err = unpopulate(val, "Admin", &e.Admin) - delete(rawMsg, key) - case "billing": - err = unpopulate(val, "Billing", &e.Billing) - delete(rawMsg, key) - case "registrant": - err = unpopulate(val, "Registrant", &e.Registrant) + case "authorizationState": + err = unpopulate(val, "AuthorizationState", &d.AuthorizationState) delete(rawMsg, key) - case "tech": - err = unpopulate(val, "Tech", &e.Tech) + case "licenseState": + err = unpopulate(val, "LicenseState", &d.LicenseState) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisDetails. -func (e EnrichmentDomainWhoisDetails) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorsCheckRequirements. +func (d DataConnectorsCheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "contacts", e.Contacts) - populate(objectMap, "nameServers", e.NameServers) - populate(objectMap, "registrar", e.Registrar) - populate(objectMap, "statuses", e.Statuses) + objectMap["kind"] = d.Kind return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisDetails. -func (e *EnrichmentDomainWhoisDetails) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsCheckRequirements. +func (d *DataConnectorsCheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "contacts": - err = unpopulate(val, "Contacts", &e.Contacts) - delete(rawMsg, key) - case "nameServers": - err = unpopulate(val, "NameServers", &e.NameServers) - delete(rawMsg, key) - case "registrar": - err = unpopulate(val, "Registrar", &e.Registrar) - delete(rawMsg, key) - case "statuses": - err = unpopulate(val, "Statuses", &e.Statuses) + case "kind": + err = unpopulate(val, "Kind", &d.Kind) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisRegistrarDetails. -func (e EnrichmentDomainWhoisRegistrarDetails) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataTypeDefinitions. +func (d DataTypeDefinitions) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "abuseContactEmail", e.AbuseContactEmail) - populate(objectMap, "abuseContactPhone", e.AbuseContactPhone) - populate(objectMap, "ianaId", e.IanaID) - populate(objectMap, "name", e.Name) - populate(objectMap, "url", e.URL) - populate(objectMap, "whoisServer", e.WhoisServer) + populate(objectMap, "dataType", d.DataType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisRegistrarDetails. -func (e *EnrichmentDomainWhoisRegistrarDetails) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataTypeDefinitions. +func (d *DataTypeDefinitions) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "abuseContactEmail": - err = unpopulate(val, "AbuseContactEmail", &e.AbuseContactEmail) - delete(rawMsg, key) - case "abuseContactPhone": - err = unpopulate(val, "AbuseContactPhone", &e.AbuseContactPhone) - delete(rawMsg, key) - case "ianaId": - err = unpopulate(val, "IanaID", &e.IanaID) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &e.Name) - delete(rawMsg, key) - case "url": - err = unpopulate(val, "URL", &e.URL) - delete(rawMsg, key) - case "whoisServer": - err = unpopulate(val, "WhoisServer", &e.WhoisServer) + case "dataType": + err = unpopulate(val, "DataType", &d.DataType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EnrichmentIPGeodata. -func (e EnrichmentIPGeodata) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Deployment. +func (d Deployment) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "asn", e.Asn) - populate(objectMap, "carrier", e.Carrier) - populate(objectMap, "city", e.City) - populate(objectMap, "cityCf", e.CityCf) - populate(objectMap, "continent", e.Continent) - populate(objectMap, "country", e.Country) - populate(objectMap, "countryCf", e.CountryCf) - populate(objectMap, "ipAddr", e.IPAddr) - populate(objectMap, "ipRoutingType", e.IPRoutingType) - populate(objectMap, "latitude", e.Latitude) - populate(objectMap, "longitude", e.Longitude) - populate(objectMap, "organization", e.Organization) - populate(objectMap, "organizationType", e.OrganizationType) - populate(objectMap, "region", e.Region) - populate(objectMap, "state", e.State) - populate(objectMap, "stateCf", e.StateCf) - populate(objectMap, "stateCode", e.StateCode) + populate(objectMap, "deploymentId", d.DeploymentID) + populate(objectMap, "deploymentLogsUrl", d.DeploymentLogsURL) + populate(objectMap, "deploymentResult", d.DeploymentResult) + populate(objectMap, "deploymentState", d.DeploymentState) + populateDateTimeRFC3339(objectMap, "deploymentTime", d.DeploymentTime) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentIPGeodata. -func (e *EnrichmentIPGeodata) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Deployment. +func (d *Deployment) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "asn": - err = unpopulate(val, "Asn", &e.Asn) - delete(rawMsg, key) - case "carrier": - err = unpopulate(val, "Carrier", &e.Carrier) - delete(rawMsg, key) - case "city": - err = unpopulate(val, "City", &e.City) - delete(rawMsg, key) - case "cityCf": - err = unpopulate(val, "CityCf", &e.CityCf) - delete(rawMsg, key) - case "continent": - err = unpopulate(val, "Continent", &e.Continent) - delete(rawMsg, key) - case "country": - err = unpopulate(val, "Country", &e.Country) - delete(rawMsg, key) - case "countryCf": - err = unpopulate(val, "CountryCf", &e.CountryCf) - delete(rawMsg, key) - case "ipAddr": - err = unpopulate(val, "IPAddr", &e.IPAddr) - delete(rawMsg, key) - case "ipRoutingType": - err = unpopulate(val, "IPRoutingType", &e.IPRoutingType) - delete(rawMsg, key) - case "latitude": - err = unpopulate(val, "Latitude", &e.Latitude) - delete(rawMsg, key) - case "longitude": - err = unpopulate(val, "Longitude", &e.Longitude) - delete(rawMsg, key) - case "organization": - err = unpopulate(val, "Organization", &e.Organization) - delete(rawMsg, key) - case "organizationType": - err = unpopulate(val, "OrganizationType", &e.OrganizationType) + case "deploymentId": + err = unpopulate(val, "DeploymentID", &d.DeploymentID) delete(rawMsg, key) - case "region": - err = unpopulate(val, "Region", &e.Region) + case "deploymentLogsUrl": + err = unpopulate(val, "DeploymentLogsURL", &d.DeploymentLogsURL) delete(rawMsg, key) - case "state": - err = unpopulate(val, "State", &e.State) + case "deploymentResult": + err = unpopulate(val, "DeploymentResult", &d.DeploymentResult) delete(rawMsg, key) - case "stateCf": - err = unpopulate(val, "StateCf", &e.StateCf) + case "deploymentState": + err = unpopulate(val, "DeploymentState", &d.DeploymentState) delete(rawMsg, key) - case "stateCode": - err = unpopulate(val, "StateCode", &e.StateCode) + case "deploymentTime": + err = unpopulateDateTimeRFC3339(val, "DeploymentTime", &d.DeploymentTime) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Entity. -func (e Entity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DeploymentInfo. +func (d DeploymentInfo) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", e.ID) - objectMap["kind"] = e.Kind - populate(objectMap, "name", e.Name) - populate(objectMap, "systemData", e.SystemData) - populate(objectMap, "type", e.Type) + populate(objectMap, "deployment", d.Deployment) + populate(objectMap, "deploymentFetchStatus", d.DeploymentFetchStatus) + populate(objectMap, "message", d.Message) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Entity. -func (e *Entity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DeploymentInfo. +func (d *DeploymentInfo) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &e.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &e.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &e.Name) + case "deployment": + err = unpopulate(val, "Deployment", &d.Deployment) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &e.SystemData) + case "deploymentFetchStatus": + err = unpopulate(val, "DeploymentFetchStatus", &d.DeploymentFetchStatus) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &e.Type) + case "message": + err = unpopulate(val, "Message", &d.Message) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityAnalytics. -func (e EntityAnalytics) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365CheckRequirements. +func (d Dynamics365CheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", e.Etag) - populate(objectMap, "id", e.ID) - objectMap["kind"] = SettingKindEntityAnalytics - populate(objectMap, "name", e.Name) - populate(objectMap, "properties", e.Properties) - populate(objectMap, "systemData", e.SystemData) - populate(objectMap, "type", e.Type) + objectMap["kind"] = DataConnectorKindDynamics365 + populate(objectMap, "properties", d.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityAnalytics. -func (e *EntityAnalytics) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365CheckRequirements. +func (d *Dynamics365CheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &e.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &e.ID) - delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &e.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &e.Name) + err = unpopulate(val, "Kind", &d.Kind) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &e.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &e.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &e.Type) + err = unpopulate(val, "Properties", &d.Properties) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityAnalyticsProperties. -func (e EntityAnalyticsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365CheckRequirementsProperties. +func (d Dynamics365CheckRequirementsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "entityProviders", e.EntityProviders) + populate(objectMap, "tenantId", d.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityAnalyticsProperties. -func (e *EntityAnalyticsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365CheckRequirementsProperties. +func (d *Dynamics365CheckRequirementsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "entityProviders": - err = unpopulate(val, "EntityProviders", &e.EntityProviders) + case "tenantId": + err = unpopulate(val, "TenantID", &d.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityEdges. -func (e EntityEdges) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnector. +func (d Dynamics365DataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", e.AdditionalData) - populate(objectMap, "targetEntityId", e.TargetEntityID) + populate(objectMap, "etag", d.Etag) + populate(objectMap, "id", d.ID) + objectMap["kind"] = DataConnectorKindDynamics365 + populate(objectMap, "name", d.Name) + populate(objectMap, "properties", d.Properties) + populate(objectMap, "systemData", d.SystemData) + populate(objectMap, "type", d.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityEdges. -func (e *EntityEdges) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnector. +func (d *Dynamics365DataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &e.AdditionalData) + case "etag": + err = unpopulate(val, "Etag", &d.Etag) delete(rawMsg, key) - case "targetEntityId": - err = unpopulate(val, "TargetEntityID", &e.TargetEntityID) + case "id": + err = unpopulate(val, "ID", &d.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &d.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &d.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &d.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &d.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &d.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityExpandParameters. -func (e EntityExpandParameters) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnectorDataTypes. +func (d Dynamics365DataConnectorDataTypes) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) - populate(objectMap, "expansionId", e.ExpansionID) - populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) + populate(objectMap, "dynamics365CdsActivities", d.Dynamics365CdsActivities) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityExpandParameters. -func (e *EntityExpandParameters) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnectorDataTypes. +func (d *Dynamics365DataConnectorDataTypes) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "endTime": - err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) - delete(rawMsg, key) - case "expansionId": - err = unpopulate(val, "ExpansionID", &e.ExpansionID) - delete(rawMsg, key) - case "startTime": - err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) + case "dynamics365CdsActivities": + err = unpopulate(val, "Dynamics365CdsActivities", &d.Dynamics365CdsActivities) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityExpandResponse. -func (e EntityExpandResponse) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnectorDataTypesDynamics365CdsActivities. +func (d Dynamics365DataConnectorDataTypesDynamics365CdsActivities) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "metaData", e.MetaData) - populate(objectMap, "value", e.Value) + populate(objectMap, "state", d.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityExpandResponse. -func (e *EntityExpandResponse) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnectorDataTypesDynamics365CdsActivities. +func (d *Dynamics365DataConnectorDataTypesDynamics365CdsActivities) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "metaData": - err = unpopulate(val, "MetaData", &e.MetaData) - delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &e.Value) + case "state": + err = unpopulate(val, "State", &d.State) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityExpandResponseValue. -func (e EntityExpandResponseValue) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnectorProperties. +func (d Dynamics365DataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "edges", e.Edges) - populate(objectMap, "entities", e.Entities) + populate(objectMap, "dataTypes", d.DataTypes) + populate(objectMap, "tenantId", d.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityExpandResponseValue. -func (e *EntityExpandResponseValue) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnectorProperties. +func (d *Dynamics365DataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "edges": - err = unpopulate(val, "Edges", &e.Edges) + case "dataTypes": + err = unpopulate(val, "DataTypes", &d.DataTypes) delete(rawMsg, key) - case "entities": - e.Entities, err = unmarshalEntityClassificationArray(val) + case "tenantId": + err = unpopulate(val, "TenantID", &d.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityFieldMapping. -func (e EntityFieldMapping) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainBody. +func (e EnrichmentDomainBody) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "identifier", e.Identifier) - populate(objectMap, "value", e.Value) + populate(objectMap, "domain", e.Domain) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityFieldMapping. -func (e *EntityFieldMapping) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainBody. +func (e *EnrichmentDomainBody) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5134,11 +5852,8 @@ func (e *EntityFieldMapping) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "identifier": - err = unpopulate(val, "Identifier", &e.Identifier) - delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &e.Value) + case "domain": + err = unpopulate(val, "Domain", &e.Domain) delete(rawMsg, key) } if err != nil { @@ -5148,18 +5863,20 @@ func (e *EntityFieldMapping) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityGetInsightsParameters. -func (e EntityGetInsightsParameters) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhois. +func (e EnrichmentDomainWhois) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "addDefaultExtendedTimeRange", e.AddDefaultExtendedTimeRange) - populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) - populate(objectMap, "insightQueryIds", e.InsightQueryIDs) - populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) + populateDateTimeRFC3339(objectMap, "created", e.Created) + populate(objectMap, "domain", e.Domain) + populateDateTimeRFC3339(objectMap, "expires", e.Expires) + populate(objectMap, "parsedWhois", e.ParsedWhois) + populate(objectMap, "server", e.Server) + populateDateTimeRFC3339(objectMap, "updated", e.Updated) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityGetInsightsParameters. -func (e *EntityGetInsightsParameters) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhois. +func (e *EnrichmentDomainWhois) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5167,17 +5884,23 @@ func (e *EntityGetInsightsParameters) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "addDefaultExtendedTimeRange": - err = unpopulate(val, "AddDefaultExtendedTimeRange", &e.AddDefaultExtendedTimeRange) + case "created": + err = unpopulateDateTimeRFC3339(val, "Created", &e.Created) delete(rawMsg, key) - case "endTime": - err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) + case "domain": + err = unpopulate(val, "Domain", &e.Domain) delete(rawMsg, key) - case "insightQueryIds": - err = unpopulate(val, "InsightQueryIDs", &e.InsightQueryIDs) + case "expires": + err = unpopulateDateTimeRFC3339(val, "Expires", &e.Expires) delete(rawMsg, key) - case "startTime": - err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) + case "parsedWhois": + err = unpopulate(val, "ParsedWhois", &e.ParsedWhois) + delete(rawMsg, key) + case "server": + err = unpopulate(val, "Server", &e.Server) + delete(rawMsg, key) + case "updated": + err = unpopulateDateTimeRFC3339(val, "Updated", &e.Updated) delete(rawMsg, key) } if err != nil { @@ -5187,16 +5910,24 @@ func (e *EntityGetInsightsParameters) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityGetInsightsResponse. -func (e EntityGetInsightsResponse) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisContact. +func (e EnrichmentDomainWhoisContact) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "metaData", e.MetaData) - populate(objectMap, "value", e.Value) + populate(objectMap, "city", e.City) + populate(objectMap, "country", e.Country) + populate(objectMap, "email", e.Email) + populate(objectMap, "fax", e.Fax) + populate(objectMap, "name", e.Name) + populate(objectMap, "org", e.Org) + populate(objectMap, "phone", e.Phone) + populate(objectMap, "postal", e.Postal) + populate(objectMap, "state", e.State) + populate(objectMap, "street", e.Street) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityGetInsightsResponse. -func (e *EntityGetInsightsResponse) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisContact. +func (e *EnrichmentDomainWhoisContact) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5204,11 +5935,35 @@ func (e *EntityGetInsightsResponse) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "metaData": - err = unpopulate(val, "MetaData", &e.MetaData) + case "city": + err = unpopulate(val, "City", &e.City) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &e.Value) + case "country": + err = unpopulate(val, "Country", &e.Country) + delete(rawMsg, key) + case "email": + err = unpopulate(val, "Email", &e.Email) + delete(rawMsg, key) + case "fax": + err = unpopulate(val, "Fax", &e.Fax) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "org": + err = unpopulate(val, "Org", &e.Org) + delete(rawMsg, key) + case "phone": + err = unpopulate(val, "Phone", &e.Phone) + delete(rawMsg, key) + case "postal": + err = unpopulate(val, "Postal", &e.Postal) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &e.State) + delete(rawMsg, key) + case "street": + err = unpopulate(val, "Street", &e.Street) delete(rawMsg, key) } if err != nil { @@ -5218,18 +5973,18 @@ func (e *EntityGetInsightsResponse) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityInsightItem. -func (e EntityInsightItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisContacts. +func (e EnrichmentDomainWhoisContacts) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "chartQueryResults", e.ChartQueryResults) - populate(objectMap, "queryId", e.QueryID) - populate(objectMap, "queryTimeInterval", e.QueryTimeInterval) - populate(objectMap, "tableQueryResults", e.TableQueryResults) + populate(objectMap, "admin", e.Admin) + populate(objectMap, "billing", e.Billing) + populate(objectMap, "registrant", e.Registrant) + populate(objectMap, "tech", e.Tech) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityInsightItem. -func (e *EntityInsightItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisContacts. +func (e *EnrichmentDomainWhoisContacts) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5237,17 +5992,17 @@ func (e *EntityInsightItem) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "chartQueryResults": - err = unpopulate(val, "ChartQueryResults", &e.ChartQueryResults) + case "admin": + err = unpopulate(val, "Admin", &e.Admin) delete(rawMsg, key) - case "queryId": - err = unpopulate(val, "QueryID", &e.QueryID) + case "billing": + err = unpopulate(val, "Billing", &e.Billing) delete(rawMsg, key) - case "queryTimeInterval": - err = unpopulate(val, "QueryTimeInterval", &e.QueryTimeInterval) + case "registrant": + err = unpopulate(val, "Registrant", &e.Registrant) delete(rawMsg, key) - case "tableQueryResults": - err = unpopulate(val, "TableQueryResults", &e.TableQueryResults) + case "tech": + err = unpopulate(val, "Tech", &e.Tech) delete(rawMsg, key) } if err != nil { @@ -5257,16 +6012,18 @@ func (e *EntityInsightItem) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityInsightItemQueryTimeInterval. -func (e EntityInsightItemQueryTimeInterval) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisDetails. +func (e EnrichmentDomainWhoisDetails) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) - populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) + populate(objectMap, "contacts", e.Contacts) + populate(objectMap, "nameServers", e.NameServers) + populate(objectMap, "registrar", e.Registrar) + populate(objectMap, "statuses", e.Statuses) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityInsightItemQueryTimeInterval. -func (e *EntityInsightItemQueryTimeInterval) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisDetails. +func (e *EnrichmentDomainWhoisDetails) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5274,11 +6031,17 @@ func (e *EntityInsightItemQueryTimeInterval) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "endTime": - err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) + case "contacts": + err = unpopulate(val, "Contacts", &e.Contacts) delete(rawMsg, key) - case "startTime": - err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) + case "nameServers": + err = unpopulate(val, "NameServers", &e.NameServers) + delete(rawMsg, key) + case "registrar": + err = unpopulate(val, "Registrar", &e.Registrar) + delete(rawMsg, key) + case "statuses": + err = unpopulate(val, "Statuses", &e.Statuses) delete(rawMsg, key) } if err != nil { @@ -5288,16 +6051,20 @@ func (e *EntityInsightItemQueryTimeInterval) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityList. -func (e EntityList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisRegistrarDetails. +func (e EnrichmentDomainWhoisRegistrarDetails) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", e.NextLink) - populate(objectMap, "value", e.Value) + populate(objectMap, "abuseContactEmail", e.AbuseContactEmail) + populate(objectMap, "abuseContactPhone", e.AbuseContactPhone) + populate(objectMap, "ianaId", e.IanaID) + populate(objectMap, "name", e.Name) + populate(objectMap, "url", e.URL) + populate(objectMap, "whoisServer", e.WhoisServer) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityList. -func (e *EntityList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisRegistrarDetails. +func (e *EnrichmentDomainWhoisRegistrarDetails) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5305,11 +6072,23 @@ func (e *EntityList) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &e.NextLink) + case "abuseContactEmail": + err = unpopulate(val, "AbuseContactEmail", &e.AbuseContactEmail) delete(rawMsg, key) - case "value": - e.Value, err = unmarshalEntityClassificationArray(val) + case "abuseContactPhone": + err = unpopulate(val, "AbuseContactPhone", &e.AbuseContactPhone) + delete(rawMsg, key) + case "ianaId": + err = unpopulate(val, "IanaID", &e.IanaID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "url": + err = unpopulate(val, "URL", &e.URL) + delete(rawMsg, key) + case "whoisServer": + err = unpopulate(val, "WhoisServer", &e.WhoisServer) delete(rawMsg, key) } if err != nil { @@ -5319,16 +6098,15 @@ func (e *EntityList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityMapping. -func (e EntityMapping) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentIPAddressBody. +func (e EnrichmentIPAddressBody) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "entityType", e.EntityType) - populate(objectMap, "fieldMappings", e.FieldMappings) + populate(objectMap, "ipAddress", e.IPAddress) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityMapping. -func (e *EntityMapping) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentIPAddressBody. +func (e *EnrichmentIPAddressBody) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5336,11 +6114,8 @@ func (e *EntityMapping) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "entityType": - err = unpopulate(val, "EntityType", &e.EntityType) - delete(rawMsg, key) - case "fieldMappings": - err = unpopulate(val, "FieldMappings", &e.FieldMappings) + case "ipAddress": + err = unpopulate(val, "IPAddress", &e.IPAddress) delete(rawMsg, key) } if err != nil { @@ -5350,20 +6125,31 @@ func (e *EntityMapping) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityQuery. -func (e EntityQuery) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentIPGeodata. +func (e EnrichmentIPGeodata) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", e.Etag) - populate(objectMap, "id", e.ID) - objectMap["kind"] = e.Kind - populate(objectMap, "name", e.Name) - populate(objectMap, "systemData", e.SystemData) - populate(objectMap, "type", e.Type) + populate(objectMap, "asn", e.Asn) + populate(objectMap, "carrier", e.Carrier) + populate(objectMap, "city", e.City) + populate(objectMap, "cityConfidenceFactor", e.CityConfidenceFactor) + populate(objectMap, "continent", e.Continent) + populate(objectMap, "country", e.Country) + populate(objectMap, "countryConfidenceFactor", e.CountryConfidenceFactor) + populate(objectMap, "ipAddr", e.IPAddr) + populate(objectMap, "ipRoutingType", e.IPRoutingType) + populate(objectMap, "latitude", e.Latitude) + populate(objectMap, "longitude", e.Longitude) + populate(objectMap, "organization", e.Organization) + populate(objectMap, "organizationType", e.OrganizationType) + populate(objectMap, "region", e.Region) + populate(objectMap, "state", e.State) + populate(objectMap, "stateCode", e.StateCode) + populate(objectMap, "stateConfidenceFactor", e.StateConfidenceFactor) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQuery. -func (e *EntityQuery) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentIPGeodata. +func (e *EnrichmentIPGeodata) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5371,23 +6157,56 @@ func (e *EntityQuery) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &e.Etag) + case "asn": + err = unpopulate(val, "Asn", &e.Asn) delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &e.ID) + case "carrier": + err = unpopulate(val, "Carrier", &e.Carrier) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &e.Kind) + case "city": + err = unpopulate(val, "City", &e.City) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &e.Name) + case "cityConfidenceFactor": + err = unpopulate(val, "CityConfidenceFactor", &e.CityConfidenceFactor) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &e.SystemData) + case "continent": + err = unpopulate(val, "Continent", &e.Continent) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &e.Type) + case "country": + err = unpopulate(val, "Country", &e.Country) + delete(rawMsg, key) + case "countryConfidenceFactor": + err = unpopulate(val, "CountryConfidenceFactor", &e.CountryConfidenceFactor) + delete(rawMsg, key) + case "ipAddr": + err = unpopulate(val, "IPAddr", &e.IPAddr) + delete(rawMsg, key) + case "ipRoutingType": + err = unpopulate(val, "IPRoutingType", &e.IPRoutingType) + delete(rawMsg, key) + case "latitude": + err = unpopulate(val, "Latitude", &e.Latitude) + delete(rawMsg, key) + case "longitude": + err = unpopulate(val, "Longitude", &e.Longitude) + delete(rawMsg, key) + case "organization": + err = unpopulate(val, "Organization", &e.Organization) + delete(rawMsg, key) + case "organizationType": + err = unpopulate(val, "OrganizationType", &e.OrganizationType) + delete(rawMsg, key) + case "region": + err = unpopulate(val, "Region", &e.Region) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &e.State) + delete(rawMsg, key) + case "stateCode": + err = unpopulate(val, "StateCode", &e.StateCode) + delete(rawMsg, key) + case "stateConfidenceFactor": + err = unpopulate(val, "StateConfidenceFactor", &e.StateConfidenceFactor) delete(rawMsg, key) } if err != nil { @@ -5397,18 +6216,19 @@ func (e *EntityQuery) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityQueryItem. -func (e EntityQueryItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Entity. +func (e Entity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "id", e.ID) objectMap["kind"] = e.Kind populate(objectMap, "name", e.Name) + populate(objectMap, "systemData", e.SystemData) populate(objectMap, "type", e.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryItem. -func (e *EntityQueryItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Entity. +func (e *Entity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5425,6 +6245,9 @@ func (e *EntityQueryItem) UnmarshalJSON(data []byte) error { case "name": err = unpopulate(val, "Name", &e.Name) delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &e.SystemData) + delete(rawMsg, key) case "type": err = unpopulate(val, "Type", &e.Type) delete(rawMsg, key) @@ -5436,77 +6259,21 @@ func (e *EntityQueryItem) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityQueryItemPropertiesDataTypesItem. -func (e EntityQueryItemPropertiesDataTypesItem) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "dataType", e.DataType) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryItemPropertiesDataTypesItem. -func (e *EntityQueryItemPropertiesDataTypesItem) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "dataType": - err = unpopulate(val, "DataType", &e.DataType) - delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type EntityQueryList. -func (e EntityQueryList) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "nextLink", e.NextLink) - populate(objectMap, "value", e.Value) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryList. -func (e *EntityQueryList) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &e.NextLink) - delete(rawMsg, key) - case "value": - e.Value, err = unmarshalEntityQueryClassificationArray(val) - delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type EntityQueryTemplate. -func (e EntityQueryTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityAnalytics. +func (e EntityAnalytics) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) + populate(objectMap, "etag", e.Etag) populate(objectMap, "id", e.ID) - objectMap["kind"] = e.Kind + objectMap["kind"] = SettingKindEntityAnalytics populate(objectMap, "name", e.Name) + populate(objectMap, "properties", e.Properties) populate(objectMap, "systemData", e.SystemData) populate(objectMap, "type", e.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryTemplate. -func (e *EntityQueryTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityAnalytics. +func (e *EntityAnalytics) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5514,6 +6281,9 @@ func (e *EntityQueryTemplate) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { + case "etag": + err = unpopulate(val, "Etag", &e.Etag) + delete(rawMsg, key) case "id": err = unpopulate(val, "ID", &e.ID) delete(rawMsg, key) @@ -5523,6 +6293,9 @@ func (e *EntityQueryTemplate) UnmarshalJSON(data []byte) error { case "name": err = unpopulate(val, "Name", &e.Name) delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &e.Properties) + delete(rawMsg, key) case "systemData": err = unpopulate(val, "SystemData", &e.SystemData) delete(rawMsg, key) @@ -5537,16 +6310,15 @@ func (e *EntityQueryTemplate) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityQueryTemplateList. -func (e EntityQueryTemplateList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityAnalyticsProperties. +func (e EntityAnalyticsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", e.NextLink) - populate(objectMap, "value", e.Value) + populate(objectMap, "entityProviders", e.EntityProviders) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryTemplateList. -func (e *EntityQueryTemplateList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityAnalyticsProperties. +func (e *EntityAnalyticsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5554,11 +6326,8 @@ func (e *EntityQueryTemplateList) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &e.NextLink) - delete(rawMsg, key) - case "value": - e.Value, err = unmarshalEntityQueryTemplateClassificationArray(val) + case "entityProviders": + err = unpopulate(val, "EntityProviders", &e.EntityProviders) delete(rawMsg, key) } if err != nil { @@ -5568,15 +6337,16 @@ func (e *EntityQueryTemplateList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityTimelineItem. -func (e EntityTimelineItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityEdges. +func (e EntityEdges) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = e.Kind + populate(objectMap, "additionalData", e.AdditionalData) + populate(objectMap, "targetEntityId", e.TargetEntityID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityTimelineItem. -func (e *EntityTimelineItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityEdges. +func (e *EntityEdges) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5584,8 +6354,11 @@ func (e *EntityTimelineItem) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &e.Kind) + case "additionalData": + err = unpopulate(val, "AdditionalData", &e.AdditionalData) + delete(rawMsg, key) + case "targetEntityId": + err = unpopulate(val, "TargetEntityID", &e.TargetEntityID) delete(rawMsg, key) } if err != nil { @@ -5595,18 +6368,17 @@ func (e *EntityTimelineItem) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityTimelineParameters. -func (e EntityTimelineParameters) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityExpandParameters. +func (e EntityExpandParameters) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) - populate(objectMap, "kinds", e.Kinds) - populate(objectMap, "numberOfBucket", e.NumberOfBucket) + populate(objectMap, "expansionId", e.ExpansionID) populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityTimelineParameters. -func (e *EntityTimelineParameters) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityExpandParameters. +func (e *EntityExpandParameters) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5617,11 +6389,8 @@ func (e *EntityTimelineParameters) UnmarshalJSON(data []byte) error { case "endTime": err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) delete(rawMsg, key) - case "kinds": - err = unpopulate(val, "Kinds", &e.Kinds) - delete(rawMsg, key) - case "numberOfBucket": - err = unpopulate(val, "NumberOfBucket", &e.NumberOfBucket) + case "expansionId": + err = unpopulate(val, "ExpansionID", &e.ExpansionID) delete(rawMsg, key) case "startTime": err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) @@ -5634,16 +6403,16 @@ func (e *EntityTimelineParameters) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityTimelineResponse. -func (e EntityTimelineResponse) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityExpandResponse. +func (e EntityExpandResponse) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "metaData", e.MetaData) populate(objectMap, "value", e.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityTimelineResponse. -func (e *EntityTimelineResponse) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityExpandResponse. +func (e *EntityExpandResponse) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5655,7 +6424,7 @@ func (e *EntityTimelineResponse) UnmarshalJSON(data []byte) error { err = unpopulate(val, "MetaData", &e.MetaData) delete(rawMsg, key) case "value": - e.Value, err = unmarshalEntityTimelineItemClassificationArray(val) + err = unpopulate(val, "Value", &e.Value) delete(rawMsg, key) } if err != nil { @@ -5665,15 +6434,16 @@ func (e *EntityTimelineResponse) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EventGroupingSettings. -func (e EventGroupingSettings) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityExpandResponseValue. +func (e EntityExpandResponseValue) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "aggregationKind", e.AggregationKind) + populate(objectMap, "edges", e.Edges) + populate(objectMap, "entities", e.Entities) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EventGroupingSettings. -func (e *EventGroupingSettings) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityExpandResponseValue. +func (e *EntityExpandResponseValue) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5681,8 +6451,11 @@ func (e *EventGroupingSettings) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "aggregationKind": - err = unpopulate(val, "AggregationKind", &e.AggregationKind) + case "edges": + err = unpopulate(val, "Edges", &e.Edges) + delete(rawMsg, key) + case "entities": + e.Entities, err = unmarshalEntityClassificationArray(val) delete(rawMsg, key) } if err != nil { @@ -5692,20 +6465,16 @@ func (e *EventGroupingSettings) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ExpansionEntityQueriesProperties. -func (e ExpansionEntityQueriesProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityFieldMapping. +func (e EntityFieldMapping) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataSources", e.DataSources) - populate(objectMap, "displayName", e.DisplayName) - populate(objectMap, "inputEntityType", e.InputEntityType) - populate(objectMap, "inputFields", e.InputFields) - populate(objectMap, "outputEntityTypes", e.OutputEntityTypes) - populate(objectMap, "queryTemplate", e.QueryTemplate) + populate(objectMap, "identifier", e.Identifier) + populate(objectMap, "value", e.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionEntityQueriesProperties. -func (e *ExpansionEntityQueriesProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityFieldMapping. +func (e *EntityFieldMapping) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5713,23 +6482,11 @@ func (e *ExpansionEntityQueriesProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "dataSources": - err = unpopulate(val, "DataSources", &e.DataSources) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &e.DisplayName) - delete(rawMsg, key) - case "inputEntityType": - err = unpopulate(val, "InputEntityType", &e.InputEntityType) - delete(rawMsg, key) - case "inputFields": - err = unpopulate(val, "InputFields", &e.InputFields) - delete(rawMsg, key) - case "outputEntityTypes": - err = unpopulate(val, "OutputEntityTypes", &e.OutputEntityTypes) + case "identifier": + err = unpopulate(val, "Identifier", &e.Identifier) delete(rawMsg, key) - case "queryTemplate": - err = unpopulate(val, "QueryTemplate", &e.QueryTemplate) + case "value": + err = unpopulate(val, "Value", &e.Value) delete(rawMsg, key) } if err != nil { @@ -5739,21 +6496,18 @@ func (e *ExpansionEntityQueriesProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ExpansionEntityQuery. -func (e ExpansionEntityQuery) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityGetInsightsParameters. +func (e EntityGetInsightsParameters) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", e.Etag) - populate(objectMap, "id", e.ID) - objectMap["kind"] = EntityQueryKindExpansion - populate(objectMap, "name", e.Name) - populate(objectMap, "properties", e.Properties) - populate(objectMap, "systemData", e.SystemData) - populate(objectMap, "type", e.Type) + populate(objectMap, "addDefaultExtendedTimeRange", e.AddDefaultExtendedTimeRange) + populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) + populate(objectMap, "insightQueryIds", e.InsightQueryIDs) + populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionEntityQuery. -func (e *ExpansionEntityQuery) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityGetInsightsParameters. +func (e *EntityGetInsightsParameters) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5761,26 +6515,17 @@ func (e *ExpansionEntityQuery) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &e.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &e.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &e.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &e.Name) + case "addDefaultExtendedTimeRange": + err = unpopulate(val, "AddDefaultExtendedTimeRange", &e.AddDefaultExtendedTimeRange) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &e.Properties) + case "endTime": + err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &e.SystemData) + case "insightQueryIds": + err = unpopulate(val, "InsightQueryIDs", &e.InsightQueryIDs) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &e.Type) + case "startTime": + err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) delete(rawMsg, key) } if err != nil { @@ -5790,18 +6535,16 @@ func (e *ExpansionEntityQuery) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ExpansionResultAggregation. -func (e ExpansionResultAggregation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityGetInsightsResponse. +func (e EntityGetInsightsResponse) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "aggregationType", e.AggregationType) - populate(objectMap, "count", e.Count) - populate(objectMap, "displayName", e.DisplayName) - populate(objectMap, "entityKind", e.EntityKind) + populate(objectMap, "metaData", e.MetaData) + populate(objectMap, "value", e.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionResultAggregation. -func (e *ExpansionResultAggregation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityGetInsightsResponse. +func (e *EntityGetInsightsResponse) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5809,17 +6552,11 @@ func (e *ExpansionResultAggregation) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "aggregationType": - err = unpopulate(val, "AggregationType", &e.AggregationType) - delete(rawMsg, key) - case "count": - err = unpopulate(val, "Count", &e.Count) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &e.DisplayName) + case "metaData": + err = unpopulate(val, "MetaData", &e.MetaData) delete(rawMsg, key) - case "entityKind": - err = unpopulate(val, "EntityKind", &e.EntityKind) + case "value": + err = unpopulate(val, "Value", &e.Value) delete(rawMsg, key) } if err != nil { @@ -5829,15 +6566,18 @@ func (e *ExpansionResultAggregation) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ExpansionResultsMetadata. -func (e ExpansionResultsMetadata) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityInsightItem. +func (e EntityInsightItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "aggregations", e.Aggregations) + populate(objectMap, "chartQueryResults", e.ChartQueryResults) + populate(objectMap, "queryId", e.QueryID) + populate(objectMap, "queryTimeInterval", e.QueryTimeInterval) + populate(objectMap, "tableQueryResults", e.TableQueryResults) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionResultsMetadata. -func (e *ExpansionResultsMetadata) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityInsightItem. +func (e *EntityInsightItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5845,8 +6585,17 @@ func (e *ExpansionResultsMetadata) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "aggregations": - err = unpopulate(val, "Aggregations", &e.Aggregations) + case "chartQueryResults": + err = unpopulate(val, "ChartQueryResults", &e.ChartQueryResults) + delete(rawMsg, key) + case "queryId": + err = unpopulate(val, "QueryID", &e.QueryID) + delete(rawMsg, key) + case "queryTimeInterval": + err = unpopulate(val, "QueryTimeInterval", &e.QueryTimeInterval) + delete(rawMsg, key) + case "tableQueryResults": + err = unpopulate(val, "TableQueryResults", &e.TableQueryResults) delete(rawMsg, key) } if err != nil { @@ -5856,21 +6605,16 @@ func (e *ExpansionResultsMetadata) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EyesOn. -func (e EyesOn) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityInsightItemQueryTimeInterval. +func (e EntityInsightItemQueryTimeInterval) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", e.Etag) - populate(objectMap, "id", e.ID) - objectMap["kind"] = SettingKindEyesOn - populate(objectMap, "name", e.Name) - populate(objectMap, "properties", e.Properties) - populate(objectMap, "systemData", e.SystemData) - populate(objectMap, "type", e.Type) + populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) + populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EyesOn. -func (e *EyesOn) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityInsightItemQueryTimeInterval. +func (e *EntityInsightItemQueryTimeInterval) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5878,26 +6622,11 @@ func (e *EyesOn) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &e.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &e.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &e.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &e.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &e.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &e.SystemData) + case "endTime": + err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &e.Type) + case "startTime": + err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) delete(rawMsg, key) } if err != nil { @@ -5907,15 +6636,16 @@ func (e *EyesOn) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type EyesOnSettingsProperties. -func (e EyesOnSettingsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityList. +func (e EntityList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "isEnabled", e.IsEnabled) + populate(objectMap, "nextLink", e.NextLink) + populate(objectMap, "value", e.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EyesOnSettingsProperties. -func (e *EyesOnSettingsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityList. +func (e *EntityList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", e, err) @@ -5923,8 +6653,11 @@ func (e *EyesOnSettingsProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "isEnabled": - err = unpopulate(val, "IsEnabled", &e.IsEnabled) + case "nextLink": + err = unpopulate(val, "NextLink", &e.NextLink) + delete(rawMsg, key) + case "value": + e.Value, err = unmarshalEntityClassificationArray(val) delete(rawMsg, key) } if err != nil { @@ -5934,814 +6667,697 @@ func (e *EyesOnSettingsProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type FieldMapping. -func (f FieldMapping) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityManualTriggerRequestBody. +func (e EntityManualTriggerRequestBody) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "columnName", f.ColumnName) - populate(objectMap, "identifier", f.Identifier) + populate(objectMap, "incidentArmId", e.IncidentArmID) + populate(objectMap, "logicAppsResourceId", e.LogicAppsResourceID) + populate(objectMap, "tenantId", e.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FieldMapping. -func (f *FieldMapping) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityManualTriggerRequestBody. +func (e *EntityManualTriggerRequestBody) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "columnName": - err = unpopulate(val, "ColumnName", &f.ColumnName) + case "incidentArmId": + err = unpopulate(val, "IncidentArmID", &e.IncidentArmID) delete(rawMsg, key) - case "identifier": - err = unpopulate(val, "Identifier", &f.Identifier) + case "logicAppsResourceId": + err = unpopulate(val, "LogicAppsResourceID", &e.LogicAppsResourceID) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &e.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileEntity. -func (f FileEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityMapping. +func (e EntityMapping) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", f.ID) - objectMap["kind"] = EntityKindFile - populate(objectMap, "name", f.Name) - populate(objectMap, "properties", f.Properties) - populate(objectMap, "systemData", f.SystemData) - populate(objectMap, "type", f.Type) + populate(objectMap, "entityType", e.EntityType) + populate(objectMap, "fieldMappings", e.FieldMappings) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileEntity. -func (f *FileEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityMapping. +func (e *EntityMapping) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &f.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &f.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &f.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &f.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &f.SystemData) + case "entityType": + err = unpopulate(val, "EntityType", &e.EntityType) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &f.Type) + case "fieldMappings": + err = unpopulate(val, "FieldMappings", &e.FieldMappings) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileEntityProperties. -func (f FileEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityQuery. +func (e EntityQuery) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", f.AdditionalData) - populate(objectMap, "directory", f.Directory) - populate(objectMap, "fileHashEntityIds", f.FileHashEntityIDs) - populate(objectMap, "fileName", f.FileName) - populate(objectMap, "friendlyName", f.FriendlyName) - populate(objectMap, "hostEntityId", f.HostEntityID) + populate(objectMap, "etag", e.Etag) + populate(objectMap, "id", e.ID) + objectMap["kind"] = e.Kind + populate(objectMap, "name", e.Name) + populate(objectMap, "systemData", e.SystemData) + populate(objectMap, "type", e.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileEntityProperties. -func (f *FileEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQuery. +func (e *EntityQuery) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &f.AdditionalData) + case "etag": + err = unpopulate(val, "Etag", &e.Etag) delete(rawMsg, key) - case "directory": - err = unpopulate(val, "Directory", &f.Directory) + case "id": + err = unpopulate(val, "ID", &e.ID) delete(rawMsg, key) - case "fileHashEntityIds": - err = unpopulate(val, "FileHashEntityIDs", &f.FileHashEntityIDs) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) delete(rawMsg, key) - case "fileName": - err = unpopulate(val, "FileName", &f.FileName) + case "name": + err = unpopulate(val, "Name", &e.Name) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &f.FriendlyName) + case "systemData": + err = unpopulate(val, "SystemData", &e.SystemData) delete(rawMsg, key) - case "hostEntityId": - err = unpopulate(val, "HostEntityID", &f.HostEntityID) + case "type": + err = unpopulate(val, "Type", &e.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileHashEntity. -func (f FileHashEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityQueryItem. +func (e EntityQueryItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", f.ID) - objectMap["kind"] = EntityKindFileHash - populate(objectMap, "name", f.Name) - populate(objectMap, "properties", f.Properties) - populate(objectMap, "systemData", f.SystemData) - populate(objectMap, "type", f.Type) + populate(objectMap, "id", e.ID) + objectMap["kind"] = e.Kind + populate(objectMap, "name", e.Name) + populate(objectMap, "type", e.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileHashEntity. -func (f *FileHashEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryItem. +func (e *EntityQueryItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &f.ID) + err = unpopulate(val, "ID", &e.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &f.Kind) + err = unpopulate(val, "Kind", &e.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &f.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &f.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &f.SystemData) + err = unpopulate(val, "Name", &e.Name) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &f.Type) + err = unpopulate(val, "Type", &e.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileHashEntityProperties. -func (f FileHashEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityQueryItemPropertiesDataTypesItem. +func (e EntityQueryItemPropertiesDataTypesItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", f.AdditionalData) - populate(objectMap, "algorithm", f.Algorithm) - populate(objectMap, "friendlyName", f.FriendlyName) - populate(objectMap, "hashValue", f.HashValue) + populate(objectMap, "dataType", e.DataType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileHashEntityProperties. -func (f *FileHashEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryItemPropertiesDataTypesItem. +func (e *EntityQueryItemPropertiesDataTypesItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &f.AdditionalData) - delete(rawMsg, key) - case "algorithm": - err = unpopulate(val, "Algorithm", &f.Algorithm) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &f.FriendlyName) - delete(rawMsg, key) - case "hashValue": - err = unpopulate(val, "HashValue", &f.HashValue) + case "dataType": + err = unpopulate(val, "DataType", &e.DataType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileImport. -func (f FileImport) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "id", f.ID) - populate(objectMap, "name", f.Name) - populate(objectMap, "properties", f.Properties) - populate(objectMap, "systemData", f.SystemData) - populate(objectMap, "type", f.Type) +// MarshalJSON implements the json.Marshaller interface for type EntityQueryList. +func (e EntityQueryList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", e.NextLink) + populate(objectMap, "value", e.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileImport. -func (f *FileImport) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryList. +func (e *EntityQueryList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &e.NextLink) + delete(rawMsg, key) + case "value": + e.Value, err = unmarshalEntityQueryClassificationArray(val) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityQueryTemplate. +func (e EntityQueryTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", e.ID) + objectMap["kind"] = e.Kind + populate(objectMap, "name", e.Name) + populate(objectMap, "systemData", e.SystemData) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryTemplate. +func (e *EntityQueryTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &f.ID) + err = unpopulate(val, "ID", &e.ID) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &f.Name) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &f.Properties) + case "name": + err = unpopulate(val, "Name", &e.Name) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &f.SystemData) + err = unpopulate(val, "SystemData", &e.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &f.Type) + err = unpopulate(val, "Type", &e.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileImportList. -func (f FileImportList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityQueryTemplateList. +func (e EntityQueryTemplateList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", f.NextLink) - populate(objectMap, "value", f.Value) + populate(objectMap, "nextLink", e.NextLink) + populate(objectMap, "value", e.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileImportList. -func (f *FileImportList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryTemplateList. +func (e *EntityQueryTemplateList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { case "nextLink": - err = unpopulate(val, "NextLink", &f.NextLink) + err = unpopulate(val, "NextLink", &e.NextLink) delete(rawMsg, key) case "value": - err = unpopulate(val, "Value", &f.Value) + e.Value, err = unmarshalEntityQueryTemplateClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileImportProperties. -func (f FileImportProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityTimelineItem. +func (e EntityTimelineItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "contentType", f.ContentType) - populateDateTimeRFC3339(objectMap, "createdTimeUTC", f.CreatedTimeUTC) - populate(objectMap, "errorFile", f.ErrorFile) - populate(objectMap, "errorsPreview", f.ErrorsPreview) - populateDateTimeRFC3339(objectMap, "filesValidUntilTimeUTC", f.FilesValidUntilTimeUTC) - populate(objectMap, "importFile", f.ImportFile) - populateDateTimeRFC3339(objectMap, "importValidUntilTimeUTC", f.ImportValidUntilTimeUTC) - populate(objectMap, "ingestedRecordCount", f.IngestedRecordCount) - populate(objectMap, "ingestionMode", f.IngestionMode) - populate(objectMap, "source", f.Source) - populate(objectMap, "state", f.State) - populate(objectMap, "totalRecordCount", f.TotalRecordCount) - populate(objectMap, "validRecordCount", f.ValidRecordCount) + objectMap["kind"] = e.Kind return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileImportProperties. -func (f *FileImportProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityTimelineItem. +func (e *EntityTimelineItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "contentType": - err = unpopulate(val, "ContentType", &f.ContentType) - delete(rawMsg, key) - case "createdTimeUTC": - err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &f.CreatedTimeUTC) - delete(rawMsg, key) - case "errorFile": - err = unpopulate(val, "ErrorFile", &f.ErrorFile) - delete(rawMsg, key) - case "errorsPreview": - err = unpopulate(val, "ErrorsPreview", &f.ErrorsPreview) - delete(rawMsg, key) - case "filesValidUntilTimeUTC": - err = unpopulateDateTimeRFC3339(val, "FilesValidUntilTimeUTC", &f.FilesValidUntilTimeUTC) - delete(rawMsg, key) - case "importFile": - err = unpopulate(val, "ImportFile", &f.ImportFile) - delete(rawMsg, key) - case "importValidUntilTimeUTC": - err = unpopulateDateTimeRFC3339(val, "ImportValidUntilTimeUTC", &f.ImportValidUntilTimeUTC) - delete(rawMsg, key) - case "ingestedRecordCount": - err = unpopulate(val, "IngestedRecordCount", &f.IngestedRecordCount) - delete(rawMsg, key) - case "ingestionMode": - err = unpopulate(val, "IngestionMode", &f.IngestionMode) - delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &f.Source) - delete(rawMsg, key) - case "state": - err = unpopulate(val, "State", &f.State) - delete(rawMsg, key) - case "totalRecordCount": - err = unpopulate(val, "TotalRecordCount", &f.TotalRecordCount) - delete(rawMsg, key) - case "validRecordCount": - err = unpopulate(val, "ValidRecordCount", &f.ValidRecordCount) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileMetadata. -func (f FileMetadata) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityTimelineParameters. +func (e EntityTimelineParameters) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "deleteStatus", f.DeleteStatus) - populate(objectMap, "fileContentUri", f.FileContentURI) - populate(objectMap, "fileFormat", f.FileFormat) - populate(objectMap, "fileName", f.FileName) - populate(objectMap, "fileSize", f.FileSize) + populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) + populate(objectMap, "kinds", e.Kinds) + populate(objectMap, "numberOfBucket", e.NumberOfBucket) + populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileMetadata. -func (f *FileMetadata) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityTimelineParameters. +func (e *EntityTimelineParameters) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "deleteStatus": - err = unpopulate(val, "DeleteStatus", &f.DeleteStatus) - delete(rawMsg, key) - case "fileContentUri": - err = unpopulate(val, "FileContentURI", &f.FileContentURI) + case "endTime": + err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) delete(rawMsg, key) - case "fileFormat": - err = unpopulate(val, "FileFormat", &f.FileFormat) + case "kinds": + err = unpopulate(val, "Kinds", &e.Kinds) delete(rawMsg, key) - case "fileName": - err = unpopulate(val, "FileName", &f.FileName) + case "numberOfBucket": + err = unpopulate(val, "NumberOfBucket", &e.NumberOfBucket) delete(rawMsg, key) - case "fileSize": - err = unpopulate(val, "FileSize", &f.FileSize) + case "startTime": + err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionAlertRule. -func (f FusionAlertRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EntityTimelineResponse. +func (e EntityTimelineResponse) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", f.Etag) - populate(objectMap, "id", f.ID) - objectMap["kind"] = AlertRuleKindFusion - populate(objectMap, "name", f.Name) - populate(objectMap, "properties", f.Properties) - populate(objectMap, "systemData", f.SystemData) - populate(objectMap, "type", f.Type) + populate(objectMap, "metaData", e.MetaData) + populate(objectMap, "value", e.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRule. -func (f *FusionAlertRule) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityTimelineResponse. +func (e *EntityTimelineResponse) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &f.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &f.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &f.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &f.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &f.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &f.SystemData) + case "metaData": + err = unpopulate(val, "MetaData", &e.MetaData) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &f.Type) + case "value": + e.Value, err = unmarshalEntityTimelineItemClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleProperties. -func (f FusionAlertRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Error. +func (e Error) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertRuleTemplateName", f.AlertRuleTemplateName) - populate(objectMap, "description", f.Description) - populate(objectMap, "displayName", f.DisplayName) - populate(objectMap, "enabled", f.Enabled) - populateDateTimeRFC3339(objectMap, "lastModifiedUtc", f.LastModifiedUTC) - populate(objectMap, "scenarioExclusionPatterns", f.ScenarioExclusionPatterns) - populate(objectMap, "severity", f.Severity) - populate(objectMap, "sourceSettings", f.SourceSettings) - populate(objectMap, "tactics", f.Tactics) - populate(objectMap, "techniques", f.Techniques) + populate(objectMap, "errorMessage", e.ErrorMessage) + populate(objectMap, "memberResourceName", e.MemberResourceName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleProperties. -func (f *FusionAlertRuleProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Error. +func (e *Error) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "alertRuleTemplateName": - err = unpopulate(val, "AlertRuleTemplateName", &f.AlertRuleTemplateName) + case "errorMessage": + err = unpopulate(val, "ErrorMessage", &e.ErrorMessage) delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &f.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &f.DisplayName) - delete(rawMsg, key) - case "enabled": - err = unpopulate(val, "Enabled", &f.Enabled) - delete(rawMsg, key) - case "lastModifiedUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &f.LastModifiedUTC) - delete(rawMsg, key) - case "scenarioExclusionPatterns": - err = unpopulate(val, "ScenarioExclusionPatterns", &f.ScenarioExclusionPatterns) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &f.Severity) - delete(rawMsg, key) - case "sourceSettings": - err = unpopulate(val, "SourceSettings", &f.SourceSettings) - delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &f.Tactics) - delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &f.Techniques) + case "memberResourceName": + err = unpopulate(val, "MemberResourceName", &e.MemberResourceName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleTemplate. -func (f FusionAlertRuleTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EventGroupingSettings. +func (e EventGroupingSettings) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", f.ID) - objectMap["kind"] = AlertRuleKindFusion - populate(objectMap, "name", f.Name) - populate(objectMap, "properties", f.Properties) - populate(objectMap, "systemData", f.SystemData) - populate(objectMap, "type", f.Type) + populate(objectMap, "aggregationKind", e.AggregationKind) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleTemplate. -func (f *FusionAlertRuleTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EventGroupingSettings. +func (e *EventGroupingSettings) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &f.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &f.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &f.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &f.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &f.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &f.Type) + case "aggregationKind": + err = unpopulate(val, "AggregationKind", &e.AggregationKind) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleTemplateProperties. -func (f FusionAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ExpansionEntityQueriesProperties. +func (e ExpansionEntityQueriesProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertRulesCreatedByTemplateCount", f.AlertRulesCreatedByTemplateCount) - populateDateTimeRFC3339(objectMap, "createdDateUTC", f.CreatedDateUTC) - populate(objectMap, "description", f.Description) - populate(objectMap, "displayName", f.DisplayName) - populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", f.LastUpdatedDateUTC) - populate(objectMap, "requiredDataConnectors", f.RequiredDataConnectors) - populate(objectMap, "severity", f.Severity) - populate(objectMap, "sourceSettings", f.SourceSettings) - populate(objectMap, "status", f.Status) - populate(objectMap, "tactics", f.Tactics) - populate(objectMap, "techniques", f.Techniques) + populate(objectMap, "dataSources", e.DataSources) + populate(objectMap, "displayName", e.DisplayName) + populate(objectMap, "inputEntityType", e.InputEntityType) + populate(objectMap, "inputFields", e.InputFields) + populate(objectMap, "outputEntityTypes", e.OutputEntityTypes) + populate(objectMap, "queryTemplate", e.QueryTemplate) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleTemplateProperties. -func (f *FusionAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionEntityQueriesProperties. +func (e *ExpansionEntityQueriesProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "alertRulesCreatedByTemplateCount": - err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &f.AlertRulesCreatedByTemplateCount) - delete(rawMsg, key) - case "createdDateUTC": - err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &f.CreatedDateUTC) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &f.Description) + case "dataSources": + err = unpopulate(val, "DataSources", &e.DataSources) delete(rawMsg, key) case "displayName": - err = unpopulate(val, "DisplayName", &f.DisplayName) - delete(rawMsg, key) - case "lastUpdatedDateUTC": - err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &f.LastUpdatedDateUTC) - delete(rawMsg, key) - case "requiredDataConnectors": - err = unpopulate(val, "RequiredDataConnectors", &f.RequiredDataConnectors) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &f.Severity) + err = unpopulate(val, "DisplayName", &e.DisplayName) delete(rawMsg, key) - case "sourceSettings": - err = unpopulate(val, "SourceSettings", &f.SourceSettings) + case "inputEntityType": + err = unpopulate(val, "InputEntityType", &e.InputEntityType) delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &f.Status) + case "inputFields": + err = unpopulate(val, "InputFields", &e.InputFields) delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &f.Tactics) + case "outputEntityTypes": + err = unpopulate(val, "OutputEntityTypes", &e.OutputEntityTypes) delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &f.Techniques) + case "queryTemplate": + err = unpopulate(val, "QueryTemplate", &e.QueryTemplate) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionScenarioExclusionPattern. -func (f FusionScenarioExclusionPattern) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ExpansionEntityQuery. +func (e ExpansionEntityQuery) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dateAddedInUTC", f.DateAddedInUTC) - populate(objectMap, "exclusionPattern", f.ExclusionPattern) + populate(objectMap, "etag", e.Etag) + populate(objectMap, "id", e.ID) + objectMap["kind"] = EntityQueryKindExpansion + populate(objectMap, "name", e.Name) + populate(objectMap, "properties", e.Properties) + populate(objectMap, "systemData", e.SystemData) + populate(objectMap, "type", e.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionScenarioExclusionPattern. -func (f *FusionScenarioExclusionPattern) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionEntityQuery. +func (e *ExpansionEntityQuery) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "dateAddedInUTC": - err = unpopulate(val, "DateAddedInUTC", &f.DateAddedInUTC) + case "etag": + err = unpopulate(val, "Etag", &e.Etag) delete(rawMsg, key) - case "exclusionPattern": - err = unpopulate(val, "ExclusionPattern", &f.ExclusionPattern) + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &e.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &e.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionSourceSettings. -func (f FusionSourceSettings) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ExpansionResultAggregation. +func (e ExpansionResultAggregation) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "enabled", f.Enabled) - populate(objectMap, "sourceName", f.SourceName) - populate(objectMap, "sourceSubTypes", f.SourceSubTypes) + populate(objectMap, "aggregationType", e.AggregationType) + populate(objectMap, "count", e.Count) + populate(objectMap, "displayName", e.DisplayName) + populate(objectMap, "entityKind", e.EntityKind) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSourceSettings. -func (f *FusionSourceSettings) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionResultAggregation. +func (e *ExpansionResultAggregation) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "enabled": - err = unpopulate(val, "Enabled", &f.Enabled) + case "aggregationType": + err = unpopulate(val, "AggregationType", &e.AggregationType) delete(rawMsg, key) - case "sourceName": - err = unpopulate(val, "SourceName", &f.SourceName) + case "count": + err = unpopulate(val, "Count", &e.Count) delete(rawMsg, key) - case "sourceSubTypes": - err = unpopulate(val, "SourceSubTypes", &f.SourceSubTypes) + case "displayName": + err = unpopulate(val, "DisplayName", &e.DisplayName) + delete(rawMsg, key) + case "entityKind": + err = unpopulate(val, "EntityKind", &e.EntityKind) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionSourceSubTypeSetting. -func (f FusionSourceSubTypeSetting) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ExpansionResultsMetadata. +func (e ExpansionResultsMetadata) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "enabled", f.Enabled) - populate(objectMap, "severityFilters", f.SeverityFilters) - populate(objectMap, "sourceSubTypeDisplayName", f.SourceSubTypeDisplayName) - populate(objectMap, "sourceSubTypeName", f.SourceSubTypeName) + populate(objectMap, "aggregations", e.Aggregations) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSourceSubTypeSetting. -func (f *FusionSourceSubTypeSetting) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionResultsMetadata. +func (e *ExpansionResultsMetadata) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "enabled": - err = unpopulate(val, "Enabled", &f.Enabled) - delete(rawMsg, key) - case "severityFilters": - err = unpopulate(val, "SeverityFilters", &f.SeverityFilters) - delete(rawMsg, key) - case "sourceSubTypeDisplayName": - err = unpopulate(val, "SourceSubTypeDisplayName", &f.SourceSubTypeDisplayName) - delete(rawMsg, key) - case "sourceSubTypeName": - err = unpopulate(val, "SourceSubTypeName", &f.SourceSubTypeName) + case "aggregations": + err = unpopulate(val, "Aggregations", &e.Aggregations) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionSubTypeSeverityFilter. -func (f FusionSubTypeSeverityFilter) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EyesOn. +func (e EyesOn) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "filters", f.Filters) - populate(objectMap, "isSupported", f.IsSupported) + populate(objectMap, "etag", e.Etag) + populate(objectMap, "id", e.ID) + objectMap["kind"] = SettingKindEyesOn + populate(objectMap, "name", e.Name) + populate(objectMap, "properties", e.Properties) + populate(objectMap, "systemData", e.SystemData) + populate(objectMap, "type", e.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSubTypeSeverityFilter. -func (f *FusionSubTypeSeverityFilter) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EyesOn. +func (e *EyesOn) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "filters": - err = unpopulate(val, "Filters", &f.Filters) + case "etag": + err = unpopulate(val, "Etag", &e.Etag) delete(rawMsg, key) - case "isSupported": - err = unpopulate(val, "IsSupported", &f.IsSupported) + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &e.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &e.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionSubTypeSeverityFiltersItem. -func (f FusionSubTypeSeverityFiltersItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EyesOnSettingsProperties. +func (e EyesOnSettingsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "enabled", f.Enabled) - populate(objectMap, "severity", f.Severity) + populate(objectMap, "isEnabled", e.IsEnabled) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSubTypeSeverityFiltersItem. -func (f *FusionSubTypeSeverityFiltersItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EyesOnSettingsProperties. +func (e *EyesOnSettingsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "enabled": - err = unpopulate(val, "Enabled", &f.Enabled) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &f.Severity) + case "isEnabled": + err = unpopulate(val, "IsEnabled", &e.IsEnabled) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionTemplateSourceSetting. -func (f FusionTemplateSourceSetting) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FieldMapping. +func (f FieldMapping) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "sourceName", f.SourceName) - populate(objectMap, "sourceSubTypes", f.SourceSubTypes) + populate(objectMap, "columnName", f.ColumnName) + populate(objectMap, "identifier", f.Identifier) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionTemplateSourceSetting. -func (f *FusionTemplateSourceSetting) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FieldMapping. +func (f *FieldMapping) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", f, err) @@ -6749,11 +7365,11 @@ func (f *FusionTemplateSourceSetting) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "sourceName": - err = unpopulate(val, "SourceName", &f.SourceName) + case "columnName": + err = unpopulate(val, "ColumnName", &f.ColumnName) delete(rawMsg, key) - case "sourceSubTypes": - err = unpopulate(val, "SourceSubTypes", &f.SourceSubTypes) + case "identifier": + err = unpopulate(val, "Identifier", &f.Identifier) delete(rawMsg, key) } if err != nil { @@ -6763,17 +7379,20 @@ func (f *FusionTemplateSourceSetting) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionTemplateSourceSubType. -func (f FusionTemplateSourceSubType) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FileEntity. +func (f FileEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "severityFilter", f.SeverityFilter) - populate(objectMap, "sourceSubTypeDisplayName", f.SourceSubTypeDisplayName) - populate(objectMap, "sourceSubTypeName", f.SourceSubTypeName) + populate(objectMap, "id", f.ID) + objectMap["kind"] = EntityKindEnumFile + populate(objectMap, "name", f.Name) + populate(objectMap, "properties", f.Properties) + populate(objectMap, "systemData", f.SystemData) + populate(objectMap, "type", f.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionTemplateSourceSubType. -func (f *FusionTemplateSourceSubType) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FileEntity. +func (f *FileEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", f, err) @@ -6781,14 +7400,23 @@ func (f *FusionTemplateSourceSubType) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "severityFilter": - err = unpopulate(val, "SeverityFilter", &f.SeverityFilter) + case "id": + err = unpopulate(val, "ID", &f.ID) delete(rawMsg, key) - case "sourceSubTypeDisplayName": - err = unpopulate(val, "SourceSubTypeDisplayName", &f.SourceSubTypeDisplayName) + case "kind": + err = unpopulate(val, "Kind", &f.Kind) delete(rawMsg, key) - case "sourceSubTypeName": - err = unpopulate(val, "SourceSubTypeName", &f.SourceSubTypeName) + case "name": + err = unpopulate(val, "Name", &f.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &f.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &f.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &f.Type) delete(rawMsg, key) } if err != nil { @@ -6798,16 +7426,20 @@ func (f *FusionTemplateSourceSubType) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionTemplateSubTypeSeverityFilter. -func (f FusionTemplateSubTypeSeverityFilter) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FileEntityProperties. +func (f FileEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "isSupported", f.IsSupported) - populate(objectMap, "severityFilters", f.SeverityFilters) + populate(objectMap, "additionalData", f.AdditionalData) + populate(objectMap, "directory", f.Directory) + populate(objectMap, "fileHashEntityIds", f.FileHashEntityIDs) + populate(objectMap, "fileName", f.FileName) + populate(objectMap, "friendlyName", f.FriendlyName) + populate(objectMap, "hostEntityId", f.HostEntityID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionTemplateSubTypeSeverityFilter. -func (f *FusionTemplateSubTypeSeverityFilter) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FileEntityProperties. +func (f *FileEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", f, err) @@ -6815,11 +7447,23 @@ func (f *FusionTemplateSubTypeSeverityFilter) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "isSupported": - err = unpopulate(val, "IsSupported", &f.IsSupported) + case "additionalData": + err = unpopulate(val, "AdditionalData", &f.AdditionalData) delete(rawMsg, key) - case "severityFilters": - err = unpopulate(val, "SeverityFilters", &f.SeverityFilters) + case "directory": + err = unpopulate(val, "Directory", &f.Directory) + delete(rawMsg, key) + case "fileHashEntityIds": + err = unpopulate(val, "FileHashEntityIDs", &f.FileHashEntityIDs) + delete(rawMsg, key) + case "fileName": + err = unpopulate(val, "FileName", &f.FileName) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &f.FriendlyName) + delete(rawMsg, key) + case "hostEntityId": + err = unpopulate(val, "HostEntityID", &f.HostEntityID) delete(rawMsg, key) } if err != nil { @@ -6829,7765 +7473,13996 @@ func (f *FusionTemplateSubTypeSeverityFilter) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type GeoLocation. -func (g GeoLocation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FileHashEntity. +func (f FileHashEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "asn", g.Asn) - populate(objectMap, "city", g.City) - populate(objectMap, "countryCode", g.CountryCode) - populate(objectMap, "countryName", g.CountryName) - populate(objectMap, "latitude", g.Latitude) - populate(objectMap, "longitude", g.Longitude) - populate(objectMap, "state", g.State) + populate(objectMap, "id", f.ID) + objectMap["kind"] = EntityKindEnumFileHash + populate(objectMap, "name", f.Name) + populate(objectMap, "properties", f.Properties) + populate(objectMap, "systemData", f.SystemData) + populate(objectMap, "type", f.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type GeoLocation. -func (g *GeoLocation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FileHashEntity. +func (f *FileHashEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "asn": - err = unpopulate(val, "Asn", &g.Asn) - delete(rawMsg, key) - case "city": - err = unpopulate(val, "City", &g.City) + case "id": + err = unpopulate(val, "ID", &f.ID) delete(rawMsg, key) - case "countryCode": - err = unpopulate(val, "CountryCode", &g.CountryCode) + case "kind": + err = unpopulate(val, "Kind", &f.Kind) delete(rawMsg, key) - case "countryName": - err = unpopulate(val, "CountryName", &g.CountryName) + case "name": + err = unpopulate(val, "Name", &f.Name) delete(rawMsg, key) - case "latitude": - err = unpopulate(val, "Latitude", &g.Latitude) + case "properties": + err = unpopulate(val, "Properties", &f.Properties) delete(rawMsg, key) - case "longitude": - err = unpopulate(val, "Longitude", &g.Longitude) + case "systemData": + err = unpopulate(val, "SystemData", &f.SystemData) delete(rawMsg, key) - case "state": - err = unpopulate(val, "State", &g.State) + case "type": + err = unpopulate(val, "Type", &f.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type GetInsightsErrorKind. -func (g GetInsightsErrorKind) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FileHashEntityProperties. +func (f FileHashEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "errorMessage", g.ErrorMessage) - populate(objectMap, "kind", g.Kind) - populate(objectMap, "queryId", g.QueryID) + populate(objectMap, "additionalData", f.AdditionalData) + populate(objectMap, "algorithm", f.Algorithm) + populate(objectMap, "friendlyName", f.FriendlyName) + populate(objectMap, "hashValue", f.HashValue) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type GetInsightsErrorKind. -func (g *GetInsightsErrorKind) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FileHashEntityProperties. +func (f *FileHashEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "errorMessage": - err = unpopulate(val, "ErrorMessage", &g.ErrorMessage) + case "additionalData": + err = unpopulate(val, "AdditionalData", &f.AdditionalData) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &g.Kind) + case "algorithm": + err = unpopulate(val, "Algorithm", &f.Algorithm) delete(rawMsg, key) - case "queryId": - err = unpopulate(val, "QueryID", &g.QueryID) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &f.FriendlyName) + delete(rawMsg, key) + case "hashValue": + err = unpopulate(val, "HashValue", &f.HashValue) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type GetInsightsResultsMetadata. -func (g GetInsightsResultsMetadata) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FileImport. +func (f FileImport) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "errors", g.Errors) - populate(objectMap, "totalCount", g.TotalCount) + populate(objectMap, "id", f.ID) + populate(objectMap, "name", f.Name) + populate(objectMap, "properties", f.Properties) + populate(objectMap, "systemData", f.SystemData) + populate(objectMap, "type", f.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type GetInsightsResultsMetadata. -func (g *GetInsightsResultsMetadata) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FileImport. +func (f *FileImport) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "errors": - err = unpopulate(val, "Errors", &g.Errors) + case "id": + err = unpopulate(val, "ID", &f.ID) delete(rawMsg, key) - case "totalCount": - err = unpopulate(val, "TotalCount", &g.TotalCount) + case "name": + err = unpopulate(val, "Name", &f.Name) delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) - } + case "properties": + err = unpopulate(val, "Properties", &f.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &f.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &f.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } } return nil } -// MarshalJSON implements the json.Marshaller interface for type GetQueriesResponse. -func (g GetQueriesResponse) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FileImportList. +func (f FileImportList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "value", g.Value) + populate(objectMap, "nextLink", f.NextLink) + populate(objectMap, "value", f.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type GetQueriesResponse. -func (g *GetQueriesResponse) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FileImportList. +func (f *FileImportList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &f.NextLink) + delete(rawMsg, key) case "value": - g.Value, err = unmarshalEntityQueryItemClassificationArray(val) + err = unpopulate(val, "Value", &f.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type GitHubResourceInfo. -func (g GitHubResourceInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FileImportProperties. +func (f FileImportProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "appInstallationId", g.AppInstallationID) + populate(objectMap, "contentType", f.ContentType) + populateDateTimeRFC3339(objectMap, "createdTimeUTC", f.CreatedTimeUTC) + populate(objectMap, "errorFile", f.ErrorFile) + populate(objectMap, "errorsPreview", f.ErrorsPreview) + populateDateTimeRFC3339(objectMap, "filesValidUntilTimeUTC", f.FilesValidUntilTimeUTC) + populate(objectMap, "importFile", f.ImportFile) + populateDateTimeRFC3339(objectMap, "importValidUntilTimeUTC", f.ImportValidUntilTimeUTC) + populate(objectMap, "ingestedRecordCount", f.IngestedRecordCount) + populate(objectMap, "ingestionMode", f.IngestionMode) + populate(objectMap, "source", f.Source) + populate(objectMap, "state", f.State) + populate(objectMap, "totalRecordCount", f.TotalRecordCount) + populate(objectMap, "validRecordCount", f.ValidRecordCount) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type GitHubResourceInfo. -func (g *GitHubResourceInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FileImportProperties. +func (f *FileImportProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "appInstallationId": - err = unpopulate(val, "AppInstallationID", &g.AppInstallationID) + case "contentType": + err = unpopulate(val, "ContentType", &f.ContentType) + delete(rawMsg, key) + case "createdTimeUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &f.CreatedTimeUTC) + delete(rawMsg, key) + case "errorFile": + err = unpopulate(val, "ErrorFile", &f.ErrorFile) + delete(rawMsg, key) + case "errorsPreview": + err = unpopulate(val, "ErrorsPreview", &f.ErrorsPreview) + delete(rawMsg, key) + case "filesValidUntilTimeUTC": + err = unpopulateDateTimeRFC3339(val, "FilesValidUntilTimeUTC", &f.FilesValidUntilTimeUTC) + delete(rawMsg, key) + case "importFile": + err = unpopulate(val, "ImportFile", &f.ImportFile) + delete(rawMsg, key) + case "importValidUntilTimeUTC": + err = unpopulateDateTimeRFC3339(val, "ImportValidUntilTimeUTC", &f.ImportValidUntilTimeUTC) + delete(rawMsg, key) + case "ingestedRecordCount": + err = unpopulate(val, "IngestedRecordCount", &f.IngestedRecordCount) + delete(rawMsg, key) + case "ingestionMode": + err = unpopulate(val, "IngestionMode", &f.IngestionMode) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &f.Source) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &f.State) + delete(rawMsg, key) + case "totalRecordCount": + err = unpopulate(val, "TotalRecordCount", &f.TotalRecordCount) + delete(rawMsg, key) + case "validRecordCount": + err = unpopulate(val, "ValidRecordCount", &f.ValidRecordCount) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type GroupingConfiguration. -func (g GroupingConfiguration) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FileMetadata. +func (f FileMetadata) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "enabled", g.Enabled) - populate(objectMap, "groupByAlertDetails", g.GroupByAlertDetails) - populate(objectMap, "groupByCustomDetails", g.GroupByCustomDetails) - populate(objectMap, "groupByEntities", g.GroupByEntities) - populate(objectMap, "lookbackDuration", g.LookbackDuration) - populate(objectMap, "matchingMethod", g.MatchingMethod) - populate(objectMap, "reopenClosedIncident", g.ReopenClosedIncident) + populate(objectMap, "deleteStatus", f.DeleteStatus) + populate(objectMap, "fileContentUri", f.FileContentURI) + populate(objectMap, "fileFormat", f.FileFormat) + populate(objectMap, "fileName", f.FileName) + populate(objectMap, "fileSize", f.FileSize) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type GroupingConfiguration. -func (g *GroupingConfiguration) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FileMetadata. +func (f *FileMetadata) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "enabled": - err = unpopulate(val, "Enabled", &g.Enabled) - delete(rawMsg, key) - case "groupByAlertDetails": - err = unpopulate(val, "GroupByAlertDetails", &g.GroupByAlertDetails) - delete(rawMsg, key) - case "groupByCustomDetails": - err = unpopulate(val, "GroupByCustomDetails", &g.GroupByCustomDetails) + case "deleteStatus": + err = unpopulate(val, "DeleteStatus", &f.DeleteStatus) delete(rawMsg, key) - case "groupByEntities": - err = unpopulate(val, "GroupByEntities", &g.GroupByEntities) + case "fileContentUri": + err = unpopulate(val, "FileContentURI", &f.FileContentURI) delete(rawMsg, key) - case "lookbackDuration": - err = unpopulate(val, "LookbackDuration", &g.LookbackDuration) + case "fileFormat": + err = unpopulate(val, "FileFormat", &f.FileFormat) delete(rawMsg, key) - case "matchingMethod": - err = unpopulate(val, "MatchingMethod", &g.MatchingMethod) + case "fileName": + err = unpopulate(val, "FileName", &f.FileName) delete(rawMsg, key) - case "reopenClosedIncident": - err = unpopulate(val, "ReopenClosedIncident", &g.ReopenClosedIncident) + case "fileSize": + err = unpopulate(val, "FileSize", &f.FileSize) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type HostEntity. -func (h HostEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionAlertRule. +func (f FusionAlertRule) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", h.ID) - objectMap["kind"] = EntityKindHost - populate(objectMap, "name", h.Name) - populate(objectMap, "properties", h.Properties) - populate(objectMap, "systemData", h.SystemData) - populate(objectMap, "type", h.Type) + populate(objectMap, "etag", f.Etag) + populate(objectMap, "id", f.ID) + objectMap["kind"] = AlertRuleKindFusion + populate(objectMap, "name", f.Name) + populate(objectMap, "properties", f.Properties) + populate(objectMap, "systemData", f.SystemData) + populate(objectMap, "type", f.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type HostEntity. -func (h *HostEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRule. +func (f *FusionAlertRule) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { + case "etag": + err = unpopulate(val, "Etag", &f.Etag) + delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &h.ID) + err = unpopulate(val, "ID", &f.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &h.Kind) + err = unpopulate(val, "Kind", &f.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &h.Name) + err = unpopulate(val, "Name", &f.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &h.Properties) + err = unpopulate(val, "Properties", &f.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &h.SystemData) + err = unpopulate(val, "SystemData", &f.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &h.Type) + err = unpopulate(val, "Type", &f.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type HostEntityProperties. -func (h HostEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleProperties. +func (f FusionAlertRuleProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", h.AdditionalData) - populate(objectMap, "azureID", h.AzureID) - populate(objectMap, "dnsDomain", h.DNSDomain) - populate(objectMap, "friendlyName", h.FriendlyName) - populate(objectMap, "hostName", h.HostName) - populate(objectMap, "isDomainJoined", h.IsDomainJoined) - populate(objectMap, "netBiosName", h.NetBiosName) - populate(objectMap, "ntDomain", h.NtDomain) - populate(objectMap, "osFamily", h.OSFamily) - populate(objectMap, "osVersion", h.OSVersion) - populate(objectMap, "omsAgentID", h.OmsAgentID) + populate(objectMap, "alertRuleTemplateName", f.AlertRuleTemplateName) + populate(objectMap, "description", f.Description) + populate(objectMap, "displayName", f.DisplayName) + populate(objectMap, "enabled", f.Enabled) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", f.LastModifiedUTC) + populate(objectMap, "scenarioExclusionPatterns", f.ScenarioExclusionPatterns) + populate(objectMap, "severity", f.Severity) + populate(objectMap, "sourceSettings", f.SourceSettings) + populate(objectMap, "subTechniques", f.SubTechniques) + populate(objectMap, "tactics", f.Tactics) + populate(objectMap, "techniques", f.Techniques) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type HostEntityProperties. -func (h *HostEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleProperties. +func (f *FusionAlertRuleProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &h.AdditionalData) - delete(rawMsg, key) - case "azureID": - err = unpopulate(val, "AzureID", &h.AzureID) + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &f.AlertRuleTemplateName) delete(rawMsg, key) - case "dnsDomain": - err = unpopulate(val, "DNSDomain", &h.DNSDomain) + case "description": + err = unpopulate(val, "Description", &f.Description) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &h.FriendlyName) + case "displayName": + err = unpopulate(val, "DisplayName", &f.DisplayName) delete(rawMsg, key) - case "hostName": - err = unpopulate(val, "HostName", &h.HostName) + case "enabled": + err = unpopulate(val, "Enabled", &f.Enabled) delete(rawMsg, key) - case "isDomainJoined": - err = unpopulate(val, "IsDomainJoined", &h.IsDomainJoined) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &f.LastModifiedUTC) delete(rawMsg, key) - case "netBiosName": - err = unpopulate(val, "NetBiosName", &h.NetBiosName) + case "scenarioExclusionPatterns": + err = unpopulate(val, "ScenarioExclusionPatterns", &f.ScenarioExclusionPatterns) delete(rawMsg, key) - case "ntDomain": - err = unpopulate(val, "NtDomain", &h.NtDomain) + case "severity": + err = unpopulate(val, "Severity", &f.Severity) delete(rawMsg, key) - case "osFamily": - err = unpopulate(val, "OSFamily", &h.OSFamily) + case "sourceSettings": + err = unpopulate(val, "SourceSettings", &f.SourceSettings) delete(rawMsg, key) - case "osVersion": - err = unpopulate(val, "OSVersion", &h.OSVersion) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &f.SubTechniques) delete(rawMsg, key) - case "omsAgentID": - err = unpopulate(val, "OmsAgentID", &h.OmsAgentID) + case "tactics": + err = unpopulate(val, "Tactics", &f.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &f.Techniques) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type HuntingBookmark. -func (h HuntingBookmark) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleTemplate. +func (f FusionAlertRuleTemplate) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", h.ID) - objectMap["kind"] = EntityKindBookmark - populate(objectMap, "name", h.Name) - populate(objectMap, "properties", h.Properties) - populate(objectMap, "systemData", h.SystemData) - populate(objectMap, "type", h.Type) + populate(objectMap, "id", f.ID) + objectMap["kind"] = AlertRuleKindFusion + populate(objectMap, "name", f.Name) + populate(objectMap, "properties", f.Properties) + populate(objectMap, "systemData", f.SystemData) + populate(objectMap, "type", f.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type HuntingBookmark. -func (h *HuntingBookmark) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleTemplate. +func (f *FusionAlertRuleTemplate) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &h.ID) + err = unpopulate(val, "ID", &f.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &h.Kind) + err = unpopulate(val, "Kind", &f.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &h.Name) + err = unpopulate(val, "Name", &f.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &h.Properties) + err = unpopulate(val, "Properties", &f.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &h.SystemData) + err = unpopulate(val, "SystemData", &f.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &h.Type) + err = unpopulate(val, "Type", &f.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type HuntingBookmarkProperties. -func (h HuntingBookmarkProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleTemplateProperties. +func (f FusionAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", h.AdditionalData) - populateDateTimeRFC3339(objectMap, "created", h.Created) - populate(objectMap, "createdBy", h.CreatedBy) - populate(objectMap, "displayName", h.DisplayName) - populateDateTimeRFC3339(objectMap, "eventTime", h.EventTime) - populate(objectMap, "friendlyName", h.FriendlyName) - populate(objectMap, "incidentInfo", h.IncidentInfo) - populate(objectMap, "labels", h.Labels) - populate(objectMap, "notes", h.Notes) - populate(objectMap, "query", h.Query) - populate(objectMap, "queryResult", h.QueryResult) - populateDateTimeRFC3339(objectMap, "updated", h.Updated) - populate(objectMap, "updatedBy", h.UpdatedBy) + populate(objectMap, "alertRulesCreatedByTemplateCount", f.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", f.CreatedDateUTC) + populate(objectMap, "description", f.Description) + populate(objectMap, "displayName", f.DisplayName) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", f.LastUpdatedDateUTC) + populate(objectMap, "requiredDataConnectors", f.RequiredDataConnectors) + populate(objectMap, "severity", f.Severity) + populate(objectMap, "sourceSettings", f.SourceSettings) + populate(objectMap, "status", f.Status) + populate(objectMap, "subTechniques", f.SubTechniques) + populate(objectMap, "tactics", f.Tactics) + populate(objectMap, "techniques", f.Techniques) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type HuntingBookmarkProperties. -func (h *HuntingBookmarkProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleTemplateProperties. +func (f *FusionAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &h.AdditionalData) + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &f.AlertRulesCreatedByTemplateCount) delete(rawMsg, key) - case "created": - err = unpopulateDateTimeRFC3339(val, "Created", &h.Created) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &f.CreatedDateUTC) delete(rawMsg, key) - case "createdBy": - err = unpopulate(val, "CreatedBy", &h.CreatedBy) + case "description": + err = unpopulate(val, "Description", &f.Description) delete(rawMsg, key) case "displayName": - err = unpopulate(val, "DisplayName", &h.DisplayName) - delete(rawMsg, key) - case "eventTime": - err = unpopulateDateTimeRFC3339(val, "EventTime", &h.EventTime) + err = unpopulate(val, "DisplayName", &f.DisplayName) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &h.FriendlyName) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &f.LastUpdatedDateUTC) delete(rawMsg, key) - case "incidentInfo": - err = unpopulate(val, "IncidentInfo", &h.IncidentInfo) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &f.RequiredDataConnectors) delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &h.Labels) + case "severity": + err = unpopulate(val, "Severity", &f.Severity) delete(rawMsg, key) - case "notes": - err = unpopulate(val, "Notes", &h.Notes) + case "sourceSettings": + err = unpopulate(val, "SourceSettings", &f.SourceSettings) delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &h.Query) + case "status": + err = unpopulate(val, "Status", &f.Status) delete(rawMsg, key) - case "queryResult": - err = unpopulate(val, "QueryResult", &h.QueryResult) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &f.SubTechniques) delete(rawMsg, key) - case "updated": - err = unpopulateDateTimeRFC3339(val, "Updated", &h.Updated) + case "tactics": + err = unpopulate(val, "Tactics", &f.Tactics) delete(rawMsg, key) - case "updatedBy": - err = unpopulate(val, "UpdatedBy", &h.UpdatedBy) + case "techniques": + err = unpopulate(val, "Techniques", &f.Techniques) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IPEntity. -func (i IPEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionScenarioExclusionPattern. +func (f FusionScenarioExclusionPattern) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", i.ID) - objectMap["kind"] = EntityKindIP - populate(objectMap, "name", i.Name) - populate(objectMap, "properties", i.Properties) - populate(objectMap, "systemData", i.SystemData) - populate(objectMap, "type", i.Type) + populate(objectMap, "dateAddedInUTC", f.DateAddedInUTC) + populate(objectMap, "exclusionPattern", f.ExclusionPattern) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IPEntity. -func (i *IPEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionScenarioExclusionPattern. +func (f *FusionScenarioExclusionPattern) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &i.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &i.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &i.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &i.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &i.SystemData) + case "dateAddedInUTC": + err = unpopulate(val, "DateAddedInUTC", &f.DateAddedInUTC) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &i.Type) + case "exclusionPattern": + err = unpopulate(val, "ExclusionPattern", &f.ExclusionPattern) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IPEntityProperties. -func (i IPEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionSourceSettings. +func (f FusionSourceSettings) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", i.AdditionalData) - populate(objectMap, "address", i.Address) - populate(objectMap, "friendlyName", i.FriendlyName) - populate(objectMap, "location", i.Location) - populate(objectMap, "threatIntelligence", i.ThreatIntelligence) + populate(objectMap, "enabled", f.Enabled) + populate(objectMap, "sourceName", f.SourceName) + populate(objectMap, "sourceSubTypes", f.SourceSubTypes) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IPEntityProperties. -func (i *IPEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSourceSettings. +func (f *FusionSourceSettings) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &i.AdditionalData) - delete(rawMsg, key) - case "address": - err = unpopulate(val, "Address", &i.Address) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &i.FriendlyName) + case "enabled": + err = unpopulate(val, "Enabled", &f.Enabled) delete(rawMsg, key) - case "location": - err = unpopulate(val, "Location", &i.Location) + case "sourceName": + err = unpopulate(val, "SourceName", &f.SourceName) delete(rawMsg, key) - case "threatIntelligence": - err = unpopulate(val, "ThreatIntelligence", &i.ThreatIntelligence) + case "sourceSubTypes": + err = unpopulate(val, "SourceSubTypes", &f.SourceSubTypes) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Incident. -func (i Incident) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionSourceSubTypeSetting. +func (f FusionSourceSubTypeSetting) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", i.Etag) - populate(objectMap, "id", i.ID) - populate(objectMap, "name", i.Name) - populate(objectMap, "properties", i.Properties) - populate(objectMap, "systemData", i.SystemData) - populate(objectMap, "type", i.Type) + populate(objectMap, "enabled", f.Enabled) + populate(objectMap, "severityFilters", f.SeverityFilters) + populate(objectMap, "sourceSubTypeDisplayName", f.SourceSubTypeDisplayName) + populate(objectMap, "sourceSubTypeName", f.SourceSubTypeName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Incident. -func (i *Incident) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSourceSubTypeSetting. +func (f *FusionSourceSubTypeSetting) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &i.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &i.ID) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &i.Name) + case "enabled": + err = unpopulate(val, "Enabled", &f.Enabled) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &i.Properties) + case "severityFilters": + err = unpopulate(val, "SeverityFilters", &f.SeverityFilters) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &i.SystemData) + case "sourceSubTypeDisplayName": + err = unpopulate(val, "SourceSubTypeDisplayName", &f.SourceSubTypeDisplayName) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &i.Type) + case "sourceSubTypeName": + err = unpopulate(val, "SourceSubTypeName", &f.SourceSubTypeName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentAdditionalData. -func (i IncidentAdditionalData) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionSubTypeSeverityFilter. +func (f FusionSubTypeSeverityFilter) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertProductNames", i.AlertProductNames) - populate(objectMap, "alertsCount", i.AlertsCount) - populate(objectMap, "bookmarksCount", i.BookmarksCount) - populate(objectMap, "commentsCount", i.CommentsCount) - populate(objectMap, "providerIncidentUrl", i.ProviderIncidentURL) - populate(objectMap, "tactics", i.Tactics) - populate(objectMap, "techniques", i.Techniques) + populate(objectMap, "filters", f.Filters) + populate(objectMap, "isSupported", f.IsSupported) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentAdditionalData. -func (i *IncidentAdditionalData) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSubTypeSeverityFilter. +func (f *FusionSubTypeSeverityFilter) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "alertProductNames": - err = unpopulate(val, "AlertProductNames", &i.AlertProductNames) - delete(rawMsg, key) - case "alertsCount": - err = unpopulate(val, "AlertsCount", &i.AlertsCount) - delete(rawMsg, key) - case "bookmarksCount": - err = unpopulate(val, "BookmarksCount", &i.BookmarksCount) - delete(rawMsg, key) - case "commentsCount": - err = unpopulate(val, "CommentsCount", &i.CommentsCount) - delete(rawMsg, key) - case "providerIncidentUrl": - err = unpopulate(val, "ProviderIncidentURL", &i.ProviderIncidentURL) - delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &i.Tactics) + case "filters": + err = unpopulate(val, "Filters", &f.Filters) delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &i.Techniques) + case "isSupported": + err = unpopulate(val, "IsSupported", &f.IsSupported) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentAlertList. -func (i IncidentAlertList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionSubTypeSeverityFiltersItem. +func (f FusionSubTypeSeverityFiltersItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "value", i.Value) + populate(objectMap, "enabled", f.Enabled) + populate(objectMap, "severity", f.Severity) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentAlertList. -func (i *IncidentAlertList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSubTypeSeverityFiltersItem. +func (f *FusionSubTypeSeverityFiltersItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "value": - err = unpopulate(val, "Value", &i.Value) + case "enabled": + err = unpopulate(val, "Enabled", &f.Enabled) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &f.Severity) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentBookmarkList. -func (i IncidentBookmarkList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionTemplateSourceSetting. +func (f FusionTemplateSourceSetting) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "value", i.Value) + populate(objectMap, "sourceName", f.SourceName) + populate(objectMap, "sourceSubTypes", f.SourceSubTypes) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentBookmarkList. -func (i *IncidentBookmarkList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionTemplateSourceSetting. +func (f *FusionTemplateSourceSetting) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "value": - err = unpopulate(val, "Value", &i.Value) + case "sourceName": + err = unpopulate(val, "SourceName", &f.SourceName) + delete(rawMsg, key) + case "sourceSubTypes": + err = unpopulate(val, "SourceSubTypes", &f.SourceSubTypes) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentComment. -func (i IncidentComment) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionTemplateSourceSubType. +func (f FusionTemplateSourceSubType) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", i.Etag) - populate(objectMap, "id", i.ID) - populate(objectMap, "name", i.Name) - populate(objectMap, "properties", i.Properties) - populate(objectMap, "systemData", i.SystemData) - populate(objectMap, "type", i.Type) + populate(objectMap, "severityFilter", f.SeverityFilter) + populate(objectMap, "sourceSubTypeDisplayName", f.SourceSubTypeDisplayName) + populate(objectMap, "sourceSubTypeName", f.SourceSubTypeName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentComment. -func (i *IncidentComment) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionTemplateSourceSubType. +func (f *FusionTemplateSourceSubType) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &i.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &i.ID) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &i.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &i.Properties) + case "severityFilter": + err = unpopulate(val, "SeverityFilter", &f.SeverityFilter) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &i.SystemData) + case "sourceSubTypeDisplayName": + err = unpopulate(val, "SourceSubTypeDisplayName", &f.SourceSubTypeDisplayName) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &i.Type) + case "sourceSubTypeName": + err = unpopulate(val, "SourceSubTypeName", &f.SourceSubTypeName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentCommentList. -func (i IncidentCommentList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type FusionTemplateSubTypeSeverityFilter. +func (f FusionTemplateSubTypeSeverityFilter) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", i.NextLink) - populate(objectMap, "value", i.Value) + populate(objectMap, "isSupported", f.IsSupported) + populate(objectMap, "severityFilters", f.SeverityFilters) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentCommentList. -func (i *IncidentCommentList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionTemplateSubTypeSeverityFilter. +func (f *FusionTemplateSubTypeSeverityFilter) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &i.NextLink) + case "isSupported": + err = unpopulate(val, "IsSupported", &f.IsSupported) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &i.Value) + case "severityFilters": + err = unpopulate(val, "SeverityFilters", &f.SeverityFilters) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", f, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentCommentProperties. -func (i IncidentCommentProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GCPAuthModel. +func (g GCPAuthModel) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "author", i.Author) - populateDateTimeRFC3339(objectMap, "createdTimeUtc", i.CreatedTimeUTC) - populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", i.LastModifiedTimeUTC) - populate(objectMap, "message", i.Message) + populate(objectMap, "projectNumber", g.ProjectNumber) + populate(objectMap, "serviceAccountEmail", g.ServiceAccountEmail) + objectMap["type"] = CcpAuthTypeGCP + populate(objectMap, "workloadIdentityProviderId", g.WorkloadIdentityProviderID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentCommentProperties. -func (i *IncidentCommentProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GCPAuthModel. +func (g *GCPAuthModel) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "author": - err = unpopulate(val, "Author", &i.Author) + case "projectNumber": + err = unpopulate(val, "ProjectNumber", &g.ProjectNumber) delete(rawMsg, key) - case "createdTimeUtc": - err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &i.CreatedTimeUTC) + case "serviceAccountEmail": + err = unpopulate(val, "ServiceAccountEmail", &g.ServiceAccountEmail) delete(rawMsg, key) - case "lastModifiedTimeUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &i.LastModifiedTimeUTC) + case "type": + err = unpopulate(val, "Type", &g.Type) delete(rawMsg, key) - case "message": - err = unpopulate(val, "Message", &i.Message) + case "workloadIdentityProviderId": + err = unpopulate(val, "WorkloadIdentityProviderID", &g.WorkloadIdentityProviderID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentConfiguration. -func (i IncidentConfiguration) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GCPAuthProperties. +func (g GCPAuthProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "createIncident", i.CreateIncident) - populate(objectMap, "groupingConfiguration", i.GroupingConfiguration) + populate(objectMap, "projectNumber", g.ProjectNumber) + populate(objectMap, "serviceAccountEmail", g.ServiceAccountEmail) + populate(objectMap, "workloadIdentityProviderId", g.WorkloadIdentityProviderID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentConfiguration. -func (i *IncidentConfiguration) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GCPAuthProperties. +func (g *GCPAuthProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "createIncident": - err = unpopulate(val, "CreateIncident", &i.CreateIncident) + case "projectNumber": + err = unpopulate(val, "ProjectNumber", &g.ProjectNumber) delete(rawMsg, key) - case "groupingConfiguration": - err = unpopulate(val, "GroupingConfiguration", &i.GroupingConfiguration) + case "serviceAccountEmail": + err = unpopulate(val, "ServiceAccountEmail", &g.ServiceAccountEmail) + delete(rawMsg, key) + case "workloadIdentityProviderId": + err = unpopulate(val, "WorkloadIdentityProviderID", &g.WorkloadIdentityProviderID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentEntitiesResponse. -func (i IncidentEntitiesResponse) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GCPDataConnector. +func (g GCPDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "entities", i.Entities) - populate(objectMap, "metaData", i.MetaData) + populate(objectMap, "etag", g.Etag) + populate(objectMap, "id", g.ID) + objectMap["kind"] = DataConnectorKindGCP + populate(objectMap, "name", g.Name) + populate(objectMap, "properties", g.Properties) + populate(objectMap, "systemData", g.SystemData) + populate(objectMap, "type", g.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentEntitiesResponse. -func (i *IncidentEntitiesResponse) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GCPDataConnector. +func (g *GCPDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "entities": - i.Entities, err = unmarshalEntityClassificationArray(val) + case "etag": + err = unpopulate(val, "Etag", &g.Etag) delete(rawMsg, key) - case "metaData": - err = unpopulate(val, "MetaData", &i.MetaData) + case "id": + err = unpopulate(val, "ID", &g.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &g.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &g.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &g.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &g.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &g.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentEntitiesResultsMetadata. -func (i IncidentEntitiesResultsMetadata) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GCPDataConnectorProperties. +func (g GCPDataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "count", i.Count) - populate(objectMap, "entityKind", i.EntityKind) + populate(objectMap, "auth", g.Auth) + populate(objectMap, "connectorDefinitionName", g.ConnectorDefinitionName) + populate(objectMap, "dcrConfig", g.DcrConfig) + populate(objectMap, "request", g.Request) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentEntitiesResultsMetadata. -func (i *IncidentEntitiesResultsMetadata) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GCPDataConnectorProperties. +func (g *GCPDataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "count": - err = unpopulate(val, "Count", &i.Count) + case "auth": + err = unpopulate(val, "Auth", &g.Auth) delete(rawMsg, key) - case "entityKind": - err = unpopulate(val, "EntityKind", &i.EntityKind) + case "connectorDefinitionName": + err = unpopulate(val, "ConnectorDefinitionName", &g.ConnectorDefinitionName) + delete(rawMsg, key) + case "dcrConfig": + err = unpopulate(val, "DcrConfig", &g.DcrConfig) + delete(rawMsg, key) + case "request": + err = unpopulate(val, "Request", &g.Request) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentInfo. -func (i IncidentInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GCPRequestProperties. +func (g GCPRequestProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "incidentId", i.IncidentID) - populate(objectMap, "relationName", i.RelationName) - populate(objectMap, "severity", i.Severity) - populate(objectMap, "title", i.Title) + populate(objectMap, "projectId", g.ProjectID) + populate(objectMap, "subscriptionNames", g.SubscriptionNames) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentInfo. -func (i *IncidentInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GCPRequestProperties. +func (g *GCPRequestProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "incidentId": - err = unpopulate(val, "IncidentID", &i.IncidentID) - delete(rawMsg, key) - case "relationName": - err = unpopulate(val, "RelationName", &i.RelationName) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &i.Severity) + case "projectId": + err = unpopulate(val, "ProjectID", &g.ProjectID) delete(rawMsg, key) - case "title": - err = unpopulate(val, "Title", &i.Title) + case "subscriptionNames": + err = unpopulate(val, "SubscriptionNames", &g.SubscriptionNames) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentLabel. -func (i IncidentLabel) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GenericBlobSbsAuthModel. +func (g GenericBlobSbsAuthModel) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "labelName", i.LabelName) - populate(objectMap, "labelType", i.LabelType) + populate(objectMap, "credentialsConfig", g.CredentialsConfig) + populate(objectMap, "storageAccountCredentialsConfig", g.StorageAccountCredentialsConfig) + objectMap["type"] = CcpAuthTypeServiceBus return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentLabel. -func (i *IncidentLabel) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GenericBlobSbsAuthModel. +func (g *GenericBlobSbsAuthModel) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "labelName": - err = unpopulate(val, "LabelName", &i.LabelName) + case "credentialsConfig": + err = unpopulate(val, "CredentialsConfig", &g.CredentialsConfig) delete(rawMsg, key) - case "labelType": - err = unpopulate(val, "LabelType", &i.LabelType) + case "storageAccountCredentialsConfig": + err = unpopulate(val, "StorageAccountCredentialsConfig", &g.StorageAccountCredentialsConfig) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &g.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentList. -func (i IncidentList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GeoLocation. +func (g GeoLocation) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", i.NextLink) - populate(objectMap, "value", i.Value) + populate(objectMap, "asn", g.Asn) + populate(objectMap, "city", g.City) + populate(objectMap, "countryCode", g.CountryCode) + populate(objectMap, "countryName", g.CountryName) + populate(objectMap, "latitude", g.Latitude) + populate(objectMap, "longitude", g.Longitude) + populate(objectMap, "state", g.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentList. -func (i *IncidentList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GeoLocation. +func (g *GeoLocation) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &i.NextLink) + case "asn": + err = unpopulate(val, "Asn", &g.Asn) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &i.Value) + case "city": + err = unpopulate(val, "City", &g.City) + delete(rawMsg, key) + case "countryCode": + err = unpopulate(val, "CountryCode", &g.CountryCode) + delete(rawMsg, key) + case "countryName": + err = unpopulate(val, "CountryName", &g.CountryName) + delete(rawMsg, key) + case "latitude": + err = unpopulate(val, "Latitude", &g.Latitude) + delete(rawMsg, key) + case "longitude": + err = unpopulate(val, "Longitude", &g.Longitude) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &g.State) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentOwnerInfo. -func (i IncidentOwnerInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GetInsightsErrorKind. +func (g GetInsightsErrorKind) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "assignedTo", i.AssignedTo) - populate(objectMap, "email", i.Email) - populate(objectMap, "objectId", i.ObjectID) - populate(objectMap, "ownerType", i.OwnerType) - populate(objectMap, "userPrincipalName", i.UserPrincipalName) + populate(objectMap, "errorMessage", g.ErrorMessage) + populate(objectMap, "kind", g.Kind) + populate(objectMap, "queryId", g.QueryID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentOwnerInfo. -func (i *IncidentOwnerInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GetInsightsErrorKind. +func (g *GetInsightsErrorKind) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "assignedTo": - err = unpopulate(val, "AssignedTo", &i.AssignedTo) - delete(rawMsg, key) - case "email": - err = unpopulate(val, "Email", &i.Email) - delete(rawMsg, key) - case "objectId": - err = unpopulate(val, "ObjectID", &i.ObjectID) + case "errorMessage": + err = unpopulate(val, "ErrorMessage", &g.ErrorMessage) delete(rawMsg, key) - case "ownerType": - err = unpopulate(val, "OwnerType", &i.OwnerType) + case "kind": + err = unpopulate(val, "Kind", &g.Kind) delete(rawMsg, key) - case "userPrincipalName": - err = unpopulate(val, "UserPrincipalName", &i.UserPrincipalName) + case "queryId": + err = unpopulate(val, "QueryID", &g.QueryID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentProperties. -func (i IncidentProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GetInsightsResultsMetadata. +func (g GetInsightsResultsMetadata) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", i.AdditionalData) - populate(objectMap, "classification", i.Classification) - populate(objectMap, "classificationComment", i.ClassificationComment) - populate(objectMap, "classificationReason", i.ClassificationReason) - populateDateTimeRFC3339(objectMap, "createdTimeUtc", i.CreatedTimeUTC) - populate(objectMap, "description", i.Description) - populateDateTimeRFC3339(objectMap, "firstActivityTimeUtc", i.FirstActivityTimeUTC) - populate(objectMap, "incidentNumber", i.IncidentNumber) - populate(objectMap, "incidentUrl", i.IncidentURL) - populate(objectMap, "labels", i.Labels) - populateDateTimeRFC3339(objectMap, "lastActivityTimeUtc", i.LastActivityTimeUTC) - populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", i.LastModifiedTimeUTC) - populate(objectMap, "owner", i.Owner) - populate(objectMap, "providerIncidentId", i.ProviderIncidentID) - populate(objectMap, "providerName", i.ProviderName) - populate(objectMap, "relatedAnalyticRuleIds", i.RelatedAnalyticRuleIDs) - populate(objectMap, "severity", i.Severity) - populate(objectMap, "status", i.Status) - populate(objectMap, "teamInformation", i.TeamInformation) - populate(objectMap, "title", i.Title) + populate(objectMap, "errors", g.Errors) + populate(objectMap, "totalCount", g.TotalCount) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentProperties. -func (i *IncidentProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GetInsightsResultsMetadata. +func (g *GetInsightsResultsMetadata) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &i.AdditionalData) - delete(rawMsg, key) - case "classification": - err = unpopulate(val, "Classification", &i.Classification) - delete(rawMsg, key) - case "classificationComment": - err = unpopulate(val, "ClassificationComment", &i.ClassificationComment) - delete(rawMsg, key) - case "classificationReason": - err = unpopulate(val, "ClassificationReason", &i.ClassificationReason) - delete(rawMsg, key) - case "createdTimeUtc": - err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &i.CreatedTimeUTC) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &i.Description) - delete(rawMsg, key) - case "firstActivityTimeUtc": - err = unpopulateDateTimeRFC3339(val, "FirstActivityTimeUTC", &i.FirstActivityTimeUTC) - delete(rawMsg, key) - case "incidentNumber": - err = unpopulate(val, "IncidentNumber", &i.IncidentNumber) - delete(rawMsg, key) - case "incidentUrl": - err = unpopulate(val, "IncidentURL", &i.IncidentURL) - delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &i.Labels) - delete(rawMsg, key) - case "lastActivityTimeUtc": - err = unpopulateDateTimeRFC3339(val, "LastActivityTimeUTC", &i.LastActivityTimeUTC) - delete(rawMsg, key) - case "lastModifiedTimeUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &i.LastModifiedTimeUTC) - delete(rawMsg, key) - case "owner": - err = unpopulate(val, "Owner", &i.Owner) - delete(rawMsg, key) - case "providerIncidentId": - err = unpopulate(val, "ProviderIncidentID", &i.ProviderIncidentID) - delete(rawMsg, key) - case "providerName": - err = unpopulate(val, "ProviderName", &i.ProviderName) - delete(rawMsg, key) - case "relatedAnalyticRuleIds": - err = unpopulate(val, "RelatedAnalyticRuleIDs", &i.RelatedAnalyticRuleIDs) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &i.Severity) - delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &i.Status) - delete(rawMsg, key) - case "teamInformation": - err = unpopulate(val, "TeamInformation", &i.TeamInformation) + case "errors": + err = unpopulate(val, "Errors", &g.Errors) delete(rawMsg, key) - case "title": - err = unpopulate(val, "Title", &i.Title) + case "totalCount": + err = unpopulate(val, "TotalCount", &g.TotalCount) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentPropertiesAction. -func (i IncidentPropertiesAction) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GetQueriesResponse. +func (g GetQueriesResponse) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "classification", i.Classification) - populate(objectMap, "classificationComment", i.ClassificationComment) - populate(objectMap, "classificationReason", i.ClassificationReason) - populate(objectMap, "labels", i.Labels) - populate(objectMap, "owner", i.Owner) - populate(objectMap, "severity", i.Severity) - populate(objectMap, "status", i.Status) + populate(objectMap, "value", g.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentPropertiesAction. -func (i *IncidentPropertiesAction) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GetQueriesResponse. +func (g *GetQueriesResponse) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "classification": - err = unpopulate(val, "Classification", &i.Classification) - delete(rawMsg, key) - case "classificationComment": - err = unpopulate(val, "ClassificationComment", &i.ClassificationComment) - delete(rawMsg, key) - case "classificationReason": - err = unpopulate(val, "ClassificationReason", &i.ClassificationReason) - delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &i.Labels) - delete(rawMsg, key) - case "owner": - err = unpopulate(val, "Owner", &i.Owner) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &i.Severity) - delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &i.Status) + case "value": + g.Value, err = unmarshalEntityQueryItemClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightQueryItem. -func (i InsightQueryItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GitHubAuthModel. +func (g GitHubAuthModel) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", i.ID) - objectMap["kind"] = EntityQueryKindInsight - populate(objectMap, "name", i.Name) - populate(objectMap, "properties", i.Properties) - populate(objectMap, "type", i.Type) + populate(objectMap, "installationId", g.InstallationID) + objectMap["type"] = CcpAuthTypeGitHub return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItem. -func (i *InsightQueryItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GitHubAuthModel. +func (g *GitHubAuthModel) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &i.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &i.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &i.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &i.Properties) + case "installationId": + err = unpopulate(val, "InstallationID", &g.InstallationID) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &i.Type) + err = unpopulate(val, "Type", &g.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemProperties. -func (i InsightQueryItemProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GitHubResourceInfo. +func (g GitHubResourceInfo) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalQuery", i.AdditionalQuery) - populate(objectMap, "baseQuery", i.BaseQuery) - populateAny(objectMap, "chartQuery", i.ChartQuery) - populate(objectMap, "dataTypes", i.DataTypes) - populate(objectMap, "defaultTimeRange", i.DefaultTimeRange) - populate(objectMap, "description", i.Description) - populate(objectMap, "displayName", i.DisplayName) - populateAny(objectMap, "entitiesFilter", i.EntitiesFilter) - populate(objectMap, "inputEntityType", i.InputEntityType) - populate(objectMap, "referenceTimeRange", i.ReferenceTimeRange) - populate(objectMap, "requiredInputFieldsSets", i.RequiredInputFieldsSets) - populate(objectMap, "tableQuery", i.TableQuery) + populate(objectMap, "appInstallationId", g.AppInstallationID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemProperties. -func (i *InsightQueryItemProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GitHubResourceInfo. +func (g *GitHubResourceInfo) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "additionalQuery": - err = unpopulate(val, "AdditionalQuery", &i.AdditionalQuery) - delete(rawMsg, key) - case "baseQuery": - err = unpopulate(val, "BaseQuery", &i.BaseQuery) - delete(rawMsg, key) - case "chartQuery": - err = unpopulate(val, "ChartQuery", &i.ChartQuery) - delete(rawMsg, key) - case "dataTypes": - err = unpopulate(val, "DataTypes", &i.DataTypes) - delete(rawMsg, key) - case "defaultTimeRange": - err = unpopulate(val, "DefaultTimeRange", &i.DefaultTimeRange) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &i.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &i.DisplayName) - delete(rawMsg, key) - case "entitiesFilter": - err = unpopulate(val, "EntitiesFilter", &i.EntitiesFilter) - delete(rawMsg, key) - case "inputEntityType": - err = unpopulate(val, "InputEntityType", &i.InputEntityType) - delete(rawMsg, key) - case "referenceTimeRange": - err = unpopulate(val, "ReferenceTimeRange", &i.ReferenceTimeRange) - delete(rawMsg, key) - case "requiredInputFieldsSets": - err = unpopulate(val, "RequiredInputFieldsSets", &i.RequiredInputFieldsSets) - delete(rawMsg, key) - case "tableQuery": - err = unpopulate(val, "TableQuery", &i.TableQuery) + case "appInstallationId": + err = unpopulate(val, "AppInstallationID", &g.AppInstallationID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesAdditionalQuery. -func (i InsightQueryItemPropertiesAdditionalQuery) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GraphQuery. +func (g GraphQuery) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "query", i.Query) - populate(objectMap, "text", i.Text) + populate(objectMap, "baseQuery", g.BaseQuery) + populate(objectMap, "legend", g.Legend) + populate(objectMap, "metricName", g.MetricName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesAdditionalQuery. -func (i *InsightQueryItemPropertiesAdditionalQuery) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GraphQuery. +func (g *GraphQuery) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "query": - err = unpopulate(val, "Query", &i.Query) + case "baseQuery": + err = unpopulate(val, "BaseQuery", &g.BaseQuery) delete(rawMsg, key) - case "text": - err = unpopulate(val, "Text", &i.Text) + case "legend": + err = unpopulate(val, "Legend", &g.Legend) + delete(rawMsg, key) + case "metricName": + err = unpopulate(val, "MetricName", &g.MetricName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesDefaultTimeRange. -func (i InsightQueryItemPropertiesDefaultTimeRange) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GroupingConfiguration. +func (g GroupingConfiguration) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "afterRange", i.AfterRange) - populate(objectMap, "beforeRange", i.BeforeRange) + populate(objectMap, "enabled", g.Enabled) + populate(objectMap, "groupByAlertDetails", g.GroupByAlertDetails) + populate(objectMap, "groupByCustomDetails", g.GroupByCustomDetails) + populate(objectMap, "groupByEntities", g.GroupByEntities) + populate(objectMap, "lookbackDuration", g.LookbackDuration) + populate(objectMap, "matchingMethod", g.MatchingMethod) + populate(objectMap, "reopenClosedIncident", g.ReopenClosedIncident) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesDefaultTimeRange. -func (i *InsightQueryItemPropertiesDefaultTimeRange) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GroupingConfiguration. +func (g *GroupingConfiguration) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } for key, val := range rawMsg { var err error switch key { - case "afterRange": - err = unpopulate(val, "AfterRange", &i.AfterRange) + case "enabled": + err = unpopulate(val, "Enabled", &g.Enabled) delete(rawMsg, key) - case "beforeRange": - err = unpopulate(val, "BeforeRange", &i.BeforeRange) + case "groupByAlertDetails": + err = unpopulate(val, "GroupByAlertDetails", &g.GroupByAlertDetails) + delete(rawMsg, key) + case "groupByCustomDetails": + err = unpopulate(val, "GroupByCustomDetails", &g.GroupByCustomDetails) + delete(rawMsg, key) + case "groupByEntities": + err = unpopulate(val, "GroupByEntities", &g.GroupByEntities) + delete(rawMsg, key) + case "lookbackDuration": + err = unpopulate(val, "LookbackDuration", &g.LookbackDuration) + delete(rawMsg, key) + case "matchingMethod": + err = unpopulate(val, "MatchingMethod", &g.MatchingMethod) + delete(rawMsg, key) + case "reopenClosedIncident": + err = unpopulate(val, "ReopenClosedIncident", &g.ReopenClosedIncident) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", g, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesReferenceTimeRange. -func (i InsightQueryItemPropertiesReferenceTimeRange) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HostEntity. +func (h HostEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "beforeRange", i.BeforeRange) + populate(objectMap, "id", h.ID) + objectMap["kind"] = EntityKindEnumHost + populate(objectMap, "name", h.Name) + populate(objectMap, "properties", h.Properties) + populate(objectMap, "systemData", h.SystemData) + populate(objectMap, "type", h.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesReferenceTimeRange. -func (i *InsightQueryItemPropertiesReferenceTimeRange) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HostEntity. +func (h *HostEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "beforeRange": - err = unpopulate(val, "BeforeRange", &i.BeforeRange) + case "id": + err = unpopulate(val, "ID", &h.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &h.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &h.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &h.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &h.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &h.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQuery. -func (i InsightQueryItemPropertiesTableQuery) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HostEntityProperties. +func (h HostEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "columnsDefinitions", i.ColumnsDefinitions) - populate(objectMap, "queriesDefinitions", i.QueriesDefinitions) + populate(objectMap, "additionalData", h.AdditionalData) + populate(objectMap, "azureID", h.AzureID) + populate(objectMap, "dnsDomain", h.DNSDomain) + populate(objectMap, "friendlyName", h.FriendlyName) + populate(objectMap, "hostName", h.HostName) + populate(objectMap, "isDomainJoined", h.IsDomainJoined) + populate(objectMap, "netBiosName", h.NetBiosName) + populate(objectMap, "ntDomain", h.NtDomain) + populate(objectMap, "osFamily", h.OSFamily) + populate(objectMap, "osVersion", h.OSVersion) + populate(objectMap, "omsAgentID", h.OmsAgentID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQuery. -func (i *InsightQueryItemPropertiesTableQuery) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HostEntityProperties. +func (h *HostEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "columnsDefinitions": - err = unpopulate(val, "ColumnsDefinitions", &i.ColumnsDefinitions) + case "additionalData": + err = unpopulate(val, "AdditionalData", &h.AdditionalData) delete(rawMsg, key) - case "queriesDefinitions": - err = unpopulate(val, "QueriesDefinitions", &i.QueriesDefinitions) + case "azureID": + err = unpopulate(val, "AzureID", &h.AzureID) + delete(rawMsg, key) + case "dnsDomain": + err = unpopulate(val, "DNSDomain", &h.DNSDomain) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &h.FriendlyName) + delete(rawMsg, key) + case "hostName": + err = unpopulate(val, "HostName", &h.HostName) + delete(rawMsg, key) + case "isDomainJoined": + err = unpopulate(val, "IsDomainJoined", &h.IsDomainJoined) + delete(rawMsg, key) + case "netBiosName": + err = unpopulate(val, "NetBiosName", &h.NetBiosName) + delete(rawMsg, key) + case "ntDomain": + err = unpopulate(val, "NtDomain", &h.NtDomain) + delete(rawMsg, key) + case "osFamily": + err = unpopulate(val, "OSFamily", &h.OSFamily) + delete(rawMsg, key) + case "osVersion": + err = unpopulate(val, "OSVersion", &h.OSVersion) + delete(rawMsg, key) + case "omsAgentID": + err = unpopulate(val, "OmsAgentID", &h.OmsAgentID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem. -func (i InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Hunt. +func (h Hunt) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "header", i.Header) - populate(objectMap, "outputType", i.OutputType) - populate(objectMap, "supportDeepLink", i.SupportDeepLink) + populate(objectMap, "etag", h.Etag) + populate(objectMap, "id", h.ID) + populate(objectMap, "name", h.Name) + populate(objectMap, "properties", h.Properties) + populate(objectMap, "systemData", h.SystemData) + populate(objectMap, "type", h.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem. -func (i *InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Hunt. +func (h *Hunt) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "header": - err = unpopulate(val, "Header", &i.Header) + case "etag": + err = unpopulate(val, "Etag", &h.Etag) delete(rawMsg, key) - case "outputType": - err = unpopulate(val, "OutputType", &i.OutputType) + case "id": + err = unpopulate(val, "ID", &h.ID) delete(rawMsg, key) - case "supportDeepLink": - err = unpopulate(val, "SupportDeepLink", &i.SupportDeepLink) + case "name": + err = unpopulate(val, "Name", &h.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &h.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &h.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &h.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem. -func (i InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntComment. +func (h HuntComment) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "filter", i.Filter) - populate(objectMap, "linkColumnsDefinitions", i.LinkColumnsDefinitions) - populate(objectMap, "project", i.Project) - populate(objectMap, "summarize", i.Summarize) + populate(objectMap, "etag", h.Etag) + populate(objectMap, "id", h.ID) + populate(objectMap, "name", h.Name) + populate(objectMap, "properties", h.Properties) + populate(objectMap, "systemData", h.SystemData) + populate(objectMap, "type", h.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem. -func (i *InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntComment. +func (h *HuntComment) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "filter": - err = unpopulate(val, "Filter", &i.Filter) + case "etag": + err = unpopulate(val, "Etag", &h.Etag) delete(rawMsg, key) - case "linkColumnsDefinitions": - err = unpopulate(val, "LinkColumnsDefinitions", &i.LinkColumnsDefinitions) + case "id": + err = unpopulate(val, "ID", &h.ID) delete(rawMsg, key) - case "project": - err = unpopulate(val, "Project", &i.Project) + case "name": + err = unpopulate(val, "Name", &h.Name) delete(rawMsg, key) - case "summarize": - err = unpopulate(val, "Summarize", &i.Summarize) + case "properties": + err = unpopulate(val, "Properties", &h.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &h.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &h.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem. -func (i InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntCommentList. +func (h HuntCommentList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "projectedName", i.ProjectedName) - populate(objectMap, "Query", i.Query) + populate(objectMap, "nextLink", h.NextLink) + populate(objectMap, "value", h.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem. -func (i *InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntCommentList. +func (h *HuntCommentList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "projectedName": - err = unpopulate(val, "ProjectedName", &i.ProjectedName) + case "nextLink": + err = unpopulate(val, "NextLink", &h.NextLink) delete(rawMsg, key) - case "Query": - err = unpopulate(val, "Query", &i.Query) + case "value": + err = unpopulate(val, "Value", &h.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightsTableResult. -func (i InsightsTableResult) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntCommentProperties. +func (h HuntCommentProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "columns", i.Columns) - populate(objectMap, "rows", i.Rows) + populate(objectMap, "message", h.Message) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightsTableResult. -func (i *InsightsTableResult) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntCommentProperties. +func (h *HuntCommentProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "columns": - err = unpopulate(val, "Columns", &i.Columns) - delete(rawMsg, key) - case "rows": - err = unpopulate(val, "Rows", &i.Rows) + case "message": + err = unpopulate(val, "Message", &h.Message) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InsightsTableResultColumnsItem. -func (i InsightsTableResultColumnsItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntList. +func (h HuntList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "name", i.Name) - populate(objectMap, "type", i.Type) + populate(objectMap, "nextLink", h.NextLink) + populate(objectMap, "value", h.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InsightsTableResultColumnsItem. -func (i *InsightsTableResultColumnsItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntList. +func (h *HuntList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "name": - err = unpopulate(val, "Name", &i.Name) + case "nextLink": + err = unpopulate(val, "NextLink", &h.NextLink) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &i.Type) + case "value": + err = unpopulate(val, "Value", &h.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type InstructionStepsInstructionsItem. -func (i InstructionStepsInstructionsItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntOwner. +func (h HuntOwner) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateAny(objectMap, "parameters", i.Parameters) - populate(objectMap, "type", i.Type) + populate(objectMap, "assignedTo", h.AssignedTo) + populate(objectMap, "email", h.Email) + populate(objectMap, "objectId", h.ObjectID) + populate(objectMap, "ownerType", h.OwnerType) + populate(objectMap, "userPrincipalName", h.UserPrincipalName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type InstructionStepsInstructionsItem. -func (i *InstructionStepsInstructionsItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntOwner. +func (h *HuntOwner) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "parameters": - err = unpopulate(val, "Parameters", &i.Parameters) + case "assignedTo": + err = unpopulate(val, "AssignedTo", &h.AssignedTo) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &i.Type) + case "email": + err = unpopulate(val, "Email", &h.Email) + delete(rawMsg, key) + case "objectId": + err = unpopulate(val, "ObjectID", &h.ObjectID) + delete(rawMsg, key) + case "ownerType": + err = unpopulate(val, "OwnerType", &h.OwnerType) + delete(rawMsg, key) + case "userPrincipalName": + err = unpopulate(val, "UserPrincipalName", &h.UserPrincipalName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IoTCheckRequirements. -func (i IoTCheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntProperties. +func (h HuntProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindIOT - populate(objectMap, "properties", i.Properties) + populate(objectMap, "attackTactics", h.AttackTactics) + populate(objectMap, "attackTechniques", h.AttackTechniques) + populate(objectMap, "description", h.Description) + populate(objectMap, "displayName", h.DisplayName) + populate(objectMap, "hypothesisStatus", h.HypothesisStatus) + populate(objectMap, "labels", h.Labels) + populate(objectMap, "owner", h.Owner) + populate(objectMap, "status", h.Status) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IoTCheckRequirements. -func (i *IoTCheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntProperties. +func (h *HuntProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &i.Kind) + case "attackTactics": + err = unpopulate(val, "AttackTactics", &h.AttackTactics) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &i.Properties) + case "attackTechniques": + err = unpopulate(val, "AttackTechniques", &h.AttackTechniques) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &h.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &h.DisplayName) + delete(rawMsg, key) + case "hypothesisStatus": + err = unpopulate(val, "HypothesisStatus", &h.HypothesisStatus) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &h.Labels) + delete(rawMsg, key) + case "owner": + err = unpopulate(val, "Owner", &h.Owner) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &h.Status) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IoTCheckRequirementsProperties. -func (i IoTCheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntRelation. +func (h HuntRelation) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "subscriptionId", i.SubscriptionID) + populate(objectMap, "etag", h.Etag) + populate(objectMap, "id", h.ID) + populate(objectMap, "name", h.Name) + populate(objectMap, "properties", h.Properties) + populate(objectMap, "systemData", h.SystemData) + populate(objectMap, "type", h.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IoTCheckRequirementsProperties. -func (i *IoTCheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntRelation. +func (h *HuntRelation) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "subscriptionId": - err = unpopulate(val, "SubscriptionID", &i.SubscriptionID) + case "etag": + err = unpopulate(val, "Etag", &h.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &h.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &h.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &h.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &h.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &h.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IoTDataConnector. -func (i IoTDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntRelationList. +func (h HuntRelationList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", i.Etag) - populate(objectMap, "id", i.ID) - objectMap["kind"] = DataConnectorKindIOT - populate(objectMap, "name", i.Name) - populate(objectMap, "properties", i.Properties) - populate(objectMap, "systemData", i.SystemData) - populate(objectMap, "type", i.Type) + populate(objectMap, "nextLink", h.NextLink) + populate(objectMap, "value", h.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDataConnector. -func (i *IoTDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntRelationList. +func (h *HuntRelationList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &i.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &i.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &i.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &i.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &i.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &i.SystemData) + case "nextLink": + err = unpopulate(val, "NextLink", &h.NextLink) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &i.Type) + case "value": + err = unpopulate(val, "Value", &h.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IoTDataConnectorProperties. -func (i IoTDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntRelationProperties. +func (h HuntRelationProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", i.DataTypes) - populate(objectMap, "subscriptionId", i.SubscriptionID) + populate(objectMap, "labels", h.Labels) + populate(objectMap, "relatedResourceId", h.RelatedResourceID) + populate(objectMap, "relatedResourceKind", h.RelatedResourceKind) + populate(objectMap, "relatedResourceName", h.RelatedResourceName) + populate(objectMap, "relationType", h.RelationType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDataConnectorProperties. -func (i *IoTDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntRelationProperties. +func (h *HuntRelationProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &i.DataTypes) + case "labels": + err = unpopulate(val, "Labels", &h.Labels) delete(rawMsg, key) - case "subscriptionId": - err = unpopulate(val, "SubscriptionID", &i.SubscriptionID) + case "relatedResourceId": + err = unpopulate(val, "RelatedResourceID", &h.RelatedResourceID) + delete(rawMsg, key) + case "relatedResourceKind": + err = unpopulate(val, "RelatedResourceKind", &h.RelatedResourceKind) + delete(rawMsg, key) + case "relatedResourceName": + err = unpopulate(val, "RelatedResourceName", &h.RelatedResourceName) + delete(rawMsg, key) + case "relationType": + err = unpopulate(val, "RelationType", &h.RelationType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IoTDeviceEntity. -func (i IoTDeviceEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntingBookmark. +func (h HuntingBookmark) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", i.ID) - objectMap["kind"] = EntityKindIoTDevice - populate(objectMap, "name", i.Name) - populate(objectMap, "properties", i.Properties) - populate(objectMap, "systemData", i.SystemData) - populate(objectMap, "type", i.Type) + populate(objectMap, "id", h.ID) + objectMap["kind"] = EntityKindEnumBookmark + populate(objectMap, "name", h.Name) + populate(objectMap, "properties", h.Properties) + populate(objectMap, "systemData", h.SystemData) + populate(objectMap, "type", h.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDeviceEntity. -func (i *IoTDeviceEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntingBookmark. +func (h *HuntingBookmark) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &i.ID) + err = unpopulate(val, "ID", &h.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &i.Kind) + err = unpopulate(val, "Kind", &h.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &i.Name) + err = unpopulate(val, "Name", &h.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &i.Properties) + err = unpopulate(val, "Properties", &h.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &i.SystemData) + err = unpopulate(val, "SystemData", &h.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &i.Type) + err = unpopulate(val, "Type", &h.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IoTDeviceEntityProperties. -func (i IoTDeviceEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type HuntingBookmarkProperties. +func (h HuntingBookmarkProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", i.AdditionalData) - populate(objectMap, "deviceId", i.DeviceID) - populate(objectMap, "deviceName", i.DeviceName) - populate(objectMap, "deviceSubType", i.DeviceSubType) - populate(objectMap, "deviceType", i.DeviceType) - populate(objectMap, "edgeId", i.EdgeID) - populate(objectMap, "firmwareVersion", i.FirmwareVersion) - populate(objectMap, "friendlyName", i.FriendlyName) - populate(objectMap, "hostEntityId", i.HostEntityID) - populate(objectMap, "ipAddressEntityId", i.IPAddressEntityID) - populate(objectMap, "importance", i.Importance) - populate(objectMap, "iotHubEntityId", i.IotHubEntityID) - populate(objectMap, "iotSecurityAgentId", i.IotSecurityAgentID) - populate(objectMap, "isAuthorized", i.IsAuthorized) - populate(objectMap, "isProgramming", i.IsProgramming) - populate(objectMap, "isScanner", i.IsScanner) - populate(objectMap, "macAddress", i.MacAddress) - populate(objectMap, "model", i.Model) - populate(objectMap, "nicEntityIds", i.NicEntityIDs) - populate(objectMap, "operatingSystem", i.OperatingSystem) - populate(objectMap, "owners", i.Owners) - populate(objectMap, "protocols", i.Protocols) - populate(objectMap, "purdueLayer", i.PurdueLayer) - populate(objectMap, "sensor", i.Sensor) - populate(objectMap, "serialNumber", i.SerialNumber) - populate(objectMap, "site", i.Site) - populate(objectMap, "source", i.Source) - populate(objectMap, "threatIntelligence", i.ThreatIntelligence) - populate(objectMap, "vendor", i.Vendor) - populate(objectMap, "zone", i.Zone) + populate(objectMap, "additionalData", h.AdditionalData) + populateDateTimeRFC3339(objectMap, "created", h.Created) + populate(objectMap, "createdBy", h.CreatedBy) + populate(objectMap, "displayName", h.DisplayName) + populateDateTimeRFC3339(objectMap, "eventTime", h.EventTime) + populate(objectMap, "friendlyName", h.FriendlyName) + populate(objectMap, "incidentInfo", h.IncidentInfo) + populate(objectMap, "labels", h.Labels) + populate(objectMap, "notes", h.Notes) + populate(objectMap, "query", h.Query) + populate(objectMap, "queryResult", h.QueryResult) + populateDateTimeRFC3339(objectMap, "updated", h.Updated) + populate(objectMap, "updatedBy", h.UpdatedBy) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDeviceEntityProperties. -func (i *IoTDeviceEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntingBookmarkProperties. +func (h *HuntingBookmarkProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } for key, val := range rawMsg { var err error switch key { case "additionalData": - err = unpopulate(val, "AdditionalData", &i.AdditionalData) - delete(rawMsg, key) - case "deviceId": - err = unpopulate(val, "DeviceID", &i.DeviceID) - delete(rawMsg, key) - case "deviceName": - err = unpopulate(val, "DeviceName", &i.DeviceName) + err = unpopulate(val, "AdditionalData", &h.AdditionalData) delete(rawMsg, key) - case "deviceSubType": - err = unpopulate(val, "DeviceSubType", &i.DeviceSubType) + case "created": + err = unpopulateDateTimeRFC3339(val, "Created", &h.Created) delete(rawMsg, key) - case "deviceType": - err = unpopulate(val, "DeviceType", &i.DeviceType) + case "createdBy": + err = unpopulate(val, "CreatedBy", &h.CreatedBy) delete(rawMsg, key) - case "edgeId": - err = unpopulate(val, "EdgeID", &i.EdgeID) + case "displayName": + err = unpopulate(val, "DisplayName", &h.DisplayName) delete(rawMsg, key) - case "firmwareVersion": - err = unpopulate(val, "FirmwareVersion", &i.FirmwareVersion) + case "eventTime": + err = unpopulateDateTimeRFC3339(val, "EventTime", &h.EventTime) delete(rawMsg, key) case "friendlyName": - err = unpopulate(val, "FriendlyName", &i.FriendlyName) - delete(rawMsg, key) - case "hostEntityId": - err = unpopulate(val, "HostEntityID", &i.HostEntityID) - delete(rawMsg, key) - case "ipAddressEntityId": - err = unpopulate(val, "IPAddressEntityID", &i.IPAddressEntityID) - delete(rawMsg, key) - case "importance": - err = unpopulate(val, "Importance", &i.Importance) - delete(rawMsg, key) - case "iotHubEntityId": - err = unpopulate(val, "IotHubEntityID", &i.IotHubEntityID) - delete(rawMsg, key) - case "iotSecurityAgentId": - err = unpopulate(val, "IotSecurityAgentID", &i.IotSecurityAgentID) - delete(rawMsg, key) - case "isAuthorized": - err = unpopulate(val, "IsAuthorized", &i.IsAuthorized) - delete(rawMsg, key) - case "isProgramming": - err = unpopulate(val, "IsProgramming", &i.IsProgramming) - delete(rawMsg, key) - case "isScanner": - err = unpopulate(val, "IsScanner", &i.IsScanner) - delete(rawMsg, key) - case "macAddress": - err = unpopulate(val, "MacAddress", &i.MacAddress) - delete(rawMsg, key) - case "model": - err = unpopulate(val, "Model", &i.Model) - delete(rawMsg, key) - case "nicEntityIds": - err = unpopulate(val, "NicEntityIDs", &i.NicEntityIDs) - delete(rawMsg, key) - case "operatingSystem": - err = unpopulate(val, "OperatingSystem", &i.OperatingSystem) - delete(rawMsg, key) - case "owners": - err = unpopulate(val, "Owners", &i.Owners) - delete(rawMsg, key) - case "protocols": - err = unpopulate(val, "Protocols", &i.Protocols) - delete(rawMsg, key) - case "purdueLayer": - err = unpopulate(val, "PurdueLayer", &i.PurdueLayer) + err = unpopulate(val, "FriendlyName", &h.FriendlyName) delete(rawMsg, key) - case "sensor": - err = unpopulate(val, "Sensor", &i.Sensor) + case "incidentInfo": + err = unpopulate(val, "IncidentInfo", &h.IncidentInfo) delete(rawMsg, key) - case "serialNumber": - err = unpopulate(val, "SerialNumber", &i.SerialNumber) + case "labels": + err = unpopulate(val, "Labels", &h.Labels) delete(rawMsg, key) - case "site": - err = unpopulate(val, "Site", &i.Site) + case "notes": + err = unpopulate(val, "Notes", &h.Notes) delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &i.Source) + case "query": + err = unpopulate(val, "Query", &h.Query) delete(rawMsg, key) - case "threatIntelligence": - err = unpopulate(val, "ThreatIntelligence", &i.ThreatIntelligence) + case "queryResult": + err = unpopulate(val, "QueryResult", &h.QueryResult) delete(rawMsg, key) - case "vendor": - err = unpopulate(val, "Vendor", &i.Vendor) + case "updated": + err = unpopulateDateTimeRFC3339(val, "Updated", &h.Updated) delete(rawMsg, key) - case "zone": - err = unpopulate(val, "Zone", &i.Zone) + case "updatedBy": + err = unpopulate(val, "UpdatedBy", &h.UpdatedBy) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", h, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MCASCheckRequirements. -func (m MCASCheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IPEntity. +func (i IPEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindMicrosoftCloudAppSecurity - populate(objectMap, "properties", m.Properties) + populate(objectMap, "id", i.ID) + objectMap["kind"] = EntityKindEnumIP + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MCASCheckRequirements. -func (m *MCASCheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IPEntity. +func (i *IPEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &m.Kind) + err = unpopulate(val, "Kind", &i.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &m.Properties) + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MCASCheckRequirementsProperties. -func (m MCASCheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IPEntityProperties. +func (i IPEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "additionalData", i.AdditionalData) + populate(objectMap, "address", i.Address) + populate(objectMap, "friendlyName", i.FriendlyName) + populate(objectMap, "location", i.Location) + populate(objectMap, "threatIntelligence", i.ThreatIntelligence) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MCASCheckRequirementsProperties. -func (m *MCASCheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IPEntityProperties. +func (i *IPEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "additionalData": + err = unpopulate(val, "AdditionalData", &i.AdditionalData) + delete(rawMsg, key) + case "address": + err = unpopulate(val, "Address", &i.Address) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &i.FriendlyName) + delete(rawMsg, key) + case "location": + err = unpopulate(val, "Location", &i.Location) + delete(rawMsg, key) + case "threatIntelligence": + err = unpopulate(val, "ThreatIntelligence", &i.ThreatIntelligence) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MCASDataConnector. -func (m MCASDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Identity. +func (i Identity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - objectMap["kind"] = DataConnectorKindMicrosoftCloudAppSecurity - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "id", i.ID) + objectMap["kind"] = TIObjectKindIdentity + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnector. -func (m *MCASDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Identity. +func (i *Identity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &m.Etag) - delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &m.ID) + err = unpopulate(val, "ID", &i.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &m.Kind) + err = unpopulate(val, "Kind", &i.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &m.Name) + err = unpopulate(val, "Name", &i.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &m.Properties) + err = unpopulate(val, "Properties", &i.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + err = unpopulate(val, "SystemData", &i.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &m.Type) + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MCASDataConnectorDataTypes. -func (m MCASDataConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Incident. +func (i Incident) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alerts", m.Alerts) - populate(objectMap, "discoveryLogs", m.DiscoveryLogs) + populate(objectMap, "etag", i.Etag) + populate(objectMap, "id", i.ID) + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnectorDataTypes. -func (m *MCASDataConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Incident. +func (i *Incident) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "alerts": - err = unpopulate(val, "Alerts", &m.Alerts) + case "etag": + err = unpopulate(val, "Etag", &i.Etag) delete(rawMsg, key) - case "discoveryLogs": - err = unpopulate(val, "DiscoveryLogs", &m.DiscoveryLogs) + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MCASDataConnectorProperties. -func (m MCASDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentAdditionalData. +func (i IncidentAdditionalData) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", m.DataTypes) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "alertProductNames", i.AlertProductNames) + populate(objectMap, "alertsCount", i.AlertsCount) + populate(objectMap, "bookmarksCount", i.BookmarksCount) + populate(objectMap, "commentsCount", i.CommentsCount) + populate(objectMap, "mergedIncidentNumber", i.MergedIncidentNumber) + populate(objectMap, "mergedIncidentUrl", i.MergedIncidentURL) + populate(objectMap, "providerIncidentUrl", i.ProviderIncidentURL) + populate(objectMap, "tactics", i.Tactics) + populate(objectMap, "techniques", i.Techniques) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnectorProperties. -func (m *MCASDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentAdditionalData. +func (i *IncidentAdditionalData) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &m.DataTypes) + case "alertProductNames": + err = unpopulate(val, "AlertProductNames", &i.AlertProductNames) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "alertsCount": + err = unpopulate(val, "AlertsCount", &i.AlertsCount) + delete(rawMsg, key) + case "bookmarksCount": + err = unpopulate(val, "BookmarksCount", &i.BookmarksCount) + delete(rawMsg, key) + case "commentsCount": + err = unpopulate(val, "CommentsCount", &i.CommentsCount) + delete(rawMsg, key) + case "mergedIncidentNumber": + err = unpopulate(val, "MergedIncidentNumber", &i.MergedIncidentNumber) + delete(rawMsg, key) + case "mergedIncidentUrl": + err = unpopulate(val, "MergedIncidentURL", &i.MergedIncidentURL) + delete(rawMsg, key) + case "providerIncidentUrl": + err = unpopulate(val, "ProviderIncidentURL", &i.ProviderIncidentURL) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &i.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &i.Techniques) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MDATPCheckRequirements. -func (m MDATPCheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentAlertList. +func (i IncidentAlertList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindMicrosoftDefenderAdvancedThreatProtection - populate(objectMap, "properties", m.Properties) + populate(objectMap, "value", i.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPCheckRequirements. -func (m *MDATPCheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentAlertList. +func (i *IncidentAlertList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) + case "value": + err = unpopulate(val, "Value", &i.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MDATPCheckRequirementsProperties. -func (m MDATPCheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentBookmarkList. +func (i IncidentBookmarkList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "value", i.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPCheckRequirementsProperties. -func (m *MDATPCheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentBookmarkList. +func (i *IncidentBookmarkList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "value": + err = unpopulate(val, "Value", &i.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MDATPDataConnector. -func (m MDATPDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentComment. +func (i IncidentComment) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - objectMap["kind"] = DataConnectorKindMicrosoftDefenderAdvancedThreatProtection - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "etag", i.Etag) + populate(objectMap, "id", i.ID) + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPDataConnector. -func (m *MDATPDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentComment. +func (i *IncidentComment) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { case "etag": - err = unpopulate(val, "Etag", &m.Etag) + err = unpopulate(val, "Etag", &i.Etag) delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) + err = unpopulate(val, "ID", &i.ID) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &m.Name) + err = unpopulate(val, "Name", &i.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &m.Properties) + err = unpopulate(val, "Properties", &i.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + err = unpopulate(val, "SystemData", &i.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &m.Type) + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MDATPDataConnectorProperties. -func (m MDATPDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentCommentList. +func (i IncidentCommentList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", m.DataTypes) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "nextLink", i.NextLink) + populate(objectMap, "value", i.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPDataConnectorProperties. -func (m *MDATPDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentCommentList. +func (i *IncidentCommentList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &m.DataTypes) + case "nextLink": + err = unpopulate(val, "NextLink", &i.NextLink) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "value": + err = unpopulate(val, "Value", &i.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRule. -func (m MLBehaviorAnalyticsAlertRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentCommentProperties. +func (i IncidentCommentProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - objectMap["kind"] = AlertRuleKindMLBehaviorAnalytics - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "author", i.Author) + populateDateTimeRFC3339(objectMap, "createdTimeUtc", i.CreatedTimeUTC) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", i.LastModifiedTimeUTC) + populate(objectMap, "message", i.Message) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRule. -func (m *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentCommentProperties. +func (i *IncidentCommentProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &m.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) + case "author": + err = unpopulate(val, "Author", &i.Author) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) + case "createdTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &i.CreatedTimeUTC) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &i.LastModifiedTimeUTC) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "message": + err = unpopulate(val, "Message", &i.Message) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRuleProperties. -func (m MLBehaviorAnalyticsAlertRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentConfiguration. +func (i IncidentConfiguration) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertRuleTemplateName", m.AlertRuleTemplateName) - populate(objectMap, "description", m.Description) - populate(objectMap, "displayName", m.DisplayName) - populate(objectMap, "enabled", m.Enabled) - populateDateTimeRFC3339(objectMap, "lastModifiedUtc", m.LastModifiedUTC) - populate(objectMap, "severity", m.Severity) - populate(objectMap, "tactics", m.Tactics) - populate(objectMap, "techniques", m.Techniques) + populate(objectMap, "createIncident", i.CreateIncident) + populate(objectMap, "groupingConfiguration", i.GroupingConfiguration) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRuleProperties. -func (m *MLBehaviorAnalyticsAlertRuleProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentConfiguration. +func (i *IncidentConfiguration) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "alertRuleTemplateName": - err = unpopulate(val, "AlertRuleTemplateName", &m.AlertRuleTemplateName) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &m.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &m.DisplayName) - delete(rawMsg, key) - case "enabled": - err = unpopulate(val, "Enabled", &m.Enabled) - delete(rawMsg, key) - case "lastModifiedUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &m.LastModifiedUTC) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &m.Severity) - delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &m.Tactics) + case "createIncident": + err = unpopulate(val, "CreateIncident", &i.CreateIncident) delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &m.Techniques) + case "groupingConfiguration": + err = unpopulate(val, "GroupingConfiguration", &i.GroupingConfiguration) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRuleTemplate. -func (m MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentEntitiesResponse. +func (i IncidentEntitiesResponse) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = AlertRuleKindMLBehaviorAnalytics - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "entities", i.Entities) + populate(objectMap, "metaData", i.MetaData) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRuleTemplate. -func (m *MLBehaviorAnalyticsAlertRuleTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentEntitiesResponse. +func (i *IncidentEntitiesResponse) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "entities": + i.Entities, err = unmarshalEntityClassificationArray(val) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "metaData": + err = unpopulate(val, "MetaData", &i.MetaData) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRuleTemplateProperties. -func (m MLBehaviorAnalyticsAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentEntitiesResultsMetadata. +func (i IncidentEntitiesResultsMetadata) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertRulesCreatedByTemplateCount", m.AlertRulesCreatedByTemplateCount) - populateDateTimeRFC3339(objectMap, "createdDateUTC", m.CreatedDateUTC) - populate(objectMap, "description", m.Description) - populate(objectMap, "displayName", m.DisplayName) - populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", m.LastUpdatedDateUTC) - populate(objectMap, "requiredDataConnectors", m.RequiredDataConnectors) - populate(objectMap, "severity", m.Severity) - populate(objectMap, "status", m.Status) - populate(objectMap, "tactics", m.Tactics) - populate(objectMap, "techniques", m.Techniques) + populate(objectMap, "count", i.Count) + populate(objectMap, "entityKind", i.EntityKind) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRuleTemplateProperties. -func (m *MLBehaviorAnalyticsAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentEntitiesResultsMetadata. +func (i *IncidentEntitiesResultsMetadata) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "alertRulesCreatedByTemplateCount": - err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &m.AlertRulesCreatedByTemplateCount) - delete(rawMsg, key) - case "createdDateUTC": - err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &m.CreatedDateUTC) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &m.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &m.DisplayName) - delete(rawMsg, key) - case "lastUpdatedDateUTC": - err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &m.LastUpdatedDateUTC) - delete(rawMsg, key) - case "requiredDataConnectors": - err = unpopulate(val, "RequiredDataConnectors", &m.RequiredDataConnectors) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &m.Severity) - delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &m.Status) - delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &m.Tactics) + case "count": + err = unpopulate(val, "Count", &i.Count) delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &m.Techniques) + case "entityKind": + err = unpopulate(val, "EntityKind", &i.EntityKind) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MSTICheckRequirements. -func (m MSTICheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentInfo. +func (i IncidentInfo) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindMicrosoftThreatIntelligence - populate(objectMap, "properties", m.Properties) + populate(objectMap, "incidentId", i.IncidentID) + populate(objectMap, "relationName", i.RelationName) + populate(objectMap, "severity", i.Severity) + populate(objectMap, "title", i.Title) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MSTICheckRequirements. -func (m *MSTICheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentInfo. +func (i *IncidentInfo) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &m.Kind) + case "incidentId": + err = unpopulate(val, "IncidentID", &i.IncidentID) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) + case "relationName": + err = unpopulate(val, "RelationName", &i.RelationName) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &i.Severity) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &i.Title) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MSTICheckRequirementsProperties. -func (m MSTICheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentLabel. +func (i IncidentLabel) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "labelName", i.LabelName) + populate(objectMap, "labelType", i.LabelType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MSTICheckRequirementsProperties. -func (m *MSTICheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentLabel. +func (i *IncidentLabel) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "labelName": + err = unpopulate(val, "LabelName", &i.LabelName) + delete(rawMsg, key) + case "labelType": + err = unpopulate(val, "LabelType", &i.LabelType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnector. -func (m MSTIDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentList. +func (i IncidentList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - objectMap["kind"] = DataConnectorKindMicrosoftThreatIntelligence - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "nextLink", i.NextLink) + populate(objectMap, "value", i.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnector. -func (m *MSTIDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentList. +func (i *IncidentList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &m.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "nextLink": + err = unpopulate(val, "NextLink", &i.NextLink) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "value": + err = unpopulate(val, "Value", &i.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnectorDataTypes. -func (m MSTIDataConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentOwnerInfo. +func (i IncidentOwnerInfo) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "bingSafetyPhishingURL", m.BingSafetyPhishingURL) - populate(objectMap, "microsoftEmergingThreatFeed", m.MicrosoftEmergingThreatFeed) + populate(objectMap, "assignedTo", i.AssignedTo) + populate(objectMap, "email", i.Email) + populate(objectMap, "objectId", i.ObjectID) + populate(objectMap, "ownerType", i.OwnerType) + populate(objectMap, "userPrincipalName", i.UserPrincipalName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnectorDataTypes. -func (m *MSTIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentOwnerInfo. +func (i *IncidentOwnerInfo) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "bingSafetyPhishingURL": - err = unpopulate(val, "BingSafetyPhishingURL", &m.BingSafetyPhishingURL) + case "assignedTo": + err = unpopulate(val, "AssignedTo", &i.AssignedTo) delete(rawMsg, key) - case "microsoftEmergingThreatFeed": - err = unpopulate(val, "MicrosoftEmergingThreatFeed", &m.MicrosoftEmergingThreatFeed) + case "email": + err = unpopulate(val, "Email", &i.Email) delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + case "objectId": + err = unpopulate(val, "ObjectID", &i.ObjectID) + delete(rawMsg, key) + case "ownerType": + err = unpopulate(val, "OwnerType", &i.OwnerType) + delete(rawMsg, key) + case "userPrincipalName": + err = unpopulate(val, "UserPrincipalName", &i.UserPrincipalName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnectorDataTypesBingSafetyPhishingURL. -func (m MSTIDataConnectorDataTypesBingSafetyPhishingURL) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentProperties. +func (i IncidentProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "lookbackPeriod", m.LookbackPeriod) - populate(objectMap, "state", m.State) + populate(objectMap, "additionalData", i.AdditionalData) + populate(objectMap, "classification", i.Classification) + populate(objectMap, "classificationComment", i.ClassificationComment) + populate(objectMap, "classificationReason", i.ClassificationReason) + populateDateTimeRFC3339(objectMap, "createdTimeUtc", i.CreatedTimeUTC) + populate(objectMap, "description", i.Description) + populateDateTimeRFC3339(objectMap, "firstActivityTimeUtc", i.FirstActivityTimeUTC) + populate(objectMap, "incidentNumber", i.IncidentNumber) + populate(objectMap, "incidentUrl", i.IncidentURL) + populate(objectMap, "labels", i.Labels) + populateDateTimeRFC3339(objectMap, "lastActivityTimeUtc", i.LastActivityTimeUTC) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", i.LastModifiedTimeUTC) + populate(objectMap, "owner", i.Owner) + populate(objectMap, "providerIncidentId", i.ProviderIncidentID) + populate(objectMap, "providerName", i.ProviderName) + populate(objectMap, "relatedAnalyticRuleIds", i.RelatedAnalyticRuleIDs) + populate(objectMap, "severity", i.Severity) + populate(objectMap, "status", i.Status) + populate(objectMap, "teamInformation", i.TeamInformation) + populate(objectMap, "title", i.Title) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnectorDataTypesBingSafetyPhishingURL. -func (m *MSTIDataConnectorDataTypesBingSafetyPhishingURL) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentProperties. +func (i *IncidentProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "lookbackPeriod": - err = unpopulate(val, "LookbackPeriod", &m.LookbackPeriod) + case "additionalData": + err = unpopulate(val, "AdditionalData", &i.AdditionalData) delete(rawMsg, key) - case "state": - err = unpopulate(val, "State", &m.State) + case "classification": + err = unpopulate(val, "Classification", &i.Classification) + delete(rawMsg, key) + case "classificationComment": + err = unpopulate(val, "ClassificationComment", &i.ClassificationComment) + delete(rawMsg, key) + case "classificationReason": + err = unpopulate(val, "ClassificationReason", &i.ClassificationReason) + delete(rawMsg, key) + case "createdTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &i.CreatedTimeUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &i.Description) + delete(rawMsg, key) + case "firstActivityTimeUtc": + err = unpopulateDateTimeRFC3339(val, "FirstActivityTimeUTC", &i.FirstActivityTimeUTC) + delete(rawMsg, key) + case "incidentNumber": + err = unpopulate(val, "IncidentNumber", &i.IncidentNumber) + delete(rawMsg, key) + case "incidentUrl": + err = unpopulate(val, "IncidentURL", &i.IncidentURL) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &i.Labels) + delete(rawMsg, key) + case "lastActivityTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastActivityTimeUTC", &i.LastActivityTimeUTC) + delete(rawMsg, key) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &i.LastModifiedTimeUTC) + delete(rawMsg, key) + case "owner": + err = unpopulate(val, "Owner", &i.Owner) + delete(rawMsg, key) + case "providerIncidentId": + err = unpopulate(val, "ProviderIncidentID", &i.ProviderIncidentID) + delete(rawMsg, key) + case "providerName": + err = unpopulate(val, "ProviderName", &i.ProviderName) + delete(rawMsg, key) + case "relatedAnalyticRuleIds": + err = unpopulate(val, "RelatedAnalyticRuleIDs", &i.RelatedAnalyticRuleIDs) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &i.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &i.Status) + delete(rawMsg, key) + case "teamInformation": + err = unpopulate(val, "TeamInformation", &i.TeamInformation) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &i.Title) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed. -func (m MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentPropertiesAction. +func (i IncidentPropertiesAction) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "lookbackPeriod", m.LookbackPeriod) - populate(objectMap, "state", m.State) + populate(objectMap, "classification", i.Classification) + populate(objectMap, "classificationComment", i.ClassificationComment) + populate(objectMap, "classificationReason", i.ClassificationReason) + populate(objectMap, "labels", i.Labels) + populate(objectMap, "owner", i.Owner) + populate(objectMap, "severity", i.Severity) + populate(objectMap, "status", i.Status) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed. -func (m *MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentPropertiesAction. +func (i *IncidentPropertiesAction) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "lookbackPeriod": - err = unpopulate(val, "LookbackPeriod", &m.LookbackPeriod) + case "classification": + err = unpopulate(val, "Classification", &i.Classification) delete(rawMsg, key) - case "state": - err = unpopulate(val, "State", &m.State) + case "classificationComment": + err = unpopulate(val, "ClassificationComment", &i.ClassificationComment) + delete(rawMsg, key) + case "classificationReason": + err = unpopulate(val, "ClassificationReason", &i.ClassificationReason) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &i.Labels) + delete(rawMsg, key) + case "owner": + err = unpopulate(val, "Owner", &i.Owner) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &i.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &i.Status) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnectorProperties. -func (m MSTIDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentTask. +func (i IncidentTask) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", m.DataTypes) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "etag", i.Etag) + populate(objectMap, "id", i.ID) + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnectorProperties. -func (m *MSTIDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentTask. +func (i *IncidentTask) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &m.DataTypes) + case "etag": + err = unpopulate(val, "Etag", &i.Etag) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MTPCheckRequirementsProperties. -func (m MTPCheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentTaskList. +func (i IncidentTaskList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "nextLink", i.NextLink) + populate(objectMap, "value", i.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MTPCheckRequirementsProperties. -func (m *MTPCheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentTaskList. +func (i *IncidentTaskList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "nextLink": + err = unpopulate(val, "NextLink", &i.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &i.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MTPDataConnector. -func (m MTPDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IncidentTaskProperties. +func (i IncidentTaskProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - objectMap["kind"] = DataConnectorKindMicrosoftThreatProtection - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "createdBy", i.CreatedBy) + populateDateTimeRFC3339(objectMap, "createdTimeUtc", i.CreatedTimeUTC) + populate(objectMap, "description", i.Description) + populate(objectMap, "lastModifiedBy", i.LastModifiedBy) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", i.LastModifiedTimeUTC) + populate(objectMap, "status", i.Status) + populate(objectMap, "title", i.Title) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnector. -func (m *MTPDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentTaskProperties. +func (i *IncidentTaskProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &m.Etag) + case "createdBy": + err = unpopulate(val, "CreatedBy", &i.CreatedBy) delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &m.ID) + case "createdTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &i.CreatedTimeUTC) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) + case "description": + err = unpopulate(val, "Description", &i.Description) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) + case "lastModifiedBy": + err = unpopulate(val, "LastModifiedBy", &i.LastModifiedBy) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &i.LastModifiedTimeUTC) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "status": + err = unpopulate(val, "Status", &i.Status) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "title": + err = unpopulate(val, "Title", &i.Title) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorDataTypes. -func (m MTPDataConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Indicator. +func (i Indicator) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "incidents", m.Incidents) + populate(objectMap, "id", i.ID) + objectMap["kind"] = TIObjectKindIndicator + populate(objectMap, "name", i.Name) + populate(objectMap, "observables", i.Observables) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorDataTypes. -func (m *MTPDataConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Indicator. +func (i *Indicator) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "incidents": - err = unpopulate(val, "Incidents", &m.Incidents) + case "id": + err = unpopulate(val, "ID", &i.ID) delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorDataTypesIncidents. -func (m MTPDataConnectorDataTypesIncidents) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "state", m.State) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorDataTypesIncidents. -func (m *MTPDataConnectorDataTypesIncidents) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "state": - err = unpopulate(val, "State", &m.State) + case "kind": + err = unpopulate(val, "Kind", &i.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "observables": + err = unpopulate(val, "Observables", &i.Observables) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorProperties. -func (m MTPDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IndicatorObservablesItem. +func (i IndicatorObservablesItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", m.DataTypes) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "type", i.Type) + populate(objectMap, "value", i.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorProperties. -func (m *MTPDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IndicatorObservablesItem. +func (i *IndicatorObservablesItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &m.DataTypes) + case "type": + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "value": + err = unpopulate(val, "Value", &i.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailClusterEntity. -func (m MailClusterEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItem. +func (i InsightQueryItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = EntityKindMailCluster - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "id", i.ID) + objectMap["kind"] = EntityQueryKindInsight + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailClusterEntity. -func (m *MailClusterEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItem. +func (i *InsightQueryItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &m.ID) + err = unpopulate(val, "ID", &i.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &m.Kind) + err = unpopulate(val, "Kind", &i.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &m.Name) + err = unpopulate(val, "Name", &i.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + err = unpopulate(val, "Properties", &i.Properties) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &m.Type) + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailClusterEntityProperties. -func (m MailClusterEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemProperties. +func (i InsightQueryItemProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", m.AdditionalData) - populate(objectMap, "clusterGroup", m.ClusterGroup) - populateDateTimeRFC3339(objectMap, "clusterQueryEndTime", m.ClusterQueryEndTime) - populateDateTimeRFC3339(objectMap, "clusterQueryStartTime", m.ClusterQueryStartTime) - populate(objectMap, "clusterSourceIdentifier", m.ClusterSourceIdentifier) - populate(objectMap, "clusterSourceType", m.ClusterSourceType) - populateAny(objectMap, "countByDeliveryStatus", m.CountByDeliveryStatus) - populateAny(objectMap, "countByProtectionStatus", m.CountByProtectionStatus) - populateAny(objectMap, "countByThreatType", m.CountByThreatType) - populate(objectMap, "friendlyName", m.FriendlyName) - populate(objectMap, "isVolumeAnomaly", m.IsVolumeAnomaly) - populate(objectMap, "mailCount", m.MailCount) - populate(objectMap, "networkMessageIds", m.NetworkMessageIDs) - populate(objectMap, "query", m.Query) - populateDateTimeRFC3339(objectMap, "queryTime", m.QueryTime) - populate(objectMap, "source", m.Source) - populate(objectMap, "threats", m.Threats) + populate(objectMap, "additionalQuery", i.AdditionalQuery) + populate(objectMap, "baseQuery", i.BaseQuery) + populateAny(objectMap, "chartQuery", i.ChartQuery) + populate(objectMap, "dataTypes", i.DataTypes) + populate(objectMap, "defaultTimeRange", i.DefaultTimeRange) + populate(objectMap, "description", i.Description) + populate(objectMap, "displayName", i.DisplayName) + populateAny(objectMap, "entitiesFilter", i.EntitiesFilter) + populate(objectMap, "inputEntityType", i.InputEntityType) + populate(objectMap, "referenceTimeRange", i.ReferenceTimeRange) + populate(objectMap, "requiredInputFieldsSets", i.RequiredInputFieldsSets) + populate(objectMap, "tableQuery", i.TableQuery) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailClusterEntityProperties. -func (m *MailClusterEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemProperties. +func (i *InsightQueryItemProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &m.AdditionalData) - delete(rawMsg, key) - case "clusterGroup": - err = unpopulate(val, "ClusterGroup", &m.ClusterGroup) - delete(rawMsg, key) - case "clusterQueryEndTime": - err = unpopulateDateTimeRFC3339(val, "ClusterQueryEndTime", &m.ClusterQueryEndTime) - delete(rawMsg, key) - case "clusterQueryStartTime": - err = unpopulateDateTimeRFC3339(val, "ClusterQueryStartTime", &m.ClusterQueryStartTime) - delete(rawMsg, key) - case "clusterSourceIdentifier": - err = unpopulate(val, "ClusterSourceIdentifier", &m.ClusterSourceIdentifier) - delete(rawMsg, key) - case "clusterSourceType": - err = unpopulate(val, "ClusterSourceType", &m.ClusterSourceType) + case "additionalQuery": + err = unpopulate(val, "AdditionalQuery", &i.AdditionalQuery) delete(rawMsg, key) - case "countByDeliveryStatus": - err = unpopulate(val, "CountByDeliveryStatus", &m.CountByDeliveryStatus) + case "baseQuery": + err = unpopulate(val, "BaseQuery", &i.BaseQuery) delete(rawMsg, key) - case "countByProtectionStatus": - err = unpopulate(val, "CountByProtectionStatus", &m.CountByProtectionStatus) + case "chartQuery": + err = unpopulate(val, "ChartQuery", &i.ChartQuery) delete(rawMsg, key) - case "countByThreatType": - err = unpopulate(val, "CountByThreatType", &m.CountByThreatType) + case "dataTypes": + err = unpopulate(val, "DataTypes", &i.DataTypes) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &m.FriendlyName) + case "defaultTimeRange": + err = unpopulate(val, "DefaultTimeRange", &i.DefaultTimeRange) delete(rawMsg, key) - case "isVolumeAnomaly": - err = unpopulate(val, "IsVolumeAnomaly", &m.IsVolumeAnomaly) + case "description": + err = unpopulate(val, "Description", &i.Description) delete(rawMsg, key) - case "mailCount": - err = unpopulate(val, "MailCount", &m.MailCount) + case "displayName": + err = unpopulate(val, "DisplayName", &i.DisplayName) delete(rawMsg, key) - case "networkMessageIds": - err = unpopulate(val, "NetworkMessageIDs", &m.NetworkMessageIDs) + case "entitiesFilter": + err = unpopulate(val, "EntitiesFilter", &i.EntitiesFilter) delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &m.Query) + case "inputEntityType": + err = unpopulate(val, "InputEntityType", &i.InputEntityType) delete(rawMsg, key) - case "queryTime": - err = unpopulateDateTimeRFC3339(val, "QueryTime", &m.QueryTime) + case "referenceTimeRange": + err = unpopulate(val, "ReferenceTimeRange", &i.ReferenceTimeRange) delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &m.Source) + case "requiredInputFieldsSets": + err = unpopulate(val, "RequiredInputFieldsSets", &i.RequiredInputFieldsSets) delete(rawMsg, key) - case "threats": - err = unpopulate(val, "Threats", &m.Threats) + case "tableQuery": + err = unpopulate(val, "TableQuery", &i.TableQuery) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailMessageEntity. -func (m MailMessageEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesAdditionalQuery. +func (i InsightQueryItemPropertiesAdditionalQuery) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = EntityKindMailMessage - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "query", i.Query) + populate(objectMap, "text", i.Text) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailMessageEntity. -func (m *MailMessageEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesAdditionalQuery. +func (i *InsightQueryItemPropertiesAdditionalQuery) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "query": + err = unpopulate(val, "Query", &i.Query) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "text": + err = unpopulate(val, "Text", &i.Text) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailMessageEntityProperties. -func (m MailMessageEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesDefaultTimeRange. +func (i InsightQueryItemPropertiesDefaultTimeRange) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", m.AdditionalData) - populate(objectMap, "antispamDirection", m.AntispamDirection) - populate(objectMap, "bodyFingerprintBin1", m.BodyFingerprintBin1) - populate(objectMap, "bodyFingerprintBin2", m.BodyFingerprintBin2) - populate(objectMap, "bodyFingerprintBin3", m.BodyFingerprintBin3) - populate(objectMap, "bodyFingerprintBin4", m.BodyFingerprintBin4) - populate(objectMap, "bodyFingerprintBin5", m.BodyFingerprintBin5) - populate(objectMap, "deliveryAction", m.DeliveryAction) - populate(objectMap, "deliveryLocation", m.DeliveryLocation) - populate(objectMap, "fileEntityIds", m.FileEntityIDs) - populate(objectMap, "friendlyName", m.FriendlyName) - populate(objectMap, "internetMessageId", m.InternetMessageID) - populate(objectMap, "language", m.Language) - populate(objectMap, "networkMessageId", m.NetworkMessageID) - populate(objectMap, "p1Sender", m.P1Sender) - populate(objectMap, "p1SenderDisplayName", m.P1SenderDisplayName) - populate(objectMap, "p1SenderDomain", m.P1SenderDomain) - populate(objectMap, "p2Sender", m.P2Sender) - populate(objectMap, "p2SenderDisplayName", m.P2SenderDisplayName) - populate(objectMap, "p2SenderDomain", m.P2SenderDomain) - populateDateTimeRFC3339(objectMap, "receiveDate", m.ReceiveDate) - populate(objectMap, "recipient", m.Recipient) - populate(objectMap, "senderIP", m.SenderIP) - populate(objectMap, "subject", m.Subject) - populate(objectMap, "threatDetectionMethods", m.ThreatDetectionMethods) - populate(objectMap, "threats", m.Threats) - populate(objectMap, "urls", m.Urls) + populate(objectMap, "afterRange", i.AfterRange) + populate(objectMap, "beforeRange", i.BeforeRange) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailMessageEntityProperties. -func (m *MailMessageEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesDefaultTimeRange. +func (i *InsightQueryItemPropertiesDefaultTimeRange) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &m.AdditionalData) - delete(rawMsg, key) - case "antispamDirection": - err = unpopulate(val, "AntispamDirection", &m.AntispamDirection) - delete(rawMsg, key) - case "bodyFingerprintBin1": - err = unpopulate(val, "BodyFingerprintBin1", &m.BodyFingerprintBin1) - delete(rawMsg, key) - case "bodyFingerprintBin2": - err = unpopulate(val, "BodyFingerprintBin2", &m.BodyFingerprintBin2) - delete(rawMsg, key) - case "bodyFingerprintBin3": - err = unpopulate(val, "BodyFingerprintBin3", &m.BodyFingerprintBin3) - delete(rawMsg, key) - case "bodyFingerprintBin4": - err = unpopulate(val, "BodyFingerprintBin4", &m.BodyFingerprintBin4) - delete(rawMsg, key) - case "bodyFingerprintBin5": - err = unpopulate(val, "BodyFingerprintBin5", &m.BodyFingerprintBin5) - delete(rawMsg, key) - case "deliveryAction": - err = unpopulate(val, "DeliveryAction", &m.DeliveryAction) - delete(rawMsg, key) - case "deliveryLocation": - err = unpopulate(val, "DeliveryLocation", &m.DeliveryLocation) - delete(rawMsg, key) - case "fileEntityIds": - err = unpopulate(val, "FileEntityIDs", &m.FileEntityIDs) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &m.FriendlyName) - delete(rawMsg, key) - case "internetMessageId": - err = unpopulate(val, "InternetMessageID", &m.InternetMessageID) - delete(rawMsg, key) - case "language": - err = unpopulate(val, "Language", &m.Language) - delete(rawMsg, key) - case "networkMessageId": - err = unpopulate(val, "NetworkMessageID", &m.NetworkMessageID) - delete(rawMsg, key) - case "p1Sender": - err = unpopulate(val, "P1Sender", &m.P1Sender) - delete(rawMsg, key) - case "p1SenderDisplayName": - err = unpopulate(val, "P1SenderDisplayName", &m.P1SenderDisplayName) - delete(rawMsg, key) - case "p1SenderDomain": - err = unpopulate(val, "P1SenderDomain", &m.P1SenderDomain) - delete(rawMsg, key) - case "p2Sender": - err = unpopulate(val, "P2Sender", &m.P2Sender) - delete(rawMsg, key) - case "p2SenderDisplayName": - err = unpopulate(val, "P2SenderDisplayName", &m.P2SenderDisplayName) - delete(rawMsg, key) - case "p2SenderDomain": - err = unpopulate(val, "P2SenderDomain", &m.P2SenderDomain) - delete(rawMsg, key) - case "receiveDate": - err = unpopulateDateTimeRFC3339(val, "ReceiveDate", &m.ReceiveDate) - delete(rawMsg, key) - case "recipient": - err = unpopulate(val, "Recipient", &m.Recipient) - delete(rawMsg, key) - case "senderIP": - err = unpopulate(val, "SenderIP", &m.SenderIP) - delete(rawMsg, key) - case "subject": - err = unpopulate(val, "Subject", &m.Subject) - delete(rawMsg, key) - case "threatDetectionMethods": - err = unpopulate(val, "ThreatDetectionMethods", &m.ThreatDetectionMethods) - delete(rawMsg, key) - case "threats": - err = unpopulate(val, "Threats", &m.Threats) + case "afterRange": + err = unpopulate(val, "AfterRange", &i.AfterRange) delete(rawMsg, key) - case "urls": - err = unpopulate(val, "Urls", &m.Urls) + case "beforeRange": + err = unpopulate(val, "BeforeRange", &i.BeforeRange) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailboxEntity. -func (m MailboxEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesReferenceTimeRange. +func (i InsightQueryItemPropertiesReferenceTimeRange) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = EntityKindMailbox - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "beforeRange", i.BeforeRange) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailboxEntity. -func (m *MailboxEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesReferenceTimeRange. +func (i *InsightQueryItemPropertiesReferenceTimeRange) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "beforeRange": + err = unpopulate(val, "BeforeRange", &i.BeforeRange) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailboxEntityProperties. -func (m MailboxEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQuery. +func (i InsightQueryItemPropertiesTableQuery) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", m.AdditionalData) - populate(objectMap, "displayName", m.DisplayName) - populate(objectMap, "externalDirectoryObjectId", m.ExternalDirectoryObjectID) - populate(objectMap, "friendlyName", m.FriendlyName) - populate(objectMap, "mailboxPrimaryAddress", m.MailboxPrimaryAddress) - populate(objectMap, "upn", m.Upn) + populate(objectMap, "columnsDefinitions", i.ColumnsDefinitions) + populate(objectMap, "queriesDefinitions", i.QueriesDefinitions) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailboxEntityProperties. -func (m *MailboxEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQuery. +func (i *InsightQueryItemPropertiesTableQuery) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &m.AdditionalData) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &m.DisplayName) - delete(rawMsg, key) - case "externalDirectoryObjectId": - err = unpopulate(val, "ExternalDirectoryObjectID", &m.ExternalDirectoryObjectID) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &m.FriendlyName) - delete(rawMsg, key) - case "mailboxPrimaryAddress": - err = unpopulate(val, "MailboxPrimaryAddress", &m.MailboxPrimaryAddress) + case "columnsDefinitions": + err = unpopulate(val, "ColumnsDefinitions", &i.ColumnsDefinitions) delete(rawMsg, key) - case "upn": - err = unpopulate(val, "Upn", &m.Upn) + case "queriesDefinitions": + err = unpopulate(val, "QueriesDefinitions", &i.QueriesDefinitions) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MalwareEntity. -func (m MalwareEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem. +func (i InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = EntityKindMalware - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "header", i.Header) + populate(objectMap, "outputType", i.OutputType) + populate(objectMap, "supportDeepLink", i.SupportDeepLink) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MalwareEntity. -func (m *MalwareEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem. +func (i *InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) + case "header": + err = unpopulate(val, "Header", &i.Header) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "outputType": + err = unpopulate(val, "OutputType", &i.OutputType) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "supportDeepLink": + err = unpopulate(val, "SupportDeepLink", &i.SupportDeepLink) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MalwareEntityProperties. -func (m MalwareEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem. +func (i InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", m.AdditionalData) - populate(objectMap, "category", m.Category) - populate(objectMap, "fileEntityIds", m.FileEntityIDs) - populate(objectMap, "friendlyName", m.FriendlyName) - populate(objectMap, "malwareName", m.MalwareName) - populate(objectMap, "processEntityIds", m.ProcessEntityIDs) + populate(objectMap, "filter", i.Filter) + populate(objectMap, "linkColumnsDefinitions", i.LinkColumnsDefinitions) + populate(objectMap, "project", i.Project) + populate(objectMap, "summarize", i.Summarize) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MalwareEntityProperties. -func (m *MalwareEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem. +func (i *InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &m.AdditionalData) - delete(rawMsg, key) - case "category": - err = unpopulate(val, "Category", &m.Category) - delete(rawMsg, key) - case "fileEntityIds": - err = unpopulate(val, "FileEntityIDs", &m.FileEntityIDs) + case "filter": + err = unpopulate(val, "Filter", &i.Filter) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &m.FriendlyName) + case "linkColumnsDefinitions": + err = unpopulate(val, "LinkColumnsDefinitions", &i.LinkColumnsDefinitions) delete(rawMsg, key) - case "malwareName": - err = unpopulate(val, "MalwareName", &m.MalwareName) + case "project": + err = unpopulate(val, "Project", &i.Project) delete(rawMsg, key) - case "processEntityIds": - err = unpopulate(val, "ProcessEntityIDs", &m.ProcessEntityIDs) + case "summarize": + err = unpopulate(val, "Summarize", &i.Summarize) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ManualTriggerRequestBody. -func (m ManualTriggerRequestBody) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem. +func (i InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "logicAppsResourceId", m.LogicAppsResourceID) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "projectedName", i.ProjectedName) + populate(objectMap, "Query", i.Query) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ManualTriggerRequestBody. -func (m *ManualTriggerRequestBody) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem. +func (i *InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "logicAppsResourceId": - err = unpopulate(val, "LogicAppsResourceID", &m.LogicAppsResourceID) + case "projectedName": + err = unpopulate(val, "ProjectedName", &i.ProjectedName) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "Query": + err = unpopulate(val, "Query", &i.Query) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MetadataAuthor. -func (m MetadataAuthor) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightsTableResult. +func (i InsightsTableResult) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "email", m.Email) - populate(objectMap, "link", m.Link) - populate(objectMap, "name", m.Name) + populate(objectMap, "columns", i.Columns) + populate(objectMap, "rows", i.Rows) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataAuthor. -func (m *MetadataAuthor) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightsTableResult. +func (i *InsightsTableResult) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "email": - err = unpopulate(val, "Email", &m.Email) - delete(rawMsg, key) - case "link": - err = unpopulate(val, "Link", &m.Link) + case "columns": + err = unpopulate(val, "Columns", &i.Columns) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) + case "rows": + err = unpopulate(val, "Rows", &i.Rows) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MetadataCategories. -func (m MetadataCategories) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InsightsTableResultColumnsItem. +func (i InsightsTableResultColumnsItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "domains", m.Domains) - populate(objectMap, "verticals", m.Verticals) + populate(objectMap, "name", i.Name) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataCategories. -func (m *MetadataCategories) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightsTableResultColumnsItem. +func (i *InsightsTableResultColumnsItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "domains": - err = unpopulate(val, "Domains", &m.Domains) + case "name": + err = unpopulate(val, "Name", &i.Name) delete(rawMsg, key) - case "verticals": - err = unpopulate(val, "Verticals", &m.Verticals) + case "type": + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MetadataDependencies. -func (m MetadataDependencies) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InstructionStep. +func (i InstructionStep) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "contentId", m.ContentID) - populate(objectMap, "criteria", m.Criteria) - populate(objectMap, "kind", m.Kind) - populate(objectMap, "name", m.Name) - populate(objectMap, "operator", m.Operator) - populate(objectMap, "version", m.Version) + populate(objectMap, "description", i.Description) + populate(objectMap, "innerSteps", i.InnerSteps) + populate(objectMap, "instructions", i.Instructions) + populate(objectMap, "title", i.Title) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataDependencies. -func (m *MetadataDependencies) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InstructionStep. +func (i *InstructionStep) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "contentId": - err = unpopulate(val, "ContentID", &m.ContentID) - delete(rawMsg, key) - case "criteria": - err = unpopulate(val, "Criteria", &m.Criteria) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) + case "description": + err = unpopulate(val, "Description", &i.Description) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) + case "innerSteps": + err = unpopulate(val, "InnerSteps", &i.InnerSteps) delete(rawMsg, key) - case "operator": - err = unpopulate(val, "Operator", &m.Operator) + case "instructions": + err = unpopulate(val, "Instructions", &i.Instructions) delete(rawMsg, key) - case "version": - err = unpopulate(val, "Version", &m.Version) + case "title": + err = unpopulate(val, "Title", &i.Title) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MetadataList. -func (m MetadataList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InstructionStepDetails. +func (i InstructionStepDetails) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", m.NextLink) - populate(objectMap, "value", m.Value) + populateAny(objectMap, "parameters", i.Parameters) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataList. -func (m *MetadataList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InstructionStepDetails. +func (i *InstructionStepDetails) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &m.NextLink) + case "parameters": + err = unpopulate(val, "Parameters", &i.Parameters) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &m.Value) + case "type": + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MetadataModel. -func (m MetadataModel) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type InstructionStepsInstructionsItem. +func (i InstructionStepsInstructionsItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populateAny(objectMap, "parameters", i.Parameters) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataModel. -func (m *MetadataModel) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type InstructionStepsInstructionsItem. +func (i *InstructionStepsInstructionsItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &m.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "parameters": + err = unpopulate(val, "Parameters", &i.Parameters) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &m.Type) + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MetadataPatch. -func (m MetadataPatch) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IoTCheckRequirements. +func (i IoTCheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + objectMap["kind"] = DataConnectorKindIOT + populate(objectMap, "properties", i.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataPatch. -func (m *MetadataPatch) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTCheckRequirements. +func (i *IoTCheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &m.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) + case "kind": + err = unpopulate(val, "Kind", &i.Kind) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + err = unpopulate(val, "Properties", &i.Properties) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MetadataProperties. -func (m MetadataProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IoTCheckRequirementsProperties. +func (i IoTCheckRequirementsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "author", m.Author) - populate(objectMap, "categories", m.Categories) - populate(objectMap, "contentId", m.ContentID) - populate(objectMap, "contentSchemaVersion", m.ContentSchemaVersion) - populate(objectMap, "customVersion", m.CustomVersion) - populate(objectMap, "dependencies", m.Dependencies) - populateDateType(objectMap, "firstPublishDate", m.FirstPublishDate) - populate(objectMap, "icon", m.Icon) - populate(objectMap, "kind", m.Kind) - populateDateType(objectMap, "lastPublishDate", m.LastPublishDate) - populate(objectMap, "parentId", m.ParentID) - populate(objectMap, "previewImages", m.PreviewImages) - populate(objectMap, "previewImagesDark", m.PreviewImagesDark) - populate(objectMap, "providers", m.Providers) - populate(objectMap, "source", m.Source) - populate(objectMap, "support", m.Support) - populate(objectMap, "threatAnalysisTactics", m.ThreatAnalysisTactics) - populate(objectMap, "threatAnalysisTechniques", m.ThreatAnalysisTechniques) - populate(objectMap, "version", m.Version) + populate(objectMap, "subscriptionId", i.SubscriptionID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataProperties. -func (m *MetadataProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTCheckRequirementsProperties. +func (i *IoTCheckRequirementsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "author": - err = unpopulate(val, "Author", &m.Author) - delete(rawMsg, key) - case "categories": - err = unpopulate(val, "Categories", &m.Categories) - delete(rawMsg, key) - case "contentId": - err = unpopulate(val, "ContentID", &m.ContentID) - delete(rawMsg, key) - case "contentSchemaVersion": - err = unpopulate(val, "ContentSchemaVersion", &m.ContentSchemaVersion) - delete(rawMsg, key) - case "customVersion": - err = unpopulate(val, "CustomVersion", &m.CustomVersion) - delete(rawMsg, key) - case "dependencies": - err = unpopulate(val, "Dependencies", &m.Dependencies) - delete(rawMsg, key) - case "firstPublishDate": - err = unpopulateDateType(val, "FirstPublishDate", &m.FirstPublishDate) - delete(rawMsg, key) - case "icon": - err = unpopulate(val, "Icon", &m.Icon) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "lastPublishDate": - err = unpopulateDateType(val, "LastPublishDate", &m.LastPublishDate) - delete(rawMsg, key) - case "parentId": - err = unpopulate(val, "ParentID", &m.ParentID) - delete(rawMsg, key) - case "previewImages": - err = unpopulate(val, "PreviewImages", &m.PreviewImages) - delete(rawMsg, key) - case "previewImagesDark": - err = unpopulate(val, "PreviewImagesDark", &m.PreviewImagesDark) - delete(rawMsg, key) - case "providers": - err = unpopulate(val, "Providers", &m.Providers) - delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &m.Source) - delete(rawMsg, key) - case "support": - err = unpopulate(val, "Support", &m.Support) - delete(rawMsg, key) - case "threatAnalysisTactics": - err = unpopulate(val, "ThreatAnalysisTactics", &m.ThreatAnalysisTactics) - delete(rawMsg, key) - case "threatAnalysisTechniques": - err = unpopulate(val, "ThreatAnalysisTechniques", &m.ThreatAnalysisTechniques) - delete(rawMsg, key) - case "version": - err = unpopulate(val, "Version", &m.Version) + case "subscriptionId": + err = unpopulate(val, "SubscriptionID", &i.SubscriptionID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MetadataPropertiesPatch. -func (m MetadataPropertiesPatch) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IoTDataConnector. +func (i IoTDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "author", m.Author) - populate(objectMap, "categories", m.Categories) - populate(objectMap, "contentId", m.ContentID) - populate(objectMap, "contentSchemaVersion", m.ContentSchemaVersion) - populate(objectMap, "customVersion", m.CustomVersion) - populate(objectMap, "dependencies", m.Dependencies) - populateDateType(objectMap, "firstPublishDate", m.FirstPublishDate) - populate(objectMap, "icon", m.Icon) - populate(objectMap, "kind", m.Kind) - populateDateType(objectMap, "lastPublishDate", m.LastPublishDate) - populate(objectMap, "parentId", m.ParentID) - populate(objectMap, "previewImages", m.PreviewImages) - populate(objectMap, "previewImagesDark", m.PreviewImagesDark) - populate(objectMap, "providers", m.Providers) - populate(objectMap, "source", m.Source) - populate(objectMap, "support", m.Support) - populate(objectMap, "threatAnalysisTactics", m.ThreatAnalysisTactics) - populate(objectMap, "threatAnalysisTechniques", m.ThreatAnalysisTechniques) - populate(objectMap, "version", m.Version) + populate(objectMap, "etag", i.Etag) + populate(objectMap, "id", i.ID) + objectMap["kind"] = DataConnectorKindIOT + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataPropertiesPatch. -func (m *MetadataPropertiesPatch) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDataConnector. +func (i *IoTDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "author": - err = unpopulate(val, "Author", &m.Author) - delete(rawMsg, key) - case "categories": - err = unpopulate(val, "Categories", &m.Categories) - delete(rawMsg, key) - case "contentId": - err = unpopulate(val, "ContentID", &m.ContentID) - delete(rawMsg, key) - case "contentSchemaVersion": - err = unpopulate(val, "ContentSchemaVersion", &m.ContentSchemaVersion) - delete(rawMsg, key) - case "customVersion": - err = unpopulate(val, "CustomVersion", &m.CustomVersion) - delete(rawMsg, key) - case "dependencies": - err = unpopulate(val, "Dependencies", &m.Dependencies) - delete(rawMsg, key) - case "firstPublishDate": - err = unpopulateDateType(val, "FirstPublishDate", &m.FirstPublishDate) + case "etag": + err = unpopulate(val, "Etag", &i.Etag) delete(rawMsg, key) - case "icon": - err = unpopulate(val, "Icon", &m.Icon) + case "id": + err = unpopulate(val, "ID", &i.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "lastPublishDate": - err = unpopulateDateType(val, "LastPublishDate", &m.LastPublishDate) - delete(rawMsg, key) - case "parentId": - err = unpopulate(val, "ParentID", &m.ParentID) - delete(rawMsg, key) - case "previewImages": - err = unpopulate(val, "PreviewImages", &m.PreviewImages) - delete(rawMsg, key) - case "previewImagesDark": - err = unpopulate(val, "PreviewImagesDark", &m.PreviewImagesDark) - delete(rawMsg, key) - case "providers": - err = unpopulate(val, "Providers", &m.Providers) - delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &m.Source) + err = unpopulate(val, "Kind", &i.Kind) delete(rawMsg, key) - case "support": - err = unpopulate(val, "Support", &m.Support) + case "name": + err = unpopulate(val, "Name", &i.Name) delete(rawMsg, key) - case "threatAnalysisTactics": - err = unpopulate(val, "ThreatAnalysisTactics", &m.ThreatAnalysisTactics) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) delete(rawMsg, key) - case "threatAnalysisTechniques": - err = unpopulate(val, "ThreatAnalysisTechniques", &m.ThreatAnalysisTechniques) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) delete(rawMsg, key) - case "version": - err = unpopulate(val, "Version", &m.Version) + case "type": + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MetadataSource. -func (m MetadataSource) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IoTDataConnectorProperties. +func (i IoTDataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "kind", m.Kind) - populate(objectMap, "name", m.Name) - populate(objectMap, "sourceId", m.SourceID) + populate(objectMap, "dataTypes", i.DataTypes) + populate(objectMap, "subscriptionId", i.SubscriptionID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataSource. -func (m *MetadataSource) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDataConnectorProperties. +func (i *IoTDataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) + case "dataTypes": + err = unpopulate(val, "DataTypes", &i.DataTypes) delete(rawMsg, key) - case "sourceId": - err = unpopulate(val, "SourceID", &m.SourceID) + case "subscriptionId": + err = unpopulate(val, "SubscriptionID", &i.SubscriptionID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MetadataSupport. -func (m MetadataSupport) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IoTDeviceEntity. +func (i IoTDeviceEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "email", m.Email) - populate(objectMap, "link", m.Link) - populate(objectMap, "name", m.Name) - populate(objectMap, "tier", m.Tier) + populate(objectMap, "id", i.ID) + objectMap["kind"] = EntityKindEnumIoTDevice + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataSupport. -func (m *MetadataSupport) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDeviceEntity. +func (i *IoTDeviceEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "email": - err = unpopulate(val, "Email", &m.Email) + case "id": + err = unpopulate(val, "ID", &i.ID) delete(rawMsg, key) - case "link": - err = unpopulate(val, "Link", &m.Link) + case "kind": + err = unpopulate(val, "Kind", &i.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &m.Name) + err = unpopulate(val, "Name", &i.Name) delete(rawMsg, key) - case "tier": - err = unpopulate(val, "Tier", &m.Tier) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRule. -func (m MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type IoTDeviceEntityProperties. +func (i IoTDeviceEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - objectMap["kind"] = AlertRuleKindMicrosoftSecurityIncidentCreation - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRule. -func (m *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "etag": - err = unpopulate(val, "Etag", &m.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) - delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleProperties. -func (m MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "alertRuleTemplateName", m.AlertRuleTemplateName) - populate(objectMap, "description", m.Description) - populate(objectMap, "displayName", m.DisplayName) - populate(objectMap, "displayNamesExcludeFilter", m.DisplayNamesExcludeFilter) - populate(objectMap, "displayNamesFilter", m.DisplayNamesFilter) - populate(objectMap, "enabled", m.Enabled) - populateDateTimeRFC3339(objectMap, "lastModifiedUtc", m.LastModifiedUTC) - populate(objectMap, "productFilter", m.ProductFilter) - populate(objectMap, "severitiesFilter", m.SeveritiesFilter) + populate(objectMap, "additionalData", i.AdditionalData) + populate(objectMap, "deviceId", i.DeviceID) + populate(objectMap, "deviceName", i.DeviceName) + populate(objectMap, "deviceSubType", i.DeviceSubType) + populate(objectMap, "deviceType", i.DeviceType) + populate(objectMap, "edgeId", i.EdgeID) + populate(objectMap, "firmwareVersion", i.FirmwareVersion) + populate(objectMap, "friendlyName", i.FriendlyName) + populate(objectMap, "hostEntityId", i.HostEntityID) + populate(objectMap, "ipAddressEntityId", i.IPAddressEntityID) + populate(objectMap, "importance", i.Importance) + populate(objectMap, "iotHubEntityId", i.IotHubEntityID) + populate(objectMap, "iotSecurityAgentId", i.IotSecurityAgentID) + populate(objectMap, "isAuthorized", i.IsAuthorized) + populate(objectMap, "isProgramming", i.IsProgramming) + populate(objectMap, "isScanner", i.IsScanner) + populate(objectMap, "macAddress", i.MacAddress) + populate(objectMap, "model", i.Model) + populate(objectMap, "nicEntityIds", i.NicEntityIDs) + populate(objectMap, "operatingSystem", i.OperatingSystem) + populate(objectMap, "owners", i.Owners) + populate(objectMap, "protocols", i.Protocols) + populate(objectMap, "purdueLayer", i.PurdueLayer) + populate(objectMap, "sensor", i.Sensor) + populate(objectMap, "serialNumber", i.SerialNumber) + populate(objectMap, "site", i.Site) + populate(objectMap, "source", i.Source) + populate(objectMap, "threatIntelligence", i.ThreatIntelligence) + populate(objectMap, "vendor", i.Vendor) + populate(objectMap, "zone", i.Zone) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleProperties. -func (m *MicrosoftSecurityIncidentCreationAlertRuleProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDeviceEntityProperties. +func (i *IoTDeviceEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } for key, val := range rawMsg { var err error switch key { - case "alertRuleTemplateName": - err = unpopulate(val, "AlertRuleTemplateName", &m.AlertRuleTemplateName) + case "additionalData": + err = unpopulate(val, "AdditionalData", &i.AdditionalData) delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &m.Description) + case "deviceId": + err = unpopulate(val, "DeviceID", &i.DeviceID) delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &m.DisplayName) + case "deviceName": + err = unpopulate(val, "DeviceName", &i.DeviceName) delete(rawMsg, key) - case "displayNamesExcludeFilter": - err = unpopulate(val, "DisplayNamesExcludeFilter", &m.DisplayNamesExcludeFilter) + case "deviceSubType": + err = unpopulate(val, "DeviceSubType", &i.DeviceSubType) delete(rawMsg, key) - case "displayNamesFilter": - err = unpopulate(val, "DisplayNamesFilter", &m.DisplayNamesFilter) + case "deviceType": + err = unpopulate(val, "DeviceType", &i.DeviceType) delete(rawMsg, key) - case "enabled": - err = unpopulate(val, "Enabled", &m.Enabled) + case "edgeId": + err = unpopulate(val, "EdgeID", &i.EdgeID) delete(rawMsg, key) - case "lastModifiedUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &m.LastModifiedUTC) + case "firmwareVersion": + err = unpopulate(val, "FirmwareVersion", &i.FirmwareVersion) delete(rawMsg, key) - case "productFilter": - err = unpopulate(val, "ProductFilter", &m.ProductFilter) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &i.FriendlyName) delete(rawMsg, key) - case "severitiesFilter": - err = unpopulate(val, "SeveritiesFilter", &m.SeveritiesFilter) + case "hostEntityId": + err = unpopulate(val, "HostEntityID", &i.HostEntityID) + delete(rawMsg, key) + case "ipAddressEntityId": + err = unpopulate(val, "IPAddressEntityID", &i.IPAddressEntityID) + delete(rawMsg, key) + case "importance": + err = unpopulate(val, "Importance", &i.Importance) + delete(rawMsg, key) + case "iotHubEntityId": + err = unpopulate(val, "IotHubEntityID", &i.IotHubEntityID) + delete(rawMsg, key) + case "iotSecurityAgentId": + err = unpopulate(val, "IotSecurityAgentID", &i.IotSecurityAgentID) + delete(rawMsg, key) + case "isAuthorized": + err = unpopulate(val, "IsAuthorized", &i.IsAuthorized) + delete(rawMsg, key) + case "isProgramming": + err = unpopulate(val, "IsProgramming", &i.IsProgramming) + delete(rawMsg, key) + case "isScanner": + err = unpopulate(val, "IsScanner", &i.IsScanner) + delete(rawMsg, key) + case "macAddress": + err = unpopulate(val, "MacAddress", &i.MacAddress) + delete(rawMsg, key) + case "model": + err = unpopulate(val, "Model", &i.Model) + delete(rawMsg, key) + case "nicEntityIds": + err = unpopulate(val, "NicEntityIDs", &i.NicEntityIDs) + delete(rawMsg, key) + case "operatingSystem": + err = unpopulate(val, "OperatingSystem", &i.OperatingSystem) + delete(rawMsg, key) + case "owners": + err = unpopulate(val, "Owners", &i.Owners) + delete(rawMsg, key) + case "protocols": + err = unpopulate(val, "Protocols", &i.Protocols) + delete(rawMsg, key) + case "purdueLayer": + err = unpopulate(val, "PurdueLayer", &i.PurdueLayer) + delete(rawMsg, key) + case "sensor": + err = unpopulate(val, "Sensor", &i.Sensor) + delete(rawMsg, key) + case "serialNumber": + err = unpopulate(val, "SerialNumber", &i.SerialNumber) + delete(rawMsg, key) + case "site": + err = unpopulate(val, "Site", &i.Site) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &i.Source) + delete(rawMsg, key) + case "threatIntelligence": + err = unpopulate(val, "ThreatIntelligence", &i.ThreatIntelligence) + delete(rawMsg, key) + case "vendor": + err = unpopulate(val, "Vendor", &i.Vendor) + delete(rawMsg, key) + case "zone": + err = unpopulate(val, "Zone", &i.Zone) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", i, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (m MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Job. +func (j Job) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = AlertRuleKindMicrosoftSecurityIncidentCreation - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "etag", j.Etag) + populate(objectMap, "id", j.ID) + populate(objectMap, "name", j.Name) + populate(objectMap, "properties", j.Properties) + populate(objectMap, "systemData", j.SystemData) + populate(objectMap, "type", j.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (m *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Job. +func (j *Job) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", j, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &m.ID) + case "etag": + err = unpopulate(val, "Etag", &j.Etag) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) + case "id": + err = unpopulate(val, "ID", &j.ID) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &m.Name) + err = unpopulate(val, "Name", &j.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &m.Properties) + err = unpopulate(val, "Properties", &j.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + err = unpopulate(val, "SystemData", &j.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &m.Type) + err = unpopulate(val, "Type", &j.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", j, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties. -func (m MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type JobItem. +func (j JobItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertRulesCreatedByTemplateCount", m.AlertRulesCreatedByTemplateCount) - populateDateTimeRFC3339(objectMap, "createdDateUTC", m.CreatedDateUTC) - populate(objectMap, "description", m.Description) - populate(objectMap, "displayName", m.DisplayName) - populate(objectMap, "displayNamesExcludeFilter", m.DisplayNamesExcludeFilter) - populate(objectMap, "displayNamesFilter", m.DisplayNamesFilter) - populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", m.LastUpdatedDateUTC) - populate(objectMap, "productFilter", m.ProductFilter) - populate(objectMap, "requiredDataConnectors", m.RequiredDataConnectors) - populate(objectMap, "severitiesFilter", m.SeveritiesFilter) - populate(objectMap, "status", m.Status) + populate(objectMap, "errors", j.Errors) + populateDateTimeRFC3339(objectMap, "executionTime", j.ExecutionTime) + populate(objectMap, "resourceId", j.ResourceID) + populate(objectMap, "status", j.Status) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties. -func (m *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type JobItem. +func (j *JobItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", j, err) } for key, val := range rawMsg { var err error switch key { - case "alertRulesCreatedByTemplateCount": - err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &m.AlertRulesCreatedByTemplateCount) - delete(rawMsg, key) - case "createdDateUTC": - err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &m.CreatedDateUTC) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &m.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &m.DisplayName) - delete(rawMsg, key) - case "displayNamesExcludeFilter": - err = unpopulate(val, "DisplayNamesExcludeFilter", &m.DisplayNamesExcludeFilter) - delete(rawMsg, key) - case "displayNamesFilter": - err = unpopulate(val, "DisplayNamesFilter", &m.DisplayNamesFilter) - delete(rawMsg, key) - case "lastUpdatedDateUTC": - err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &m.LastUpdatedDateUTC) - delete(rawMsg, key) - case "productFilter": - err = unpopulate(val, "ProductFilter", &m.ProductFilter) + case "errors": + err = unpopulate(val, "Errors", &j.Errors) delete(rawMsg, key) - case "requiredDataConnectors": - err = unpopulate(val, "RequiredDataConnectors", &m.RequiredDataConnectors) + case "executionTime": + err = unpopulateDateTimeRFC3339(val, "ExecutionTime", &j.ExecutionTime) delete(rawMsg, key) - case "severitiesFilter": - err = unpopulate(val, "SeveritiesFilter", &m.SeveritiesFilter) + case "resourceId": + err = unpopulate(val, "ResourceID", &j.ResourceID) delete(rawMsg, key) case "status": - err = unpopulate(val, "Status", &m.Status) + err = unpopulate(val, "Status", &j.Status) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", j, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MtpCheckRequirements. -func (m MtpCheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type JobList. +func (j JobList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindMicrosoftThreatProtection - populate(objectMap, "properties", m.Properties) + populate(objectMap, "nextLink", j.NextLink) + populate(objectMap, "value", j.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MtpCheckRequirements. -func (m *MtpCheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type JobList. +func (j *JobList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", j, err) } for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &m.Kind) + case "nextLink": + err = unpopulate(val, "NextLink", &j.NextLink) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) + case "value": + err = unpopulate(val, "Value", &j.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", j, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type NicEntity. -func (n NicEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type JobProperties. +func (j JobProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", n.ID) - objectMap["kind"] = EntityKindNic - populate(objectMap, "name", n.Name) - populate(objectMap, "properties", n.Properties) - populate(objectMap, "systemData", n.SystemData) - populate(objectMap, "type", n.Type) + populateDateTimeRFC3339(objectMap, "endTime", j.EndTime) + populate(objectMap, "errorMessage", j.ErrorMessage) + populate(objectMap, "items", j.Items) + populate(objectMap, "provisioningState", j.ProvisioningState) + populateDateTimeRFC3339(objectMap, "startTime", j.StartTime) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type NicEntity. -func (n *NicEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type JobProperties. +func (j *JobProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", j, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &n.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &n.Kind) + case "endTime": + err = unpopulateDateTimeRFC3339(val, "EndTime", &j.EndTime) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &n.Name) + case "errorMessage": + err = unpopulate(val, "ErrorMessage", &j.ErrorMessage) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &n.Properties) + case "items": + err = unpopulate(val, "Items", &j.Items) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &n.SystemData) + case "provisioningState": + err = unpopulate(val, "ProvisioningState", &j.ProvisioningState) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &n.Type) + case "startTime": + err = unpopulateDateTimeRFC3339(val, "StartTime", &j.StartTime) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", j, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type NicEntityProperties. -func (n NicEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type JwtAuthModel. +func (j JwtAuthModel) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", n.AdditionalData) - populate(objectMap, "friendlyName", n.FriendlyName) - populate(objectMap, "ipAddressEntityId", n.IPAddressEntityID) - populate(objectMap, "macAddress", n.MacAddress) - populate(objectMap, "vlans", n.Vlans) + populate(objectMap, "headers", j.Headers) + populate(objectMap, "isCredentialsInHeaders", j.IsCredentialsInHeaders) + populate(objectMap, "isJsonRequest", j.IsJSONRequest) + populate(objectMap, "password", j.Password) + populate(objectMap, "queryParameters", j.QueryParameters) + populate(objectMap, "requestTimeoutInSeconds", j.RequestTimeoutInSeconds) + populate(objectMap, "tokenEndpoint", j.TokenEndpoint) + objectMap["type"] = CcpAuthTypeJwtToken + populate(objectMap, "userName", j.UserName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type NicEntityProperties. -func (n *NicEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type JwtAuthModel. +func (j *JwtAuthModel) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", j, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &n.AdditionalData) + case "headers": + err = unpopulate(val, "Headers", &j.Headers) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &n.FriendlyName) + case "isCredentialsInHeaders": + err = unpopulate(val, "IsCredentialsInHeaders", &j.IsCredentialsInHeaders) delete(rawMsg, key) - case "ipAddressEntityId": - err = unpopulate(val, "IPAddressEntityID", &n.IPAddressEntityID) + case "isJsonRequest": + err = unpopulate(val, "IsJSONRequest", &j.IsJSONRequest) delete(rawMsg, key) - case "macAddress": - err = unpopulate(val, "MacAddress", &n.MacAddress) + case "password": + err = unpopulate(val, "Password", &j.Password) delete(rawMsg, key) - case "vlans": - err = unpopulate(val, "Vlans", &n.Vlans) + case "queryParameters": + err = unpopulate(val, "QueryParameters", &j.QueryParameters) + delete(rawMsg, key) + case "requestTimeoutInSeconds": + err = unpopulate(val, "RequestTimeoutInSeconds", &j.RequestTimeoutInSeconds) + delete(rawMsg, key) + case "tokenEndpoint": + err = unpopulate(val, "TokenEndpoint", &j.TokenEndpoint) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &j.Type) + delete(rawMsg, key) + case "userName": + err = unpopulate(val, "UserName", &j.UserName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", j, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type NrtAlertRule. -func (n NrtAlertRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ListActionsResponse. +func (l ListActionsResponse) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", n.Etag) - populate(objectMap, "id", n.ID) - objectMap["kind"] = AlertRuleKindNRT - populate(objectMap, "name", n.Name) - populate(objectMap, "properties", n.Properties) - populate(objectMap, "systemData", n.SystemData) - populate(objectMap, "type", n.Type) + populate(objectMap, "nextLink", l.NextLink) + populate(objectMap, "value", l.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRule. -func (n *NrtAlertRule) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ListActionsResponse. +func (l *ListActionsResponse) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", l, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &n.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &n.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &n.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &n.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &n.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &n.SystemData) + case "nextLink": + err = unpopulate(val, "NextLink", &l.NextLink) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &n.Type) + case "value": + l.Value, err = unmarshalActionClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", l, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type NrtAlertRuleProperties. -func (n NrtAlertRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type LockUserAction. +func (l LockUserAction) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertDetailsOverride", n.AlertDetailsOverride) - populate(objectMap, "alertRuleTemplateName", n.AlertRuleTemplateName) - populate(objectMap, "customDetails", n.CustomDetails) - populate(objectMap, "description", n.Description) - populate(objectMap, "displayName", n.DisplayName) - populate(objectMap, "enabled", n.Enabled) - populate(objectMap, "entityMappings", n.EntityMappings) - populate(objectMap, "eventGroupingSettings", n.EventGroupingSettings) - populate(objectMap, "incidentConfiguration", n.IncidentConfiguration) - populateDateTimeRFC3339(objectMap, "lastModifiedUtc", n.LastModifiedUTC) - populate(objectMap, "query", n.Query) - populate(objectMap, "severity", n.Severity) - populate(objectMap, "suppressionDuration", n.SuppressionDuration) - populate(objectMap, "suppressionEnabled", n.SuppressionEnabled) - populate(objectMap, "tactics", n.Tactics) - populate(objectMap, "techniques", n.Techniques) - populate(objectMap, "templateVersion", n.TemplateVersion) + populate(objectMap, "failureReason", l.FailureReason) + objectMap["kind"] = ListActionKindLockUser + populate(objectMap, "user", l.User) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRuleProperties. -func (n *NrtAlertRuleProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type LockUserAction. +func (l *LockUserAction) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", l, err) } for key, val := range rawMsg { var err error switch key { - case "alertDetailsOverride": - err = unpopulate(val, "AlertDetailsOverride", &n.AlertDetailsOverride) - delete(rawMsg, key) - case "alertRuleTemplateName": - err = unpopulate(val, "AlertRuleTemplateName", &n.AlertRuleTemplateName) - delete(rawMsg, key) - case "customDetails": - err = unpopulate(val, "CustomDetails", &n.CustomDetails) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &n.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &n.DisplayName) - delete(rawMsg, key) - case "enabled": - err = unpopulate(val, "Enabled", &n.Enabled) - delete(rawMsg, key) - case "entityMappings": - err = unpopulate(val, "EntityMappings", &n.EntityMappings) - delete(rawMsg, key) - case "eventGroupingSettings": - err = unpopulate(val, "EventGroupingSettings", &n.EventGroupingSettings) - delete(rawMsg, key) - case "incidentConfiguration": - err = unpopulate(val, "IncidentConfiguration", &n.IncidentConfiguration) + case "failureReason": + err = unpopulate(val, "FailureReason", &l.FailureReason) delete(rawMsg, key) - case "lastModifiedUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &n.LastModifiedUTC) + case "kind": + err = unpopulate(val, "Kind", &l.Kind) delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &n.Query) + case "user": + err = unpopulate(val, "User", &l.User) delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &n.Severity) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", l, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Log. +func (l Log) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "bulkSize", l.BulkSize) + populate(objectMap, "filters", l.Filters) + populate(objectMap, "ingestionType", l.IngestionType) + populate(objectMap, "scheduleInterval", l.ScheduleInterval) + populate(objectMap, "status", l.Status) + populate(objectMap, "type", l.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Log. +func (l *Log) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", l, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "bulkSize": + err = unpopulate(val, "BulkSize", &l.BulkSize) delete(rawMsg, key) - case "suppressionDuration": - err = unpopulate(val, "SuppressionDuration", &n.SuppressionDuration) + case "filters": + err = unpopulate(val, "Filters", &l.Filters) delete(rawMsg, key) - case "suppressionEnabled": - err = unpopulate(val, "SuppressionEnabled", &n.SuppressionEnabled) + case "ingestionType": + err = unpopulate(val, "IngestionType", &l.IngestionType) delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &n.Tactics) + case "scheduleInterval": + err = unpopulate(val, "ScheduleInterval", &l.ScheduleInterval) delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &n.Techniques) + case "status": + err = unpopulate(val, "Status", &l.Status) delete(rawMsg, key) - case "templateVersion": - err = unpopulate(val, "TemplateVersion", &n.TemplateVersion) + case "type": + err = unpopulate(val, "Type", &l.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", l, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type NrtAlertRuleTemplate. -func (n NrtAlertRuleTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MCASCheckRequirements. +func (m MCASCheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", n.ID) - objectMap["kind"] = AlertRuleKindNRT - populate(objectMap, "name", n.Name) - populate(objectMap, "properties", n.Properties) - populate(objectMap, "systemData", n.SystemData) - populate(objectMap, "type", n.Type) + objectMap["kind"] = DataConnectorKindMicrosoftCloudAppSecurity + populate(objectMap, "properties", m.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRuleTemplate. -func (n *NrtAlertRuleTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MCASCheckRequirements. +func (m *MCASCheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &n.ID) - delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &n.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &n.Name) + err = unpopulate(val, "Kind", &m.Kind) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &n.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &n.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &n.Type) + err = unpopulate(val, "Properties", &m.Properties) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type NrtAlertRuleTemplateProperties. -func (n NrtAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MCASCheckRequirementsProperties. +func (m MCASCheckRequirementsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertDetailsOverride", n.AlertDetailsOverride) - populate(objectMap, "alertRulesCreatedByTemplateCount", n.AlertRulesCreatedByTemplateCount) - populateDateTimeRFC3339(objectMap, "createdDateUTC", n.CreatedDateUTC) - populate(objectMap, "customDetails", n.CustomDetails) - populate(objectMap, "description", n.Description) - populate(objectMap, "displayName", n.DisplayName) - populate(objectMap, "entityMappings", n.EntityMappings) - populate(objectMap, "eventGroupingSettings", n.EventGroupingSettings) - populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", n.LastUpdatedDateUTC) - populate(objectMap, "query", n.Query) - populate(objectMap, "requiredDataConnectors", n.RequiredDataConnectors) - populate(objectMap, "severity", n.Severity) - populate(objectMap, "status", n.Status) - populate(objectMap, "tactics", n.Tactics) - populate(objectMap, "techniques", n.Techniques) - populate(objectMap, "version", n.Version) + populate(objectMap, "tenantId", m.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRuleTemplateProperties. -func (n *NrtAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MCASCheckRequirementsProperties. +func (m *MCASCheckRequirementsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "alertDetailsOverride": - err = unpopulate(val, "AlertDetailsOverride", &n.AlertDetailsOverride) - delete(rawMsg, key) - case "alertRulesCreatedByTemplateCount": - err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &n.AlertRulesCreatedByTemplateCount) - delete(rawMsg, key) - case "createdDateUTC": - err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &n.CreatedDateUTC) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) delete(rawMsg, key) - case "customDetails": - err = unpopulate(val, "CustomDetails", &n.CustomDetails) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &n.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &n.DisplayName) - delete(rawMsg, key) - case "entityMappings": - err = unpopulate(val, "EntityMappings", &n.EntityMappings) - delete(rawMsg, key) - case "eventGroupingSettings": - err = unpopulate(val, "EventGroupingSettings", &n.EventGroupingSettings) - delete(rawMsg, key) - case "lastUpdatedDateUTC": - err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &n.LastUpdatedDateUTC) - delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &n.Query) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MCASDataConnector. +func (m MCASDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = DataConnectorKindMicrosoftCloudAppSecurity + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnector. +func (m *MCASDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) delete(rawMsg, key) - case "requiredDataConnectors": - err = unpopulate(val, "RequiredDataConnectors", &n.RequiredDataConnectors) + case "id": + err = unpopulate(val, "ID", &m.ID) delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &n.Severity) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &n.Status) + case "name": + err = unpopulate(val, "Name", &m.Name) delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &n.Tactics) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &n.Techniques) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) delete(rawMsg, key) - case "version": - err = unpopulate(val, "Version", &n.Version) + case "type": + err = unpopulate(val, "Type", &m.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", n, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Office365ProjectCheckRequirements. -func (o Office365ProjectCheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MCASDataConnectorDataTypes. +func (m MCASDataConnectorDataTypes) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindOffice365Project - populate(objectMap, "properties", o.Properties) + populate(objectMap, "alerts", m.Alerts) + populate(objectMap, "discoveryLogs", m.DiscoveryLogs) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectCheckRequirements. -func (o *Office365ProjectCheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnectorDataTypes. +func (m *MCASDataConnectorDataTypes) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &o.Kind) + case "alerts": + err = unpopulate(val, "Alerts", &m.Alerts) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &o.Properties) + case "discoveryLogs": + err = unpopulate(val, "DiscoveryLogs", &m.DiscoveryLogs) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Office365ProjectCheckRequirementsProperties. -func (o Office365ProjectCheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MCASDataConnectorProperties. +func (m MCASDataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "dataTypes", m.DataTypes) + populate(objectMap, "tenantId", m.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectCheckRequirementsProperties. -func (o *Office365ProjectCheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnectorProperties. +func (m *MCASDataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &m.DataTypes) + delete(rawMsg, key) case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + err = unpopulate(val, "TenantID", &m.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Office365ProjectConnectorDataTypes. -func (o Office365ProjectConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MDATPCheckRequirements. +func (m MDATPCheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "logs", o.Logs) + objectMap["kind"] = DataConnectorKindMicrosoftDefenderAdvancedThreatProtection + populate(objectMap, "properties", m.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectConnectorDataTypes. -func (o *Office365ProjectConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPCheckRequirements. +func (m *MDATPCheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "logs": - err = unpopulate(val, "Logs", &o.Logs) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Office365ProjectConnectorDataTypesLogs. -func (o Office365ProjectConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MDATPCheckRequirementsProperties. +func (m MDATPCheckRequirementsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", o.State) + populate(objectMap, "tenantId", m.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectConnectorDataTypesLogs. -func (o *Office365ProjectConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPCheckRequirementsProperties. +func (m *MDATPCheckRequirementsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &o.State) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Office365ProjectDataConnector. -func (o Office365ProjectDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MDATPDataConnector. +func (m MDATPDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", o.Etag) - populate(objectMap, "id", o.ID) - objectMap["kind"] = DataConnectorKindOffice365Project - populate(objectMap, "name", o.Name) - populate(objectMap, "properties", o.Properties) - populate(objectMap, "systemData", o.SystemData) - populate(objectMap, "type", o.Type) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = DataConnectorKindMicrosoftDefenderAdvancedThreatProtection + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectDataConnector. -func (o *Office365ProjectDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPDataConnector. +func (m *MDATPDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { case "etag": - err = unpopulate(val, "Etag", &o.Etag) + err = unpopulate(val, "Etag", &m.Etag) delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &o.ID) + err = unpopulate(val, "ID", &m.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &o.Kind) + err = unpopulate(val, "Kind", &m.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &o.Name) + err = unpopulate(val, "Name", &m.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &o.Properties) + err = unpopulate(val, "Properties", &m.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &o.SystemData) + err = unpopulate(val, "SystemData", &m.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &o.Type) + err = unpopulate(val, "Type", &m.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Office365ProjectDataConnectorProperties. -func (o Office365ProjectDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MDATPDataConnectorProperties. +func (m MDATPDataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", o.DataTypes) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "dataTypes", m.DataTypes) + populate(objectMap, "tenantId", m.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectDataConnectorProperties. -func (o *Office365ProjectDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPDataConnectorProperties. +func (m *MDATPDataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { case "dataTypes": - err = unpopulate(val, "DataTypes", &o.DataTypes) + err = unpopulate(val, "DataTypes", &m.DataTypes) delete(rawMsg, key) case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + err = unpopulate(val, "TenantID", &m.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeATPCheckRequirements. -func (o OfficeATPCheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRule. +func (m MLBehaviorAnalyticsAlertRule) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindOfficeATP - populate(objectMap, "properties", o.Properties) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = AlertRuleKindMLBehaviorAnalytics + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPCheckRequirements. -func (o *OfficeATPCheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRule. +func (m *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &o.Kind) + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &o.Properties) + err = unpopulate(val, "Properties", &m.Properties) delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeATPCheckRequirementsProperties. -func (o OfficeATPCheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRuleProperties. +func (m MLBehaviorAnalyticsAlertRuleProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "alertRuleTemplateName", m.AlertRuleTemplateName) + populate(objectMap, "description", m.Description) + populate(objectMap, "displayName", m.DisplayName) + populate(objectMap, "enabled", m.Enabled) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", m.LastModifiedUTC) + populate(objectMap, "severity", m.Severity) + populate(objectMap, "subTechniques", m.SubTechniques) + populate(objectMap, "tactics", m.Tactics) + populate(objectMap, "techniques", m.Techniques) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPCheckRequirementsProperties. -func (o *OfficeATPCheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRuleProperties. +func (m *MLBehaviorAnalyticsAlertRuleProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &m.AlertRuleTemplateName) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &m.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &m.DisplayName) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &m.Enabled) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &m.LastModifiedUTC) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &m.Severity) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &m.SubTechniques) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &m.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &m.Techniques) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeATPDataConnector. -func (o OfficeATPDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRuleTemplate. +func (m MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", o.Etag) - populate(objectMap, "id", o.ID) - objectMap["kind"] = DataConnectorKindOfficeATP - populate(objectMap, "name", o.Name) - populate(objectMap, "properties", o.Properties) - populate(objectMap, "systemData", o.SystemData) - populate(objectMap, "type", o.Type) + populate(objectMap, "id", m.ID) + objectMap["kind"] = AlertRuleKindMLBehaviorAnalytics + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPDataConnector. -func (o *OfficeATPDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRuleTemplate. +func (m *MLBehaviorAnalyticsAlertRuleTemplate) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &o.Etag) - delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &o.ID) + err = unpopulate(val, "ID", &m.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &o.Kind) + err = unpopulate(val, "Kind", &m.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &o.Name) + err = unpopulate(val, "Name", &m.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &o.Properties) + err = unpopulate(val, "Properties", &m.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &o.SystemData) + err = unpopulate(val, "SystemData", &m.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &o.Type) + err = unpopulate(val, "Type", &m.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeATPDataConnectorProperties. -func (o OfficeATPDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRuleTemplateProperties. +func (m MLBehaviorAnalyticsAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", o.DataTypes) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "alertRulesCreatedByTemplateCount", m.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", m.CreatedDateUTC) + populate(objectMap, "description", m.Description) + populate(objectMap, "displayName", m.DisplayName) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", m.LastUpdatedDateUTC) + populate(objectMap, "requiredDataConnectors", m.RequiredDataConnectors) + populate(objectMap, "severity", m.Severity) + populate(objectMap, "status", m.Status) + populate(objectMap, "tactics", m.Tactics) + populate(objectMap, "techniques", m.Techniques) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPDataConnectorProperties. -func (o *OfficeATPDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRuleTemplateProperties. +func (m *MLBehaviorAnalyticsAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &o.DataTypes) + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &m.AlertRulesCreatedByTemplateCount) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &m.CreatedDateUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &m.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &m.DisplayName) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &m.LastUpdatedDateUTC) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &m.RequiredDataConnectors) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &m.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &m.Status) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &m.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &m.Techniques) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeConsent. -func (o OfficeConsent) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MSTICheckRequirements. +func (m MSTICheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", o.ID) - populate(objectMap, "name", o.Name) - populate(objectMap, "properties", o.Properties) - populate(objectMap, "systemData", o.SystemData) - populate(objectMap, "type", o.Type) + objectMap["kind"] = DataConnectorKindMicrosoftThreatIntelligence + populate(objectMap, "properties", m.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeConsent. -func (o *OfficeConsent) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTICheckRequirements. +func (m *MSTICheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &o.ID) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &o.Name) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &o.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &o.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &o.Type) + err = unpopulate(val, "Properties", &m.Properties) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeConsentList. -func (o OfficeConsentList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MSTICheckRequirementsProperties. +func (m MSTICheckRequirementsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", o.NextLink) - populate(objectMap, "value", o.Value) + populate(objectMap, "tenantId", m.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeConsentList. -func (o *OfficeConsentList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTICheckRequirementsProperties. +func (m *MSTICheckRequirementsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &o.NextLink) - delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &o.Value) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeConsentProperties. -func (o OfficeConsentProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnector. +func (m MSTIDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "consentId", o.ConsentID) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = DataConnectorKindMicrosoftThreatIntelligence + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeConsentProperties. -func (o *OfficeConsentProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnector. +func (m *MSTIDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "consentId": - err = unpopulate(val, "ConsentID", &o.ConsentID) + case "etag": + err = unpopulate(val, "Etag", &m.Etag) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnector. -func (o OfficeDataConnector) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "etag", o.Etag) - populate(objectMap, "id", o.ID) - objectMap["kind"] = DataConnectorKindOffice365 - populate(objectMap, "name", o.Name) - populate(objectMap, "properties", o.Properties) - populate(objectMap, "systemData", o.SystemData) - populate(objectMap, "type", o.Type) +// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnectorDataTypes. +func (m MSTIDataConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "microsoftEmergingThreatFeed", m.MicrosoftEmergingThreatFeed) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnector. -func (o *OfficeDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnectorDataTypes. +func (m *MSTIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &o.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &o.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &o.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &o.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &o.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &o.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &o.Type) + case "microsoftEmergingThreatFeed": + err = unpopulate(val, "MicrosoftEmergingThreatFeed", &m.MicrosoftEmergingThreatFeed) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypes. -func (o OfficeDataConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed. +func (m MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "exchange", o.Exchange) - populate(objectMap, "sharePoint", o.SharePoint) - populate(objectMap, "teams", o.Teams) + populate(objectMap, "lookbackPeriod", m.LookbackPeriod) + populate(objectMap, "state", m.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypes. -func (o *OfficeDataConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed. +func (m *MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "exchange": - err = unpopulate(val, "Exchange", &o.Exchange) - delete(rawMsg, key) - case "sharePoint": - err = unpopulate(val, "SharePoint", &o.SharePoint) + case "lookbackPeriod": + err = unpopulate(val, "LookbackPeriod", &m.LookbackPeriod) delete(rawMsg, key) - case "teams": - err = unpopulate(val, "Teams", &o.Teams) + case "state": + err = unpopulate(val, "State", &m.State) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesExchange. -func (o OfficeDataConnectorDataTypesExchange) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnectorProperties. +func (m MSTIDataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", o.State) + populate(objectMap, "dataTypes", m.DataTypes) + populate(objectMap, "tenantId", m.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesExchange. -func (o *OfficeDataConnectorDataTypesExchange) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnectorProperties. +func (m *MSTIDataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &o.State) + case "dataTypes": + err = unpopulate(val, "DataTypes", &m.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesSharePoint. -func (o OfficeDataConnectorDataTypesSharePoint) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MTPCheckRequirementsProperties. +func (m MTPCheckRequirementsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", o.State) + populate(objectMap, "tenantId", m.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesSharePoint. -func (o *OfficeDataConnectorDataTypesSharePoint) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPCheckRequirementsProperties. +func (m *MTPCheckRequirementsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &o.State) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesTeams. -func (o OfficeDataConnectorDataTypesTeams) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MTPDataConnector. +func (m MTPDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", o.State) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = DataConnectorKindMicrosoftThreatProtection + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesTeams. -func (o *OfficeDataConnectorDataTypesTeams) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnector. +func (m *MTPDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &o.State) + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorProperties. -func (o OfficeDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorDataTypes. +func (m MTPDataConnectorDataTypes) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", o.DataTypes) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "alerts", m.Alerts) + populate(objectMap, "incidents", m.Incidents) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorProperties. -func (o *OfficeDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorDataTypes. +func (m *MTPDataConnectorDataTypes) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &o.DataTypes) + case "alerts": + err = unpopulate(val, "Alerts", &m.Alerts) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + case "incidents": + err = unpopulate(val, "Incidents", &m.Incidents) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeIRMCheckRequirements. -func (o OfficeIRMCheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorDataTypesAlerts. +func (m MTPDataConnectorDataTypesAlerts) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindOfficeIRM - populate(objectMap, "properties", o.Properties) + populate(objectMap, "state", m.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMCheckRequirements. -func (o *OfficeIRMCheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorDataTypesAlerts. +func (m *MTPDataConnectorDataTypesAlerts) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &o.Kind) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &o.Properties) + case "state": + err = unpopulate(val, "State", &m.State) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeIRMCheckRequirementsProperties. -func (o OfficeIRMCheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorDataTypesIncidents. +func (m MTPDataConnectorDataTypesIncidents) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "state", m.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMCheckRequirementsProperties. -func (o *OfficeIRMCheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorDataTypesIncidents. +func (m *MTPDataConnectorDataTypesIncidents) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + case "state": + err = unpopulate(val, "State", &m.State) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeIRMDataConnector. -func (o OfficeIRMDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorProperties. +func (m MTPDataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", o.Etag) - populate(objectMap, "id", o.ID) - objectMap["kind"] = DataConnectorKindOfficeIRM - populate(objectMap, "name", o.Name) - populate(objectMap, "properties", o.Properties) - populate(objectMap, "systemData", o.SystemData) - populate(objectMap, "type", o.Type) + populate(objectMap, "dataTypes", m.DataTypes) + populate(objectMap, "filteredProviders", m.FilteredProviders) + populate(objectMap, "tenantId", m.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMDataConnector. -func (o *OfficeIRMDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorProperties. +func (m *MTPDataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &o.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &o.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &o.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &o.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &o.Properties) + case "dataTypes": + err = unpopulate(val, "DataTypes", &m.DataTypes) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &o.SystemData) + case "filteredProviders": + err = unpopulate(val, "FilteredProviders", &m.FilteredProviders) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &o.Type) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeIRMDataConnectorProperties. -func (o OfficeIRMDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MailClusterEntity. +func (m MailClusterEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", o.DataTypes) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "id", m.ID) + objectMap["kind"] = EntityKindEnumMailCluster + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMDataConnectorProperties. -func (o *OfficeIRMDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MailClusterEntity. +func (m *MailClusterEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &o.DataTypes) + case "id": + err = unpopulate(val, "ID", &m.ID) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficePowerBICheckRequirements. -func (o OfficePowerBICheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MailClusterEntityProperties. +func (m MailClusterEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindOfficePowerBI - populate(objectMap, "properties", o.Properties) + populate(objectMap, "additionalData", m.AdditionalData) + populate(objectMap, "clusterGroup", m.ClusterGroup) + populateDateTimeRFC3339(objectMap, "clusterQueryEndTime", m.ClusterQueryEndTime) + populateDateTimeRFC3339(objectMap, "clusterQueryStartTime", m.ClusterQueryStartTime) + populate(objectMap, "clusterSourceIdentifier", m.ClusterSourceIdentifier) + populate(objectMap, "clusterSourceType", m.ClusterSourceType) + populateAny(objectMap, "countByDeliveryStatus", m.CountByDeliveryStatus) + populateAny(objectMap, "countByProtectionStatus", m.CountByProtectionStatus) + populateAny(objectMap, "countByThreatType", m.CountByThreatType) + populate(objectMap, "friendlyName", m.FriendlyName) + populate(objectMap, "isVolumeAnomaly", m.IsVolumeAnomaly) + populate(objectMap, "mailCount", m.MailCount) + populate(objectMap, "networkMessageIds", m.NetworkMessageIDs) + populate(objectMap, "query", m.Query) + populateDateTimeRFC3339(objectMap, "queryTime", m.QueryTime) + populate(objectMap, "source", m.Source) + populate(objectMap, "threats", m.Threats) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBICheckRequirements. -func (o *OfficePowerBICheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MailClusterEntityProperties. +func (m *MailClusterEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &o.Kind) + case "additionalData": + err = unpopulate(val, "AdditionalData", &m.AdditionalData) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &o.Properties) + case "clusterGroup": + err = unpopulate(val, "ClusterGroup", &m.ClusterGroup) + delete(rawMsg, key) + case "clusterQueryEndTime": + err = unpopulateDateTimeRFC3339(val, "ClusterQueryEndTime", &m.ClusterQueryEndTime) + delete(rawMsg, key) + case "clusterQueryStartTime": + err = unpopulateDateTimeRFC3339(val, "ClusterQueryStartTime", &m.ClusterQueryStartTime) + delete(rawMsg, key) + case "clusterSourceIdentifier": + err = unpopulate(val, "ClusterSourceIdentifier", &m.ClusterSourceIdentifier) + delete(rawMsg, key) + case "clusterSourceType": + err = unpopulate(val, "ClusterSourceType", &m.ClusterSourceType) + delete(rawMsg, key) + case "countByDeliveryStatus": + err = unpopulate(val, "CountByDeliveryStatus", &m.CountByDeliveryStatus) + delete(rawMsg, key) + case "countByProtectionStatus": + err = unpopulate(val, "CountByProtectionStatus", &m.CountByProtectionStatus) + delete(rawMsg, key) + case "countByThreatType": + err = unpopulate(val, "CountByThreatType", &m.CountByThreatType) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &m.FriendlyName) + delete(rawMsg, key) + case "isVolumeAnomaly": + err = unpopulate(val, "IsVolumeAnomaly", &m.IsVolumeAnomaly) + delete(rawMsg, key) + case "mailCount": + err = unpopulate(val, "MailCount", &m.MailCount) + delete(rawMsg, key) + case "networkMessageIds": + err = unpopulate(val, "NetworkMessageIDs", &m.NetworkMessageIDs) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &m.Query) + delete(rawMsg, key) + case "queryTime": + err = unpopulateDateTimeRFC3339(val, "QueryTime", &m.QueryTime) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &m.Source) + delete(rawMsg, key) + case "threats": + err = unpopulate(val, "Threats", &m.Threats) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficePowerBICheckRequirementsProperties. -func (o OfficePowerBICheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MailMessageEntity. +func (m MailMessageEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "id", m.ID) + objectMap["kind"] = EntityKindEnumMailMessage + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBICheckRequirementsProperties. -func (o *OfficePowerBICheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MailMessageEntity. +func (m *MailMessageEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIConnectorDataTypes. -func (o OfficePowerBIConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type MailMessageEntityProperties. +func (m MailMessageEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "logs", o.Logs) + populate(objectMap, "additionalData", m.AdditionalData) + populate(objectMap, "antispamDirection", m.AntispamDirection) + populate(objectMap, "bodyFingerprintBin1", m.BodyFingerprintBin1) + populate(objectMap, "bodyFingerprintBin2", m.BodyFingerprintBin2) + populate(objectMap, "bodyFingerprintBin3", m.BodyFingerprintBin3) + populate(objectMap, "bodyFingerprintBin4", m.BodyFingerprintBin4) + populate(objectMap, "bodyFingerprintBin5", m.BodyFingerprintBin5) + populate(objectMap, "deliveryAction", m.DeliveryAction) + populate(objectMap, "deliveryLocation", m.DeliveryLocation) + populate(objectMap, "fileEntityIds", m.FileEntityIDs) + populate(objectMap, "friendlyName", m.FriendlyName) + populate(objectMap, "internetMessageId", m.InternetMessageID) + populate(objectMap, "language", m.Language) + populate(objectMap, "networkMessageId", m.NetworkMessageID) + populate(objectMap, "p1Sender", m.P1Sender) + populate(objectMap, "p1SenderDisplayName", m.P1SenderDisplayName) + populate(objectMap, "p1SenderDomain", m.P1SenderDomain) + populate(objectMap, "p2Sender", m.P2Sender) + populate(objectMap, "p2SenderDisplayName", m.P2SenderDisplayName) + populate(objectMap, "p2SenderDomain", m.P2SenderDomain) + populateDateTimeRFC3339(objectMap, "receiveDate", m.ReceiveDate) + populate(objectMap, "recipient", m.Recipient) + populate(objectMap, "senderIP", m.SenderIP) + populate(objectMap, "subject", m.Subject) + populate(objectMap, "threatDetectionMethods", m.ThreatDetectionMethods) + populate(objectMap, "threats", m.Threats) + populate(objectMap, "urls", m.Urls) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIConnectorDataTypes. -func (o *OfficePowerBIConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type MailMessageEntityProperties. +func (m *MailMessageEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", m, err) } for key, val := range rawMsg { var err error switch key { - case "logs": - err = unpopulate(val, "Logs", &o.Logs) + case "additionalData": + err = unpopulate(val, "AdditionalData", &m.AdditionalData) + delete(rawMsg, key) + case "antispamDirection": + err = unpopulate(val, "AntispamDirection", &m.AntispamDirection) + delete(rawMsg, key) + case "bodyFingerprintBin1": + err = unpopulate(val, "BodyFingerprintBin1", &m.BodyFingerprintBin1) + delete(rawMsg, key) + case "bodyFingerprintBin2": + err = unpopulate(val, "BodyFingerprintBin2", &m.BodyFingerprintBin2) + delete(rawMsg, key) + case "bodyFingerprintBin3": + err = unpopulate(val, "BodyFingerprintBin3", &m.BodyFingerprintBin3) + delete(rawMsg, key) + case "bodyFingerprintBin4": + err = unpopulate(val, "BodyFingerprintBin4", &m.BodyFingerprintBin4) + delete(rawMsg, key) + case "bodyFingerprintBin5": + err = unpopulate(val, "BodyFingerprintBin5", &m.BodyFingerprintBin5) + delete(rawMsg, key) + case "deliveryAction": + err = unpopulate(val, "DeliveryAction", &m.DeliveryAction) + delete(rawMsg, key) + case "deliveryLocation": + err = unpopulate(val, "DeliveryLocation", &m.DeliveryLocation) + delete(rawMsg, key) + case "fileEntityIds": + err = unpopulate(val, "FileEntityIDs", &m.FileEntityIDs) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &m.FriendlyName) + delete(rawMsg, key) + case "internetMessageId": + err = unpopulate(val, "InternetMessageID", &m.InternetMessageID) + delete(rawMsg, key) + case "language": + err = unpopulate(val, "Language", &m.Language) + delete(rawMsg, key) + case "networkMessageId": + err = unpopulate(val, "NetworkMessageID", &m.NetworkMessageID) + delete(rawMsg, key) + case "p1Sender": + err = unpopulate(val, "P1Sender", &m.P1Sender) + delete(rawMsg, key) + case "p1SenderDisplayName": + err = unpopulate(val, "P1SenderDisplayName", &m.P1SenderDisplayName) + delete(rawMsg, key) + case "p1SenderDomain": + err = unpopulate(val, "P1SenderDomain", &m.P1SenderDomain) + delete(rawMsg, key) + case "p2Sender": + err = unpopulate(val, "P2Sender", &m.P2Sender) + delete(rawMsg, key) + case "p2SenderDisplayName": + err = unpopulate(val, "P2SenderDisplayName", &m.P2SenderDisplayName) + delete(rawMsg, key) + case "p2SenderDomain": + err = unpopulate(val, "P2SenderDomain", &m.P2SenderDomain) + delete(rawMsg, key) + case "receiveDate": + err = unpopulateDateTimeRFC3339(val, "ReceiveDate", &m.ReceiveDate) + delete(rawMsg, key) + case "recipient": + err = unpopulate(val, "Recipient", &m.Recipient) + delete(rawMsg, key) + case "senderIP": + err = unpopulate(val, "SenderIP", &m.SenderIP) + delete(rawMsg, key) + case "subject": + err = unpopulate(val, "Subject", &m.Subject) + delete(rawMsg, key) + case "threatDetectionMethods": + err = unpopulate(val, "ThreatDetectionMethods", &m.ThreatDetectionMethods) + delete(rawMsg, key) + case "threats": + err = unpopulate(val, "Threats", &m.Threats) + delete(rawMsg, key) + case "urls": + err = unpopulate(val, "Urls", &m.Urls) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MailboxEntity. +func (m MailboxEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", m.ID) + objectMap["kind"] = EntityKindEnumMailbox + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MailboxEntity. +func (m *MailboxEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MailboxEntityProperties. +func (m MailboxEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", m.AdditionalData) + populate(objectMap, "displayName", m.DisplayName) + populate(objectMap, "externalDirectoryObjectId", m.ExternalDirectoryObjectID) + populate(objectMap, "friendlyName", m.FriendlyName) + populate(objectMap, "mailboxPrimaryAddress", m.MailboxPrimaryAddress) + populate(objectMap, "upn", m.Upn) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MailboxEntityProperties. +func (m *MailboxEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &m.AdditionalData) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &m.DisplayName) + delete(rawMsg, key) + case "externalDirectoryObjectId": + err = unpopulate(val, "ExternalDirectoryObjectID", &m.ExternalDirectoryObjectID) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &m.FriendlyName) + delete(rawMsg, key) + case "mailboxPrimaryAddress": + err = unpopulate(val, "MailboxPrimaryAddress", &m.MailboxPrimaryAddress) + delete(rawMsg, key) + case "upn": + err = unpopulate(val, "Upn", &m.Upn) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MalwareEntity. +func (m MalwareEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", m.ID) + objectMap["kind"] = EntityKindEnumMalware + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MalwareEntity. +func (m *MalwareEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MalwareEntityProperties. +func (m MalwareEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", m.AdditionalData) + populate(objectMap, "category", m.Category) + populate(objectMap, "fileEntityIds", m.FileEntityIDs) + populate(objectMap, "friendlyName", m.FriendlyName) + populate(objectMap, "malwareName", m.MalwareName) + populate(objectMap, "processEntityIds", m.ProcessEntityIDs) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MalwareEntityProperties. +func (m *MalwareEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &m.AdditionalData) + delete(rawMsg, key) + case "category": + err = unpopulate(val, "Category", &m.Category) + delete(rawMsg, key) + case "fileEntityIds": + err = unpopulate(val, "FileEntityIDs", &m.FileEntityIDs) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &m.FriendlyName) + delete(rawMsg, key) + case "malwareName": + err = unpopulate(val, "MalwareName", &m.MalwareName) + delete(rawMsg, key) + case "processEntityIds": + err = unpopulate(val, "ProcessEntityIDs", &m.ProcessEntityIDs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ManualTriggerRequestBody. +func (m ManualTriggerRequestBody) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logicAppsResourceId", m.LogicAppsResourceID) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ManualTriggerRequestBody. +func (m *ManualTriggerRequestBody) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logicAppsResourceId": + err = unpopulate(val, "LogicAppsResourceID", &m.LogicAppsResourceID) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataAuthor. +func (m MetadataAuthor) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "email", m.Email) + populate(objectMap, "link", m.Link) + populate(objectMap, "name", m.Name) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataAuthor. +func (m *MetadataAuthor) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "email": + err = unpopulate(val, "Email", &m.Email) + delete(rawMsg, key) + case "link": + err = unpopulate(val, "Link", &m.Link) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataCategories. +func (m MetadataCategories) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "domains", m.Domains) + populate(objectMap, "verticals", m.Verticals) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataCategories. +func (m *MetadataCategories) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "domains": + err = unpopulate(val, "Domains", &m.Domains) + delete(rawMsg, key) + case "verticals": + err = unpopulate(val, "Verticals", &m.Verticals) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataDependencies. +func (m MetadataDependencies) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "contentId", m.ContentID) + populate(objectMap, "criteria", m.Criteria) + populate(objectMap, "kind", m.Kind) + populate(objectMap, "name", m.Name) + populate(objectMap, "operator", m.Operator) + populate(objectMap, "version", m.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataDependencies. +func (m *MetadataDependencies) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "contentId": + err = unpopulate(val, "ContentID", &m.ContentID) + delete(rawMsg, key) + case "criteria": + err = unpopulate(val, "Criteria", &m.Criteria) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "operator": + err = unpopulate(val, "Operator", &m.Operator) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &m.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataList. +func (m MetadataList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", m.NextLink) + populate(objectMap, "value", m.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataList. +func (m *MetadataList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &m.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &m.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataModel. +func (m MetadataModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataModel. +func (m *MetadataModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataPatch. +func (m MetadataPatch) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataPatch. +func (m *MetadataPatch) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataProperties. +func (m MetadataProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", m.Author) + populate(objectMap, "categories", m.Categories) + populate(objectMap, "contentId", m.ContentID) + populate(objectMap, "contentSchemaVersion", m.ContentSchemaVersion) + populate(objectMap, "customVersion", m.CustomVersion) + populate(objectMap, "dependencies", m.Dependencies) + populateDateType(objectMap, "firstPublishDate", m.FirstPublishDate) + populate(objectMap, "icon", m.Icon) + populate(objectMap, "kind", m.Kind) + populateDateType(objectMap, "lastPublishDate", m.LastPublishDate) + populate(objectMap, "parentId", m.ParentID) + populate(objectMap, "previewImages", m.PreviewImages) + populate(objectMap, "previewImagesDark", m.PreviewImagesDark) + populate(objectMap, "providers", m.Providers) + populate(objectMap, "source", m.Source) + populate(objectMap, "support", m.Support) + populate(objectMap, "threatAnalysisTactics", m.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", m.ThreatAnalysisTechniques) + populate(objectMap, "version", m.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataProperties. +func (m *MetadataProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &m.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &m.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &m.ContentID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &m.ContentSchemaVersion) + delete(rawMsg, key) + case "customVersion": + err = unpopulate(val, "CustomVersion", &m.CustomVersion) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &m.Dependencies) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &m.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &m.Icon) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &m.LastPublishDate) + delete(rawMsg, key) + case "parentId": + err = unpopulate(val, "ParentID", &m.ParentID) + delete(rawMsg, key) + case "previewImages": + err = unpopulate(val, "PreviewImages", &m.PreviewImages) + delete(rawMsg, key) + case "previewImagesDark": + err = unpopulate(val, "PreviewImagesDark", &m.PreviewImagesDark) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &m.Providers) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &m.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &m.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &m.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &m.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &m.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataPropertiesPatch. +func (m MetadataPropertiesPatch) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", m.Author) + populate(objectMap, "categories", m.Categories) + populate(objectMap, "contentId", m.ContentID) + populate(objectMap, "contentSchemaVersion", m.ContentSchemaVersion) + populate(objectMap, "customVersion", m.CustomVersion) + populate(objectMap, "dependencies", m.Dependencies) + populateDateType(objectMap, "firstPublishDate", m.FirstPublishDate) + populate(objectMap, "icon", m.Icon) + populate(objectMap, "kind", m.Kind) + populateDateType(objectMap, "lastPublishDate", m.LastPublishDate) + populate(objectMap, "parentId", m.ParentID) + populate(objectMap, "previewImages", m.PreviewImages) + populate(objectMap, "previewImagesDark", m.PreviewImagesDark) + populate(objectMap, "providers", m.Providers) + populate(objectMap, "source", m.Source) + populate(objectMap, "support", m.Support) + populate(objectMap, "threatAnalysisTactics", m.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", m.ThreatAnalysisTechniques) + populate(objectMap, "version", m.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataPropertiesPatch. +func (m *MetadataPropertiesPatch) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &m.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &m.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &m.ContentID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &m.ContentSchemaVersion) + delete(rawMsg, key) + case "customVersion": + err = unpopulate(val, "CustomVersion", &m.CustomVersion) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &m.Dependencies) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &m.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &m.Icon) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &m.LastPublishDate) + delete(rawMsg, key) + case "parentId": + err = unpopulate(val, "ParentID", &m.ParentID) + delete(rawMsg, key) + case "previewImages": + err = unpopulate(val, "PreviewImages", &m.PreviewImages) + delete(rawMsg, key) + case "previewImagesDark": + err = unpopulate(val, "PreviewImagesDark", &m.PreviewImagesDark) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &m.Providers) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &m.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &m.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &m.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &m.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &m.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataSource. +func (m MetadataSource) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "kind", m.Kind) + populate(objectMap, "name", m.Name) + populate(objectMap, "sourceId", m.SourceID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataSource. +func (m *MetadataSource) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "sourceId": + err = unpopulate(val, "SourceID", &m.SourceID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataSupport. +func (m MetadataSupport) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "email", m.Email) + populate(objectMap, "link", m.Link) + populate(objectMap, "name", m.Name) + populate(objectMap, "tier", m.Tier) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataSupport. +func (m *MetadataSupport) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "email": + err = unpopulate(val, "Email", &m.Email) + delete(rawMsg, key) + case "link": + err = unpopulate(val, "Link", &m.Link) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "tier": + err = unpopulate(val, "Tier", &m.Tier) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionCheckRequirements. +func (m MicrosoftPurviewInformationProtectionCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindMicrosoftPurviewInformationProtection + populate(objectMap, "properties", m.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionCheckRequirements. +func (m *MicrosoftPurviewInformationProtectionCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionCheckRequirementsProperties. +func (m MicrosoftPurviewInformationProtectionCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionCheckRequirementsProperties. +func (m *MicrosoftPurviewInformationProtectionCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionConnectorDataTypes. +func (m MicrosoftPurviewInformationProtectionConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logs", m.Logs) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionConnectorDataTypes. +func (m *MicrosoftPurviewInformationProtectionConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logs": + err = unpopulate(val, "Logs", &m.Logs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionConnectorDataTypesLogs. +func (m MicrosoftPurviewInformationProtectionConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", m.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionConnectorDataTypesLogs. +func (m *MicrosoftPurviewInformationProtectionConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &m.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionDataConnector. +func (m MicrosoftPurviewInformationProtectionDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = DataConnectorKindMicrosoftPurviewInformationProtection + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionDataConnector. +func (m *MicrosoftPurviewInformationProtectionDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionDataConnectorProperties. +func (m MicrosoftPurviewInformationProtectionDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", m.DataTypes) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionDataConnectorProperties. +func (m *MicrosoftPurviewInformationProtectionDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &m.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRule. +func (m MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = AlertRuleKindMicrosoftSecurityIncidentCreation + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRule. +func (m *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleProperties. +func (m MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertRuleTemplateName", m.AlertRuleTemplateName) + populate(objectMap, "description", m.Description) + populate(objectMap, "displayName", m.DisplayName) + populate(objectMap, "displayNamesExcludeFilter", m.DisplayNamesExcludeFilter) + populate(objectMap, "displayNamesFilter", m.DisplayNamesFilter) + populate(objectMap, "enabled", m.Enabled) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", m.LastModifiedUTC) + populate(objectMap, "productFilter", m.ProductFilter) + populate(objectMap, "severitiesFilter", m.SeveritiesFilter) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleProperties. +func (m *MicrosoftSecurityIncidentCreationAlertRuleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &m.AlertRuleTemplateName) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &m.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &m.DisplayName) + delete(rawMsg, key) + case "displayNamesExcludeFilter": + err = unpopulate(val, "DisplayNamesExcludeFilter", &m.DisplayNamesExcludeFilter) + delete(rawMsg, key) + case "displayNamesFilter": + err = unpopulate(val, "DisplayNamesFilter", &m.DisplayNamesFilter) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &m.Enabled) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &m.LastModifiedUTC) + delete(rawMsg, key) + case "productFilter": + err = unpopulate(val, "ProductFilter", &m.ProductFilter) + delete(rawMsg, key) + case "severitiesFilter": + err = unpopulate(val, "SeveritiesFilter", &m.SeveritiesFilter) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (m MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", m.ID) + objectMap["kind"] = AlertRuleKindMicrosoftSecurityIncidentCreation + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (m *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties. +func (m MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertRulesCreatedByTemplateCount", m.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", m.CreatedDateUTC) + populate(objectMap, "description", m.Description) + populate(objectMap, "displayName", m.DisplayName) + populate(objectMap, "displayNamesExcludeFilter", m.DisplayNamesExcludeFilter) + populate(objectMap, "displayNamesFilter", m.DisplayNamesFilter) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", m.LastUpdatedDateUTC) + populate(objectMap, "productFilter", m.ProductFilter) + populate(objectMap, "requiredDataConnectors", m.RequiredDataConnectors) + populate(objectMap, "severitiesFilter", m.SeveritiesFilter) + populate(objectMap, "status", m.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties. +func (m *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &m.AlertRulesCreatedByTemplateCount) + delete(rawMsg, key) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &m.CreatedDateUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &m.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &m.DisplayName) + delete(rawMsg, key) + case "displayNamesExcludeFilter": + err = unpopulate(val, "DisplayNamesExcludeFilter", &m.DisplayNamesExcludeFilter) + delete(rawMsg, key) + case "displayNamesFilter": + err = unpopulate(val, "DisplayNamesFilter", &m.DisplayNamesFilter) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &m.LastUpdatedDateUTC) + delete(rawMsg, key) + case "productFilter": + err = unpopulate(val, "ProductFilter", &m.ProductFilter) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &m.RequiredDataConnectors) + delete(rawMsg, key) + case "severitiesFilter": + err = unpopulate(val, "SeveritiesFilter", &m.SeveritiesFilter) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &m.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MtpCheckRequirements. +func (m MtpCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindMicrosoftThreatProtection + populate(objectMap, "properties", m.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MtpCheckRequirements. +func (m *MtpCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MtpFilteredProviders. +func (m MtpFilteredProviders) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alerts", m.Alerts) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MtpFilteredProviders. +func (m *MtpFilteredProviders) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alerts": + err = unpopulate(val, "Alerts", &m.Alerts) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NicEntity. +func (n NicEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", n.ID) + objectMap["kind"] = EntityKindEnumNic + populate(objectMap, "name", n.Name) + populate(objectMap, "properties", n.Properties) + populate(objectMap, "systemData", n.SystemData) + populate(objectMap, "type", n.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NicEntity. +func (n *NicEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &n.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &n.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &n.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &n.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &n.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &n.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NicEntityProperties. +func (n NicEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", n.AdditionalData) + populate(objectMap, "friendlyName", n.FriendlyName) + populate(objectMap, "ipAddressEntityId", n.IPAddressEntityID) + populate(objectMap, "macAddress", n.MacAddress) + populate(objectMap, "vlans", n.Vlans) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NicEntityProperties. +func (n *NicEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &n.AdditionalData) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &n.FriendlyName) + delete(rawMsg, key) + case "ipAddressEntityId": + err = unpopulate(val, "IPAddressEntityID", &n.IPAddressEntityID) + delete(rawMsg, key) + case "macAddress": + err = unpopulate(val, "MacAddress", &n.MacAddress) + delete(rawMsg, key) + case "vlans": + err = unpopulate(val, "Vlans", &n.Vlans) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NoneAuthModel. +func (n NoneAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["type"] = CcpAuthTypeNone + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NoneAuthModel. +func (n *NoneAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "type": + err = unpopulate(val, "Type", &n.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NrtAlertRule. +func (n NrtAlertRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", n.Etag) + populate(objectMap, "id", n.ID) + objectMap["kind"] = AlertRuleKindNRT + populate(objectMap, "name", n.Name) + populate(objectMap, "properties", n.Properties) + populate(objectMap, "systemData", n.SystemData) + populate(objectMap, "type", n.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRule. +func (n *NrtAlertRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &n.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &n.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &n.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &n.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &n.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &n.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &n.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NrtAlertRuleProperties. +func (n NrtAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertDetailsOverride", n.AlertDetailsOverride) + populate(objectMap, "alertRuleTemplateName", n.AlertRuleTemplateName) + populate(objectMap, "customDetails", n.CustomDetails) + populate(objectMap, "description", n.Description) + populate(objectMap, "displayName", n.DisplayName) + populate(objectMap, "enabled", n.Enabled) + populate(objectMap, "entityMappings", n.EntityMappings) + populate(objectMap, "eventGroupingSettings", n.EventGroupingSettings) + populate(objectMap, "incidentConfiguration", n.IncidentConfiguration) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", n.LastModifiedUTC) + populate(objectMap, "query", n.Query) + populate(objectMap, "sentinelEntitiesMappings", n.SentinelEntitiesMappings) + populate(objectMap, "severity", n.Severity) + populate(objectMap, "subTechniques", n.SubTechniques) + populate(objectMap, "suppressionDuration", n.SuppressionDuration) + populate(objectMap, "suppressionEnabled", n.SuppressionEnabled) + populate(objectMap, "tactics", n.Tactics) + populate(objectMap, "techniques", n.Techniques) + populate(objectMap, "templateVersion", n.TemplateVersion) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRuleProperties. +func (n *NrtAlertRuleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertDetailsOverride": + err = unpopulate(val, "AlertDetailsOverride", &n.AlertDetailsOverride) + delete(rawMsg, key) + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &n.AlertRuleTemplateName) + delete(rawMsg, key) + case "customDetails": + err = unpopulate(val, "CustomDetails", &n.CustomDetails) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &n.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &n.DisplayName) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &n.Enabled) + delete(rawMsg, key) + case "entityMappings": + err = unpopulate(val, "EntityMappings", &n.EntityMappings) + delete(rawMsg, key) + case "eventGroupingSettings": + err = unpopulate(val, "EventGroupingSettings", &n.EventGroupingSettings) + delete(rawMsg, key) + case "incidentConfiguration": + err = unpopulate(val, "IncidentConfiguration", &n.IncidentConfiguration) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &n.LastModifiedUTC) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &n.Query) + delete(rawMsg, key) + case "sentinelEntitiesMappings": + err = unpopulate(val, "SentinelEntitiesMappings", &n.SentinelEntitiesMappings) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &n.Severity) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &n.SubTechniques) + delete(rawMsg, key) + case "suppressionDuration": + err = unpopulate(val, "SuppressionDuration", &n.SuppressionDuration) + delete(rawMsg, key) + case "suppressionEnabled": + err = unpopulate(val, "SuppressionEnabled", &n.SuppressionEnabled) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &n.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &n.Techniques) + delete(rawMsg, key) + case "templateVersion": + err = unpopulate(val, "TemplateVersion", &n.TemplateVersion) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NrtAlertRuleTemplate. +func (n NrtAlertRuleTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", n.ID) + objectMap["kind"] = AlertRuleKindNRT + populate(objectMap, "name", n.Name) + populate(objectMap, "properties", n.Properties) + populate(objectMap, "systemData", n.SystemData) + populate(objectMap, "type", n.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRuleTemplate. +func (n *NrtAlertRuleTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &n.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &n.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &n.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &n.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &n.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &n.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NrtAlertRuleTemplateProperties. +func (n NrtAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertDetailsOverride", n.AlertDetailsOverride) + populate(objectMap, "alertRulesCreatedByTemplateCount", n.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", n.CreatedDateUTC) + populate(objectMap, "customDetails", n.CustomDetails) + populate(objectMap, "description", n.Description) + populate(objectMap, "displayName", n.DisplayName) + populate(objectMap, "entityMappings", n.EntityMappings) + populate(objectMap, "eventGroupingSettings", n.EventGroupingSettings) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", n.LastUpdatedDateUTC) + populate(objectMap, "query", n.Query) + populate(objectMap, "requiredDataConnectors", n.RequiredDataConnectors) + populate(objectMap, "sentinelEntitiesMappings", n.SentinelEntitiesMappings) + populate(objectMap, "severity", n.Severity) + populate(objectMap, "status", n.Status) + populate(objectMap, "tactics", n.Tactics) + populate(objectMap, "techniques", n.Techniques) + populate(objectMap, "version", n.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRuleTemplateProperties. +func (n *NrtAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertDetailsOverride": + err = unpopulate(val, "AlertDetailsOverride", &n.AlertDetailsOverride) + delete(rawMsg, key) + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &n.AlertRulesCreatedByTemplateCount) + delete(rawMsg, key) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &n.CreatedDateUTC) + delete(rawMsg, key) + case "customDetails": + err = unpopulate(val, "CustomDetails", &n.CustomDetails) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &n.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &n.DisplayName) + delete(rawMsg, key) + case "entityMappings": + err = unpopulate(val, "EntityMappings", &n.EntityMappings) + delete(rawMsg, key) + case "eventGroupingSettings": + err = unpopulate(val, "EventGroupingSettings", &n.EventGroupingSettings) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &n.LastUpdatedDateUTC) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &n.Query) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &n.RequiredDataConnectors) + delete(rawMsg, key) + case "sentinelEntitiesMappings": + err = unpopulate(val, "SentinelEntitiesMappings", &n.SentinelEntitiesMappings) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &n.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &n.Status) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &n.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &n.Techniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &n.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OAuthModel. +func (o OAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "accessTokenPrepend", o.AccessTokenPrepend) + populate(objectMap, "authorizationCode", o.AuthorizationCode) + populate(objectMap, "authorizationEndpoint", o.AuthorizationEndpoint) + populate(objectMap, "authorizationEndpointHeaders", o.AuthorizationEndpointHeaders) + populate(objectMap, "authorizationEndpointQueryParameters", o.AuthorizationEndpointQueryParameters) + populate(objectMap, "clientId", o.ClientID) + populate(objectMap, "clientSecret", o.ClientSecret) + populate(objectMap, "grantType", o.GrantType) + populate(objectMap, "isCredentialsInHeaders", o.IsCredentialsInHeaders) + populate(objectMap, "isJwtBearerFlow", o.IsJwtBearerFlow) + populate(objectMap, "redirectUri", o.RedirectURI) + populate(objectMap, "scope", o.Scope) + populate(objectMap, "tokenEndpoint", o.TokenEndpoint) + populate(objectMap, "tokenEndpointHeaders", o.TokenEndpointHeaders) + populate(objectMap, "tokenEndpointQueryParameters", o.TokenEndpointQueryParameters) + objectMap["type"] = CcpAuthTypeOAuth2 + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OAuthModel. +func (o *OAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "accessTokenPrepend": + err = unpopulate(val, "AccessTokenPrepend", &o.AccessTokenPrepend) + delete(rawMsg, key) + case "authorizationCode": + err = unpopulate(val, "AuthorizationCode", &o.AuthorizationCode) + delete(rawMsg, key) + case "authorizationEndpoint": + err = unpopulate(val, "AuthorizationEndpoint", &o.AuthorizationEndpoint) + delete(rawMsg, key) + case "authorizationEndpointHeaders": + err = unpopulate(val, "AuthorizationEndpointHeaders", &o.AuthorizationEndpointHeaders) + delete(rawMsg, key) + case "authorizationEndpointQueryParameters": + err = unpopulate(val, "AuthorizationEndpointQueryParameters", &o.AuthorizationEndpointQueryParameters) + delete(rawMsg, key) + case "clientId": + err = unpopulate(val, "ClientID", &o.ClientID) + delete(rawMsg, key) + case "clientSecret": + err = unpopulate(val, "ClientSecret", &o.ClientSecret) + delete(rawMsg, key) + case "grantType": + err = unpopulate(val, "GrantType", &o.GrantType) + delete(rawMsg, key) + case "isCredentialsInHeaders": + err = unpopulate(val, "IsCredentialsInHeaders", &o.IsCredentialsInHeaders) + delete(rawMsg, key) + case "isJwtBearerFlow": + err = unpopulate(val, "IsJwtBearerFlow", &o.IsJwtBearerFlow) + delete(rawMsg, key) + case "redirectUri": + err = unpopulate(val, "RedirectURI", &o.RedirectURI) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &o.Scope) + delete(rawMsg, key) + case "tokenEndpoint": + err = unpopulate(val, "TokenEndpoint", &o.TokenEndpoint) + delete(rawMsg, key) + case "tokenEndpointHeaders": + err = unpopulate(val, "TokenEndpointHeaders", &o.TokenEndpointHeaders) + delete(rawMsg, key) + case "tokenEndpointQueryParameters": + err = unpopulate(val, "TokenEndpointQueryParameters", &o.TokenEndpointQueryParameters) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectCheckRequirements. +func (o Office365ProjectCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindOffice365Project + populate(objectMap, "properties", o.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectCheckRequirements. +func (o *Office365ProjectCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectCheckRequirementsProperties. +func (o Office365ProjectCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectCheckRequirementsProperties. +func (o *Office365ProjectCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectConnectorDataTypes. +func (o Office365ProjectConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logs", o.Logs) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectConnectorDataTypes. +func (o *Office365ProjectConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logs": + err = unpopulate(val, "Logs", &o.Logs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectConnectorDataTypesLogs. +func (o Office365ProjectConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", o.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectConnectorDataTypesLogs. +func (o *Office365ProjectConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &o.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectDataConnector. +func (o Office365ProjectDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", o.Etag) + populate(objectMap, "id", o.ID) + objectMap["kind"] = DataConnectorKindOffice365Project + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectDataConnector. +func (o *Office365ProjectDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &o.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectDataConnectorProperties. +func (o Office365ProjectDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", o.DataTypes) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectDataConnectorProperties. +func (o *Office365ProjectDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &o.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeATPCheckRequirements. +func (o OfficeATPCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindOfficeATP + populate(objectMap, "properties", o.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPCheckRequirements. +func (o *OfficeATPCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeATPCheckRequirementsProperties. +func (o OfficeATPCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPCheckRequirementsProperties. +func (o *OfficeATPCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeATPDataConnector. +func (o OfficeATPDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", o.Etag) + populate(objectMap, "id", o.ID) + objectMap["kind"] = DataConnectorKindOfficeATP + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPDataConnector. +func (o *OfficeATPDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &o.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeATPDataConnectorProperties. +func (o OfficeATPDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", o.DataTypes) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPDataConnectorProperties. +func (o *OfficeATPDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &o.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeConsent. +func (o OfficeConsent) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", o.ID) + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeConsent. +func (o *OfficeConsent) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeConsentList. +func (o OfficeConsentList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", o.NextLink) + populate(objectMap, "value", o.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeConsentList. +func (o *OfficeConsentList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &o.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &o.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeConsentProperties. +func (o OfficeConsentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "consentId", o.ConsentID) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeConsentProperties. +func (o *OfficeConsentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "consentId": + err = unpopulate(val, "ConsentID", &o.ConsentID) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnector. +func (o OfficeDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", o.Etag) + populate(objectMap, "id", o.ID) + objectMap["kind"] = DataConnectorKindOffice365 + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnector. +func (o *OfficeDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &o.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypes. +func (o OfficeDataConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "exchange", o.Exchange) + populate(objectMap, "sharePoint", o.SharePoint) + populate(objectMap, "teams", o.Teams) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypes. +func (o *OfficeDataConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "exchange": + err = unpopulate(val, "Exchange", &o.Exchange) + delete(rawMsg, key) + case "sharePoint": + err = unpopulate(val, "SharePoint", &o.SharePoint) + delete(rawMsg, key) + case "teams": + err = unpopulate(val, "Teams", &o.Teams) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesExchange. +func (o OfficeDataConnectorDataTypesExchange) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", o.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesExchange. +func (o *OfficeDataConnectorDataTypesExchange) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &o.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesSharePoint. +func (o OfficeDataConnectorDataTypesSharePoint) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", o.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesSharePoint. +func (o *OfficeDataConnectorDataTypesSharePoint) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &o.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesTeams. +func (o OfficeDataConnectorDataTypesTeams) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", o.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesTeams. +func (o *OfficeDataConnectorDataTypesTeams) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &o.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorProperties. +func (o OfficeDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", o.DataTypes) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorProperties. +func (o *OfficeDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &o.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeIRMCheckRequirements. +func (o OfficeIRMCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindOfficeIRM + populate(objectMap, "properties", o.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMCheckRequirements. +func (o *OfficeIRMCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeIRMCheckRequirementsProperties. +func (o OfficeIRMCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMCheckRequirementsProperties. +func (o *OfficeIRMCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeIRMDataConnector. +func (o OfficeIRMDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", o.Etag) + populate(objectMap, "id", o.ID) + objectMap["kind"] = DataConnectorKindOfficeIRM + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMDataConnector. +func (o *OfficeIRMDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &o.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeIRMDataConnectorProperties. +func (o OfficeIRMDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", o.DataTypes) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMDataConnectorProperties. +func (o *OfficeIRMDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &o.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBICheckRequirements. +func (o OfficePowerBICheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindOfficePowerBI + populate(objectMap, "properties", o.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBICheckRequirements. +func (o *OfficePowerBICheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBICheckRequirementsProperties. +func (o OfficePowerBICheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBICheckRequirementsProperties. +func (o *OfficePowerBICheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIConnectorDataTypes. +func (o OfficePowerBIConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logs", o.Logs) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIConnectorDataTypes. +func (o *OfficePowerBIConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logs": + err = unpopulate(val, "Logs", &o.Logs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIConnectorDataTypesLogs. +func (o OfficePowerBIConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", o.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIConnectorDataTypesLogs. +func (o *OfficePowerBIConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &o.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIDataConnector. +func (o OfficePowerBIDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", o.Etag) + populate(objectMap, "id", o.ID) + objectMap["kind"] = DataConnectorKindOfficePowerBI + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIDataConnector. +func (o *OfficePowerBIDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &o.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIDataConnectorProperties. +func (o OfficePowerBIDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", o.DataTypes) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIDataConnectorProperties. +func (o *OfficePowerBIDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &o.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Operation. +func (o Operation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "display", o.Display) + populate(objectMap, "isDataAction", o.IsDataAction) + populate(objectMap, "name", o.Name) + populate(objectMap, "origin", o.Origin) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Operation. +func (o *Operation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "display": + err = unpopulate(val, "Display", &o.Display) + delete(rawMsg, key) + case "isDataAction": + err = unpopulate(val, "IsDataAction", &o.IsDataAction) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "origin": + err = unpopulate(val, "Origin", &o.Origin) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OperationDisplay. +func (o OperationDisplay) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", o.Description) + populate(objectMap, "operation", o.Operation) + populate(objectMap, "provider", o.Provider) + populate(objectMap, "resource", o.Resource) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OperationDisplay. +func (o *OperationDisplay) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &o.Description) + delete(rawMsg, key) + case "operation": + err = unpopulate(val, "Operation", &o.Operation) + delete(rawMsg, key) + case "provider": + err = unpopulate(val, "Provider", &o.Provider) + delete(rawMsg, key) + case "resource": + err = unpopulate(val, "Resource", &o.Resource) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OperationsList. +func (o OperationsList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", o.NextLink) + populate(objectMap, "value", o.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OperationsList. +func (o *OperationsList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &o.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &o.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OracleAuthModel. +func (o OracleAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "pemFile", o.PemFile) + populate(objectMap, "publicFingerprint", o.PublicFingerprint) + populate(objectMap, "tenantId", o.TenantID) + objectMap["type"] = CcpAuthTypeOracle + populate(objectMap, "userId", o.UserID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OracleAuthModel. +func (o *OracleAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "pemFile": + err = unpopulate(val, "PemFile", &o.PemFile) + delete(rawMsg, key) + case "publicFingerprint": + err = unpopulate(val, "PublicFingerprint", &o.PublicFingerprint) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + case "userId": + err = unpopulate(val, "UserID", &o.UserID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PackageList. +func (p PackageList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", p.NextLink) + populate(objectMap, "value", p.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PackageList. +func (p *PackageList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &p.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &p.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PackageModel. +func (p PackageModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", p.Etag) + populate(objectMap, "id", p.ID) + populate(objectMap, "name", p.Name) + populate(objectMap, "properties", p.Properties) + populate(objectMap, "systemData", p.SystemData) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PackageModel. +func (p *PackageModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &p.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &p.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PackageProperties. +func (p PackageProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", p.Author) + populate(objectMap, "categories", p.Categories) + populate(objectMap, "contentId", p.ContentID) + populate(objectMap, "contentKind", p.ContentKind) + populate(objectMap, "contentProductId", p.ContentProductID) + populate(objectMap, "contentSchemaVersion", p.ContentSchemaVersion) + populate(objectMap, "dependencies", p.Dependencies) + populate(objectMap, "description", p.Description) + populate(objectMap, "displayName", p.DisplayName) + populateDateType(objectMap, "firstPublishDate", p.FirstPublishDate) + populate(objectMap, "icon", p.Icon) + populate(objectMap, "isDeprecated", p.IsDeprecated) + populate(objectMap, "isFeatured", p.IsFeatured) + populate(objectMap, "isNew", p.IsNew) + populate(objectMap, "isPreview", p.IsPreview) + populateDateType(objectMap, "lastPublishDate", p.LastPublishDate) + populate(objectMap, "providers", p.Providers) + populate(objectMap, "publisherDisplayName", p.PublisherDisplayName) + populate(objectMap, "source", p.Source) + populate(objectMap, "support", p.Support) + populate(objectMap, "threatAnalysisTactics", p.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", p.ThreatAnalysisTechniques) + populate(objectMap, "version", p.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PackageProperties. +func (p *PackageProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &p.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &p.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &p.ContentID) + delete(rawMsg, key) + case "contentKind": + err = unpopulate(val, "ContentKind", &p.ContentKind) + delete(rawMsg, key) + case "contentProductId": + err = unpopulate(val, "ContentProductID", &p.ContentProductID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &p.ContentSchemaVersion) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &p.Dependencies) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &p.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &p.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &p.Icon) + delete(rawMsg, key) + case "isDeprecated": + err = unpopulate(val, "IsDeprecated", &p.IsDeprecated) + delete(rawMsg, key) + case "isFeatured": + err = unpopulate(val, "IsFeatured", &p.IsFeatured) + delete(rawMsg, key) + case "isNew": + err = unpopulate(val, "IsNew", &p.IsNew) + delete(rawMsg, key) + case "isPreview": + err = unpopulate(val, "IsPreview", &p.IsPreview) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &p.LastPublishDate) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &p.Providers) + delete(rawMsg, key) + case "publisherDisplayName": + err = unpopulate(val, "PublisherDisplayName", &p.PublisherDisplayName) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &p.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &p.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &p.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &p.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &p.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Permissions. +func (p Permissions) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "customs", p.Customs) + populate(objectMap, "resourceProvider", p.ResourceProvider) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Permissions. +func (p *Permissions) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "customs": + err = unpopulate(val, "Customs", &p.Customs) + delete(rawMsg, key) + case "resourceProvider": + err = unpopulate(val, "ResourceProvider", &p.ResourceProvider) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PermissionsCustomsItem. +func (p PermissionsCustomsItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", p.Description) + populate(objectMap, "name", p.Name) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PermissionsCustomsItem. +func (p *PermissionsCustomsItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &p.Description) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PermissionsResourceProviderItem. +func (p PermissionsResourceProviderItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "permissionsDisplayText", p.PermissionsDisplayText) + populate(objectMap, "provider", p.Provider) + populate(objectMap, "providerDisplayName", p.ProviderDisplayName) + populate(objectMap, "requiredPermissions", p.RequiredPermissions) + populate(objectMap, "scope", p.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PermissionsResourceProviderItem. +func (p *PermissionsResourceProviderItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "permissionsDisplayText": + err = unpopulate(val, "PermissionsDisplayText", &p.PermissionsDisplayText) + delete(rawMsg, key) + case "provider": + err = unpopulate(val, "Provider", &p.Provider) + delete(rawMsg, key) + case "providerDisplayName": + err = unpopulate(val, "ProviderDisplayName", &p.ProviderDisplayName) + delete(rawMsg, key) + case "requiredPermissions": + err = unpopulate(val, "RequiredPermissions", &p.RequiredPermissions) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &p.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PlaybookActionProperties. +func (p PlaybookActionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logicAppResourceId", p.LogicAppResourceID) + populate(objectMap, "tenantId", p.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PlaybookActionProperties. +func (p *PlaybookActionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logicAppResourceId": + err = unpopulate(val, "LogicAppResourceID", &p.LogicAppResourceID) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &p.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProcessEntity. +func (p ProcessEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", p.ID) + objectMap["kind"] = EntityKindEnumProcess + populate(objectMap, "name", p.Name) + populate(objectMap, "properties", p.Properties) + populate(objectMap, "systemData", p.SystemData) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProcessEntity. +func (p *ProcessEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &p.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &p.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProcessEntityProperties. +func (p ProcessEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "accountEntityId", p.AccountEntityID) + populate(objectMap, "additionalData", p.AdditionalData) + populate(objectMap, "commandLine", p.CommandLine) + populateDateTimeRFC3339(objectMap, "creationTimeUtc", p.CreationTimeUTC) + populate(objectMap, "elevationToken", p.ElevationToken) + populate(objectMap, "friendlyName", p.FriendlyName) + populate(objectMap, "hostEntityId", p.HostEntityID) + populate(objectMap, "hostLogonSessionEntityId", p.HostLogonSessionEntityID) + populate(objectMap, "imageFileEntityId", p.ImageFileEntityID) + populate(objectMap, "parentProcessEntityId", p.ParentProcessEntityID) + populate(objectMap, "processId", p.ProcessID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProcessEntityProperties. +func (p *ProcessEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "accountEntityId": + err = unpopulate(val, "AccountEntityID", &p.AccountEntityID) + delete(rawMsg, key) + case "additionalData": + err = unpopulate(val, "AdditionalData", &p.AdditionalData) + delete(rawMsg, key) + case "commandLine": + err = unpopulate(val, "CommandLine", &p.CommandLine) + delete(rawMsg, key) + case "creationTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreationTimeUTC", &p.CreationTimeUTC) + delete(rawMsg, key) + case "elevationToken": + err = unpopulate(val, "ElevationToken", &p.ElevationToken) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &p.FriendlyName) + delete(rawMsg, key) + case "hostEntityId": + err = unpopulate(val, "HostEntityID", &p.HostEntityID) + delete(rawMsg, key) + case "hostLogonSessionEntityId": + err = unpopulate(val, "HostLogonSessionEntityID", &p.HostLogonSessionEntityID) + delete(rawMsg, key) + case "imageFileEntityId": + err = unpopulate(val, "ImageFileEntityID", &p.ImageFileEntityID) + delete(rawMsg, key) + case "parentProcessEntityId": + err = unpopulate(val, "ParentProcessEntityID", &p.ParentProcessEntityID) + delete(rawMsg, key) + case "processId": + err = unpopulate(val, "ProcessID", &p.ProcessID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductPackageList. +func (p ProductPackageList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", p.NextLink) + populate(objectMap, "value", p.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductPackageList. +func (p *ProductPackageList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &p.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &p.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductPackageModel. +func (p ProductPackageModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", p.Etag) + populate(objectMap, "id", p.ID) + populate(objectMap, "name", p.Name) + populate(objectMap, "properties", p.Properties) + populate(objectMap, "systemData", p.SystemData) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductPackageModel. +func (p *ProductPackageModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &p.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &p.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductPackageProperties. +func (p ProductPackageProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", p.Author) + populate(objectMap, "categories", p.Categories) + populate(objectMap, "contentId", p.ContentID) + populate(objectMap, "contentKind", p.ContentKind) + populate(objectMap, "contentProductId", p.ContentProductID) + populate(objectMap, "contentSchemaVersion", p.ContentSchemaVersion) + populate(objectMap, "dependencies", p.Dependencies) + populate(objectMap, "description", p.Description) + populate(objectMap, "displayName", p.DisplayName) + populateDateType(objectMap, "firstPublishDate", p.FirstPublishDate) + populate(objectMap, "icon", p.Icon) + populate(objectMap, "installedVersion", p.InstalledVersion) + populate(objectMap, "isDeprecated", p.IsDeprecated) + populate(objectMap, "isFeatured", p.IsFeatured) + populate(objectMap, "isNew", p.IsNew) + populate(objectMap, "isPreview", p.IsPreview) + populateDateType(objectMap, "lastPublishDate", p.LastPublishDate) + populate(objectMap, "metadataResourceId", p.MetadataResourceID) + populateAny(objectMap, "packagedContent", p.PackagedContent) + populate(objectMap, "providers", p.Providers) + populate(objectMap, "publisherDisplayName", p.PublisherDisplayName) + populate(objectMap, "source", p.Source) + populate(objectMap, "support", p.Support) + populate(objectMap, "threatAnalysisTactics", p.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", p.ThreatAnalysisTechniques) + populate(objectMap, "version", p.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductPackageProperties. +func (p *ProductPackageProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &p.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &p.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &p.ContentID) + delete(rawMsg, key) + case "contentKind": + err = unpopulate(val, "ContentKind", &p.ContentKind) + delete(rawMsg, key) + case "contentProductId": + err = unpopulate(val, "ContentProductID", &p.ContentProductID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &p.ContentSchemaVersion) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &p.Dependencies) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &p.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &p.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &p.Icon) + delete(rawMsg, key) + case "installedVersion": + err = unpopulate(val, "InstalledVersion", &p.InstalledVersion) + delete(rawMsg, key) + case "isDeprecated": + err = unpopulate(val, "IsDeprecated", &p.IsDeprecated) + delete(rawMsg, key) + case "isFeatured": + err = unpopulate(val, "IsFeatured", &p.IsFeatured) + delete(rawMsg, key) + case "isNew": + err = unpopulate(val, "IsNew", &p.IsNew) + delete(rawMsg, key) + case "isPreview": + err = unpopulate(val, "IsPreview", &p.IsPreview) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &p.LastPublishDate) + delete(rawMsg, key) + case "metadataResourceId": + err = unpopulate(val, "MetadataResourceID", &p.MetadataResourceID) + delete(rawMsg, key) + case "packagedContent": + err = unpopulate(val, "PackagedContent", &p.PackagedContent) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &p.Providers) + delete(rawMsg, key) + case "publisherDisplayName": + err = unpopulate(val, "PublisherDisplayName", &p.PublisherDisplayName) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &p.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &p.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &p.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &p.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &p.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductTemplateList. +func (p ProductTemplateList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", p.NextLink) + populate(objectMap, "value", p.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductTemplateList. +func (p *ProductTemplateList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &p.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &p.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductTemplateModel. +func (p ProductTemplateModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", p.Etag) + populate(objectMap, "id", p.ID) + populate(objectMap, "name", p.Name) + populate(objectMap, "properties", p.Properties) + populate(objectMap, "systemData", p.SystemData) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductTemplateModel. +func (p *ProductTemplateModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &p.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &p.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductTemplateProperties. +func (p ProductTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", p.Author) + populate(objectMap, "categories", p.Categories) + populate(objectMap, "contentId", p.ContentID) + populate(objectMap, "contentKind", p.ContentKind) + populate(objectMap, "contentProductId", p.ContentProductID) + populate(objectMap, "contentSchemaVersion", p.ContentSchemaVersion) + populate(objectMap, "customVersion", p.CustomVersion) + populate(objectMap, "dependencies", p.Dependencies) + populate(objectMap, "displayName", p.DisplayName) + populateDateType(objectMap, "firstPublishDate", p.FirstPublishDate) + populate(objectMap, "icon", p.Icon) + populate(objectMap, "isDeprecated", p.IsDeprecated) + populateDateType(objectMap, "lastPublishDate", p.LastPublishDate) + populate(objectMap, "packageId", p.PackageID) + populate(objectMap, "packageKind", p.PackageKind) + populate(objectMap, "packageName", p.PackageName) + populate(objectMap, "packageVersion", p.PackageVersion) + populateAny(objectMap, "packagedContent", p.PackagedContent) + populate(objectMap, "previewImages", p.PreviewImages) + populate(objectMap, "previewImagesDark", p.PreviewImagesDark) + populate(objectMap, "providers", p.Providers) + populate(objectMap, "source", p.Source) + populate(objectMap, "support", p.Support) + populate(objectMap, "threatAnalysisTactics", p.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", p.ThreatAnalysisTechniques) + populate(objectMap, "version", p.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductTemplateProperties. +func (p *ProductTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &p.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &p.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &p.ContentID) + delete(rawMsg, key) + case "contentKind": + err = unpopulate(val, "ContentKind", &p.ContentKind) + delete(rawMsg, key) + case "contentProductId": + err = unpopulate(val, "ContentProductID", &p.ContentProductID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &p.ContentSchemaVersion) + delete(rawMsg, key) + case "customVersion": + err = unpopulate(val, "CustomVersion", &p.CustomVersion) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &p.Dependencies) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &p.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &p.Icon) + delete(rawMsg, key) + case "isDeprecated": + err = unpopulate(val, "IsDeprecated", &p.IsDeprecated) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &p.LastPublishDate) + delete(rawMsg, key) + case "packageId": + err = unpopulate(val, "PackageID", &p.PackageID) + delete(rawMsg, key) + case "packageKind": + err = unpopulate(val, "PackageKind", &p.PackageKind) + delete(rawMsg, key) + case "packageName": + err = unpopulate(val, "PackageName", &p.PackageName) + delete(rawMsg, key) + case "packageVersion": + err = unpopulate(val, "PackageVersion", &p.PackageVersion) + delete(rawMsg, key) + case "packagedContent": + err = unpopulate(val, "PackagedContent", &p.PackagedContent) + delete(rawMsg, key) + case "previewImages": + err = unpopulate(val, "PreviewImages", &p.PreviewImages) + delete(rawMsg, key) + case "previewImagesDark": + err = unpopulate(val, "PreviewImagesDark", &p.PreviewImagesDark) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &p.Providers) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &p.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &p.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &p.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &p.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &p.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PropertyArrayChangedConditionProperties. +func (p PropertyArrayChangedConditionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "conditionProperties", p.ConditionProperties) + objectMap["conditionType"] = ConditionTypePropertyArrayChanged + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyArrayChangedConditionProperties. +func (p *PropertyArrayChangedConditionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "conditionProperties": + err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + delete(rawMsg, key) + case "conditionType": + err = unpopulate(val, "ConditionType", &p.ConditionType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PropertyArrayConditionProperties. +func (p PropertyArrayConditionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "conditionProperties", p.ConditionProperties) + objectMap["conditionType"] = ConditionTypePropertyArray + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyArrayConditionProperties. +func (p *PropertyArrayConditionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "conditionProperties": + err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + delete(rawMsg, key) + case "conditionType": + err = unpopulate(val, "ConditionType", &p.ConditionType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PropertyChangedConditionProperties. +func (p PropertyChangedConditionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "conditionProperties", p.ConditionProperties) + objectMap["conditionType"] = ConditionTypePropertyChanged + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyChangedConditionProperties. +func (p *PropertyChangedConditionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "conditionProperties": + err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + delete(rawMsg, key) + case "conditionType": + err = unpopulate(val, "ConditionType", &p.ConditionType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PropertyConditionProperties. +func (p PropertyConditionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "conditionProperties", p.ConditionProperties) + objectMap["conditionType"] = ConditionTypeProperty + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyConditionProperties. +func (p *PropertyConditionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "conditionProperties": + err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + delete(rawMsg, key) + case "conditionType": + err = unpopulate(val, "ConditionType", &p.ConditionType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PullRequest. +func (p PullRequest) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", p.State) + populate(objectMap, "url", p.URL) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PullRequest. +func (p *PullRequest) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &p.State) + delete(rawMsg, key) + case "url": + err = unpopulate(val, "URL", &p.URL) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PurviewAuditCheckRequirements. +func (p PurviewAuditCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindPurviewAudit + populate(objectMap, "properties", p.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PurviewAuditCheckRequirements. +func (p *PurviewAuditCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &p.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PurviewAuditCheckRequirementsProperties. +func (p PurviewAuditCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", p.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PurviewAuditCheckRequirementsProperties. +func (p *PurviewAuditCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &p.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PurviewAuditConnectorDataTypes. +func (p PurviewAuditConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logs", p.Logs) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PurviewAuditConnectorDataTypes. +func (p *PurviewAuditConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logs": + err = unpopulate(val, "Logs", &p.Logs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PurviewAuditConnectorDataTypesLogs. +func (p PurviewAuditConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", p.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PurviewAuditConnectorDataTypesLogs. +func (p *PurviewAuditConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &p.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PurviewAuditDataConnector. +func (p PurviewAuditDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", p.Etag) + populate(objectMap, "id", p.ID) + objectMap["kind"] = DataConnectorKindPurviewAudit + populate(objectMap, "name", p.Name) + populate(objectMap, "properties", p.Properties) + populate(objectMap, "systemData", p.SystemData) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PurviewAuditDataConnector. +func (p *PurviewAuditDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &p.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &p.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &p.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PurviewAuditDataConnectorProperties. +func (p PurviewAuditDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "connectorDefinitionName", p.ConnectorDefinitionName) + populate(objectMap, "dataTypes", p.DataTypes) + populate(objectMap, "dcrConfig", p.DcrConfig) + populate(objectMap, "sourceType", p.SourceType) + populate(objectMap, "tenantId", p.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PurviewAuditDataConnectorProperties. +func (p *PurviewAuditDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "connectorDefinitionName": + err = unpopulate(val, "ConnectorDefinitionName", &p.ConnectorDefinitionName) + delete(rawMsg, key) + case "dataTypes": + err = unpopulate(val, "DataTypes", &p.DataTypes) + delete(rawMsg, key) + case "dcrConfig": + err = unpopulate(val, "DcrConfig", &p.DcrConfig) + delete(rawMsg, key) + case "sourceType": + err = unpopulate(val, "SourceType", &p.SourceType) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &p.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Query. +func (q Query) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "condition", q.Condition) + populate(objectMap, "maxPageSize", q.MaxPageSize) + populate(objectMap, "minPageSize", q.MinPageSize) + populate(objectMap, "sortBy", q.SortBy) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Query. +func (q *Query) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "condition": + err = unpopulate(val, "Condition", &q.Condition) + delete(rawMsg, key) + case "maxPageSize": + err = unpopulate(val, "MaxPageSize", &q.MaxPageSize) + delete(rawMsg, key) + case "minPageSize": + err = unpopulate(val, "MinPageSize", &q.MinPageSize) + delete(rawMsg, key) + case "sortBy": + err = unpopulate(val, "SortBy", &q.SortBy) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type QueryCondition. +func (q QueryCondition) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "clauses", q.Clauses) + populate(objectMap, "conditionConnective", q.ConditionConnective) + populate(objectMap, "stixObjectType", q.StixObjectType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type QueryCondition. +func (q *QueryCondition) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "clauses": + err = unpopulate(val, "Clauses", &q.Clauses) + delete(rawMsg, key) + case "conditionConnective": + err = unpopulate(val, "ConditionConnective", &q.ConditionConnective) + delete(rawMsg, key) + case "stixObjectType": + err = unpopulate(val, "StixObjectType", &q.StixObjectType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type QueryProperties. +func (q QueryProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "condition", q.Condition) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type QueryProperties. +func (q *QueryProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "condition": + err = unpopulate(val, "Condition", &q.Condition) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type QuerySortBy. +func (q QuerySortBy) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "direction", q.Direction) + populate(objectMap, "field", q.Field) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type QuerySortBy. +func (q *QuerySortBy) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "direction": + err = unpopulate(val, "Direction", &q.Direction) + delete(rawMsg, key) + case "field": + err = unpopulate(val, "Field", &q.Field) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RFCConnector. +func (r RFCConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "abapServerHost", r.AbapServerHost) + populate(objectMap, "authenticationType", r.AuthenticationType) + populate(objectMap, "client", r.Client) + populate(objectMap, "codePage", r.CodePage) + populate(objectMap, "group", r.Group) + populate(objectMap, "messageServerHost", r.MessageServerHost) + populate(objectMap, "messageServerService", r.MessageServerService) + populate(objectMap, "sncQop", r.SncQop) + populate(objectMap, "systemId", r.SystemID) + populate(objectMap, "systemNumber", r.SystemNumber) + objectMap["type"] = SystemConfigurationConnectorTypeRFC + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RFCConnector. +func (r *RFCConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "abapServerHost": + err = unpopulate(val, "AbapServerHost", &r.AbapServerHost) + delete(rawMsg, key) + case "authenticationType": + err = unpopulate(val, "AuthenticationType", &r.AuthenticationType) + delete(rawMsg, key) + case "client": + err = unpopulate(val, "Client", &r.Client) + delete(rawMsg, key) + case "codePage": + err = unpopulate(val, "CodePage", &r.CodePage) + delete(rawMsg, key) + case "group": + err = unpopulate(val, "Group", &r.Group) + delete(rawMsg, key) + case "messageServerHost": + err = unpopulate(val, "MessageServerHost", &r.MessageServerHost) + delete(rawMsg, key) + case "messageServerService": + err = unpopulate(val, "MessageServerService", &r.MessageServerService) + delete(rawMsg, key) + case "sncQop": + err = unpopulate(val, "SncQop", &r.SncQop) + delete(rawMsg, key) + case "systemId": + err = unpopulate(val, "SystemID", &r.SystemID) + delete(rawMsg, key) + case "systemNumber": + err = unpopulate(val, "SystemNumber", &r.SystemNumber) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Recommendation. +func (r Recommendation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", r.Etag) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Recommendation. +func (r *Recommendation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &r.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecommendationList. +func (r RecommendationList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecommendationList. +func (r *RecommendationList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecommendationPatch. +func (r RecommendationPatch) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "properties", r.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecommendationPatch. +func (r *RecommendationPatch) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecommendationPatchProperties. +func (r RecommendationPatchProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", r.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecommendationPatchProperties. +func (r *RecommendationPatchProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &r.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecommendationProperties. +func (r RecommendationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalProperties", r.AdditionalProperties) + populateDateTimeRFC3339(objectMap, "creationTimeUtc", r.CreationTimeUTC) + populate(objectMap, "description", r.Description) + populateDateTimeRFC3339(objectMap, "lastEvaluatedTimeUtc", r.LastEvaluatedTimeUTC) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", r.LastModifiedTimeUTC) + populate(objectMap, "recommendationTypeId", r.RecommendationTypeID) + populate(objectMap, "resourceId", r.ResourceID) + populate(objectMap, "state", r.State) + populate(objectMap, "suggestions", r.Suggestions) + populate(objectMap, "title", r.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecommendationProperties. +func (r *RecommendationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalProperties": + err = unpopulate(val, "AdditionalProperties", &r.AdditionalProperties) + delete(rawMsg, key) + case "creationTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreationTimeUTC", &r.CreationTimeUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &r.Description) + delete(rawMsg, key) + case "lastEvaluatedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastEvaluatedTimeUTC", &r.LastEvaluatedTimeUTC) + delete(rawMsg, key) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &r.LastModifiedTimeUTC) + delete(rawMsg, key) + case "recommendationTypeId": + err = unpopulate(val, "RecommendationTypeID", &r.RecommendationTypeID) + delete(rawMsg, key) + case "resourceId": + err = unpopulate(val, "ResourceID", &r.ResourceID) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &r.State) + delete(rawMsg, key) + case "suggestions": + err = unpopulate(val, "Suggestions", &r.Suggestions) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &r.Title) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecommendedSuggestion. +func (r RecommendedSuggestion) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "action", r.Action) + populate(objectMap, "additionalProperties", r.AdditionalProperties) + populate(objectMap, "description", r.Description) + populate(objectMap, "suggestionTypeId", r.SuggestionTypeID) + populate(objectMap, "title", r.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecommendedSuggestion. +func (r *RecommendedSuggestion) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "action": + err = unpopulate(val, "Action", &r.Action) + delete(rawMsg, key) + case "additionalProperties": + err = unpopulate(val, "AdditionalProperties", &r.AdditionalProperties) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &r.Description) + delete(rawMsg, key) + case "suggestionTypeId": + err = unpopulate(val, "SuggestionTypeID", &r.SuggestionTypeID) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &r.Title) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ReevaluateResponse. +func (r ReevaluateResponse) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "lastEvaluatedTimeUtc", r.LastEvaluatedTimeUTC) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ReevaluateResponse. +func (r *ReevaluateResponse) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "lastEvaluatedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastEvaluatedTimeUTC", &r.LastEvaluatedTimeUTC) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RegistryKeyEntity. +func (r RegistryKeyEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + objectMap["kind"] = EntityKindEnumRegistryKey + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryKeyEntity. +func (r *RegistryKeyEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &r.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RegistryKeyEntityProperties. +func (r RegistryKeyEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", r.AdditionalData) + populate(objectMap, "friendlyName", r.FriendlyName) + populate(objectMap, "hive", r.Hive) + populate(objectMap, "key", r.Key) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryKeyEntityProperties. +func (r *RegistryKeyEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &r.AdditionalData) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &r.FriendlyName) + delete(rawMsg, key) + case "hive": + err = unpopulate(val, "Hive", &r.Hive) + delete(rawMsg, key) + case "key": + err = unpopulate(val, "Key", &r.Key) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RegistryValueEntity. +func (r RegistryValueEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + objectMap["kind"] = EntityKindEnumRegistryValue + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryValueEntity. +func (r *RegistryValueEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &r.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RegistryValueEntityProperties. +func (r RegistryValueEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", r.AdditionalData) + populate(objectMap, "friendlyName", r.FriendlyName) + populate(objectMap, "keyEntityId", r.KeyEntityID) + populate(objectMap, "valueData", r.ValueData) + populate(objectMap, "valueName", r.ValueName) + populate(objectMap, "valueType", r.ValueType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryValueEntityProperties. +func (r *RegistryValueEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &r.AdditionalData) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &r.FriendlyName) + delete(rawMsg, key) + case "keyEntityId": + err = unpopulate(val, "KeyEntityID", &r.KeyEntityID) + delete(rawMsg, key) + case "valueData": + err = unpopulate(val, "ValueData", &r.ValueData) + delete(rawMsg, key) + case "valueName": + err = unpopulate(val, "ValueName", &r.ValueName) + delete(rawMsg, key) + case "valueType": + err = unpopulate(val, "ValueType", &r.ValueType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Relation. +func (r Relation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", r.Etag) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Relation. +func (r *Relation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &r.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RelationList. +func (r RelationList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RelationList. +func (r *RelationList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RelationProperties. +func (r RelationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "relatedResourceId", r.RelatedResourceID) + populate(objectMap, "relatedResourceKind", r.RelatedResourceKind) + populate(objectMap, "relatedResourceName", r.RelatedResourceName) + populate(objectMap, "relatedResourceType", r.RelatedResourceType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RelationProperties. +func (r *RelationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "relatedResourceId": + err = unpopulate(val, "RelatedResourceID", &r.RelatedResourceID) + delete(rawMsg, key) + case "relatedResourceKind": + err = unpopulate(val, "RelatedResourceKind", &r.RelatedResourceKind) + delete(rawMsg, key) + case "relatedResourceName": + err = unpopulate(val, "RelatedResourceName", &r.RelatedResourceName) + delete(rawMsg, key) + case "relatedResourceType": + err = unpopulate(val, "RelatedResourceType", &r.RelatedResourceType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Relationship. +func (r Relationship) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + objectMap["kind"] = TIObjectKindRelationship + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Relationship. +func (r *Relationship) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &r.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RelationshipHint. +func (r RelationshipHint) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "fieldName", r.FieldName) + populate(objectMap, "source", r.Source) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RelationshipHint. +func (r *RelationshipHint) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "fieldName": + err = unpopulate(val, "FieldName", &r.FieldName) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &r.Source) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Repo. +func (r Repo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "branches", r.Branches) + populate(objectMap, "fullName", r.FullName) + populate(objectMap, "installationId", r.InstallationID) + populate(objectMap, "url", r.URL) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Repo. +func (r *Repo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "branches": + err = unpopulate(val, "Branches", &r.Branches) + delete(rawMsg, key) + case "fullName": + err = unpopulate(val, "FullName", &r.FullName) + delete(rawMsg, key) + case "installationId": + err = unpopulate(val, "InstallationID", &r.InstallationID) + delete(rawMsg, key) + case "url": + err = unpopulate(val, "URL", &r.URL) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RepoList. +func (r RepoList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RepoList. +func (r *RepoList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ReportActionStatusPayload. +func (r ReportActionStatusPayload) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "actionId", r.ActionID) + populate(objectMap, "actionStatus", r.ActionStatus) + populate(objectMap, "failureReason", r.FailureReason) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ReportActionStatusPayload. +func (r *ReportActionStatusPayload) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "actionId": + err = unpopulate(val, "ActionID", &r.ActionID) + delete(rawMsg, key) + case "actionStatus": + err = unpopulate(val, "ActionStatus", &r.ActionStatus) + delete(rawMsg, key) + case "failureReason": + err = unpopulate(val, "FailureReason", &r.FailureReason) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Repository. +func (r Repository) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "branch", r.Branch) + populate(objectMap, "deploymentLogsUrl", r.DeploymentLogsURL) + populate(objectMap, "displayUrl", r.DisplayURL) + populate(objectMap, "url", r.URL) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Repository. +func (r *Repository) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "branch": + err = unpopulate(val, "Branch", &r.Branch) + delete(rawMsg, key) + case "deploymentLogsUrl": + err = unpopulate(val, "DeploymentLogsURL", &r.DeploymentLogsURL) + delete(rawMsg, key) + case "displayUrl": + err = unpopulate(val, "DisplayURL", &r.DisplayURL) + delete(rawMsg, key) + case "url": + err = unpopulate(val, "URL", &r.URL) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RepositoryAccess. +func (r RepositoryAccess) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "clientId", r.ClientID) + populate(objectMap, "code", r.Code) + populate(objectMap, "installationId", r.InstallationID) + populate(objectMap, "kind", r.Kind) + populate(objectMap, "state", r.State) + populate(objectMap, "token", r.Token) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RepositoryAccess. +func (r *RepositoryAccess) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "clientId": + err = unpopulate(val, "ClientID", &r.ClientID) + delete(rawMsg, key) + case "code": + err = unpopulate(val, "Code", &r.Code) + delete(rawMsg, key) + case "installationId": + err = unpopulate(val, "InstallationID", &r.InstallationID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &r.Kind) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &r.State) + delete(rawMsg, key) + case "token": + err = unpopulate(val, "Token", &r.Token) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RepositoryAccessObject. +func (r RepositoryAccessObject) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "repositoryAccess", r.RepositoryAccess) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RepositoryAccessObject. +func (r *RepositoryAccessObject) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "repositoryAccess": + err = unpopulate(val, "RepositoryAccess", &r.RepositoryAccess) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RepositoryAccessProperties. +func (r RepositoryAccessProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "properties", r.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RepositoryAccessProperties. +func (r *RepositoryAccessProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RepositoryResourceInfo. +func (r RepositoryResourceInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "azureDevOpsResourceInfo", r.AzureDevOpsResourceInfo) + populate(objectMap, "gitHubResourceInfo", r.GitHubResourceInfo) + populate(objectMap, "webhook", r.Webhook) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RepositoryResourceInfo. +func (r *RepositoryResourceInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "azureDevOpsResourceInfo": + err = unpopulate(val, "AzureDevOpsResourceInfo", &r.AzureDevOpsResourceInfo) + delete(rawMsg, key) + case "gitHubResourceInfo": + err = unpopulate(val, "GitHubResourceInfo", &r.GitHubResourceInfo) + delete(rawMsg, key) + case "webhook": + err = unpopulate(val, "Webhook", &r.Webhook) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RequiredPermissions. +func (r RequiredPermissions) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "action", r.Action) + populate(objectMap, "delete", r.Delete) + populate(objectMap, "read", r.Read) + populate(objectMap, "write", r.Write) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RequiredPermissions. +func (r *RequiredPermissions) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "action": + err = unpopulate(val, "Action", &r.Action) + delete(rawMsg, key) + case "delete": + err = unpopulate(val, "Delete", &r.Delete) + delete(rawMsg, key) + case "read": + err = unpopulate(val, "Read", &r.Read) + delete(rawMsg, key) + case "write": + err = unpopulate(val, "Write", &r.Write) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ResourceProviderRequiredPermissions. +func (r ResourceProviderRequiredPermissions) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "action", r.Action) + populate(objectMap, "delete", r.Delete) + populate(objectMap, "read", r.Read) + populate(objectMap, "write", r.Write) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ResourceProviderRequiredPermissions. +func (r *ResourceProviderRequiredPermissions) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "action": + err = unpopulate(val, "Action", &r.Action) + delete(rawMsg, key) + case "delete": + err = unpopulate(val, "Delete", &r.Delete) + delete(rawMsg, key) + case "read": + err = unpopulate(val, "Read", &r.Read) + delete(rawMsg, key) + case "write": + err = unpopulate(val, "Write", &r.Write) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RestAPIPollerDataConnector. +func (r RestAPIPollerDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", r.Etag) + populate(objectMap, "id", r.ID) + objectMap["kind"] = DataConnectorKindRestAPIPoller + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RestAPIPollerDataConnector. +func (r *RestAPIPollerDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &r.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &r.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RestAPIPollerDataConnectorProperties. +func (r RestAPIPollerDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "addOnAttributes", r.AddOnAttributes) + populate(objectMap, "auth", r.Auth) + populate(objectMap, "connectorDefinitionName", r.ConnectorDefinitionName) + populate(objectMap, "dataType", r.DataType) + populate(objectMap, "dcrConfig", r.DcrConfig) + populate(objectMap, "isActive", r.IsActive) + populate(objectMap, "paging", r.Paging) + populate(objectMap, "request", r.Request) + populate(objectMap, "response", r.Response) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RestAPIPollerDataConnectorProperties. +func (r *RestAPIPollerDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "addOnAttributes": + err = unpopulate(val, "AddOnAttributes", &r.AddOnAttributes) + delete(rawMsg, key) + case "auth": + r.Auth, err = unmarshalCcpAuthConfigClassification(val) + delete(rawMsg, key) + case "connectorDefinitionName": + err = unpopulate(val, "ConnectorDefinitionName", &r.ConnectorDefinitionName) + delete(rawMsg, key) + case "dataType": + err = unpopulate(val, "DataType", &r.DataType) + delete(rawMsg, key) + case "dcrConfig": + err = unpopulate(val, "DcrConfig", &r.DcrConfig) + delete(rawMsg, key) + case "isActive": + err = unpopulate(val, "IsActive", &r.IsActive) + delete(rawMsg, key) + case "paging": + err = unpopulate(val, "Paging", &r.Paging) + delete(rawMsg, key) + case "request": + err = unpopulate(val, "Request", &r.Request) + delete(rawMsg, key) + case "response": + err = unpopulate(val, "Response", &r.Response) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RestAPIPollerRequestConfig. +func (r RestAPIPollerRequestConfig) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "apiEndpoint", r.APIEndpoint) + populate(objectMap, "endTimeAttributeName", r.EndTimeAttributeName) + populate(objectMap, "httpMethod", r.HTTPMethod) + populate(objectMap, "headers", r.Headers) + populate(objectMap, "isPostPayloadJson", r.IsPostPayloadJSON) + populate(objectMap, "queryParameters", r.QueryParameters) + populate(objectMap, "queryParametersTemplate", r.QueryParametersTemplate) + populate(objectMap, "queryTimeFormat", r.QueryTimeFormat) + populate(objectMap, "queryTimeIntervalAttributeName", r.QueryTimeIntervalAttributeName) + populate(objectMap, "queryTimeIntervalDelimiter", r.QueryTimeIntervalDelimiter) + populate(objectMap, "queryTimeIntervalPrepend", r.QueryTimeIntervalPrepend) + populate(objectMap, "queryWindowInMin", r.QueryWindowInMin) + populate(objectMap, "rateLimitQPS", r.RateLimitQPS) + populate(objectMap, "retryCount", r.RetryCount) + populate(objectMap, "startTimeAttributeName", r.StartTimeAttributeName) + populate(objectMap, "timeoutInSeconds", r.TimeoutInSeconds) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RestAPIPollerRequestConfig. +func (r *RestAPIPollerRequestConfig) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "apiEndpoint": + err = unpopulate(val, "APIEndpoint", &r.APIEndpoint) + delete(rawMsg, key) + case "endTimeAttributeName": + err = unpopulate(val, "EndTimeAttributeName", &r.EndTimeAttributeName) + delete(rawMsg, key) + case "httpMethod": + err = unpopulate(val, "HTTPMethod", &r.HTTPMethod) + delete(rawMsg, key) + case "headers": + err = unpopulate(val, "Headers", &r.Headers) + delete(rawMsg, key) + case "isPostPayloadJson": + err = unpopulate(val, "IsPostPayloadJSON", &r.IsPostPayloadJSON) + delete(rawMsg, key) + case "queryParameters": + err = unpopulate(val, "QueryParameters", &r.QueryParameters) + delete(rawMsg, key) + case "queryParametersTemplate": + err = unpopulate(val, "QueryParametersTemplate", &r.QueryParametersTemplate) + delete(rawMsg, key) + case "queryTimeFormat": + err = unpopulate(val, "QueryTimeFormat", &r.QueryTimeFormat) + delete(rawMsg, key) + case "queryTimeIntervalAttributeName": + err = unpopulate(val, "QueryTimeIntervalAttributeName", &r.QueryTimeIntervalAttributeName) + delete(rawMsg, key) + case "queryTimeIntervalDelimiter": + err = unpopulate(val, "QueryTimeIntervalDelimiter", &r.QueryTimeIntervalDelimiter) + delete(rawMsg, key) + case "queryTimeIntervalPrepend": + err = unpopulate(val, "QueryTimeIntervalPrepend", &r.QueryTimeIntervalPrepend) + delete(rawMsg, key) + case "queryWindowInMin": + err = unpopulate(val, "QueryWindowInMin", &r.QueryWindowInMin) + delete(rawMsg, key) + case "rateLimitQPS": + err = unpopulate(val, "RateLimitQPS", &r.RateLimitQPS) + delete(rawMsg, key) + case "retryCount": + err = unpopulate(val, "RetryCount", &r.RetryCount) + delete(rawMsg, key) + case "startTimeAttributeName": + err = unpopulate(val, "StartTimeAttributeName", &r.StartTimeAttributeName) + delete(rawMsg, key) + case "timeoutInSeconds": + err = unpopulate(val, "TimeoutInSeconds", &r.TimeoutInSeconds) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RestAPIPollerRequestPagingConfig. +func (r RestAPIPollerRequestPagingConfig) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "pageSize", r.PageSize) + populate(objectMap, "pageSizeParameterName", r.PageSizeParameterName) + populate(objectMap, "pagingType", r.PagingType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RestAPIPollerRequestPagingConfig. +func (r *RestAPIPollerRequestPagingConfig) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "pageSize": + err = unpopulate(val, "PageSize", &r.PageSize) + delete(rawMsg, key) + case "pageSizeParameterName": + err = unpopulate(val, "PageSizeParameterName", &r.PageSizeParameterName) + delete(rawMsg, key) + case "pagingType": + err = unpopulate(val, "PagingType", &r.PagingType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SapAgentConfiguration. +func (s SapAgentConfiguration) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "agentContainerName", s.AgentContainerName) + populate(objectMap, "keyVaultAuthenticationMode", s.KeyVaultAuthenticationMode) + populate(objectMap, "keyVaultResourceId", s.KeyVaultResourceID) + populate(objectMap, "sdkPath", s.SdkPath) + populate(objectMap, "secretSource", s.SecretSource) + populate(objectMap, "sncPath", s.SncPath) + objectMap["type"] = AgentTypeSAP + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SapAgentConfiguration. +func (s *SapAgentConfiguration) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "agentContainerName": + err = unpopulate(val, "AgentContainerName", &s.AgentContainerName) + delete(rawMsg, key) + case "keyVaultAuthenticationMode": + err = unpopulate(val, "KeyVaultAuthenticationMode", &s.KeyVaultAuthenticationMode) + delete(rawMsg, key) + case "keyVaultResourceId": + err = unpopulate(val, "KeyVaultResourceID", &s.KeyVaultResourceID) + delete(rawMsg, key) + case "sdkPath": + err = unpopulate(val, "SdkPath", &s.SdkPath) + delete(rawMsg, key) + case "secretSource": + err = unpopulate(val, "SecretSource", &s.SecretSource) + delete(rawMsg, key) + case "sncPath": + err = unpopulate(val, "SncPath", &s.SncPath) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SapControlConnector. +func (s SapControlConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "httpsConfiguration", s.HTTPSConfiguration) + populate(objectMap, "instance", s.Instance) + populate(objectMap, "port", s.Port) + populate(objectMap, "server", s.Server) + populate(objectMap, "timezone", s.Timezone) + objectMap["type"] = SystemConfigurationConnectorTypeSapControl + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SapControlConnector. +func (s *SapControlConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "httpsConfiguration": + err = unpopulate(val, "HTTPSConfiguration", &s.HTTPSConfiguration) + delete(rawMsg, key) + case "instance": + err = unpopulate(val, "Instance", &s.Instance) + delete(rawMsg, key) + case "port": + err = unpopulate(val, "Port", &s.Port) + delete(rawMsg, key) + case "server": + err = unpopulate(val, "Server", &s.Server) + delete(rawMsg, key) + case "timezone": + err = unpopulate(val, "Timezone", &s.Timezone) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SapSolutionUsageStatistic. +func (s SapSolutionUsageStatistic) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + objectMap["kind"] = BillingStatisticKindSapSolutionUsage + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SapSolutionUsageStatistic. +func (s *SapSolutionUsageStatistic) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &s.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SapSolutionUsageStatisticProperties. +func (s SapSolutionUsageStatisticProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "activeSystemIdCount", s.ActiveSystemIDCount) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SapSolutionUsageStatisticProperties. +func (s *SapSolutionUsageStatisticProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "activeSystemIdCount": + err = unpopulate(val, "ActiveSystemIDCount", &s.ActiveSystemIDCount) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SapSystemsConfiguration. +func (s SapSystemsConfiguration) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "azureResourceId", s.AzureResourceID) + populate(objectMap, "connector", s.Connector) + populate(objectMap, "logs", s.Logs) + objectMap["type"] = ConfigurationTypeSAP + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SapSystemsConfiguration. +func (s *SapSystemsConfiguration) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "azureResourceId": + err = unpopulate(val, "AzureResourceID", &s.AzureResourceID) + delete(rawMsg, key) + case "connector": + s.Connector, err = unmarshalSystemsConfigurationConnectorClassification(val) + delete(rawMsg, key) + case "logs": + err = unpopulate(val, "Logs", &s.Logs) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRule. +func (s ScheduledAlertRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + objectMap["kind"] = AlertRuleKindScheduled + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRule. +func (s *ScheduledAlertRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &s.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleProperties. +func (s ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertDetailsOverride", s.AlertDetailsOverride) + populate(objectMap, "alertRuleTemplateName", s.AlertRuleTemplateName) + populate(objectMap, "customDetails", s.CustomDetails) + populate(objectMap, "description", s.Description) + populate(objectMap, "displayName", s.DisplayName) + populate(objectMap, "enabled", s.Enabled) + populate(objectMap, "entityMappings", s.EntityMappings) + populate(objectMap, "eventGroupingSettings", s.EventGroupingSettings) + populate(objectMap, "incidentConfiguration", s.IncidentConfiguration) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", s.LastModifiedUTC) + populate(objectMap, "query", s.Query) + populate(objectMap, "queryFrequency", s.QueryFrequency) + populate(objectMap, "queryPeriod", s.QueryPeriod) + populate(objectMap, "sentinelEntitiesMappings", s.SentinelEntitiesMappings) + populate(objectMap, "severity", s.Severity) + populate(objectMap, "subTechniques", s.SubTechniques) + populate(objectMap, "suppressionDuration", s.SuppressionDuration) + populate(objectMap, "suppressionEnabled", s.SuppressionEnabled) + populate(objectMap, "tactics", s.Tactics) + populate(objectMap, "techniques", s.Techniques) + populate(objectMap, "templateVersion", s.TemplateVersion) + populate(objectMap, "triggerOperator", s.TriggerOperator) + populate(objectMap, "triggerThreshold", s.TriggerThreshold) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleProperties. +func (s *ScheduledAlertRuleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertDetailsOverride": + err = unpopulate(val, "AlertDetailsOverride", &s.AlertDetailsOverride) + delete(rawMsg, key) + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &s.AlertRuleTemplateName) + delete(rawMsg, key) + case "customDetails": + err = unpopulate(val, "CustomDetails", &s.CustomDetails) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &s.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &s.DisplayName) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &s.Enabled) + delete(rawMsg, key) + case "entityMappings": + err = unpopulate(val, "EntityMappings", &s.EntityMappings) + delete(rawMsg, key) + case "eventGroupingSettings": + err = unpopulate(val, "EventGroupingSettings", &s.EventGroupingSettings) + delete(rawMsg, key) + case "incidentConfiguration": + err = unpopulate(val, "IncidentConfiguration", &s.IncidentConfiguration) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &s.LastModifiedUTC) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &s.Query) + delete(rawMsg, key) + case "queryFrequency": + err = unpopulate(val, "QueryFrequency", &s.QueryFrequency) + delete(rawMsg, key) + case "queryPeriod": + err = unpopulate(val, "QueryPeriod", &s.QueryPeriod) + delete(rawMsg, key) + case "sentinelEntitiesMappings": + err = unpopulate(val, "SentinelEntitiesMappings", &s.SentinelEntitiesMappings) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &s.Severity) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &s.SubTechniques) + delete(rawMsg, key) + case "suppressionDuration": + err = unpopulate(val, "SuppressionDuration", &s.SuppressionDuration) + delete(rawMsg, key) + case "suppressionEnabled": + err = unpopulate(val, "SuppressionEnabled", &s.SuppressionEnabled) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &s.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &s.Techniques) + delete(rawMsg, key) + case "templateVersion": + err = unpopulate(val, "TemplateVersion", &s.TemplateVersion) + delete(rawMsg, key) + case "triggerOperator": + err = unpopulate(val, "TriggerOperator", &s.TriggerOperator) + delete(rawMsg, key) + case "triggerThreshold": + err = unpopulate(val, "TriggerThreshold", &s.TriggerThreshold) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleTemplate. +func (s ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", s.ID) + objectMap["kind"] = AlertRuleKindScheduled + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleTemplate. +func (s *ScheduledAlertRuleTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleTemplateProperties. +func (s ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertDetailsOverride", s.AlertDetailsOverride) + populate(objectMap, "alertRulesCreatedByTemplateCount", s.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", s.CreatedDateUTC) + populate(objectMap, "customDetails", s.CustomDetails) + populate(objectMap, "description", s.Description) + populate(objectMap, "displayName", s.DisplayName) + populate(objectMap, "entityMappings", s.EntityMappings) + populate(objectMap, "eventGroupingSettings", s.EventGroupingSettings) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", s.LastUpdatedDateUTC) + populate(objectMap, "query", s.Query) + populate(objectMap, "queryFrequency", s.QueryFrequency) + populate(objectMap, "queryPeriod", s.QueryPeriod) + populate(objectMap, "requiredDataConnectors", s.RequiredDataConnectors) + populate(objectMap, "sentinelEntitiesMappings", s.SentinelEntitiesMappings) + populate(objectMap, "severity", s.Severity) + populate(objectMap, "status", s.Status) + populate(objectMap, "subTechniques", s.SubTechniques) + populate(objectMap, "tactics", s.Tactics) + populate(objectMap, "techniques", s.Techniques) + populate(objectMap, "triggerOperator", s.TriggerOperator) + populate(objectMap, "triggerThreshold", s.TriggerThreshold) + populate(objectMap, "version", s.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleTemplateProperties. +func (s *ScheduledAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertDetailsOverride": + err = unpopulate(val, "AlertDetailsOverride", &s.AlertDetailsOverride) + delete(rawMsg, key) + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &s.AlertRulesCreatedByTemplateCount) + delete(rawMsg, key) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &s.CreatedDateUTC) + delete(rawMsg, key) + case "customDetails": + err = unpopulate(val, "CustomDetails", &s.CustomDetails) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &s.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &s.DisplayName) + delete(rawMsg, key) + case "entityMappings": + err = unpopulate(val, "EntityMappings", &s.EntityMappings) + delete(rawMsg, key) + case "eventGroupingSettings": + err = unpopulate(val, "EventGroupingSettings", &s.EventGroupingSettings) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &s.LastUpdatedDateUTC) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &s.Query) + delete(rawMsg, key) + case "queryFrequency": + err = unpopulate(val, "QueryFrequency", &s.QueryFrequency) + delete(rawMsg, key) + case "queryPeriod": + err = unpopulate(val, "QueryPeriod", &s.QueryPeriod) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &s.RequiredDataConnectors) + delete(rawMsg, key) + case "sentinelEntitiesMappings": + err = unpopulate(val, "SentinelEntitiesMappings", &s.SentinelEntitiesMappings) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &s.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &s.Status) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &s.SubTechniques) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &s.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &s.Techniques) + delete(rawMsg, key) + case "triggerOperator": + err = unpopulate(val, "TriggerOperator", &s.TriggerOperator) + delete(rawMsg, key) + case "triggerThreshold": + err = unpopulate(val, "TriggerThreshold", &s.TriggerThreshold) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &s.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityAlert. +func (s SecurityAlert) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", s.ID) + objectMap["kind"] = EntityKindEnumSecurityAlert + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlert. +func (s *SecurityAlert) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityAlertProperties. +func (s SecurityAlertProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", s.AdditionalData) + populate(objectMap, "alertDisplayName", s.AlertDisplayName) + populate(objectMap, "alertLink", s.AlertLink) + populate(objectMap, "alertType", s.AlertType) + populate(objectMap, "compromisedEntity", s.CompromisedEntity) + populate(objectMap, "confidenceLevel", s.ConfidenceLevel) + populate(objectMap, "confidenceReasons", s.ConfidenceReasons) + populate(objectMap, "confidenceScore", s.ConfidenceScore) + populate(objectMap, "confidenceScoreStatus", s.ConfidenceScoreStatus) + populate(objectMap, "description", s.Description) + populateDateTimeRFC3339(objectMap, "endTimeUtc", s.EndTimeUTC) + populate(objectMap, "friendlyName", s.FriendlyName) + populate(objectMap, "intent", s.Intent) + populateDateTimeRFC3339(objectMap, "processingEndTime", s.ProcessingEndTime) + populate(objectMap, "productComponentName", s.ProductComponentName) + populate(objectMap, "productName", s.ProductName) + populate(objectMap, "productVersion", s.ProductVersion) + populate(objectMap, "providerAlertId", s.ProviderAlertID) + populate(objectMap, "remediationSteps", s.RemediationSteps) + populate(objectMap, "resourceIdentifiers", s.ResourceIdentifiers) + populate(objectMap, "severity", s.Severity) + populateDateTimeRFC3339(objectMap, "startTimeUtc", s.StartTimeUTC) + populate(objectMap, "status", s.Status) + populate(objectMap, "systemAlertId", s.SystemAlertID) + populate(objectMap, "tactics", s.Tactics) + populateDateTimeRFC3339(objectMap, "timeGenerated", s.TimeGenerated) + populate(objectMap, "vendorName", s.VendorName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertProperties. +func (s *SecurityAlertProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &s.AdditionalData) + delete(rawMsg, key) + case "alertDisplayName": + err = unpopulate(val, "AlertDisplayName", &s.AlertDisplayName) + delete(rawMsg, key) + case "alertLink": + err = unpopulate(val, "AlertLink", &s.AlertLink) + delete(rawMsg, key) + case "alertType": + err = unpopulate(val, "AlertType", &s.AlertType) + delete(rawMsg, key) + case "compromisedEntity": + err = unpopulate(val, "CompromisedEntity", &s.CompromisedEntity) + delete(rawMsg, key) + case "confidenceLevel": + err = unpopulate(val, "ConfidenceLevel", &s.ConfidenceLevel) + delete(rawMsg, key) + case "confidenceReasons": + err = unpopulate(val, "ConfidenceReasons", &s.ConfidenceReasons) + delete(rawMsg, key) + case "confidenceScore": + err = unpopulate(val, "ConfidenceScore", &s.ConfidenceScore) + delete(rawMsg, key) + case "confidenceScoreStatus": + err = unpopulate(val, "ConfidenceScoreStatus", &s.ConfidenceScoreStatus) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &s.Description) + delete(rawMsg, key) + case "endTimeUtc": + err = unpopulateDateTimeRFC3339(val, "EndTimeUTC", &s.EndTimeUTC) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &s.FriendlyName) + delete(rawMsg, key) + case "intent": + err = unpopulate(val, "Intent", &s.Intent) + delete(rawMsg, key) + case "processingEndTime": + err = unpopulateDateTimeRFC3339(val, "ProcessingEndTime", &s.ProcessingEndTime) + delete(rawMsg, key) + case "productComponentName": + err = unpopulate(val, "ProductComponentName", &s.ProductComponentName) + delete(rawMsg, key) + case "productName": + err = unpopulate(val, "ProductName", &s.ProductName) + delete(rawMsg, key) + case "productVersion": + err = unpopulate(val, "ProductVersion", &s.ProductVersion) + delete(rawMsg, key) + case "providerAlertId": + err = unpopulate(val, "ProviderAlertID", &s.ProviderAlertID) + delete(rawMsg, key) + case "remediationSteps": + err = unpopulate(val, "RemediationSteps", &s.RemediationSteps) + delete(rawMsg, key) + case "resourceIdentifiers": + err = unpopulate(val, "ResourceIdentifiers", &s.ResourceIdentifiers) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &s.Severity) + delete(rawMsg, key) + case "startTimeUtc": + err = unpopulateDateTimeRFC3339(val, "StartTimeUTC", &s.StartTimeUTC) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &s.Status) + delete(rawMsg, key) + case "systemAlertId": + err = unpopulate(val, "SystemAlertID", &s.SystemAlertID) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &s.Tactics) + delete(rawMsg, key) + case "timeGenerated": + err = unpopulateDateTimeRFC3339(val, "TimeGenerated", &s.TimeGenerated) + delete(rawMsg, key) + case "vendorName": + err = unpopulate(val, "VendorName", &s.VendorName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIConnectorDataTypesLogs. -func (o OfficePowerBIConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SecurityAlertPropertiesConfidenceReasonsItem. +func (s SecurityAlertPropertiesConfidenceReasonsItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", o.State) + populate(objectMap, "reason", s.Reason) + populate(objectMap, "reasonType", s.ReasonType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIConnectorDataTypesLogs. -func (o *OfficePowerBIConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertPropertiesConfidenceReasonsItem. +func (s *SecurityAlertPropertiesConfidenceReasonsItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &o.State) + case "reason": + err = unpopulate(val, "Reason", &s.Reason) + delete(rawMsg, key) + case "reasonType": + err = unpopulate(val, "ReasonType", &s.ReasonType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIDataConnector. -func (o OfficePowerBIDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SecurityAlertTimelineItem. +func (s SecurityAlertTimelineItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", o.Etag) - populate(objectMap, "id", o.ID) - objectMap["kind"] = DataConnectorKindOfficePowerBI - populate(objectMap, "name", o.Name) - populate(objectMap, "properties", o.Properties) - populate(objectMap, "systemData", o.SystemData) - populate(objectMap, "type", o.Type) + populate(objectMap, "alertType", s.AlertType) + populate(objectMap, "azureResourceId", s.AzureResourceID) + populate(objectMap, "description", s.Description) + populate(objectMap, "displayName", s.DisplayName) + populateDateTimeRFC3339(objectMap, "endTimeUtc", s.EndTimeUTC) + populate(objectMap, "intent", s.Intent) + objectMap["kind"] = EntityTimelineKindSecurityAlert + populate(objectMap, "productName", s.ProductName) + populate(objectMap, "severity", s.Severity) + populateDateTimeRFC3339(objectMap, "startTimeUtc", s.StartTimeUTC) + populate(objectMap, "techniques", s.Techniques) + populateDateTimeRFC3339(objectMap, "timeGenerated", s.TimeGenerated) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIDataConnector. -func (o *OfficePowerBIDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertTimelineItem. +func (s *SecurityAlertTimelineItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &o.Etag) + case "alertType": + err = unpopulate(val, "AlertType", &s.AlertType) delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &o.ID) + case "azureResourceId": + err = unpopulate(val, "AzureResourceID", &s.AzureResourceID) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &s.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &s.DisplayName) + delete(rawMsg, key) + case "endTimeUtc": + err = unpopulateDateTimeRFC3339(val, "EndTimeUTC", &s.EndTimeUTC) + delete(rawMsg, key) + case "intent": + err = unpopulate(val, "Intent", &s.Intent) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &o.Kind) + err = unpopulate(val, "Kind", &s.Kind) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &o.Name) + case "productName": + err = unpopulate(val, "ProductName", &s.ProductName) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &o.Properties) + case "severity": + err = unpopulate(val, "Severity", &s.Severity) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &o.SystemData) + case "startTimeUtc": + err = unpopulateDateTimeRFC3339(val, "StartTimeUTC", &s.StartTimeUTC) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &o.Type) + case "techniques": + err = unpopulate(val, "Techniques", &s.Techniques) + delete(rawMsg, key) + case "timeGenerated": + err = unpopulateDateTimeRFC3339(val, "TimeGenerated", &s.TimeGenerated) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIDataConnectorProperties. -func (o OfficePowerBIDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SecurityGroupEntity. +func (s SecurityGroupEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", o.DataTypes) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "id", s.ID) + objectMap["kind"] = EntityKindEnumSecurityGroup + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIDataConnectorProperties. -func (o *OfficePowerBIDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityGroupEntity. +func (s *SecurityGroupEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &o.DataTypes) + case "id": + err = unpopulate(val, "ID", &s.ID) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Operation. -func (o Operation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SecurityGroupEntityProperties. +func (s SecurityGroupEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "display", o.Display) - populate(objectMap, "isDataAction", o.IsDataAction) - populate(objectMap, "name", o.Name) - populate(objectMap, "origin", o.Origin) + populate(objectMap, "additionalData", s.AdditionalData) + populate(objectMap, "distinguishedName", s.DistinguishedName) + populate(objectMap, "friendlyName", s.FriendlyName) + populate(objectMap, "objectGuid", s.ObjectGUID) + populate(objectMap, "sid", s.Sid) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Operation. -func (o *Operation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityGroupEntityProperties. +func (s *SecurityGroupEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "display": - err = unpopulate(val, "Display", &o.Display) + case "additionalData": + err = unpopulate(val, "AdditionalData", &s.AdditionalData) delete(rawMsg, key) - case "isDataAction": - err = unpopulate(val, "IsDataAction", &o.IsDataAction) + case "distinguishedName": + err = unpopulate(val, "DistinguishedName", &s.DistinguishedName) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &o.Name) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &s.FriendlyName) delete(rawMsg, key) - case "origin": - err = unpopulate(val, "Origin", &o.Origin) + case "objectGuid": + err = unpopulate(val, "ObjectGUID", &s.ObjectGUID) + delete(rawMsg, key) + case "sid": + err = unpopulate(val, "Sid", &s.Sid) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OperationDisplay. -func (o OperationDisplay) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SecurityMLAnalyticsSetting. +func (s SecurityMLAnalyticsSetting) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "description", o.Description) - populate(objectMap, "operation", o.Operation) - populate(objectMap, "provider", o.Provider) - populate(objectMap, "resource", o.Resource) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + objectMap["kind"] = s.Kind + populate(objectMap, "name", s.Name) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OperationDisplay. -func (o *OperationDisplay) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSetting. +func (s *SecurityMLAnalyticsSetting) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "description": - err = unpopulate(val, "Description", &o.Description) + case "etag": + err = unpopulate(val, "Etag", &s.Etag) delete(rawMsg, key) - case "operation": - err = unpopulate(val, "Operation", &o.Operation) + case "id": + err = unpopulate(val, "ID", &s.ID) delete(rawMsg, key) - case "provider": - err = unpopulate(val, "Provider", &o.Provider) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) delete(rawMsg, key) - case "resource": - err = unpopulate(val, "Resource", &o.Resource) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OperationsList. -func (o OperationsList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SecurityMLAnalyticsSettingsDataSource. +func (s SecurityMLAnalyticsSettingsDataSource) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", o.NextLink) - populate(objectMap, "value", o.Value) + populate(objectMap, "connectorId", s.ConnectorID) + populate(objectMap, "dataTypes", s.DataTypes) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OperationsList. -func (o *OperationsList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsDataSource. +func (s *SecurityMLAnalyticsSettingsDataSource) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &o.NextLink) + case "connectorId": + err = unpopulate(val, "ConnectorID", &s.ConnectorID) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &o.Value) + case "dataTypes": + err = unpopulate(val, "DataTypes", &s.DataTypes) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Permissions. -func (p Permissions) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SecurityMLAnalyticsSettingsList. +func (s SecurityMLAnalyticsSettingsList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "customs", p.Customs) - populate(objectMap, "resourceProvider", p.ResourceProvider) + populate(objectMap, "nextLink", s.NextLink) + populate(objectMap, "value", s.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Permissions. -func (p *Permissions) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsList. +func (s *SecurityMLAnalyticsSettingsList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "customs": - err = unpopulate(val, "Customs", &p.Customs) + case "nextLink": + err = unpopulate(val, "NextLink", &s.NextLink) delete(rawMsg, key) - case "resourceProvider": - err = unpopulate(val, "ResourceProvider", &p.ResourceProvider) + case "value": + s.Value, err = unmarshalSecurityMLAnalyticsSettingClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type PermissionsCustomsItem. -func (p PermissionsCustomsItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SentinelEntityMapping. +func (s SentinelEntityMapping) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "description", p.Description) - populate(objectMap, "name", p.Name) + populate(objectMap, "columnName", s.ColumnName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type PermissionsCustomsItem. -func (p *PermissionsCustomsItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelEntityMapping. +func (s *SentinelEntityMapping) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "description": - err = unpopulate(val, "Description", &p.Description) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &p.Name) + case "columnName": + err = unpopulate(val, "ColumnName", &s.ColumnName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type PermissionsResourceProviderItem. -func (p PermissionsResourceProviderItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingState. +func (s SentinelOnboardingState) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "permissionsDisplayText", p.PermissionsDisplayText) - populate(objectMap, "provider", p.Provider) - populate(objectMap, "providerDisplayName", p.ProviderDisplayName) - populate(objectMap, "requiredPermissions", p.RequiredPermissions) - populate(objectMap, "scope", p.Scope) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type PermissionsResourceProviderItem. -func (p *PermissionsResourceProviderItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingState. +func (s *SentinelOnboardingState) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "permissionsDisplayText": - err = unpopulate(val, "PermissionsDisplayText", &p.PermissionsDisplayText) + case "etag": + err = unpopulate(val, "Etag", &s.Etag) delete(rawMsg, key) - case "provider": - err = unpopulate(val, "Provider", &p.Provider) + case "id": + err = unpopulate(val, "ID", &s.ID) delete(rawMsg, key) - case "providerDisplayName": - err = unpopulate(val, "ProviderDisplayName", &p.ProviderDisplayName) + case "name": + err = unpopulate(val, "Name", &s.Name) delete(rawMsg, key) - case "requiredPermissions": - err = unpopulate(val, "RequiredPermissions", &p.RequiredPermissions) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) delete(rawMsg, key) - case "scope": - err = unpopulate(val, "Scope", &p.Scope) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type PlaybookActionProperties. -func (p PlaybookActionProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingStateProperties. +func (s SentinelOnboardingStateProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "logicAppResourceId", p.LogicAppResourceID) - populate(objectMap, "tenantId", p.TenantID) + populate(objectMap, "customerManagedKey", s.CustomerManagedKey) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type PlaybookActionProperties. -func (p *PlaybookActionProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingStateProperties. +func (s *SentinelOnboardingStateProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "logicAppResourceId": - err = unpopulate(val, "LogicAppResourceID", &p.LogicAppResourceID) - delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &p.TenantID) + case "customerManagedKey": + err = unpopulate(val, "CustomerManagedKey", &s.CustomerManagedKey) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ProcessEntity. -func (p ProcessEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingStatesList. +func (s SentinelOnboardingStatesList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", p.ID) - objectMap["kind"] = EntityKindProcess - populate(objectMap, "name", p.Name) - populate(objectMap, "properties", p.Properties) - populate(objectMap, "systemData", p.SystemData) - populate(objectMap, "type", p.Type) + populate(objectMap, "value", s.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ProcessEntity. -func (p *ProcessEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingStatesList. +func (s *SentinelOnboardingStatesList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &p.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &p.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &p.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &p.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &p.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &p.Type) + case "value": + err = unpopulate(val, "Value", &s.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ProcessEntityProperties. -func (p ProcessEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ServicePrincipal. +func (s ServicePrincipal) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "accountEntityId", p.AccountEntityID) - populate(objectMap, "additionalData", p.AdditionalData) - populate(objectMap, "commandLine", p.CommandLine) - populateDateTimeRFC3339(objectMap, "creationTimeUtc", p.CreationTimeUTC) - populate(objectMap, "elevationToken", p.ElevationToken) - populate(objectMap, "friendlyName", p.FriendlyName) - populate(objectMap, "hostEntityId", p.HostEntityID) - populate(objectMap, "hostLogonSessionEntityId", p.HostLogonSessionEntityID) - populate(objectMap, "imageFileEntityId", p.ImageFileEntityID) - populate(objectMap, "parentProcessEntityId", p.ParentProcessEntityID) - populate(objectMap, "processId", p.ProcessID) + populate(objectMap, "appId", s.AppID) + populateDateTimeRFC3339(objectMap, "credentialsExpireOn", s.CredentialsExpireOn) + populate(objectMap, "id", s.ID) + populate(objectMap, "tenantId", s.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ProcessEntityProperties. -func (p *ProcessEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ServicePrincipal. +func (s *ServicePrincipal) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "accountEntityId": - err = unpopulate(val, "AccountEntityID", &p.AccountEntityID) - delete(rawMsg, key) - case "additionalData": - err = unpopulate(val, "AdditionalData", &p.AdditionalData) - delete(rawMsg, key) - case "commandLine": - err = unpopulate(val, "CommandLine", &p.CommandLine) - delete(rawMsg, key) - case "creationTimeUtc": - err = unpopulateDateTimeRFC3339(val, "CreationTimeUTC", &p.CreationTimeUTC) - delete(rawMsg, key) - case "elevationToken": - err = unpopulate(val, "ElevationToken", &p.ElevationToken) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &p.FriendlyName) - delete(rawMsg, key) - case "hostEntityId": - err = unpopulate(val, "HostEntityID", &p.HostEntityID) - delete(rawMsg, key) - case "hostLogonSessionEntityId": - err = unpopulate(val, "HostLogonSessionEntityID", &p.HostLogonSessionEntityID) + case "appId": + err = unpopulate(val, "AppID", &s.AppID) delete(rawMsg, key) - case "imageFileEntityId": - err = unpopulate(val, "ImageFileEntityID", &p.ImageFileEntityID) + case "credentialsExpireOn": + err = unpopulateDateTimeRFC3339(val, "CredentialsExpireOn", &s.CredentialsExpireOn) delete(rawMsg, key) - case "parentProcessEntityId": - err = unpopulate(val, "ParentProcessEntityID", &p.ParentProcessEntityID) + case "id": + err = unpopulate(val, "ID", &s.ID) delete(rawMsg, key) - case "processId": - err = unpopulate(val, "ProcessID", &p.ProcessID) + case "tenantId": + err = unpopulate(val, "TenantID", &s.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type PropertyArrayChangedConditionProperties. -func (p PropertyArrayChangedConditionProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SessionAuthModel. +func (s SessionAuthModel) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "conditionProperties", p.ConditionProperties) - objectMap["conditionType"] = ConditionTypePropertyArrayChanged + populate(objectMap, "headers", s.Headers) + populate(objectMap, "isPostPayloadJson", s.IsPostPayloadJSON) + populate(objectMap, "password", s.Password) + populate(objectMap, "queryParameters", s.QueryParameters) + populate(objectMap, "sessionIdName", s.SessionIDName) + populate(objectMap, "sessionLoginRequestUri", s.SessionLoginRequestURI) + populate(objectMap, "sessionTimeoutInMinutes", s.SessionTimeoutInMinutes) + objectMap["type"] = CcpAuthTypeSession + populate(objectMap, "userName", s.UserName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyArrayChangedConditionProperties. -func (p *PropertyArrayChangedConditionProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SessionAuthModel. +func (s *SessionAuthModel) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "conditionProperties": - err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + case "headers": + err = unpopulate(val, "Headers", &s.Headers) delete(rawMsg, key) - case "conditionType": - err = unpopulate(val, "ConditionType", &p.ConditionType) + case "isPostPayloadJson": + err = unpopulate(val, "IsPostPayloadJSON", &s.IsPostPayloadJSON) + delete(rawMsg, key) + case "password": + err = unpopulate(val, "Password", &s.Password) + delete(rawMsg, key) + case "queryParameters": + err = unpopulate(val, "QueryParameters", &s.QueryParameters) + delete(rawMsg, key) + case "sessionIdName": + err = unpopulate(val, "SessionIDName", &s.SessionIDName) + delete(rawMsg, key) + case "sessionLoginRequestUri": + err = unpopulate(val, "SessionLoginRequestURI", &s.SessionLoginRequestURI) + delete(rawMsg, key) + case "sessionTimeoutInMinutes": + err = unpopulate(val, "SessionTimeoutInMinutes", &s.SessionTimeoutInMinutes) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + case "userName": + err = unpopulate(val, "UserName", &s.UserName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type PropertyArrayConditionProperties. -func (p PropertyArrayConditionProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SettingList. +func (s SettingList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "conditionProperties", p.ConditionProperties) - objectMap["conditionType"] = ConditionTypePropertyArray + populate(objectMap, "nextLink", s.NextLink) + populate(objectMap, "value", s.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyArrayConditionProperties. -func (p *PropertyArrayConditionProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SettingList. +func (s *SettingList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "conditionProperties": - err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + case "nextLink": + err = unpopulate(val, "NextLink", &s.NextLink) delete(rawMsg, key) - case "conditionType": - err = unpopulate(val, "ConditionType", &p.ConditionType) + case "value": + s.Value, err = unmarshalSettingsClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type PropertyChangedConditionProperties. -func (p PropertyChangedConditionProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Settings. +func (s Settings) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "conditionProperties", p.ConditionProperties) - objectMap["conditionType"] = ConditionTypePropertyChanged + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + objectMap["kind"] = s.Kind + populate(objectMap, "name", s.Name) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyChangedConditionProperties. -func (p *PropertyChangedConditionProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Settings. +func (s *Settings) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "conditionProperties": - err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + case "etag": + err = unpopulate(val, "Etag", &s.Etag) delete(rawMsg, key) - case "conditionType": - err = unpopulate(val, "ConditionType", &p.ConditionType) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type PropertyConditionProperties. -func (p PropertyConditionProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SourceControl. +func (s SourceControl) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "conditionProperties", p.ConditionProperties) - objectMap["conditionType"] = ConditionTypeProperty + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyConditionProperties. -func (p *PropertyConditionProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SourceControl. +func (s *SourceControl) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "conditionProperties": - err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + case "etag": + err = unpopulate(val, "Etag", &s.Etag) delete(rawMsg, key) - case "conditionType": - err = unpopulate(val, "ConditionType", &p.ConditionType) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RegistryKeyEntity. -func (r RegistryKeyEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SourceControlList. +func (s SourceControlList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", r.ID) - objectMap["kind"] = EntityKindRegistryKey - populate(objectMap, "name", r.Name) - populate(objectMap, "properties", r.Properties) - populate(objectMap, "systemData", r.SystemData) - populate(objectMap, "type", r.Type) + populate(objectMap, "nextLink", s.NextLink) + populate(objectMap, "value", s.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryKeyEntity. -func (r *RegistryKeyEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SourceControlList. +func (s *SourceControlList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &r.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &r.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &r.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &r.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &r.SystemData) + case "nextLink": + err = unpopulate(val, "NextLink", &s.NextLink) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &r.Type) + case "value": + err = unpopulate(val, "Value", &s.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RegistryKeyEntityProperties. -func (r RegistryKeyEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SourceControlProperties. +func (s SourceControlProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", r.AdditionalData) - populate(objectMap, "friendlyName", r.FriendlyName) - populate(objectMap, "hive", r.Hive) - populate(objectMap, "key", r.Key) + populate(objectMap, "contentTypes", s.ContentTypes) + populate(objectMap, "description", s.Description) + populate(objectMap, "displayName", s.DisplayName) + populate(objectMap, "id", s.ID) + populate(objectMap, "lastDeploymentInfo", s.LastDeploymentInfo) + populate(objectMap, "pullRequest", s.PullRequest) + populate(objectMap, "repoType", s.RepoType) + populate(objectMap, "repository", s.Repository) + populate(objectMap, "repositoryAccess", s.RepositoryAccess) + populate(objectMap, "repositoryResourceInfo", s.RepositoryResourceInfo) + populate(objectMap, "servicePrincipal", s.ServicePrincipal) + populate(objectMap, "version", s.Version) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryKeyEntityProperties. -func (r *RegistryKeyEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SourceControlProperties. +func (s *SourceControlProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &r.AdditionalData) + case "contentTypes": + err = unpopulate(val, "ContentTypes", &s.ContentTypes) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &r.FriendlyName) + case "description": + err = unpopulate(val, "Description", &s.Description) delete(rawMsg, key) - case "hive": - err = unpopulate(val, "Hive", &r.Hive) + case "displayName": + err = unpopulate(val, "DisplayName", &s.DisplayName) delete(rawMsg, key) - case "key": - err = unpopulate(val, "Key", &r.Key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "lastDeploymentInfo": + err = unpopulate(val, "LastDeploymentInfo", &s.LastDeploymentInfo) + delete(rawMsg, key) + case "pullRequest": + err = unpopulate(val, "PullRequest", &s.PullRequest) + delete(rawMsg, key) + case "repoType": + err = unpopulate(val, "RepoType", &s.RepoType) + delete(rawMsg, key) + case "repository": + err = unpopulate(val, "Repository", &s.Repository) + delete(rawMsg, key) + case "repositoryAccess": + err = unpopulate(val, "RepositoryAccess", &s.RepositoryAccess) + delete(rawMsg, key) + case "repositoryResourceInfo": + err = unpopulate(val, "RepositoryResourceInfo", &s.RepositoryResourceInfo) + delete(rawMsg, key) + case "servicePrincipal": + err = unpopulate(val, "ServicePrincipal", &s.ServicePrincipal) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &s.Version) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RegistryValueEntity. -func (r RegistryValueEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SubmissionMailEntity. +func (s SubmissionMailEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", r.ID) - objectMap["kind"] = EntityKindRegistryValue - populate(objectMap, "name", r.Name) - populate(objectMap, "properties", r.Properties) - populate(objectMap, "systemData", r.SystemData) - populate(objectMap, "type", r.Type) + populate(objectMap, "id", s.ID) + objectMap["kind"] = EntityKindEnumSubmissionMail + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryValueEntity. -func (r *RegistryValueEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SubmissionMailEntity. +func (s *SubmissionMailEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &r.ID) + err = unpopulate(val, "ID", &s.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &r.Kind) + err = unpopulate(val, "Kind", &s.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &r.Name) + err = unpopulate(val, "Name", &s.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &r.Properties) + err = unpopulate(val, "Properties", &s.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &r.SystemData) + err = unpopulate(val, "SystemData", &s.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &r.Type) + err = unpopulate(val, "Type", &s.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RegistryValueEntityProperties. -func (r RegistryValueEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SubmissionMailEntityProperties. +func (s SubmissionMailEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", r.AdditionalData) - populate(objectMap, "friendlyName", r.FriendlyName) - populate(objectMap, "keyEntityId", r.KeyEntityID) - populate(objectMap, "valueData", r.ValueData) - populate(objectMap, "valueName", r.ValueName) - populate(objectMap, "valueType", r.ValueType) + populate(objectMap, "additionalData", s.AdditionalData) + populate(objectMap, "friendlyName", s.FriendlyName) + populate(objectMap, "networkMessageId", s.NetworkMessageID) + populate(objectMap, "recipient", s.Recipient) + populate(objectMap, "reportType", s.ReportType) + populate(objectMap, "sender", s.Sender) + populate(objectMap, "senderIp", s.SenderIP) + populate(objectMap, "subject", s.Subject) + populateDateTimeRFC3339(objectMap, "submissionDate", s.SubmissionDate) + populate(objectMap, "submissionId", s.SubmissionID) + populate(objectMap, "submitter", s.Submitter) + populateDateTimeRFC3339(objectMap, "timestamp", s.Timestamp) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryValueEntityProperties. -func (r *RegistryValueEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SubmissionMailEntityProperties. +func (s *SubmissionMailEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { case "additionalData": - err = unpopulate(val, "AdditionalData", &r.AdditionalData) + err = unpopulate(val, "AdditionalData", &s.AdditionalData) delete(rawMsg, key) case "friendlyName": - err = unpopulate(val, "FriendlyName", &r.FriendlyName) + err = unpopulate(val, "FriendlyName", &s.FriendlyName) delete(rawMsg, key) - case "keyEntityId": - err = unpopulate(val, "KeyEntityID", &r.KeyEntityID) + case "networkMessageId": + err = unpopulate(val, "NetworkMessageID", &s.NetworkMessageID) delete(rawMsg, key) - case "valueData": - err = unpopulate(val, "ValueData", &r.ValueData) + case "recipient": + err = unpopulate(val, "Recipient", &s.Recipient) delete(rawMsg, key) - case "valueName": - err = unpopulate(val, "ValueName", &r.ValueName) + case "reportType": + err = unpopulate(val, "ReportType", &s.ReportType) + delete(rawMsg, key) + case "sender": + err = unpopulate(val, "Sender", &s.Sender) + delete(rawMsg, key) + case "senderIp": + err = unpopulate(val, "SenderIP", &s.SenderIP) + delete(rawMsg, key) + case "subject": + err = unpopulate(val, "Subject", &s.Subject) + delete(rawMsg, key) + case "submissionDate": + err = unpopulateDateTimeRFC3339(val, "SubmissionDate", &s.SubmissionDate) + delete(rawMsg, key) + case "submissionId": + err = unpopulate(val, "SubmissionID", &s.SubmissionID) delete(rawMsg, key) - case "valueType": - err = unpopulate(val, "ValueType", &r.ValueType) + case "submitter": + err = unpopulate(val, "Submitter", &s.Submitter) + delete(rawMsg, key) + case "timestamp": + err = unpopulateDateTimeRFC3339(val, "Timestamp", &s.Timestamp) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Relation. -func (r Relation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SystemData. +func (s SystemData) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", r.Etag) - populate(objectMap, "id", r.ID) - populate(objectMap, "name", r.Name) - populate(objectMap, "properties", r.Properties) - populate(objectMap, "systemData", r.SystemData) - populate(objectMap, "type", r.Type) + populateDateTimeRFC3339(objectMap, "createdAt", s.CreatedAt) + populate(objectMap, "createdBy", s.CreatedBy) + populate(objectMap, "createdByType", s.CreatedByType) + populateDateTimeRFC3339(objectMap, "lastModifiedAt", s.LastModifiedAt) + populate(objectMap, "lastModifiedBy", s.LastModifiedBy) + populate(objectMap, "lastModifiedByType", s.LastModifiedByType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Relation. -func (r *Relation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SystemData. +func (s *SystemData) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &r.Etag) + case "createdAt": + err = unpopulateDateTimeRFC3339(val, "CreatedAt", &s.CreatedAt) delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &r.ID) + case "createdBy": + err = unpopulate(val, "CreatedBy", &s.CreatedBy) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &r.Name) + case "createdByType": + err = unpopulate(val, "CreatedByType", &s.CreatedByType) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &r.Properties) + case "lastModifiedAt": + err = unpopulateDateTimeRFC3339(val, "LastModifiedAt", &s.LastModifiedAt) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &r.SystemData) + case "lastModifiedBy": + err = unpopulate(val, "LastModifiedBy", &s.LastModifiedBy) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &r.Type) + case "lastModifiedByType": + err = unpopulate(val, "LastModifiedByType", &s.LastModifiedByType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RelationList. -func (r RelationList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SystemProperties. +func (s SystemProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", r.NextLink) - populate(objectMap, "value", r.Value) + populate(objectMap, "configuration", s.Configuration) + populate(objectMap, "displayName", s.DisplayName) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", s.LastModifiedTimeUTC) + populate(objectMap, "status", s.Status) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RelationList. -func (r *RelationList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SystemProperties. +func (s *SystemProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &r.NextLink) + case "configuration": + s.Configuration, err = unmarshalSystemsConfigurationClassification(val) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &r.Value) + case "displayName": + err = unpopulate(val, "DisplayName", &s.DisplayName) + delete(rawMsg, key) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &s.LastModifiedTimeUTC) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &s.Status) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RelationProperties. -func (r RelationProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SystemResource. +func (s SystemResource) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "relatedResourceId", r.RelatedResourceID) - populate(objectMap, "relatedResourceKind", r.RelatedResourceKind) - populate(objectMap, "relatedResourceName", r.RelatedResourceName) - populate(objectMap, "relatedResourceType", r.RelatedResourceType) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RelationProperties. -func (r *RelationProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SystemResource. +func (s *SystemResource) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "relatedResourceId": - err = unpopulate(val, "RelatedResourceID", &r.RelatedResourceID) + case "etag": + err = unpopulate(val, "Etag", &s.Etag) delete(rawMsg, key) - case "relatedResourceKind": - err = unpopulate(val, "RelatedResourceKind", &r.RelatedResourceKind) + case "id": + err = unpopulate(val, "ID", &s.ID) delete(rawMsg, key) - case "relatedResourceName": - err = unpopulate(val, "RelatedResourceName", &r.RelatedResourceName) + case "name": + err = unpopulate(val, "Name", &s.Name) delete(rawMsg, key) - case "relatedResourceType": - err = unpopulate(val, "RelatedResourceType", &r.RelatedResourceType) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Repo. -func (r Repo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SystemsConfiguration. +func (s SystemsConfiguration) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "branches", r.Branches) - populate(objectMap, "fullName", r.FullName) - populate(objectMap, "url", r.URL) + objectMap["type"] = s.Type return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Repo. -func (r *Repo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SystemsConfiguration. +func (s *SystemsConfiguration) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "branches": - err = unpopulate(val, "Branches", &r.Branches) - delete(rawMsg, key) - case "fullName": - err = unpopulate(val, "FullName", &r.FullName) - delete(rawMsg, key) - case "url": - err = unpopulate(val, "URL", &r.URL) + case "type": + err = unpopulate(val, "Type", &s.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RepoList. -func (r RepoList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SystemsConfigurationConnector. +func (s SystemsConfigurationConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", r.NextLink) - populate(objectMap, "value", r.Value) + objectMap["type"] = s.Type return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RepoList. -func (r *RepoList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SystemsConfigurationConnector. +func (s *SystemsConfigurationConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &r.NextLink) - delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &r.Value) + case "type": + err = unpopulate(val, "Type", &s.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Repository. -func (r Repository) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type SystemsList. +func (s SystemsList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "branch", r.Branch) - populate(objectMap, "deploymentLogsUrl", r.DeploymentLogsURL) - populate(objectMap, "displayUrl", r.DisplayURL) - populate(objectMap, "pathMapping", r.PathMapping) - populate(objectMap, "url", r.URL) + populate(objectMap, "nextLink", s.NextLink) + populate(objectMap, "value", s.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Repository. -func (r *Repository) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type SystemsList. +func (s *SystemsList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } for key, val := range rawMsg { var err error switch key { - case "branch": - err = unpopulate(val, "Branch", &r.Branch) - delete(rawMsg, key) - case "deploymentLogsUrl": - err = unpopulate(val, "DeploymentLogsURL", &r.DeploymentLogsURL) - delete(rawMsg, key) - case "displayUrl": - err = unpopulate(val, "DisplayURL", &r.DisplayURL) - delete(rawMsg, key) - case "pathMapping": - err = unpopulate(val, "PathMapping", &r.PathMapping) + case "nextLink": + err = unpopulate(val, "NextLink", &s.NextLink) delete(rawMsg, key) - case "url": - err = unpopulate(val, "URL", &r.URL) + case "value": + err = unpopulate(val, "Value", &s.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", s, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RepositoryResourceInfo. -func (r RepositoryResourceInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TICheckRequirements. +func (t TICheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "azureDevOpsResourceInfo", r.AzureDevOpsResourceInfo) - populate(objectMap, "gitHubResourceInfo", r.GitHubResourceInfo) - populate(objectMap, "webhook", r.Webhook) + objectMap["kind"] = DataConnectorKindThreatIntelligence + populate(objectMap, "properties", t.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RepositoryResourceInfo. -func (r *RepositoryResourceInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TICheckRequirements. +func (t *TICheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "azureDevOpsResourceInfo": - err = unpopulate(val, "AzureDevOpsResourceInfo", &r.AzureDevOpsResourceInfo) - delete(rawMsg, key) - case "gitHubResourceInfo": - err = unpopulate(val, "GitHubResourceInfo", &r.GitHubResourceInfo) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) - case "webhook": - err = unpopulate(val, "Webhook", &r.Webhook) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RequiredPermissions. -func (r RequiredPermissions) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TICheckRequirementsProperties. +func (t TICheckRequirementsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "action", r.Action) - populate(objectMap, "delete", r.Delete) - populate(objectMap, "read", r.Read) - populate(objectMap, "write", r.Write) + populate(objectMap, "tenantId", t.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RequiredPermissions. -func (r *RequiredPermissions) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TICheckRequirementsProperties. +func (t *TICheckRequirementsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "action": - err = unpopulate(val, "Action", &r.Action) - delete(rawMsg, key) - case "delete": - err = unpopulate(val, "Delete", &r.Delete) - delete(rawMsg, key) - case "read": - err = unpopulate(val, "Read", &r.Read) - delete(rawMsg, key) - case "write": - err = unpopulate(val, "Write", &r.Write) + case "tenantId": + err = unpopulate(val, "TenantID", &t.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } - -// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRule. -func (s ScheduledAlertRule) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "etag", s.Etag) - populate(objectMap, "id", s.ID) - objectMap["kind"] = AlertRuleKindScheduled - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + +// MarshalJSON implements the json.Marshaller interface for type TIDataConnector. +func (t TIDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + objectMap["kind"] = DataConnectorKindThreatIntelligence + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRule. -func (s *ScheduledAlertRule) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnector. +func (t *TIDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { case "etag": - err = unpopulate(val, "Etag", &s.Etag) + err = unpopulate(val, "Etag", &t.Etag) delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &s.ID) + err = unpopulate(val, "ID", &t.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &s.Kind) + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &s.Name) + err = unpopulate(val, "Name", &t.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &s.Properties) + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + err = unpopulate(val, "SystemData", &t.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &s.Type) + err = unpopulate(val, "Type", &t.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleProperties. -func (s ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorDataTypes. +func (t TIDataConnectorDataTypes) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertDetailsOverride", s.AlertDetailsOverride) - populate(objectMap, "alertRuleTemplateName", s.AlertRuleTemplateName) - populate(objectMap, "customDetails", s.CustomDetails) - populate(objectMap, "description", s.Description) - populate(objectMap, "displayName", s.DisplayName) - populate(objectMap, "enabled", s.Enabled) - populate(objectMap, "entityMappings", s.EntityMappings) - populate(objectMap, "eventGroupingSettings", s.EventGroupingSettings) - populate(objectMap, "incidentConfiguration", s.IncidentConfiguration) - populateDateTimeRFC3339(objectMap, "lastModifiedUtc", s.LastModifiedUTC) - populate(objectMap, "query", s.Query) - populate(objectMap, "queryFrequency", s.QueryFrequency) - populate(objectMap, "queryPeriod", s.QueryPeriod) - populate(objectMap, "severity", s.Severity) - populate(objectMap, "suppressionDuration", s.SuppressionDuration) - populate(objectMap, "suppressionEnabled", s.SuppressionEnabled) - populate(objectMap, "tactics", s.Tactics) - populate(objectMap, "techniques", s.Techniques) - populate(objectMap, "templateVersion", s.TemplateVersion) - populate(objectMap, "triggerOperator", s.TriggerOperator) - populate(objectMap, "triggerThreshold", s.TriggerThreshold) + populate(objectMap, "indicators", t.Indicators) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleProperties. -func (s *ScheduledAlertRuleProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorDataTypes. +func (t *TIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "alertDetailsOverride": - err = unpopulate(val, "AlertDetailsOverride", &s.AlertDetailsOverride) - delete(rawMsg, key) - case "alertRuleTemplateName": - err = unpopulate(val, "AlertRuleTemplateName", &s.AlertRuleTemplateName) - delete(rawMsg, key) - case "customDetails": - err = unpopulate(val, "CustomDetails", &s.CustomDetails) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &s.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &s.DisplayName) - delete(rawMsg, key) - case "enabled": - err = unpopulate(val, "Enabled", &s.Enabled) - delete(rawMsg, key) - case "entityMappings": - err = unpopulate(val, "EntityMappings", &s.EntityMappings) - delete(rawMsg, key) - case "eventGroupingSettings": - err = unpopulate(val, "EventGroupingSettings", &s.EventGroupingSettings) - delete(rawMsg, key) - case "incidentConfiguration": - err = unpopulate(val, "IncidentConfiguration", &s.IncidentConfiguration) - delete(rawMsg, key) - case "lastModifiedUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &s.LastModifiedUTC) - delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &s.Query) - delete(rawMsg, key) - case "queryFrequency": - err = unpopulate(val, "QueryFrequency", &s.QueryFrequency) - delete(rawMsg, key) - case "queryPeriod": - err = unpopulate(val, "QueryPeriod", &s.QueryPeriod) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &s.Severity) - delete(rawMsg, key) - case "suppressionDuration": - err = unpopulate(val, "SuppressionDuration", &s.SuppressionDuration) - delete(rawMsg, key) - case "suppressionEnabled": - err = unpopulate(val, "SuppressionEnabled", &s.SuppressionEnabled) - delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &s.Tactics) - delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &s.Techniques) - delete(rawMsg, key) - case "templateVersion": - err = unpopulate(val, "TemplateVersion", &s.TemplateVersion) - delete(rawMsg, key) - case "triggerOperator": - err = unpopulate(val, "TriggerOperator", &s.TriggerOperator) - delete(rawMsg, key) - case "triggerThreshold": - err = unpopulate(val, "TriggerThreshold", &s.TriggerThreshold) + case "indicators": + err = unpopulate(val, "Indicators", &t.Indicators) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleTemplate. -func (s ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorDataTypesIndicators. +func (t TIDataConnectorDataTypesIndicators) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", s.ID) - objectMap["kind"] = AlertRuleKindScheduled - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "state", t.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleTemplate. -func (s *ScheduledAlertRuleTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorDataTypesIndicators. +func (t *TIDataConnectorDataTypesIndicators) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &s.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &s.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &s.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &s.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &s.Type) + case "state": + err = unpopulate(val, "State", &t.State) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleTemplateProperties. -func (s ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorProperties. +func (t TIDataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertDetailsOverride", s.AlertDetailsOverride) - populate(objectMap, "alertRulesCreatedByTemplateCount", s.AlertRulesCreatedByTemplateCount) - populateDateTimeRFC3339(objectMap, "createdDateUTC", s.CreatedDateUTC) - populate(objectMap, "customDetails", s.CustomDetails) - populate(objectMap, "description", s.Description) - populate(objectMap, "displayName", s.DisplayName) - populate(objectMap, "entityMappings", s.EntityMappings) - populate(objectMap, "eventGroupingSettings", s.EventGroupingSettings) - populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", s.LastUpdatedDateUTC) - populate(objectMap, "query", s.Query) - populate(objectMap, "queryFrequency", s.QueryFrequency) - populate(objectMap, "queryPeriod", s.QueryPeriod) - populate(objectMap, "requiredDataConnectors", s.RequiredDataConnectors) - populate(objectMap, "severity", s.Severity) - populate(objectMap, "status", s.Status) - populate(objectMap, "tactics", s.Tactics) - populate(objectMap, "techniques", s.Techniques) - populate(objectMap, "triggerOperator", s.TriggerOperator) - populate(objectMap, "triggerThreshold", s.TriggerThreshold) - populate(objectMap, "version", s.Version) + populate(objectMap, "dataTypes", t.DataTypes) + populate(objectMap, "tenantId", t.TenantID) + populateDateTimeRFC3339(objectMap, "tipLookbackPeriod", t.TipLookbackPeriod) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleTemplateProperties. -func (s *ScheduledAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorProperties. +func (t *TIDataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error - switch key { - case "alertDetailsOverride": - err = unpopulate(val, "AlertDetailsOverride", &s.AlertDetailsOverride) - delete(rawMsg, key) - case "alertRulesCreatedByTemplateCount": - err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &s.AlertRulesCreatedByTemplateCount) - delete(rawMsg, key) - case "createdDateUTC": - err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &s.CreatedDateUTC) - delete(rawMsg, key) - case "customDetails": - err = unpopulate(val, "CustomDetails", &s.CustomDetails) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &s.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &s.DisplayName) - delete(rawMsg, key) - case "entityMappings": - err = unpopulate(val, "EntityMappings", &s.EntityMappings) - delete(rawMsg, key) - case "eventGroupingSettings": - err = unpopulate(val, "EventGroupingSettings", &s.EventGroupingSettings) - delete(rawMsg, key) - case "lastUpdatedDateUTC": - err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &s.LastUpdatedDateUTC) - delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &s.Query) - delete(rawMsg, key) - case "queryFrequency": - err = unpopulate(val, "QueryFrequency", &s.QueryFrequency) - delete(rawMsg, key) - case "queryPeriod": - err = unpopulate(val, "QueryPeriod", &s.QueryPeriod) - delete(rawMsg, key) - case "requiredDataConnectors": - err = unpopulate(val, "RequiredDataConnectors", &s.RequiredDataConnectors) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &s.Severity) - delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &s.Status) - delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &s.Tactics) - delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &s.Techniques) - delete(rawMsg, key) - case "triggerOperator": - err = unpopulate(val, "TriggerOperator", &s.TriggerOperator) + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &t.DataTypes) delete(rawMsg, key) - case "triggerThreshold": - err = unpopulate(val, "TriggerThreshold", &s.TriggerThreshold) + case "tenantId": + err = unpopulate(val, "TenantID", &t.TenantID) delete(rawMsg, key) - case "version": - err = unpopulate(val, "Version", &s.Version) + case "tipLookbackPeriod": + err = unpopulateDateTimeRFC3339(val, "TipLookbackPeriod", &t.TipLookbackPeriod) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityAlert. -func (s SecurityAlert) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TIObject. +func (t TIObject) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", s.ID) - objectMap["kind"] = EntityKindSecurityAlert - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "id", t.ID) + objectMap["kind"] = t.Kind + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlert. -func (s *SecurityAlert) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TIObject. +func (t *TIObject) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &s.ID) + err = unpopulate(val, "ID", &t.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &s.Kind) + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &s.Name) + err = unpopulate(val, "Name", &t.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &s.Properties) + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + err = unpopulate(val, "SystemData", &t.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &s.Type) + err = unpopulate(val, "Type", &t.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityAlertProperties. -func (s SecurityAlertProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TIObjectCommonProperties. +func (t TIObjectCommonProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", s.AdditionalData) - populate(objectMap, "alertDisplayName", s.AlertDisplayName) - populate(objectMap, "alertLink", s.AlertLink) - populate(objectMap, "alertType", s.AlertType) - populate(objectMap, "compromisedEntity", s.CompromisedEntity) - populate(objectMap, "confidenceLevel", s.ConfidenceLevel) - populate(objectMap, "confidenceReasons", s.ConfidenceReasons) - populate(objectMap, "confidenceScore", s.ConfidenceScore) - populate(objectMap, "confidenceScoreStatus", s.ConfidenceScoreStatus) - populate(objectMap, "description", s.Description) - populateDateTimeRFC3339(objectMap, "endTimeUtc", s.EndTimeUTC) - populate(objectMap, "friendlyName", s.FriendlyName) - populate(objectMap, "intent", s.Intent) - populateDateTimeRFC3339(objectMap, "processingEndTime", s.ProcessingEndTime) - populate(objectMap, "productComponentName", s.ProductComponentName) - populate(objectMap, "productName", s.ProductName) - populate(objectMap, "productVersion", s.ProductVersion) - populate(objectMap, "providerAlertId", s.ProviderAlertID) - populate(objectMap, "remediationSteps", s.RemediationSteps) - populate(objectMap, "resourceIdentifiers", s.ResourceIdentifiers) - populate(objectMap, "severity", s.Severity) - populateDateTimeRFC3339(objectMap, "startTimeUtc", s.StartTimeUTC) - populate(objectMap, "status", s.Status) - populate(objectMap, "systemAlertId", s.SystemAlertID) - populate(objectMap, "tactics", s.Tactics) - populateDateTimeRFC3339(objectMap, "timeGenerated", s.TimeGenerated) - populate(objectMap, "vendorName", s.VendorName) + populate(objectMap, "createdBy", t.CreatedBy) + populate(objectMap, "data", t.Data) + populateDateTimeRFC3339(objectMap, "firstIngestedTimeUtc", t.FirstIngestedTimeUTC) + populate(objectMap, "ingestionRulesVersion", t.IngestionRulesVersion) + populateDateTimeRFC3339(objectMap, "lastIngestedTimeUtc", t.LastIngestedTimeUTC) + populate(objectMap, "lastModifiedBy", t.LastModifiedBy) + populate(objectMap, "lastUpdateMethod", t.LastUpdateMethod) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateTimeUtc", t.LastUpdatedDateTimeUTC) + populate(objectMap, "relationshipHints", t.RelationshipHints) + populate(objectMap, "source", t.Source) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertProperties. -func (s *SecurityAlertProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TIObjectCommonProperties. +func (t *TIObjectCommonProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &s.AdditionalData) - delete(rawMsg, key) - case "alertDisplayName": - err = unpopulate(val, "AlertDisplayName", &s.AlertDisplayName) - delete(rawMsg, key) - case "alertLink": - err = unpopulate(val, "AlertLink", &s.AlertLink) - delete(rawMsg, key) - case "alertType": - err = unpopulate(val, "AlertType", &s.AlertType) - delete(rawMsg, key) - case "compromisedEntity": - err = unpopulate(val, "CompromisedEntity", &s.CompromisedEntity) - delete(rawMsg, key) - case "confidenceLevel": - err = unpopulate(val, "ConfidenceLevel", &s.ConfidenceLevel) - delete(rawMsg, key) - case "confidenceReasons": - err = unpopulate(val, "ConfidenceReasons", &s.ConfidenceReasons) - delete(rawMsg, key) - case "confidenceScore": - err = unpopulate(val, "ConfidenceScore", &s.ConfidenceScore) - delete(rawMsg, key) - case "confidenceScoreStatus": - err = unpopulate(val, "ConfidenceScoreStatus", &s.ConfidenceScoreStatus) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &s.Description) - delete(rawMsg, key) - case "endTimeUtc": - err = unpopulateDateTimeRFC3339(val, "EndTimeUTC", &s.EndTimeUTC) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &s.FriendlyName) - delete(rawMsg, key) - case "intent": - err = unpopulate(val, "Intent", &s.Intent) + case "createdBy": + err = unpopulate(val, "CreatedBy", &t.CreatedBy) delete(rawMsg, key) - case "processingEndTime": - err = unpopulateDateTimeRFC3339(val, "ProcessingEndTime", &s.ProcessingEndTime) + case "data": + err = unpopulate(val, "Data", &t.Data) delete(rawMsg, key) - case "productComponentName": - err = unpopulate(val, "ProductComponentName", &s.ProductComponentName) + case "firstIngestedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "FirstIngestedTimeUTC", &t.FirstIngestedTimeUTC) delete(rawMsg, key) - case "productName": - err = unpopulate(val, "ProductName", &s.ProductName) + case "ingestionRulesVersion": + err = unpopulate(val, "IngestionRulesVersion", &t.IngestionRulesVersion) delete(rawMsg, key) - case "productVersion": - err = unpopulate(val, "ProductVersion", &s.ProductVersion) + case "lastIngestedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastIngestedTimeUTC", &t.LastIngestedTimeUTC) delete(rawMsg, key) - case "providerAlertId": - err = unpopulate(val, "ProviderAlertID", &s.ProviderAlertID) + case "lastModifiedBy": + err = unpopulate(val, "LastModifiedBy", &t.LastModifiedBy) delete(rawMsg, key) - case "remediationSteps": - err = unpopulate(val, "RemediationSteps", &s.RemediationSteps) + case "lastUpdateMethod": + err = unpopulate(val, "LastUpdateMethod", &t.LastUpdateMethod) delete(rawMsg, key) - case "resourceIdentifiers": - err = unpopulate(val, "ResourceIdentifiers", &s.ResourceIdentifiers) + case "lastUpdatedDateTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateTimeUTC", &t.LastUpdatedDateTimeUTC) delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &s.Severity) + case "relationshipHints": + err = unpopulate(val, "RelationshipHints", &t.RelationshipHints) delete(rawMsg, key) - case "startTimeUtc": - err = unpopulateDateTimeRFC3339(val, "StartTimeUTC", &s.StartTimeUTC) + case "source": + err = unpopulate(val, "Source", &t.Source) delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &s.Status) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TeamInformation. +func (t TeamInformation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", t.Description) + populate(objectMap, "name", t.Name) + populate(objectMap, "primaryChannelUrl", t.PrimaryChannelURL) + populateDateTimeRFC3339(objectMap, "teamCreationTimeUtc", t.TeamCreationTimeUTC) + populate(objectMap, "teamId", t.TeamID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TeamInformation. +func (t *TeamInformation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &t.Description) delete(rawMsg, key) - case "systemAlertId": - err = unpopulate(val, "SystemAlertID", &s.SystemAlertID) + case "name": + err = unpopulate(val, "Name", &t.Name) delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &s.Tactics) + case "primaryChannelUrl": + err = unpopulate(val, "PrimaryChannelURL", &t.PrimaryChannelURL) delete(rawMsg, key) - case "timeGenerated": - err = unpopulateDateTimeRFC3339(val, "TimeGenerated", &s.TimeGenerated) + case "teamCreationTimeUtc": + err = unpopulateDateTimeRFC3339(val, "TeamCreationTimeUTC", &t.TeamCreationTimeUTC) delete(rawMsg, key) - case "vendorName": - err = unpopulate(val, "VendorName", &s.VendorName) + case "teamId": + err = unpopulate(val, "TeamID", &t.TeamID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityAlertPropertiesConfidenceReasonsItem. -func (s SecurityAlertPropertiesConfidenceReasonsItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TemplateList. +func (t TemplateList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "reason", s.Reason) - populate(objectMap, "reasonType", s.ReasonType) + populate(objectMap, "nextLink", t.NextLink) + populate(objectMap, "value", t.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertPropertiesConfidenceReasonsItem. -func (s *SecurityAlertPropertiesConfidenceReasonsItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TemplateList. +func (t *TemplateList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "reason": - err = unpopulate(val, "Reason", &s.Reason) + case "nextLink": + err = unpopulate(val, "NextLink", &t.NextLink) delete(rawMsg, key) - case "reasonType": - err = unpopulate(val, "ReasonType", &s.ReasonType) + case "value": + err = unpopulate(val, "Value", &t.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityAlertTimelineItem. -func (s SecurityAlertTimelineItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TemplateModel. +func (t TemplateModel) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertType", s.AlertType) - populate(objectMap, "azureResourceId", s.AzureResourceID) - populate(objectMap, "description", s.Description) - populate(objectMap, "displayName", s.DisplayName) - populateDateTimeRFC3339(objectMap, "endTimeUtc", s.EndTimeUTC) - objectMap["kind"] = EntityTimelineKindSecurityAlert - populate(objectMap, "productName", s.ProductName) - populate(objectMap, "severity", s.Severity) - populateDateTimeRFC3339(objectMap, "startTimeUtc", s.StartTimeUTC) - populateDateTimeRFC3339(objectMap, "timeGenerated", s.TimeGenerated) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TemplateModel. +func (t *TemplateModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &t.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &t.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &t.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TemplateProperties. +func (t TemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", t.Author) + populate(objectMap, "categories", t.Categories) + populate(objectMap, "contentId", t.ContentID) + populate(objectMap, "contentKind", t.ContentKind) + populate(objectMap, "contentProductId", t.ContentProductID) + populate(objectMap, "contentSchemaVersion", t.ContentSchemaVersion) + populate(objectMap, "customVersion", t.CustomVersion) + populate(objectMap, "dependantTemplates", t.DependantTemplates) + populate(objectMap, "dependencies", t.Dependencies) + populate(objectMap, "displayName", t.DisplayName) + populateDateType(objectMap, "firstPublishDate", t.FirstPublishDate) + populate(objectMap, "icon", t.Icon) + populate(objectMap, "isDeprecated", t.IsDeprecated) + populateDateType(objectMap, "lastPublishDate", t.LastPublishDate) + populateAny(objectMap, "mainTemplate", t.MainTemplate) + populate(objectMap, "packageId", t.PackageID) + populate(objectMap, "packageKind", t.PackageKind) + populate(objectMap, "packageName", t.PackageName) + populate(objectMap, "packageVersion", t.PackageVersion) + populate(objectMap, "previewImages", t.PreviewImages) + populate(objectMap, "previewImagesDark", t.PreviewImagesDark) + populate(objectMap, "providers", t.Providers) + populate(objectMap, "source", t.Source) + populate(objectMap, "support", t.Support) + populate(objectMap, "threatAnalysisTactics", t.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", t.ThreatAnalysisTechniques) + populate(objectMap, "version", t.Version) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertTimelineItem. -func (s *SecurityAlertTimelineItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TemplateProperties. +func (t *TemplateProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "alertType": - err = unpopulate(val, "AlertType", &s.AlertType) + case "author": + err = unpopulate(val, "Author", &t.Author) delete(rawMsg, key) - case "azureResourceId": - err = unpopulate(val, "AzureResourceID", &s.AzureResourceID) + case "categories": + err = unpopulate(val, "Categories", &t.Categories) delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &s.Description) + case "contentId": + err = unpopulate(val, "ContentID", &t.ContentID) + delete(rawMsg, key) + case "contentKind": + err = unpopulate(val, "ContentKind", &t.ContentKind) + delete(rawMsg, key) + case "contentProductId": + err = unpopulate(val, "ContentProductID", &t.ContentProductID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &t.ContentSchemaVersion) + delete(rawMsg, key) + case "customVersion": + err = unpopulate(val, "CustomVersion", &t.CustomVersion) + delete(rawMsg, key) + case "dependantTemplates": + err = unpopulate(val, "DependantTemplates", &t.DependantTemplates) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &t.Dependencies) delete(rawMsg, key) case "displayName": - err = unpopulate(val, "DisplayName", &s.DisplayName) + err = unpopulate(val, "DisplayName", &t.DisplayName) delete(rawMsg, key) - case "endTimeUtc": - err = unpopulateDateTimeRFC3339(val, "EndTimeUTC", &s.EndTimeUTC) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &t.FirstPublishDate) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &s.Kind) + case "icon": + err = unpopulate(val, "Icon", &t.Icon) delete(rawMsg, key) - case "productName": - err = unpopulate(val, "ProductName", &s.ProductName) + case "isDeprecated": + err = unpopulate(val, "IsDeprecated", &t.IsDeprecated) delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &s.Severity) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &t.LastPublishDate) delete(rawMsg, key) - case "startTimeUtc": - err = unpopulateDateTimeRFC3339(val, "StartTimeUTC", &s.StartTimeUTC) + case "mainTemplate": + err = unpopulate(val, "MainTemplate", &t.MainTemplate) delete(rawMsg, key) - case "timeGenerated": - err = unpopulateDateTimeRFC3339(val, "TimeGenerated", &s.TimeGenerated) + case "packageId": + err = unpopulate(val, "PackageID", &t.PackageID) + delete(rawMsg, key) + case "packageKind": + err = unpopulate(val, "PackageKind", &t.PackageKind) + delete(rawMsg, key) + case "packageName": + err = unpopulate(val, "PackageName", &t.PackageName) + delete(rawMsg, key) + case "packageVersion": + err = unpopulate(val, "PackageVersion", &t.PackageVersion) + delete(rawMsg, key) + case "previewImages": + err = unpopulate(val, "PreviewImages", &t.PreviewImages) + delete(rawMsg, key) + case "previewImagesDark": + err = unpopulate(val, "PreviewImagesDark", &t.PreviewImagesDark) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &t.Providers) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &t.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &t.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &t.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &t.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &t.Version) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityGroupEntity. -func (s SecurityGroupEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatActor. +func (t ThreatActor) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", s.ID) - objectMap["kind"] = EntityKindSecurityGroup - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "id", t.ID) + objectMap["kind"] = TIObjectKindThreatActor + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityGroupEntity. -func (s *SecurityGroupEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatActor. +func (t *ThreatActor) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &s.ID) + err = unpopulate(val, "ID", &t.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &s.Kind) + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &s.Name) + err = unpopulate(val, "Name", &t.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &s.Properties) + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + err = unpopulate(val, "SystemData", &t.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &s.Type) + err = unpopulate(val, "Type", &t.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityGroupEntityProperties. -func (s SecurityGroupEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligence. +func (t ThreatIntelligence) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", s.AdditionalData) - populate(objectMap, "distinguishedName", s.DistinguishedName) - populate(objectMap, "friendlyName", s.FriendlyName) - populate(objectMap, "objectGuid", s.ObjectGUID) - populate(objectMap, "sid", s.Sid) + populate(objectMap, "confidence", t.Confidence) + populate(objectMap, "providerName", t.ProviderName) + populate(objectMap, "reportLink", t.ReportLink) + populate(objectMap, "threatDescription", t.ThreatDescription) + populate(objectMap, "threatName", t.ThreatName) + populate(objectMap, "threatType", t.ThreatType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityGroupEntityProperties. -func (s *SecurityGroupEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligence. +func (t *ThreatIntelligence) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &s.AdditionalData) + case "confidence": + err = unpopulate(val, "Confidence", &t.Confidence) delete(rawMsg, key) - case "distinguishedName": - err = unpopulate(val, "DistinguishedName", &s.DistinguishedName) + case "providerName": + err = unpopulate(val, "ProviderName", &t.ProviderName) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &s.FriendlyName) + case "reportLink": + err = unpopulate(val, "ReportLink", &t.ReportLink) delete(rawMsg, key) - case "objectGuid": - err = unpopulate(val, "ObjectGUID", &s.ObjectGUID) + case "threatDescription": + err = unpopulate(val, "ThreatDescription", &t.ThreatDescription) delete(rawMsg, key) - case "sid": - err = unpopulate(val, "Sid", &s.Sid) + case "threatName": + err = unpopulate(val, "ThreatName", &t.ThreatName) + delete(rawMsg, key) + case "threatType": + err = unpopulate(val, "ThreatType", &t.ThreatType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityMLAnalyticsSetting. -func (s SecurityMLAnalyticsSetting) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRule. +func (t ThreatIntelligenceAlertRule) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", s.Etag) - populate(objectMap, "id", s.ID) - objectMap["kind"] = s.Kind - populate(objectMap, "name", s.Name) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + objectMap["kind"] = AlertRuleKindThreatIntelligence + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSetting. -func (s *SecurityMLAnalyticsSetting) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRule. +func (t *ThreatIntelligenceAlertRule) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { case "etag": - err = unpopulate(val, "Etag", &s.Etag) + err = unpopulate(val, "Etag", &t.Etag) delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &s.ID) + err = unpopulate(val, "ID", &t.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &s.Kind) + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &s.Name) + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + err = unpopulate(val, "SystemData", &t.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &s.Type) + err = unpopulate(val, "Type", &t.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityMLAnalyticsSettingsDataSource. -func (s SecurityMLAnalyticsSettingsDataSource) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRuleProperties. +func (t ThreatIntelligenceAlertRuleProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "connectorId", s.ConnectorID) - populate(objectMap, "dataTypes", s.DataTypes) + populate(objectMap, "alertRuleTemplateName", t.AlertRuleTemplateName) + populate(objectMap, "description", t.Description) + populate(objectMap, "displayName", t.DisplayName) + populate(objectMap, "enabled", t.Enabled) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", t.LastModifiedUTC) + populate(objectMap, "severity", t.Severity) + populate(objectMap, "subTechniques", t.SubTechniques) + populate(objectMap, "tactics", t.Tactics) + populate(objectMap, "techniques", t.Techniques) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsDataSource. -func (s *SecurityMLAnalyticsSettingsDataSource) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRuleProperties. +func (t *ThreatIntelligenceAlertRuleProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "connectorId": - err = unpopulate(val, "ConnectorID", &s.ConnectorID) + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &t.AlertRuleTemplateName) delete(rawMsg, key) - case "dataTypes": - err = unpopulate(val, "DataTypes", &s.DataTypes) + case "description": + err = unpopulate(val, "Description", &t.Description) delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type SecurityMLAnalyticsSettingsList. -func (s SecurityMLAnalyticsSettingsList) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "nextLink", s.NextLink) - populate(objectMap, "value", s.Value) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsList. -func (s *SecurityMLAnalyticsSettingsList) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &s.NextLink) + case "displayName": + err = unpopulate(val, "DisplayName", &t.DisplayName) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &t.Enabled) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &t.LastModifiedUTC) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &t.Severity) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &t.SubTechniques) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &t.Tactics) delete(rawMsg, key) - case "value": - s.Value, err = unmarshalSecurityMLAnalyticsSettingClassificationArray(val) + case "techniques": + err = unpopulate(val, "Techniques", &t.Techniques) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingState. -func (s SentinelOnboardingState) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRuleTemplate. +func (t ThreatIntelligenceAlertRuleTemplate) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", s.Etag) - populate(objectMap, "id", s.ID) - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "id", t.ID) + objectMap["kind"] = AlertRuleKindThreatIntelligence + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingState. -func (s *SentinelOnboardingState) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRuleTemplate. +func (t *ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &s.Etag) - delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &s.ID) + err = unpopulate(val, "ID", &t.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &s.Name) + err = unpopulate(val, "Name", &t.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &s.Properties) + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + err = unpopulate(val, "SystemData", &t.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &s.Type) + err = unpopulate(val, "Type", &t.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingStateProperties. -func (s SentinelOnboardingStateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRuleTemplateProperties. +func (t ThreatIntelligenceAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "customerManagedKey", s.CustomerManagedKey) + populate(objectMap, "alertRulesCreatedByTemplateCount", t.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", t.CreatedDateUTC) + populate(objectMap, "description", t.Description) + populate(objectMap, "displayName", t.DisplayName) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", t.LastUpdatedDateUTC) + populate(objectMap, "requiredDataConnectors", t.RequiredDataConnectors) + populate(objectMap, "severity", t.Severity) + populate(objectMap, "status", t.Status) + populate(objectMap, "tactics", t.Tactics) + populate(objectMap, "techniques", t.Techniques) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingStateProperties. -func (s *SentinelOnboardingStateProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRuleTemplateProperties. +func (t *ThreatIntelligenceAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "customerManagedKey": - err = unpopulate(val, "CustomerManagedKey", &s.CustomerManagedKey) + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &t.AlertRulesCreatedByTemplateCount) + delete(rawMsg, key) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &t.CreatedDateUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &t.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &t.DisplayName) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &t.LastUpdatedDateUTC) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &t.RequiredDataConnectors) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &t.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &t.Status) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &t.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &t.Techniques) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingStatesList. -func (s SentinelOnboardingStatesList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAppendTags. +func (t ThreatIntelligenceAppendTags) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "value", s.Value) + populate(objectMap, "threatIntelligenceTags", t.ThreatIntelligenceTags) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingStatesList. -func (s *SentinelOnboardingStatesList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAppendTags. +func (t *ThreatIntelligenceAppendTags) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "value": - err = unpopulate(val, "Value", &s.Value) + case "threatIntelligenceTags": + err = unpopulate(val, "ThreatIntelligenceTags", &t.ThreatIntelligenceTags) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SettingList. -func (s SettingList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceCount. +func (t ThreatIntelligenceCount) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "value", s.Value) + populate(objectMap, "count", t.Count) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SettingList. -func (s *SettingList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceCount. +func (t *ThreatIntelligenceCount) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "value": - s.Value, err = unmarshalSettingsClassificationArray(val) + case "count": + err = unpopulate(val, "Count", &t.Count) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Settings. -func (s Settings) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceExternalReference. +func (t ThreatIntelligenceExternalReference) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", s.Etag) - populate(objectMap, "id", s.ID) - objectMap["kind"] = s.Kind - populate(objectMap, "name", s.Name) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "description", t.Description) + populate(objectMap, "externalId", t.ExternalID) + populate(objectMap, "hashes", t.Hashes) + populate(objectMap, "sourceName", t.SourceName) + populate(objectMap, "url", t.URL) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Settings. -func (s *Settings) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceExternalReference. +func (t *ThreatIntelligenceExternalReference) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &s.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &s.ID) + case "description": + err = unpopulate(val, "Description", &t.Description) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &s.Kind) + case "externalId": + err = unpopulate(val, "ExternalID", &t.ExternalID) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &s.Name) + case "hashes": + err = unpopulate(val, "Hashes", &t.Hashes) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + case "sourceName": + err = unpopulate(val, "SourceName", &t.SourceName) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &s.Type) + case "url": + err = unpopulate(val, "URL", &t.URL) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SourceControl. -func (s SourceControl) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceFilteringCriteria. +func (t ThreatIntelligenceFilteringCriteria) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", s.Etag) - populate(objectMap, "id", s.ID) - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "ids", t.IDs) + populate(objectMap, "includeDisabled", t.IncludeDisabled) + populate(objectMap, "keywords", t.Keywords) + populate(objectMap, "maxConfidence", t.MaxConfidence) + populate(objectMap, "maxValidUntil", t.MaxValidUntil) + populate(objectMap, "minConfidence", t.MinConfidence) + populate(objectMap, "minValidUntil", t.MinValidUntil) + populate(objectMap, "pageSize", t.PageSize) + populate(objectMap, "patternTypes", t.PatternTypes) + populate(objectMap, "skipToken", t.SkipToken) + populate(objectMap, "sortBy", t.SortBy) + populate(objectMap, "sources", t.Sources) + populate(objectMap, "threatTypes", t.ThreatTypes) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SourceControl. -func (s *SourceControl) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceFilteringCriteria. +func (t *ThreatIntelligenceFilteringCriteria) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &s.Etag) + case "ids": + err = unpopulate(val, "IDs", &t.IDs) delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &s.ID) + case "includeDisabled": + err = unpopulate(val, "IncludeDisabled", &t.IncludeDisabled) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &s.Name) + case "keywords": + err = unpopulate(val, "Keywords", &t.Keywords) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &s.Properties) + case "maxConfidence": + err = unpopulate(val, "MaxConfidence", &t.MaxConfidence) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + case "maxValidUntil": + err = unpopulate(val, "MaxValidUntil", &t.MaxValidUntil) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &s.Type) + case "minConfidence": + err = unpopulate(val, "MinConfidence", &t.MinConfidence) + delete(rawMsg, key) + case "minValidUntil": + err = unpopulate(val, "MinValidUntil", &t.MinValidUntil) + delete(rawMsg, key) + case "pageSize": + err = unpopulate(val, "PageSize", &t.PageSize) + delete(rawMsg, key) + case "patternTypes": + err = unpopulate(val, "PatternTypes", &t.PatternTypes) + delete(rawMsg, key) + case "skipToken": + err = unpopulate(val, "SkipToken", &t.SkipToken) + delete(rawMsg, key) + case "sortBy": + err = unpopulate(val, "SortBy", &t.SortBy) + delete(rawMsg, key) + case "sources": + err = unpopulate(val, "Sources", &t.Sources) + delete(rawMsg, key) + case "threatTypes": + err = unpopulate(val, "ThreatTypes", &t.ThreatTypes) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SourceControlList. -func (s SourceControlList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceGranularMarkingModel. +func (t ThreatIntelligenceGranularMarkingModel) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", s.NextLink) - populate(objectMap, "value", s.Value) + populate(objectMap, "language", t.Language) + populate(objectMap, "markingRef", t.MarkingRef) + populate(objectMap, "selectors", t.Selectors) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SourceControlList. -func (s *SourceControlList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceGranularMarkingModel. +func (t *ThreatIntelligenceGranularMarkingModel) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &s.NextLink) + case "language": + err = unpopulate(val, "Language", &t.Language) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &s.Value) + case "markingRef": + err = unpopulate(val, "MarkingRef", &t.MarkingRef) + delete(rawMsg, key) + case "selectors": + err = unpopulate(val, "Selectors", &t.Selectors) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SourceControlProperties. -func (s SourceControlProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceIndicatorModel. +func (t ThreatIntelligenceIndicatorModel) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "contentTypes", s.ContentTypes) - populate(objectMap, "description", s.Description) - populate(objectMap, "displayName", s.DisplayName) - populate(objectMap, "id", s.ID) - populate(objectMap, "lastDeploymentInfo", s.LastDeploymentInfo) - populate(objectMap, "repoType", s.RepoType) - populate(objectMap, "repository", s.Repository) - populate(objectMap, "repositoryResourceInfo", s.RepositoryResourceInfo) - populate(objectMap, "version", s.Version) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + objectMap["kind"] = ThreatIntelligenceResourceInnerKindIndicator + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SourceControlProperties. -func (s *SourceControlProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorModel. +func (t *ThreatIntelligenceIndicatorModel) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "contentTypes": - err = unpopulate(val, "ContentTypes", &s.ContentTypes) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &s.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &s.DisplayName) + case "etag": + err = unpopulate(val, "Etag", &t.Etag) delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &s.ID) + err = unpopulate(val, "ID", &t.ID) delete(rawMsg, key) - case "lastDeploymentInfo": - err = unpopulate(val, "LastDeploymentInfo", &s.LastDeploymentInfo) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) - case "repoType": - err = unpopulate(val, "RepoType", &s.RepoType) + case "name": + err = unpopulate(val, "Name", &t.Name) delete(rawMsg, key) - case "repository": - err = unpopulate(val, "Repository", &s.Repository) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) - case "repositoryResourceInfo": - err = unpopulate(val, "RepositoryResourceInfo", &s.RepositoryResourceInfo) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) delete(rawMsg, key) - case "version": - err = unpopulate(val, "Version", &s.Version) + case "type": + err = unpopulate(val, "Type", &t.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SubmissionMailEntity. -func (s SubmissionMailEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceIndicatorProperties. +func (t ThreatIntelligenceIndicatorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", s.ID) - objectMap["kind"] = EntityKindSubmissionMail - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "additionalData", t.AdditionalData) + populate(objectMap, "confidence", t.Confidence) + populate(objectMap, "created", t.Created) + populate(objectMap, "createdByRef", t.CreatedByRef) + populate(objectMap, "defanged", t.Defanged) + populate(objectMap, "description", t.Description) + populate(objectMap, "displayName", t.DisplayName) + populate(objectMap, "extensions", t.Extensions) + populate(objectMap, "externalId", t.ExternalID) + populate(objectMap, "externalLastUpdatedTimeUtc", t.ExternalLastUpdatedTimeUTC) + populate(objectMap, "externalReferences", t.ExternalReferences) + populate(objectMap, "friendlyName", t.FriendlyName) + populate(objectMap, "granularMarkings", t.GranularMarkings) + populate(objectMap, "indicatorTypes", t.IndicatorTypes) + populate(objectMap, "killChainPhases", t.KillChainPhases) + populate(objectMap, "labels", t.Labels) + populate(objectMap, "language", t.Language) + populate(objectMap, "lastUpdatedTimeUtc", t.LastUpdatedTimeUTC) + populate(objectMap, "modified", t.Modified) + populate(objectMap, "objectMarkingRefs", t.ObjectMarkingRefs) + populate(objectMap, "parsedPattern", t.ParsedPattern) + populate(objectMap, "pattern", t.Pattern) + populate(objectMap, "patternType", t.PatternType) + populate(objectMap, "patternVersion", t.PatternVersion) + populate(objectMap, "revoked", t.Revoked) + populate(objectMap, "source", t.Source) + populate(objectMap, "threatIntelligenceTags", t.ThreatIntelligenceTags) + populate(objectMap, "threatTypes", t.ThreatTypes) + populate(objectMap, "validFrom", t.ValidFrom) + populate(objectMap, "validUntil", t.ValidUntil) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SubmissionMailEntity. -func (s *SubmissionMailEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorProperties. +func (t *ThreatIntelligenceIndicatorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &s.ID) + case "additionalData": + err = unpopulate(val, "AdditionalData", &t.AdditionalData) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &s.Kind) + case "confidence": + err = unpopulate(val, "Confidence", &t.Confidence) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &s.Name) + case "created": + err = unpopulate(val, "Created", &t.Created) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &s.Properties) + case "createdByRef": + err = unpopulate(val, "CreatedByRef", &t.CreatedByRef) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + case "defanged": + err = unpopulate(val, "Defanged", &t.Defanged) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &s.Type) + case "description": + err = unpopulate(val, "Description", &t.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &t.DisplayName) + delete(rawMsg, key) + case "extensions": + err = unpopulate(val, "Extensions", &t.Extensions) + delete(rawMsg, key) + case "externalId": + err = unpopulate(val, "ExternalID", &t.ExternalID) + delete(rawMsg, key) + case "externalLastUpdatedTimeUtc": + err = unpopulate(val, "ExternalLastUpdatedTimeUTC", &t.ExternalLastUpdatedTimeUTC) + delete(rawMsg, key) + case "externalReferences": + err = unpopulate(val, "ExternalReferences", &t.ExternalReferences) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &t.FriendlyName) + delete(rawMsg, key) + case "granularMarkings": + err = unpopulate(val, "GranularMarkings", &t.GranularMarkings) + delete(rawMsg, key) + case "indicatorTypes": + err = unpopulate(val, "IndicatorTypes", &t.IndicatorTypes) + delete(rawMsg, key) + case "killChainPhases": + err = unpopulate(val, "KillChainPhases", &t.KillChainPhases) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &t.Labels) + delete(rawMsg, key) + case "language": + err = unpopulate(val, "Language", &t.Language) + delete(rawMsg, key) + case "lastUpdatedTimeUtc": + err = unpopulate(val, "LastUpdatedTimeUTC", &t.LastUpdatedTimeUTC) + delete(rawMsg, key) + case "modified": + err = unpopulate(val, "Modified", &t.Modified) + delete(rawMsg, key) + case "objectMarkingRefs": + err = unpopulate(val, "ObjectMarkingRefs", &t.ObjectMarkingRefs) + delete(rawMsg, key) + case "parsedPattern": + err = unpopulate(val, "ParsedPattern", &t.ParsedPattern) + delete(rawMsg, key) + case "pattern": + err = unpopulate(val, "Pattern", &t.Pattern) + delete(rawMsg, key) + case "patternType": + err = unpopulate(val, "PatternType", &t.PatternType) + delete(rawMsg, key) + case "patternVersion": + err = unpopulate(val, "PatternVersion", &t.PatternVersion) + delete(rawMsg, key) + case "revoked": + err = unpopulate(val, "Revoked", &t.Revoked) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &t.Source) + delete(rawMsg, key) + case "threatIntelligenceTags": + err = unpopulate(val, "ThreatIntelligenceTags", &t.ThreatIntelligenceTags) + delete(rawMsg, key) + case "threatTypes": + err = unpopulate(val, "ThreatTypes", &t.ThreatTypes) + delete(rawMsg, key) + case "validFrom": + err = unpopulate(val, "ValidFrom", &t.ValidFrom) + delete(rawMsg, key) + case "validUntil": + err = unpopulate(val, "ValidUntil", &t.ValidUntil) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SubmissionMailEntityProperties. -func (s SubmissionMailEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceInformation. +func (t ThreatIntelligenceInformation) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", s.AdditionalData) - populate(objectMap, "friendlyName", s.FriendlyName) - populate(objectMap, "networkMessageId", s.NetworkMessageID) - populate(objectMap, "recipient", s.Recipient) - populate(objectMap, "reportType", s.ReportType) - populate(objectMap, "sender", s.Sender) - populate(objectMap, "senderIp", s.SenderIP) - populate(objectMap, "subject", s.Subject) - populateDateTimeRFC3339(objectMap, "submissionDate", s.SubmissionDate) - populate(objectMap, "submissionId", s.SubmissionID) - populate(objectMap, "submitter", s.Submitter) - populateDateTimeRFC3339(objectMap, "timestamp", s.Timestamp) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + objectMap["kind"] = t.Kind + populate(objectMap, "name", t.Name) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SubmissionMailEntityProperties. -func (s *SubmissionMailEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceInformation. +func (t *ThreatIntelligenceInformation) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &s.AdditionalData) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &s.FriendlyName) - delete(rawMsg, key) - case "networkMessageId": - err = unpopulate(val, "NetworkMessageID", &s.NetworkMessageID) - delete(rawMsg, key) - case "recipient": - err = unpopulate(val, "Recipient", &s.Recipient) - delete(rawMsg, key) - case "reportType": - err = unpopulate(val, "ReportType", &s.ReportType) - delete(rawMsg, key) - case "sender": - err = unpopulate(val, "Sender", &s.Sender) - delete(rawMsg, key) - case "senderIp": - err = unpopulate(val, "SenderIP", &s.SenderIP) + case "etag": + err = unpopulate(val, "Etag", &t.Etag) delete(rawMsg, key) - case "subject": - err = unpopulate(val, "Subject", &s.Subject) + case "id": + err = unpopulate(val, "ID", &t.ID) delete(rawMsg, key) - case "submissionDate": - err = unpopulateDateTimeRFC3339(val, "SubmissionDate", &s.SubmissionDate) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) - case "submissionId": - err = unpopulate(val, "SubmissionID", &s.SubmissionID) + case "name": + err = unpopulate(val, "Name", &t.Name) delete(rawMsg, key) - case "submitter": - err = unpopulate(val, "Submitter", &s.Submitter) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) delete(rawMsg, key) - case "timestamp": - err = unpopulateDateTimeRFC3339(val, "Timestamp", &s.Timestamp) + case "type": + err = unpopulate(val, "Type", &t.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SystemData. -func (s SystemData) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceInformationList. +func (t ThreatIntelligenceInformationList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateDateTimeRFC3339(objectMap, "createdAt", s.CreatedAt) - populate(objectMap, "createdBy", s.CreatedBy) - populate(objectMap, "createdByType", s.CreatedByType) - populateDateTimeRFC3339(objectMap, "lastModifiedAt", s.LastModifiedAt) - populate(objectMap, "lastModifiedBy", s.LastModifiedBy) - populate(objectMap, "lastModifiedByType", s.LastModifiedByType) + populate(objectMap, "nextLink", t.NextLink) + populate(objectMap, "value", t.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SystemData. -func (s *SystemData) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceInformationList. +func (t *ThreatIntelligenceInformationList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "createdAt": - err = unpopulateDateTimeRFC3339(val, "CreatedAt", &s.CreatedAt) - delete(rawMsg, key) - case "createdBy": - err = unpopulate(val, "CreatedBy", &s.CreatedBy) - delete(rawMsg, key) - case "createdByType": - err = unpopulate(val, "CreatedByType", &s.CreatedByType) - delete(rawMsg, key) - case "lastModifiedAt": - err = unpopulateDateTimeRFC3339(val, "LastModifiedAt", &s.LastModifiedAt) - delete(rawMsg, key) - case "lastModifiedBy": - err = unpopulate(val, "LastModifiedBy", &s.LastModifiedBy) + case "nextLink": + err = unpopulate(val, "NextLink", &t.NextLink) delete(rawMsg, key) - case "lastModifiedByType": - err = unpopulate(val, "LastModifiedByType", &s.LastModifiedByType) + case "value": + t.Value, err = unmarshalThreatIntelligenceInformationClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TICheckRequirements. -func (t TICheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceKillChainPhase. +func (t ThreatIntelligenceKillChainPhase) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindThreatIntelligence - populate(objectMap, "properties", t.Properties) + populate(objectMap, "killChainName", t.KillChainName) + populate(objectMap, "phaseName", t.PhaseName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TICheckRequirements. -func (t *TICheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceKillChainPhase. +func (t *ThreatIntelligenceKillChainPhase) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14595,11 +21470,11 @@ func (t *TICheckRequirements) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &t.Kind) + case "killChainName": + err = unpopulate(val, "KillChainName", &t.KillChainName) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &t.Properties) + case "phaseName": + err = unpopulate(val, "PhaseName", &t.PhaseName) delete(rawMsg, key) } if err != nil { @@ -14609,15 +21484,16 @@ func (t *TICheckRequirements) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TICheckRequirementsProperties. -func (t TICheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceList. +func (t ThreatIntelligenceList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", t.TenantID) + populate(objectMap, "nextLink", t.NextLink) + populate(objectMap, "value", t.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TICheckRequirementsProperties. -func (t *TICheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceList. +func (t *ThreatIntelligenceList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14625,8 +21501,11 @@ func (t *TICheckRequirementsProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "tenantId": - err = unpopulate(val, "TenantID", &t.TenantID) + case "nextLink": + err = unpopulate(val, "NextLink", &t.NextLink) + delete(rawMsg, key) + case "value": + t.Value, err = unmarshalTIObjectClassificationArray(val) delete(rawMsg, key) } if err != nil { @@ -14636,21 +21515,18 @@ func (t *TICheckRequirementsProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TIDataConnector. -func (t TIDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetric. +func (t ThreatIntelligenceMetric) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", t.Etag) - populate(objectMap, "id", t.ID) - objectMap["kind"] = DataConnectorKindThreatIntelligence - populate(objectMap, "name", t.Name) - populate(objectMap, "properties", t.Properties) - populate(objectMap, "systemData", t.SystemData) - populate(objectMap, "type", t.Type) + populate(objectMap, "lastUpdatedTimeUtc", t.LastUpdatedTimeUTC) + populate(objectMap, "patternTypeMetrics", t.PatternTypeMetrics) + populate(objectMap, "sourceMetrics", t.SourceMetrics) + populate(objectMap, "threatTypeMetrics", t.ThreatTypeMetrics) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnector. -func (t *TIDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetric. +func (t *ThreatIntelligenceMetric) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14658,26 +21534,17 @@ func (t *TIDataConnector) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &t.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &t.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &t.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &t.Name) + case "lastUpdatedTimeUtc": + err = unpopulate(val, "LastUpdatedTimeUTC", &t.LastUpdatedTimeUTC) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &t.Properties) + case "patternTypeMetrics": + err = unpopulate(val, "PatternTypeMetrics", &t.PatternTypeMetrics) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &t.SystemData) + case "sourceMetrics": + err = unpopulate(val, "SourceMetrics", &t.SourceMetrics) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &t.Type) + case "threatTypeMetrics": + err = unpopulate(val, "ThreatTypeMetrics", &t.ThreatTypeMetrics) delete(rawMsg, key) } if err != nil { @@ -14687,15 +21554,16 @@ func (t *TIDataConnector) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorDataTypes. -func (t TIDataConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetricEntity. +func (t ThreatIntelligenceMetricEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "indicators", t.Indicators) + populate(objectMap, "metricName", t.MetricName) + populate(objectMap, "metricValue", t.MetricValue) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorDataTypes. -func (t *TIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetricEntity. +func (t *ThreatIntelligenceMetricEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14703,8 +21571,11 @@ func (t *TIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "indicators": - err = unpopulate(val, "Indicators", &t.Indicators) + case "metricName": + err = unpopulate(val, "MetricName", &t.MetricName) + delete(rawMsg, key) + case "metricValue": + err = unpopulate(val, "MetricValue", &t.MetricValue) delete(rawMsg, key) } if err != nil { @@ -14714,15 +21585,15 @@ func (t *TIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorDataTypesIndicators. -func (t TIDataConnectorDataTypesIndicators) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetrics. +func (t ThreatIntelligenceMetrics) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", t.State) + populate(objectMap, "properties", t.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorDataTypesIndicators. -func (t *TIDataConnectorDataTypesIndicators) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetrics. +func (t *ThreatIntelligenceMetrics) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14730,8 +21601,8 @@ func (t *TIDataConnectorDataTypesIndicators) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &t.State) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) } if err != nil { @@ -14741,17 +21612,15 @@ func (t *TIDataConnectorDataTypesIndicators) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorProperties. -func (t TIDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetricsList. +func (t ThreatIntelligenceMetricsList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", t.DataTypes) - populate(objectMap, "tenantId", t.TenantID) - populateDateTimeRFC3339(objectMap, "tipLookbackPeriod", t.TipLookbackPeriod) + populate(objectMap, "value", t.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorProperties. -func (t *TIDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetricsList. +func (t *ThreatIntelligenceMetricsList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14759,14 +21628,8 @@ func (t *TIDataConnectorProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &t.DataTypes) - delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &t.TenantID) - delete(rawMsg, key) - case "tipLookbackPeriod": - err = unpopulateDateTimeRFC3339(val, "TipLookbackPeriod", &t.TipLookbackPeriod) + case "value": + err = unpopulate(val, "Value", &t.Value) delete(rawMsg, key) } if err != nil { @@ -14776,19 +21639,16 @@ func (t *TIDataConnectorProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TeamInformation. -func (t TeamInformation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceParsedPattern. +func (t ThreatIntelligenceParsedPattern) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "description", t.Description) - populate(objectMap, "name", t.Name) - populate(objectMap, "primaryChannelUrl", t.PrimaryChannelURL) - populateDateTimeRFC3339(objectMap, "teamCreationTimeUtc", t.TeamCreationTimeUTC) - populate(objectMap, "teamId", t.TeamID) + populate(objectMap, "patternTypeKey", t.PatternTypeKey) + populate(objectMap, "patternTypeValues", t.PatternTypeValues) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TeamInformation. -func (t *TeamInformation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceParsedPattern. +func (t *ThreatIntelligenceParsedPattern) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14796,20 +21656,11 @@ func (t *TeamInformation) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "description": - err = unpopulate(val, "Description", &t.Description) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &t.Name) - delete(rawMsg, key) - case "primaryChannelUrl": - err = unpopulate(val, "PrimaryChannelURL", &t.PrimaryChannelURL) - delete(rawMsg, key) - case "teamCreationTimeUtc": - err = unpopulateDateTimeRFC3339(val, "TeamCreationTimeUTC", &t.TeamCreationTimeUTC) + case "patternTypeKey": + err = unpopulate(val, "PatternTypeKey", &t.PatternTypeKey) delete(rawMsg, key) - case "teamId": - err = unpopulate(val, "TeamID", &t.TeamID) + case "patternTypeValues": + err = unpopulate(val, "PatternTypeValues", &t.PatternTypeValues) delete(rawMsg, key) } if err != nil { @@ -14819,36 +21670,28 @@ func (t *TeamInformation) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TeamProperties. -func (t TeamProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceParsedPatternTypeValue. +func (t ThreatIntelligenceParsedPatternTypeValue) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "groupIds", t.GroupIDs) - populate(objectMap, "memberIds", t.MemberIDs) - populate(objectMap, "teamDescription", t.TeamDescription) - populate(objectMap, "teamName", t.TeamName) + populate(objectMap, "value", t.Value) + populate(objectMap, "valueType", t.ValueType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TeamProperties. -func (t *TeamProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceParsedPatternTypeValue. +func (t *ThreatIntelligenceParsedPatternTypeValue) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error - switch key { - case "groupIds": - err = unpopulate(val, "GroupIDs", &t.GroupIDs) - delete(rawMsg, key) - case "memberIds": - err = unpopulate(val, "MemberIDs", &t.MemberIDs) - delete(rawMsg, key) - case "teamDescription": - err = unpopulate(val, "TeamDescription", &t.TeamDescription) + switch key { + case "value": + err = unpopulate(val, "Value", &t.Value) delete(rawMsg, key) - case "teamName": - err = unpopulate(val, "TeamName", &t.TeamName) + case "valueType": + err = unpopulate(val, "ValueType", &t.ValueType) delete(rawMsg, key) } if err != nil { @@ -14858,20 +21701,16 @@ func (t *TeamProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligence. -func (t ThreatIntelligence) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceSortingCriteria. +func (t ThreatIntelligenceSortingCriteria) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "confidence", t.Confidence) - populate(objectMap, "providerName", t.ProviderName) - populate(objectMap, "reportLink", t.ReportLink) - populate(objectMap, "threatDescription", t.ThreatDescription) - populate(objectMap, "threatName", t.ThreatName) - populate(objectMap, "threatType", t.ThreatType) + populate(objectMap, "itemKey", t.ItemKey) + populate(objectMap, "sortOrder", t.SortOrder) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligence. -func (t *ThreatIntelligence) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceSortingCriteria. +func (t *ThreatIntelligenceSortingCriteria) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14879,23 +21718,11 @@ func (t *ThreatIntelligence) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "confidence": - err = unpopulate(val, "Confidence", &t.Confidence) - delete(rawMsg, key) - case "providerName": - err = unpopulate(val, "ProviderName", &t.ProviderName) - delete(rawMsg, key) - case "reportLink": - err = unpopulate(val, "ReportLink", &t.ReportLink) - delete(rawMsg, key) - case "threatDescription": - err = unpopulate(val, "ThreatDescription", &t.ThreatDescription) - delete(rawMsg, key) - case "threatName": - err = unpopulate(val, "ThreatName", &t.ThreatName) + case "itemKey": + err = unpopulate(val, "ItemKey", &t.ItemKey) delete(rawMsg, key) - case "threatType": - err = unpopulate(val, "ThreatType", &t.ThreatType) + case "sortOrder": + err = unpopulate(val, "SortOrder", &t.SortOrder) delete(rawMsg, key) } if err != nil { @@ -14905,21 +21732,16 @@ func (t *ThreatIntelligence) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRule. -func (t ThreatIntelligenceAlertRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiCheckRequirements. +func (t TiTaxiiCheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", t.Etag) - populate(objectMap, "id", t.ID) - objectMap["kind"] = AlertRuleKindThreatIntelligence - populate(objectMap, "name", t.Name) + objectMap["kind"] = DataConnectorKindThreatIntelligenceTaxii populate(objectMap, "properties", t.Properties) - populate(objectMap, "systemData", t.SystemData) - populate(objectMap, "type", t.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRule. -func (t *ThreatIntelligenceAlertRule) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiCheckRequirements. +func (t *TiTaxiiCheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14927,27 +21749,12 @@ func (t *ThreatIntelligenceAlertRule) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &t.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &t.ID) - delete(rawMsg, key) case "kind": err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &t.Name) - delete(rawMsg, key) case "properties": err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &t.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &t.Type) - delete(rawMsg, key) } if err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14956,22 +21763,15 @@ func (t *ThreatIntelligenceAlertRule) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRuleProperties. -func (t ThreatIntelligenceAlertRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiCheckRequirementsProperties. +func (t TiTaxiiCheckRequirementsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertRuleTemplateName", t.AlertRuleTemplateName) - populate(objectMap, "description", t.Description) - populate(objectMap, "displayName", t.DisplayName) - populate(objectMap, "enabled", t.Enabled) - populateDateTimeRFC3339(objectMap, "lastModifiedUtc", t.LastModifiedUTC) - populate(objectMap, "severity", t.Severity) - populate(objectMap, "tactics", t.Tactics) - populate(objectMap, "techniques", t.Techniques) + populate(objectMap, "tenantId", t.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRuleProperties. -func (t *ThreatIntelligenceAlertRuleProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiCheckRequirementsProperties. +func (t *TiTaxiiCheckRequirementsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -14979,29 +21779,8 @@ func (t *ThreatIntelligenceAlertRuleProperties) UnmarshalJSON(data []byte) error for key, val := range rawMsg { var err error switch key { - case "alertRuleTemplateName": - err = unpopulate(val, "AlertRuleTemplateName", &t.AlertRuleTemplateName) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &t.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &t.DisplayName) - delete(rawMsg, key) - case "enabled": - err = unpopulate(val, "Enabled", &t.Enabled) - delete(rawMsg, key) - case "lastModifiedUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &t.LastModifiedUTC) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &t.Severity) - delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &t.Tactics) - delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &t.Techniques) + case "tenantId": + err = unpopulate(val, "TenantID", &t.TenantID) delete(rawMsg, key) } if err != nil { @@ -15011,11 +21790,12 @@ func (t *ThreatIntelligenceAlertRuleProperties) UnmarshalJSON(data []byte) error return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRuleTemplate. -func (t ThreatIntelligenceAlertRuleTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnector. +func (t TiTaxiiDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) + populate(objectMap, "etag", t.Etag) populate(objectMap, "id", t.ID) - objectMap["kind"] = AlertRuleKindThreatIntelligence + objectMap["kind"] = DataConnectorKindThreatIntelligenceTaxii populate(objectMap, "name", t.Name) populate(objectMap, "properties", t.Properties) populate(objectMap, "systemData", t.SystemData) @@ -15023,8 +21803,8 @@ func (t ThreatIntelligenceAlertRuleTemplate) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRuleTemplate. -func (t *ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnector. +func (t *TiTaxiiDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -15032,6 +21812,9 @@ func (t *ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { + case "etag": + err = unpopulate(val, "Etag", &t.Etag) + delete(rawMsg, key) case "id": err = unpopulate(val, "ID", &t.ID) delete(rawMsg, key) @@ -15058,78 +21841,15 @@ func (t *ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRuleTemplateProperties. -func (t ThreatIntelligenceAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "alertRulesCreatedByTemplateCount", t.AlertRulesCreatedByTemplateCount) - populateDateTimeRFC3339(objectMap, "createdDateUTC", t.CreatedDateUTC) - populate(objectMap, "description", t.Description) - populate(objectMap, "displayName", t.DisplayName) - populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", t.LastUpdatedDateUTC) - populate(objectMap, "requiredDataConnectors", t.RequiredDataConnectors) - populate(objectMap, "severity", t.Severity) - populate(objectMap, "status", t.Status) - populate(objectMap, "tactics", t.Tactics) - populate(objectMap, "techniques", t.Techniques) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRuleTemplateProperties. -func (t *ThreatIntelligenceAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "alertRulesCreatedByTemplateCount": - err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &t.AlertRulesCreatedByTemplateCount) - delete(rawMsg, key) - case "createdDateUTC": - err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &t.CreatedDateUTC) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &t.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &t.DisplayName) - delete(rawMsg, key) - case "lastUpdatedDateUTC": - err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &t.LastUpdatedDateUTC) - delete(rawMsg, key) - case "requiredDataConnectors": - err = unpopulate(val, "RequiredDataConnectors", &t.RequiredDataConnectors) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &t.Severity) - delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &t.Status) - delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &t.Tactics) - delete(rawMsg, key) - case "techniques": - err = unpopulate(val, "Techniques", &t.Techniques) - delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAppendTags. -func (t ThreatIntelligenceAppendTags) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnectorDataTypes. +func (t TiTaxiiDataConnectorDataTypes) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "threatIntelligenceTags", t.ThreatIntelligenceTags) + populate(objectMap, "taxiiClient", t.TaxiiClient) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAppendTags. -func (t *ThreatIntelligenceAppendTags) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnectorDataTypes. +func (t *TiTaxiiDataConnectorDataTypes) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -15137,8 +21857,8 @@ func (t *ThreatIntelligenceAppendTags) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "threatIntelligenceTags": - err = unpopulate(val, "ThreatIntelligenceTags", &t.ThreatIntelligenceTags) + case "taxiiClient": + err = unpopulate(val, "TaxiiClient", &t.TaxiiClient) delete(rawMsg, key) } if err != nil { @@ -15148,19 +21868,15 @@ func (t *ThreatIntelligenceAppendTags) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceExternalReference. -func (t ThreatIntelligenceExternalReference) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnectorDataTypesTaxiiClient. +func (t TiTaxiiDataConnectorDataTypesTaxiiClient) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "description", t.Description) - populate(objectMap, "externalId", t.ExternalID) - populate(objectMap, "hashes", t.Hashes) - populate(objectMap, "sourceName", t.SourceName) - populate(objectMap, "url", t.URL) + populate(objectMap, "state", t.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceExternalReference. -func (t *ThreatIntelligenceExternalReference) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnectorDataTypesTaxiiClient. +func (t *TiTaxiiDataConnectorDataTypesTaxiiClient) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -15168,20 +21884,8 @@ func (t *ThreatIntelligenceExternalReference) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "description": - err = unpopulate(val, "Description", &t.Description) - delete(rawMsg, key) - case "externalId": - err = unpopulate(val, "ExternalID", &t.ExternalID) - delete(rawMsg, key) - case "hashes": - err = unpopulate(val, "Hashes", &t.Hashes) - delete(rawMsg, key) - case "sourceName": - err = unpopulate(val, "SourceName", &t.SourceName) - delete(rawMsg, key) - case "url": - err = unpopulate(val, "URL", &t.URL) + case "state": + err = unpopulate(val, "State", &t.State) delete(rawMsg, key) } if err != nil { @@ -15191,27 +21895,24 @@ func (t *ThreatIntelligenceExternalReference) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceFilteringCriteria. -func (t ThreatIntelligenceFilteringCriteria) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnectorProperties. +func (t TiTaxiiDataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "ids", t.IDs) - populate(objectMap, "includeDisabled", t.IncludeDisabled) - populate(objectMap, "keywords", t.Keywords) - populate(objectMap, "maxConfidence", t.MaxConfidence) - populate(objectMap, "maxValidUntil", t.MaxValidUntil) - populate(objectMap, "minConfidence", t.MinConfidence) - populate(objectMap, "minValidUntil", t.MinValidUntil) - populate(objectMap, "pageSize", t.PageSize) - populate(objectMap, "patternTypes", t.PatternTypes) - populate(objectMap, "skipToken", t.SkipToken) - populate(objectMap, "sortBy", t.SortBy) - populate(objectMap, "sources", t.Sources) - populate(objectMap, "threatTypes", t.ThreatTypes) + populate(objectMap, "collectionId", t.CollectionID) + populate(objectMap, "dataTypes", t.DataTypes) + populate(objectMap, "friendlyName", t.FriendlyName) + populate(objectMap, "password", t.Password) + populate(objectMap, "pollingFrequency", t.PollingFrequency) + populateDateTimeRFC3339(objectMap, "taxiiLookbackPeriod", t.TaxiiLookbackPeriod) + populate(objectMap, "taxiiServer", t.TaxiiServer) + populate(objectMap, "tenantId", t.TenantID) + populate(objectMap, "userName", t.UserName) + populate(objectMap, "workspaceId", t.WorkspaceID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceFilteringCriteria. -func (t *ThreatIntelligenceFilteringCriteria) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnectorProperties. +func (t *TiTaxiiDataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -15219,44 +21920,35 @@ func (t *ThreatIntelligenceFilteringCriteria) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "ids": - err = unpopulate(val, "IDs", &t.IDs) - delete(rawMsg, key) - case "includeDisabled": - err = unpopulate(val, "IncludeDisabled", &t.IncludeDisabled) - delete(rawMsg, key) - case "keywords": - err = unpopulate(val, "Keywords", &t.Keywords) - delete(rawMsg, key) - case "maxConfidence": - err = unpopulate(val, "MaxConfidence", &t.MaxConfidence) + case "collectionId": + err = unpopulate(val, "CollectionID", &t.CollectionID) delete(rawMsg, key) - case "maxValidUntil": - err = unpopulate(val, "MaxValidUntil", &t.MaxValidUntil) + case "dataTypes": + err = unpopulate(val, "DataTypes", &t.DataTypes) delete(rawMsg, key) - case "minConfidence": - err = unpopulate(val, "MinConfidence", &t.MinConfidence) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &t.FriendlyName) delete(rawMsg, key) - case "minValidUntil": - err = unpopulate(val, "MinValidUntil", &t.MinValidUntil) + case "password": + err = unpopulate(val, "Password", &t.Password) delete(rawMsg, key) - case "pageSize": - err = unpopulate(val, "PageSize", &t.PageSize) + case "pollingFrequency": + err = unpopulate(val, "PollingFrequency", &t.PollingFrequency) delete(rawMsg, key) - case "patternTypes": - err = unpopulate(val, "PatternTypes", &t.PatternTypes) + case "taxiiLookbackPeriod": + err = unpopulateDateTimeRFC3339(val, "TaxiiLookbackPeriod", &t.TaxiiLookbackPeriod) delete(rawMsg, key) - case "skipToken": - err = unpopulate(val, "SkipToken", &t.SkipToken) + case "taxiiServer": + err = unpopulate(val, "TaxiiServer", &t.TaxiiServer) delete(rawMsg, key) - case "sortBy": - err = unpopulate(val, "SortBy", &t.SortBy) + case "tenantId": + err = unpopulate(val, "TenantID", &t.TenantID) delete(rawMsg, key) - case "sources": - err = unpopulate(val, "Sources", &t.Sources) + case "userName": + err = unpopulate(val, "UserName", &t.UserName) delete(rawMsg, key) - case "threatTypes": - err = unpopulate(val, "ThreatTypes", &t.ThreatTypes) + case "workspaceId": + err = unpopulate(val, "WorkspaceID", &t.WorkspaceID) delete(rawMsg, key) } if err != nil { @@ -15266,17 +21958,16 @@ func (t *ThreatIntelligenceFilteringCriteria) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceGranularMarkingModel. -func (t ThreatIntelligenceGranularMarkingModel) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TimelineAggregation. +func (t TimelineAggregation) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "language", t.Language) - populate(objectMap, "markingRef", t.MarkingRef) - populate(objectMap, "selectors", t.Selectors) + populate(objectMap, "count", t.Count) + populate(objectMap, "kind", t.Kind) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceGranularMarkingModel. -func (t *ThreatIntelligenceGranularMarkingModel) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TimelineAggregation. +func (t *TimelineAggregation) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -15284,14 +21975,11 @@ func (t *ThreatIntelligenceGranularMarkingModel) UnmarshalJSON(data []byte) erro for key, val := range rawMsg { var err error switch key { - case "language": - err = unpopulate(val, "Language", &t.Language) - delete(rawMsg, key) - case "markingRef": - err = unpopulate(val, "MarkingRef", &t.MarkingRef) + case "count": + err = unpopulate(val, "Count", &t.Count) delete(rawMsg, key) - case "selectors": - err = unpopulate(val, "Selectors", &t.Selectors) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) } if err != nil { @@ -15301,21 +21989,17 @@ func (t *ThreatIntelligenceGranularMarkingModel) UnmarshalJSON(data []byte) erro return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceIndicatorModel. -func (t ThreatIntelligenceIndicatorModel) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TimelineError. +func (t TimelineError) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", t.Etag) - populate(objectMap, "id", t.ID) - objectMap["kind"] = ThreatIntelligenceResourceKindEnumIndicator - populate(objectMap, "name", t.Name) - populate(objectMap, "properties", t.Properties) - populate(objectMap, "systemData", t.SystemData) - populate(objectMap, "type", t.Type) + populate(objectMap, "errorMessage", t.ErrorMessage) + populate(objectMap, "kind", t.Kind) + populate(objectMap, "queryId", t.QueryID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorModel. -func (t *ThreatIntelligenceIndicatorModel) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TimelineError. +func (t *TimelineError) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -15323,26 +22007,14 @@ func (t *ThreatIntelligenceIndicatorModel) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &t.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &t.ID) + case "errorMessage": + err = unpopulate(val, "ErrorMessage", &t.ErrorMessage) delete(rawMsg, key) case "kind": err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &t.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &t.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &t.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &t.Type) + case "queryId": + err = unpopulate(val, "QueryID", &t.QueryID) delete(rawMsg, key) } if err != nil { @@ -15352,44 +22024,17 @@ func (t *ThreatIntelligenceIndicatorModel) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceIndicatorProperties. -func (t ThreatIntelligenceIndicatorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TimelineResultsMetadata. +func (t TimelineResultsMetadata) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", t.AdditionalData) - populate(objectMap, "confidence", t.Confidence) - populate(objectMap, "created", t.Created) - populate(objectMap, "createdByRef", t.CreatedByRef) - populate(objectMap, "defanged", t.Defanged) - populate(objectMap, "description", t.Description) - populate(objectMap, "displayName", t.DisplayName) - populate(objectMap, "extensions", t.Extensions) - populate(objectMap, "externalId", t.ExternalID) - populate(objectMap, "externalLastUpdatedTimeUtc", t.ExternalLastUpdatedTimeUTC) - populate(objectMap, "externalReferences", t.ExternalReferences) - populate(objectMap, "friendlyName", t.FriendlyName) - populate(objectMap, "granularMarkings", t.GranularMarkings) - populate(objectMap, "indicatorTypes", t.IndicatorTypes) - populate(objectMap, "killChainPhases", t.KillChainPhases) - populate(objectMap, "labels", t.Labels) - populate(objectMap, "language", t.Language) - populate(objectMap, "lastUpdatedTimeUtc", t.LastUpdatedTimeUTC) - populate(objectMap, "modified", t.Modified) - populate(objectMap, "objectMarkingRefs", t.ObjectMarkingRefs) - populate(objectMap, "parsedPattern", t.ParsedPattern) - populate(objectMap, "pattern", t.Pattern) - populate(objectMap, "patternType", t.PatternType) - populate(objectMap, "patternVersion", t.PatternVersion) - populate(objectMap, "revoked", t.Revoked) - populate(objectMap, "source", t.Source) - populate(objectMap, "threatIntelligenceTags", t.ThreatIntelligenceTags) - populate(objectMap, "threatTypes", t.ThreatTypes) - populate(objectMap, "validFrom", t.ValidFrom) - populate(objectMap, "validUntil", t.ValidUntil) + populate(objectMap, "aggregations", t.Aggregations) + populate(objectMap, "errors", t.Errors) + populate(objectMap, "totalCount", t.TotalCount) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorProperties. -func (t *ThreatIntelligenceIndicatorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TimelineResultsMetadata. +func (t *TimelineResultsMetadata) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -15397,95 +22042,14 @@ func (t *ThreatIntelligenceIndicatorProperties) UnmarshalJSON(data []byte) error for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &t.AdditionalData) - delete(rawMsg, key) - case "confidence": - err = unpopulate(val, "Confidence", &t.Confidence) - delete(rawMsg, key) - case "created": - err = unpopulate(val, "Created", &t.Created) - delete(rawMsg, key) - case "createdByRef": - err = unpopulate(val, "CreatedByRef", &t.CreatedByRef) - delete(rawMsg, key) - case "defanged": - err = unpopulate(val, "Defanged", &t.Defanged) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &t.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &t.DisplayName) - delete(rawMsg, key) - case "extensions": - err = unpopulate(val, "Extensions", &t.Extensions) - delete(rawMsg, key) - case "externalId": - err = unpopulate(val, "ExternalID", &t.ExternalID) - delete(rawMsg, key) - case "externalLastUpdatedTimeUtc": - err = unpopulate(val, "ExternalLastUpdatedTimeUTC", &t.ExternalLastUpdatedTimeUTC) - delete(rawMsg, key) - case "externalReferences": - err = unpopulate(val, "ExternalReferences", &t.ExternalReferences) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &t.FriendlyName) - delete(rawMsg, key) - case "granularMarkings": - err = unpopulate(val, "GranularMarkings", &t.GranularMarkings) - delete(rawMsg, key) - case "indicatorTypes": - err = unpopulate(val, "IndicatorTypes", &t.IndicatorTypes) - delete(rawMsg, key) - case "killChainPhases": - err = unpopulate(val, "KillChainPhases", &t.KillChainPhases) - delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &t.Labels) - delete(rawMsg, key) - case "language": - err = unpopulate(val, "Language", &t.Language) - delete(rawMsg, key) - case "lastUpdatedTimeUtc": - err = unpopulate(val, "LastUpdatedTimeUTC", &t.LastUpdatedTimeUTC) - delete(rawMsg, key) - case "modified": - err = unpopulate(val, "Modified", &t.Modified) - delete(rawMsg, key) - case "objectMarkingRefs": - err = unpopulate(val, "ObjectMarkingRefs", &t.ObjectMarkingRefs) - delete(rawMsg, key) - case "parsedPattern": - err = unpopulate(val, "ParsedPattern", &t.ParsedPattern) - delete(rawMsg, key) - case "pattern": - err = unpopulate(val, "Pattern", &t.Pattern) - delete(rawMsg, key) - case "patternType": - err = unpopulate(val, "PatternType", &t.PatternType) - delete(rawMsg, key) - case "patternVersion": - err = unpopulate(val, "PatternVersion", &t.PatternVersion) - delete(rawMsg, key) - case "revoked": - err = unpopulate(val, "Revoked", &t.Revoked) - delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &t.Source) - delete(rawMsg, key) - case "threatIntelligenceTags": - err = unpopulate(val, "ThreatIntelligenceTags", &t.ThreatIntelligenceTags) - delete(rawMsg, key) - case "threatTypes": - err = unpopulate(val, "ThreatTypes", &t.ThreatTypes) + case "aggregations": + err = unpopulate(val, "Aggregations", &t.Aggregations) delete(rawMsg, key) - case "validFrom": - err = unpopulate(val, "ValidFrom", &t.ValidFrom) + case "errors": + err = unpopulate(val, "Errors", &t.Errors) delete(rawMsg, key) - case "validUntil": - err = unpopulate(val, "ValidUntil", &t.ValidUntil) + case "totalCount": + err = unpopulate(val, "TotalCount", &t.TotalCount) delete(rawMsg, key) } if err != nil { @@ -15495,20 +22059,20 @@ func (t *ThreatIntelligenceIndicatorProperties) UnmarshalJSON(data []byte) error return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceInformation. -func (t ThreatIntelligenceInformation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TriggeredAnalyticsRuleRun. +func (t TriggeredAnalyticsRuleRun) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "etag", t.Etag) populate(objectMap, "id", t.ID) - objectMap["kind"] = t.Kind populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) populate(objectMap, "systemData", t.SystemData) populate(objectMap, "type", t.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceInformation. -func (t *ThreatIntelligenceInformation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TriggeredAnalyticsRuleRun. +func (t *TriggeredAnalyticsRuleRun) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -15522,12 +22086,12 @@ func (t *ThreatIntelligenceInformation) UnmarshalJSON(data []byte) error { case "id": err = unpopulate(val, "ID", &t.ID) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &t.Kind) - delete(rawMsg, key) case "name": err = unpopulate(val, "Name", &t.Name) delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) + delete(rawMsg, key) case "systemData": err = unpopulate(val, "SystemData", &t.SystemData) delete(rawMsg, key) @@ -15542,16 +22106,19 @@ func (t *ThreatIntelligenceInformation) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceInformationList. -func (t ThreatIntelligenceInformationList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TriggeredAnalyticsRuleRunProperties. +func (t TriggeredAnalyticsRuleRunProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", t.NextLink) - populate(objectMap, "value", t.Value) + populateDateTimeRFC3339(objectMap, "executionTimeUtc", t.ExecutionTimeUTC) + populate(objectMap, "provisioningState", t.ProvisioningState) + populate(objectMap, "ruleId", t.RuleID) + populate(objectMap, "ruleRunAdditionalData", t.RuleRunAdditionalData) + populate(objectMap, "triggeredAnalyticsRuleRunId", t.TriggeredAnalyticsRuleRunID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceInformationList. -func (t *ThreatIntelligenceInformationList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TriggeredAnalyticsRuleRunProperties. +func (t *TriggeredAnalyticsRuleRunProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -15559,11 +22126,20 @@ func (t *ThreatIntelligenceInformationList) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &t.NextLink) + case "executionTimeUtc": + err = unpopulateDateTimeRFC3339(val, "ExecutionTimeUTC", &t.ExecutionTimeUTC) delete(rawMsg, key) - case "value": - t.Value, err = unmarshalThreatIntelligenceInformationClassificationArray(val) + case "provisioningState": + err = unpopulate(val, "ProvisioningState", &t.ProvisioningState) + delete(rawMsg, key) + case "ruleId": + err = unpopulate(val, "RuleID", &t.RuleID) + delete(rawMsg, key) + case "ruleRunAdditionalData": + err = unpopulate(val, "RuleRunAdditionalData", &t.RuleRunAdditionalData) + delete(rawMsg, key) + case "triggeredAnalyticsRuleRunId": + err = unpopulate(val, "TriggeredAnalyticsRuleRunID", &t.TriggeredAnalyticsRuleRunID) delete(rawMsg, key) } if err != nil { @@ -15573,16 +22149,16 @@ func (t *ThreatIntelligenceInformationList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceKillChainPhase. -func (t ThreatIntelligenceKillChainPhase) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TriggeredAnalyticsRuleRuns. +func (t TriggeredAnalyticsRuleRuns) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "killChainName", t.KillChainName) - populate(objectMap, "phaseName", t.PhaseName) + populate(objectMap, "nextLink", t.NextLink) + populate(objectMap, "value", t.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceKillChainPhase. -func (t *ThreatIntelligenceKillChainPhase) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TriggeredAnalyticsRuleRuns. +func (t *TriggeredAnalyticsRuleRuns) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -15590,11 +22166,11 @@ func (t *ThreatIntelligenceKillChainPhase) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "killChainName": - err = unpopulate(val, "KillChainName", &t.KillChainName) + case "nextLink": + err = unpopulate(val, "NextLink", &t.NextLink) delete(rawMsg, key) - case "phaseName": - err = unpopulate(val, "PhaseName", &t.PhaseName) + case "value": + err = unpopulate(val, "Value", &t.Value) delete(rawMsg, key) } if err != nil { @@ -15604,778 +22180,844 @@ func (t *ThreatIntelligenceKillChainPhase) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetric. -func (t ThreatIntelligenceMetric) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type URLEntity. +func (u URLEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "lastUpdatedTimeUtc", t.LastUpdatedTimeUTC) - populate(objectMap, "patternTypeMetrics", t.PatternTypeMetrics) - populate(objectMap, "sourceMetrics", t.SourceMetrics) - populate(objectMap, "threatTypeMetrics", t.ThreatTypeMetrics) + populate(objectMap, "id", u.ID) + objectMap["kind"] = EntityKindEnumURL + populate(objectMap, "name", u.Name) + populate(objectMap, "properties", u.Properties) + populate(objectMap, "systemData", u.SystemData) + populate(objectMap, "type", u.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetric. -func (t *ThreatIntelligenceMetric) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type URLEntity. +func (u *URLEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } for key, val := range rawMsg { var err error switch key { - case "lastUpdatedTimeUtc": - err = unpopulate(val, "LastUpdatedTimeUTC", &t.LastUpdatedTimeUTC) + case "id": + err = unpopulate(val, "ID", &u.ID) delete(rawMsg, key) - case "patternTypeMetrics": - err = unpopulate(val, "PatternTypeMetrics", &t.PatternTypeMetrics) + case "kind": + err = unpopulate(val, "Kind", &u.Kind) delete(rawMsg, key) - case "sourceMetrics": - err = unpopulate(val, "SourceMetrics", &t.SourceMetrics) + case "name": + err = unpopulate(val, "Name", &u.Name) delete(rawMsg, key) - case "threatTypeMetrics": - err = unpopulate(val, "ThreatTypeMetrics", &t.ThreatTypeMetrics) + case "properties": + err = unpopulate(val, "Properties", &u.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &u.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &u.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetricEntity. -func (t ThreatIntelligenceMetricEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type URLEntityProperties. +func (u URLEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "metricName", t.MetricName) - populate(objectMap, "metricValue", t.MetricValue) + populate(objectMap, "additionalData", u.AdditionalData) + populate(objectMap, "friendlyName", u.FriendlyName) + populate(objectMap, "url", u.URL) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetricEntity. -func (t *ThreatIntelligenceMetricEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type URLEntityProperties. +func (u *URLEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } for key, val := range rawMsg { var err error switch key { - case "metricName": - err = unpopulate(val, "MetricName", &t.MetricName) + case "additionalData": + err = unpopulate(val, "AdditionalData", &u.AdditionalData) delete(rawMsg, key) - case "metricValue": - err = unpopulate(val, "MetricValue", &t.MetricValue) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &u.FriendlyName) + delete(rawMsg, key) + case "url": + err = unpopulate(val, "URL", &u.URL) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetrics. -func (t ThreatIntelligenceMetrics) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Ueba. +func (u Ueba) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "properties", t.Properties) + populate(objectMap, "etag", u.Etag) + populate(objectMap, "id", u.ID) + objectMap["kind"] = SettingKindUeba + populate(objectMap, "name", u.Name) + populate(objectMap, "properties", u.Properties) + populate(objectMap, "systemData", u.SystemData) + populate(objectMap, "type", u.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetrics. -func (t *ThreatIntelligenceMetrics) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Ueba. +func (u *Ueba) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } for key, val := range rawMsg { var err error switch key { + case "etag": + err = unpopulate(val, "Etag", &u.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &u.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &u.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &u.Name) + delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &t.Properties) + err = unpopulate(val, "Properties", &u.Properties) delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetricsList. -func (t ThreatIntelligenceMetricsList) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "value", t.Value) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetricsList. -func (t *ThreatIntelligenceMetricsList) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "value": - err = unpopulate(val, "Value", &t.Value) + case "systemData": + err = unpopulate(val, "SystemData", &u.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &u.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceParsedPattern. -func (t ThreatIntelligenceParsedPattern) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type UebaProperties. +func (u UebaProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "patternTypeKey", t.PatternTypeKey) - populate(objectMap, "patternTypeValues", t.PatternTypeValues) + populate(objectMap, "dataSources", u.DataSources) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceParsedPattern. -func (t *ThreatIntelligenceParsedPattern) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type UebaProperties. +func (u *UebaProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } for key, val := range rawMsg { var err error switch key { - case "patternTypeKey": - err = unpopulate(val, "PatternTypeKey", &t.PatternTypeKey) - delete(rawMsg, key) - case "patternTypeValues": - err = unpopulate(val, "PatternTypeValues", &t.PatternTypeValues) + case "dataSources": + err = unpopulate(val, "DataSources", &u.DataSources) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceParsedPatternTypeValue. -func (t ThreatIntelligenceParsedPatternTypeValue) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type UndoActionPayload. +func (u UndoActionPayload) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "value", t.Value) - populate(objectMap, "valueType", t.ValueType) + populate(objectMap, "actionId", u.ActionID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceParsedPatternTypeValue. -func (t *ThreatIntelligenceParsedPatternTypeValue) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type UndoActionPayload. +func (u *UndoActionPayload) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } for key, val := range rawMsg { var err error switch key { - case "value": - err = unpopulate(val, "Value", &t.Value) - delete(rawMsg, key) - case "valueType": - err = unpopulate(val, "ValueType", &t.ValueType) + case "actionId": + err = unpopulate(val, "ActionID", &u.ActionID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceSortingCriteria. -func (t ThreatIntelligenceSortingCriteria) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type UnlockUserAction. +func (u UnlockUserAction) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "itemKey", t.ItemKey) - populate(objectMap, "sortOrder", t.SortOrder) + populate(objectMap, "failureReason", u.FailureReason) + objectMap["kind"] = ListActionKindUnlockUser + populate(objectMap, "user", u.User) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceSortingCriteria. -func (t *ThreatIntelligenceSortingCriteria) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type UnlockUserAction. +func (u *UnlockUserAction) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } for key, val := range rawMsg { var err error switch key { - case "itemKey": - err = unpopulate(val, "ItemKey", &t.ItemKey) + case "failureReason": + err = unpopulate(val, "FailureReason", &u.FailureReason) delete(rawMsg, key) - case "sortOrder": - err = unpopulate(val, "SortOrder", &t.SortOrder) + case "kind": + err = unpopulate(val, "Kind", &u.Kind) + delete(rawMsg, key) + case "user": + err = unpopulate(val, "User", &u.User) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TiTaxiiCheckRequirements. -func (t TiTaxiiCheckRequirements) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type UserInfo. +func (u UserInfo) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["kind"] = DataConnectorKindThreatIntelligenceTaxii - populate(objectMap, "properties", t.Properties) + populate(objectMap, "email", u.Email) + populate(objectMap, "name", u.Name) + populate(objectMap, "objectId", u.ObjectID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiCheckRequirements. -func (t *TiTaxiiCheckRequirements) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type UserInfo. +func (u *UserInfo) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } for key, val := range rawMsg { var err error switch key { - case "kind": - err = unpopulate(val, "Kind", &t.Kind) + case "email": + err = unpopulate(val, "Email", &u.Email) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &t.Properties) + case "name": + err = unpopulate(val, "Name", &u.Name) + delete(rawMsg, key) + case "objectId": + err = unpopulate(val, "ObjectID", &u.ObjectID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TiTaxiiCheckRequirementsProperties. -func (t TiTaxiiCheckRequirementsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ValidationError. +func (v ValidationError) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "tenantId", t.TenantID) + populate(objectMap, "errorMessages", v.ErrorMessages) + populate(objectMap, "recordIndex", v.RecordIndex) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiCheckRequirementsProperties. -func (t *TiTaxiiCheckRequirementsProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ValidationError. +func (v *ValidationError) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", v, err) } for key, val := range rawMsg { var err error switch key { - case "tenantId": - err = unpopulate(val, "TenantID", &t.TenantID) + case "errorMessages": + err = unpopulate(val, "ErrorMessages", &v.ErrorMessages) + delete(rawMsg, key) + case "recordIndex": + err = unpopulate(val, "RecordIndex", &v.RecordIndex) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", v, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnector. -func (t TiTaxiiDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Warning. +func (w Warning) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", t.Etag) - populate(objectMap, "id", t.ID) - objectMap["kind"] = DataConnectorKindThreatIntelligenceTaxii - populate(objectMap, "name", t.Name) - populate(objectMap, "properties", t.Properties) - populate(objectMap, "systemData", t.SystemData) - populate(objectMap, "type", t.Type) + populate(objectMap, "warning", w.Warning) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnector. -func (t *TiTaxiiDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Warning. +func (w *Warning) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &t.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &t.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &t.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &t.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &t.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &t.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &t.Type) + case "warning": + err = unpopulate(val, "Warning", &w.Warning) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnectorDataTypes. -func (t TiTaxiiDataConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WarningBody. +func (w WarningBody) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "taxiiClient", t.TaxiiClient) + populate(objectMap, "code", w.Code) + populate(objectMap, "details", w.Details) + populate(objectMap, "message", w.Message) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnectorDataTypes. -func (t *TiTaxiiDataConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WarningBody. +func (w *WarningBody) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "taxiiClient": - err = unpopulate(val, "TaxiiClient", &t.TaxiiClient) + case "code": + err = unpopulate(val, "Code", &w.Code) + delete(rawMsg, key) + case "details": + err = unpopulate(val, "Details", &w.Details) + delete(rawMsg, key) + case "message": + err = unpopulate(val, "Message", &w.Message) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnectorDataTypesTaxiiClient. -func (t TiTaxiiDataConnectorDataTypesTaxiiClient) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Watchlist. +func (w Watchlist) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", t.State) + populate(objectMap, "etag", w.Etag) + populate(objectMap, "id", w.ID) + populate(objectMap, "name", w.Name) + populate(objectMap, "properties", w.Properties) + populate(objectMap, "systemData", w.SystemData) + populate(objectMap, "type", w.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnectorDataTypesTaxiiClient. -func (t *TiTaxiiDataConnectorDataTypesTaxiiClient) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Watchlist. +func (w *Watchlist) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &t.State) + case "etag": + err = unpopulate(val, "Etag", &w.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &w.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &w.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &w.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &w.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &w.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnectorProperties. -func (t TiTaxiiDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WatchlistItem. +func (w WatchlistItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "collectionId", t.CollectionID) - populate(objectMap, "dataTypes", t.DataTypes) - populate(objectMap, "friendlyName", t.FriendlyName) - populate(objectMap, "password", t.Password) - populate(objectMap, "pollingFrequency", t.PollingFrequency) - populateDateTimeRFC3339(objectMap, "taxiiLookbackPeriod", t.TaxiiLookbackPeriod) - populate(objectMap, "taxiiServer", t.TaxiiServer) - populate(objectMap, "tenantId", t.TenantID) - populate(objectMap, "userName", t.UserName) - populate(objectMap, "workspaceId", t.WorkspaceID) + populate(objectMap, "etag", w.Etag) + populate(objectMap, "id", w.ID) + populate(objectMap, "name", w.Name) + populate(objectMap, "properties", w.Properties) + populate(objectMap, "systemData", w.SystemData) + populate(objectMap, "type", w.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnectorProperties. -func (t *TiTaxiiDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItem. +func (w *WatchlistItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "collectionId": - err = unpopulate(val, "CollectionID", &t.CollectionID) - delete(rawMsg, key) - case "dataTypes": - err = unpopulate(val, "DataTypes", &t.DataTypes) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &t.FriendlyName) - delete(rawMsg, key) - case "password": - err = unpopulate(val, "Password", &t.Password) - delete(rawMsg, key) - case "pollingFrequency": - err = unpopulate(val, "PollingFrequency", &t.PollingFrequency) + case "etag": + err = unpopulate(val, "Etag", &w.Etag) delete(rawMsg, key) - case "taxiiLookbackPeriod": - err = unpopulateDateTimeRFC3339(val, "TaxiiLookbackPeriod", &t.TaxiiLookbackPeriod) + case "id": + err = unpopulate(val, "ID", &w.ID) delete(rawMsg, key) - case "taxiiServer": - err = unpopulate(val, "TaxiiServer", &t.TaxiiServer) + case "name": + err = unpopulate(val, "Name", &w.Name) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &t.TenantID) + case "properties": + err = unpopulate(val, "Properties", &w.Properties) delete(rawMsg, key) - case "userName": - err = unpopulate(val, "UserName", &t.UserName) + case "systemData": + err = unpopulate(val, "SystemData", &w.SystemData) delete(rawMsg, key) - case "workspaceId": - err = unpopulate(val, "WorkspaceID", &t.WorkspaceID) + case "type": + err = unpopulate(val, "Type", &w.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TimelineAggregation. -func (t TimelineAggregation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WatchlistItemList. +func (w WatchlistItemList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "count", t.Count) - populate(objectMap, "kind", t.Kind) + populate(objectMap, "nextLink", w.NextLink) + populate(objectMap, "value", w.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TimelineAggregation. -func (t *TimelineAggregation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItemList. +func (w *WatchlistItemList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "count": - err = unpopulate(val, "Count", &t.Count) + case "nextLink": + err = unpopulate(val, "NextLink", &w.NextLink) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &t.Kind) + case "value": + err = unpopulate(val, "Value", &w.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TimelineError. -func (t TimelineError) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WatchlistItemProperties. +func (w WatchlistItemProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "errorMessage", t.ErrorMessage) - populate(objectMap, "kind", t.Kind) - populate(objectMap, "queryId", t.QueryID) + populateDateTimeRFC3339(objectMap, "created", w.Created) + populate(objectMap, "createdBy", w.CreatedBy) + populateAny(objectMap, "entityMapping", w.EntityMapping) + populate(objectMap, "isDeleted", w.IsDeleted) + populateAny(objectMap, "itemsKeyValue", w.ItemsKeyValue) + populate(objectMap, "tenantId", w.TenantID) + populateDateTimeRFC3339(objectMap, "updated", w.Updated) + populate(objectMap, "updatedBy", w.UpdatedBy) + populate(objectMap, "watchlistItemId", w.WatchlistItemID) + populate(objectMap, "watchlistItemType", w.WatchlistItemType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TimelineError. -func (t *TimelineError) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItemProperties. +func (w *WatchlistItemProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "errorMessage": - err = unpopulate(val, "ErrorMessage", &t.ErrorMessage) + case "created": + err = unpopulateDateTimeRFC3339(val, "Created", &w.Created) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &t.Kind) + case "createdBy": + err = unpopulate(val, "CreatedBy", &w.CreatedBy) delete(rawMsg, key) - case "queryId": - err = unpopulate(val, "QueryID", &t.QueryID) + case "entityMapping": + err = unpopulate(val, "EntityMapping", &w.EntityMapping) + delete(rawMsg, key) + case "isDeleted": + err = unpopulate(val, "IsDeleted", &w.IsDeleted) + delete(rawMsg, key) + case "itemsKeyValue": + err = unpopulate(val, "ItemsKeyValue", &w.ItemsKeyValue) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &w.TenantID) + delete(rawMsg, key) + case "updated": + err = unpopulateDateTimeRFC3339(val, "Updated", &w.Updated) + delete(rawMsg, key) + case "updatedBy": + err = unpopulate(val, "UpdatedBy", &w.UpdatedBy) + delete(rawMsg, key) + case "watchlistItemId": + err = unpopulate(val, "WatchlistItemID", &w.WatchlistItemID) + delete(rawMsg, key) + case "watchlistItemType": + err = unpopulate(val, "WatchlistItemType", &w.WatchlistItemType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TimelineResultsMetadata. -func (t TimelineResultsMetadata) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WatchlistList. +func (w WatchlistList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "aggregations", t.Aggregations) - populate(objectMap, "errors", t.Errors) - populate(objectMap, "totalCount", t.TotalCount) + populate(objectMap, "nextLink", w.NextLink) + populate(objectMap, "value", w.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TimelineResultsMetadata. -func (t *TimelineResultsMetadata) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistList. +func (w *WatchlistList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "aggregations": - err = unpopulate(val, "Aggregations", &t.Aggregations) - delete(rawMsg, key) - case "errors": - err = unpopulate(val, "Errors", &t.Errors) + case "nextLink": + err = unpopulate(val, "NextLink", &w.NextLink) delete(rawMsg, key) - case "totalCount": - err = unpopulate(val, "TotalCount", &t.TotalCount) + case "value": + err = unpopulate(val, "Value", &w.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type URLEntity. -func (u URLEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WatchlistProperties. +func (w WatchlistProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", u.ID) - objectMap["kind"] = EntityKindURL - populate(objectMap, "name", u.Name) - populate(objectMap, "properties", u.Properties) - populate(objectMap, "systemData", u.SystemData) - populate(objectMap, "type", u.Type) + populate(objectMap, "contentType", w.ContentType) + populateDateTimeRFC3339(objectMap, "created", w.Created) + populate(objectMap, "createdBy", w.CreatedBy) + populate(objectMap, "defaultDuration", w.DefaultDuration) + populate(objectMap, "description", w.Description) + populate(objectMap, "displayName", w.DisplayName) + populate(objectMap, "isDeleted", w.IsDeleted) + populate(objectMap, "itemsSearchKey", w.ItemsSearchKey) + populate(objectMap, "labels", w.Labels) + populate(objectMap, "numberOfLinesToSkip", w.NumberOfLinesToSkip) + populate(objectMap, "provider", w.Provider) + populate(objectMap, "provisioningState", w.ProvisioningState) + populate(objectMap, "rawContent", w.RawContent) + populate(objectMap, "source", w.Source) + populate(objectMap, "sourceType", w.SourceType) + populate(objectMap, "tenantId", w.TenantID) + populateDateTimeRFC3339(objectMap, "updated", w.Updated) + populate(objectMap, "updatedBy", w.UpdatedBy) + populate(objectMap, "uploadStatus", w.UploadStatus) + populate(objectMap, "watchlistAlias", w.WatchlistAlias) + populate(objectMap, "watchlistId", w.WatchlistID) + populate(objectMap, "watchlistType", w.WatchlistType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type URLEntity. -func (u *URLEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistProperties. +func (w *WatchlistProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &u.ID) + case "contentType": + err = unpopulate(val, "ContentType", &w.ContentType) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &u.Kind) + case "created": + err = unpopulateDateTimeRFC3339(val, "Created", &w.Created) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &u.Name) + case "createdBy": + err = unpopulate(val, "CreatedBy", &w.CreatedBy) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &u.Properties) + case "defaultDuration": + err = unpopulate(val, "DefaultDuration", &w.DefaultDuration) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &u.SystemData) + case "description": + err = unpopulate(val, "Description", &w.Description) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &u.Type) + case "displayName": + err = unpopulate(val, "DisplayName", &w.DisplayName) + delete(rawMsg, key) + case "isDeleted": + err = unpopulate(val, "IsDeleted", &w.IsDeleted) + delete(rawMsg, key) + case "itemsSearchKey": + err = unpopulate(val, "ItemsSearchKey", &w.ItemsSearchKey) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &w.Labels) + delete(rawMsg, key) + case "numberOfLinesToSkip": + err = unpopulate(val, "NumberOfLinesToSkip", &w.NumberOfLinesToSkip) + delete(rawMsg, key) + case "provider": + err = unpopulate(val, "Provider", &w.Provider) + delete(rawMsg, key) + case "provisioningState": + err = unpopulate(val, "ProvisioningState", &w.ProvisioningState) + delete(rawMsg, key) + case "rawContent": + err = unpopulate(val, "RawContent", &w.RawContent) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &w.Source) + delete(rawMsg, key) + case "sourceType": + err = unpopulate(val, "SourceType", &w.SourceType) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &w.TenantID) + delete(rawMsg, key) + case "updated": + err = unpopulateDateTimeRFC3339(val, "Updated", &w.Updated) + delete(rawMsg, key) + case "updatedBy": + err = unpopulate(val, "UpdatedBy", &w.UpdatedBy) + delete(rawMsg, key) + case "uploadStatus": + err = unpopulate(val, "UploadStatus", &w.UploadStatus) + delete(rawMsg, key) + case "watchlistAlias": + err = unpopulate(val, "WatchlistAlias", &w.WatchlistAlias) + delete(rawMsg, key) + case "watchlistId": + err = unpopulate(val, "WatchlistID", &w.WatchlistID) + delete(rawMsg, key) + case "watchlistType": + err = unpopulate(val, "WatchlistType", &w.WatchlistType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type URLEntityProperties. -func (u URLEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Webhook. +func (w Webhook) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", u.AdditionalData) - populate(objectMap, "friendlyName", u.FriendlyName) - populate(objectMap, "url", u.URL) + populate(objectMap, "rotateWebhookSecret", w.RotateWebhookSecret) + populate(objectMap, "webhookId", w.WebhookID) + populateDateTimeRFC3339(objectMap, "webhookSecretUpdateTime", w.WebhookSecretUpdateTime) + populate(objectMap, "webhookUrl", w.WebhookURL) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type URLEntityProperties. -func (u *URLEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Webhook. +func (w *Webhook) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &u.AdditionalData) + case "rotateWebhookSecret": + err = unpopulate(val, "RotateWebhookSecret", &w.RotateWebhookSecret) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &u.FriendlyName) + case "webhookId": + err = unpopulate(val, "WebhookID", &w.WebhookID) delete(rawMsg, key) - case "url": - err = unpopulate(val, "URL", &u.URL) + case "webhookSecretUpdateTime": + err = unpopulateDateTimeRFC3339(val, "WebhookSecretUpdateTime", &w.WebhookSecretUpdateTime) + delete(rawMsg, key) + case "webhookUrl": + err = unpopulate(val, "WebhookURL", &w.WebhookURL) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Ueba. -func (u Ueba) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerAssignment. +func (w WorkspaceManagerAssignment) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", u.Etag) - populate(objectMap, "id", u.ID) - objectMap["kind"] = SettingKindUeba - populate(objectMap, "name", u.Name) - populate(objectMap, "properties", u.Properties) - populate(objectMap, "systemData", u.SystemData) - populate(objectMap, "type", u.Type) + populate(objectMap, "etag", w.Etag) + populate(objectMap, "id", w.ID) + populate(objectMap, "name", w.Name) + populate(objectMap, "properties", w.Properties) + populate(objectMap, "systemData", w.SystemData) + populate(objectMap, "type", w.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Ueba. -func (u *Ueba) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerAssignment. +func (w *WorkspaceManagerAssignment) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { case "etag": - err = unpopulate(val, "Etag", &u.Etag) + err = unpopulate(val, "Etag", &w.Etag) delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &u.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &u.Kind) + err = unpopulate(val, "ID", &w.ID) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &u.Name) + err = unpopulate(val, "Name", &w.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &u.Properties) + err = unpopulate(val, "Properties", &w.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &u.SystemData) + err = unpopulate(val, "SystemData", &w.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &u.Type) - delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type UebaProperties. -func (u UebaProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "dataSources", u.DataSources) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type UebaProperties. -func (u *UebaProperties) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "dataSources": - err = unpopulate(val, "DataSources", &u.DataSources) + err = unpopulate(val, "Type", &w.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type UserInfo. -func (u UserInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerAssignmentList. +func (w WorkspaceManagerAssignmentList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "email", u.Email) - populate(objectMap, "name", u.Name) - populate(objectMap, "objectId", u.ObjectID) + populate(objectMap, "nextLink", w.NextLink) + populate(objectMap, "value", w.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type UserInfo. -func (u *UserInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerAssignmentList. +func (w *WorkspaceManagerAssignmentList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "email": - err = unpopulate(val, "Email", &u.Email) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &u.Name) + case "nextLink": + err = unpopulate(val, "NextLink", &w.NextLink) delete(rawMsg, key) - case "objectId": - err = unpopulate(val, "ObjectID", &u.ObjectID) + case "value": + err = unpopulate(val, "Value", &w.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ValidationError. -func (v ValidationError) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerAssignmentProperties. +func (w WorkspaceManagerAssignmentProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "errorMessages", v.ErrorMessages) - populate(objectMap, "recordIndex", v.RecordIndex) + populate(objectMap, "items", w.Items) + populateDateTimeRFC3339(objectMap, "lastJobEndTime", w.LastJobEndTime) + populate(objectMap, "lastJobProvisioningState", w.LastJobProvisioningState) + populate(objectMap, "targetResourceName", w.TargetResourceName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ValidationError. -func (v *ValidationError) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerAssignmentProperties. +func (w *WorkspaceManagerAssignmentProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", v, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "errorMessages": - err = unpopulate(val, "ErrorMessages", &v.ErrorMessages) + case "items": + err = unpopulate(val, "Items", &w.Items) delete(rawMsg, key) - case "recordIndex": - err = unpopulate(val, "RecordIndex", &v.RecordIndex) + case "lastJobEndTime": + err = unpopulateDateTimeRFC3339(val, "LastJobEndTime", &w.LastJobEndTime) + delete(rawMsg, key) + case "lastJobProvisioningState": + err = unpopulate(val, "LastJobProvisioningState", &w.LastJobProvisioningState) + delete(rawMsg, key) + case "targetResourceName": + err = unpopulate(val, "TargetResourceName", &w.TargetResourceName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", v, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Watchlist. -func (w Watchlist) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerConfiguration. +func (w WorkspaceManagerConfiguration) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "etag", w.Etag) populate(objectMap, "id", w.ID) @@ -16386,8 +23028,8 @@ func (w Watchlist) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Watchlist. -func (w *Watchlist) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerConfiguration. +func (w *WorkspaceManagerConfiguration) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -16421,8 +23063,66 @@ func (w *Watchlist) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type WatchlistItem. -func (w WatchlistItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerConfigurationList. +func (w WorkspaceManagerConfigurationList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", w.NextLink) + populate(objectMap, "value", w.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerConfigurationList. +func (w *WorkspaceManagerConfigurationList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &w.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &w.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerConfigurationProperties. +func (w WorkspaceManagerConfigurationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "mode", w.Mode) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerConfigurationProperties. +func (w *WorkspaceManagerConfigurationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "mode": + err = unpopulate(val, "Mode", &w.Mode) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerGroup. +func (w WorkspaceManagerGroup) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "etag", w.Etag) populate(objectMap, "id", w.ID) @@ -16433,8 +23133,8 @@ func (w WatchlistItem) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItem. -func (w *WatchlistItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerGroup. +func (w *WorkspaceManagerGroup) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -16468,16 +23168,16 @@ func (w *WatchlistItem) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type WatchlistItemList. -func (w WatchlistItemList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerGroupList. +func (w WorkspaceManagerGroupList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "nextLink", w.NextLink) populate(objectMap, "value", w.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItemList. -func (w *WatchlistItemList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerGroupList. +func (w *WorkspaceManagerGroupList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -16499,24 +23199,17 @@ func (w *WatchlistItemList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type WatchlistItemProperties. -func (w WatchlistItemProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerGroupProperties. +func (w WorkspaceManagerGroupProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateDateTimeRFC3339(objectMap, "created", w.Created) - populate(objectMap, "createdBy", w.CreatedBy) - populate(objectMap, "entityMapping", w.EntityMapping) - populate(objectMap, "isDeleted", w.IsDeleted) - populate(objectMap, "itemsKeyValue", w.ItemsKeyValue) - populate(objectMap, "tenantId", w.TenantID) - populateDateTimeRFC3339(objectMap, "updated", w.Updated) - populate(objectMap, "updatedBy", w.UpdatedBy) - populate(objectMap, "watchlistItemId", w.WatchlistItemID) - populate(objectMap, "watchlistItemType", w.WatchlistItemType) + populate(objectMap, "description", w.Description) + populate(objectMap, "displayName", w.DisplayName) + populate(objectMap, "memberResourceNames", w.MemberResourceNames) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItemProperties. -func (w *WatchlistItemProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerGroupProperties. +func (w *WorkspaceManagerGroupProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -16524,35 +23217,14 @@ func (w *WatchlistItemProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "created": - err = unpopulateDateTimeRFC3339(val, "Created", &w.Created) - delete(rawMsg, key) - case "createdBy": - err = unpopulate(val, "CreatedBy", &w.CreatedBy) - delete(rawMsg, key) - case "entityMapping": - err = unpopulate(val, "EntityMapping", &w.EntityMapping) - delete(rawMsg, key) - case "isDeleted": - err = unpopulate(val, "IsDeleted", &w.IsDeleted) - delete(rawMsg, key) - case "itemsKeyValue": - err = unpopulate(val, "ItemsKeyValue", &w.ItemsKeyValue) - delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &w.TenantID) - delete(rawMsg, key) - case "updated": - err = unpopulateDateTimeRFC3339(val, "Updated", &w.Updated) - delete(rawMsg, key) - case "updatedBy": - err = unpopulate(val, "UpdatedBy", &w.UpdatedBy) + case "description": + err = unpopulate(val, "Description", &w.Description) delete(rawMsg, key) - case "watchlistItemId": - err = unpopulate(val, "WatchlistItemID", &w.WatchlistItemID) + case "displayName": + err = unpopulate(val, "DisplayName", &w.DisplayName) delete(rawMsg, key) - case "watchlistItemType": - err = unpopulate(val, "WatchlistItemType", &w.WatchlistItemType) + case "memberResourceNames": + err = unpopulate(val, "MemberResourceNames", &w.MemberResourceNames) delete(rawMsg, key) } if err != nil { @@ -16562,16 +23234,20 @@ func (w *WatchlistItemProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type WatchlistList. -func (w WatchlistList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerMember. +func (w WorkspaceManagerMember) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", w.NextLink) - populate(objectMap, "value", w.Value) + populate(objectMap, "etag", w.Etag) + populate(objectMap, "id", w.ID) + populate(objectMap, "name", w.Name) + populate(objectMap, "properties", w.Properties) + populate(objectMap, "systemData", w.SystemData) + populate(objectMap, "type", w.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistList. -func (w *WatchlistList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerMember. +func (w *WorkspaceManagerMember) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -16579,11 +23255,23 @@ func (w *WatchlistList) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &w.NextLink) + case "etag": + err = unpopulate(val, "Etag", &w.Etag) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &w.Value) + case "id": + err = unpopulate(val, "ID", &w.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &w.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &w.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &w.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &w.Type) delete(rawMsg, key) } if err != nil { @@ -16593,35 +23281,16 @@ func (w *WatchlistList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type WatchlistProperties. -func (w WatchlistProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerMemberProperties. +func (w WorkspaceManagerMemberProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "contentType", w.ContentType) - populateDateTimeRFC3339(objectMap, "created", w.Created) - populate(objectMap, "createdBy", w.CreatedBy) - populate(objectMap, "defaultDuration", w.DefaultDuration) - populate(objectMap, "description", w.Description) - populate(objectMap, "displayName", w.DisplayName) - populate(objectMap, "isDeleted", w.IsDeleted) - populate(objectMap, "itemsSearchKey", w.ItemsSearchKey) - populate(objectMap, "labels", w.Labels) - populate(objectMap, "numberOfLinesToSkip", w.NumberOfLinesToSkip) - populate(objectMap, "provider", w.Provider) - populate(objectMap, "rawContent", w.RawContent) - populate(objectMap, "source", w.Source) - populate(objectMap, "sourceType", w.SourceType) - populate(objectMap, "tenantId", w.TenantID) - populateDateTimeRFC3339(objectMap, "updated", w.Updated) - populate(objectMap, "updatedBy", w.UpdatedBy) - populate(objectMap, "uploadStatus", w.UploadStatus) - populate(objectMap, "watchlistAlias", w.WatchlistAlias) - populate(objectMap, "watchlistId", w.WatchlistID) - populate(objectMap, "watchlistType", w.WatchlistType) + populate(objectMap, "targetWorkspaceResourceId", w.TargetWorkspaceResourceID) + populate(objectMap, "targetWorkspaceTenantId", w.TargetWorkspaceTenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistProperties. -func (w *WatchlistProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerMemberProperties. +func (w *WorkspaceManagerMemberProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -16629,68 +23298,11 @@ func (w *WatchlistProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "contentType": - err = unpopulate(val, "ContentType", &w.ContentType) - delete(rawMsg, key) - case "created": - err = unpopulateDateTimeRFC3339(val, "Created", &w.Created) - delete(rawMsg, key) - case "createdBy": - err = unpopulate(val, "CreatedBy", &w.CreatedBy) - delete(rawMsg, key) - case "defaultDuration": - err = unpopulate(val, "DefaultDuration", &w.DefaultDuration) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &w.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &w.DisplayName) - delete(rawMsg, key) - case "isDeleted": - err = unpopulate(val, "IsDeleted", &w.IsDeleted) - delete(rawMsg, key) - case "itemsSearchKey": - err = unpopulate(val, "ItemsSearchKey", &w.ItemsSearchKey) - delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &w.Labels) - delete(rawMsg, key) - case "numberOfLinesToSkip": - err = unpopulate(val, "NumberOfLinesToSkip", &w.NumberOfLinesToSkip) - delete(rawMsg, key) - case "provider": - err = unpopulate(val, "Provider", &w.Provider) - delete(rawMsg, key) - case "rawContent": - err = unpopulate(val, "RawContent", &w.RawContent) - delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &w.Source) - delete(rawMsg, key) - case "sourceType": - err = unpopulate(val, "SourceType", &w.SourceType) - delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &w.TenantID) - delete(rawMsg, key) - case "updated": - err = unpopulateDateTimeRFC3339(val, "Updated", &w.Updated) - delete(rawMsg, key) - case "updatedBy": - err = unpopulate(val, "UpdatedBy", &w.UpdatedBy) - delete(rawMsg, key) - case "uploadStatus": - err = unpopulate(val, "UploadStatus", &w.UploadStatus) - delete(rawMsg, key) - case "watchlistAlias": - err = unpopulate(val, "WatchlistAlias", &w.WatchlistAlias) - delete(rawMsg, key) - case "watchlistId": - err = unpopulate(val, "WatchlistID", &w.WatchlistID) + case "targetWorkspaceResourceId": + err = unpopulate(val, "TargetWorkspaceResourceID", &w.TargetWorkspaceResourceID) delete(rawMsg, key) - case "watchlistType": - err = unpopulate(val, "WatchlistType", &w.WatchlistType) + case "targetWorkspaceTenantId": + err = unpopulate(val, "TargetWorkspaceTenantID", &w.TargetWorkspaceTenantID) delete(rawMsg, key) } if err != nil { @@ -16700,18 +23312,16 @@ func (w *WatchlistProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type Webhook. -func (w Webhook) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerMembersList. +func (w WorkspaceManagerMembersList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "rotateWebhookSecret", w.RotateWebhookSecret) - populate(objectMap, "webhookId", w.WebhookID) - populate(objectMap, "webhookSecretUpdateTime", w.WebhookSecretUpdateTime) - populate(objectMap, "webhookUrl", w.WebhookURL) + populate(objectMap, "nextLink", w.NextLink) + populate(objectMap, "value", w.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Webhook. -func (w *Webhook) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerMembersList. +func (w *WorkspaceManagerMembersList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -16719,17 +23329,11 @@ func (w *Webhook) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "rotateWebhookSecret": - err = unpopulate(val, "RotateWebhookSecret", &w.RotateWebhookSecret) - delete(rawMsg, key) - case "webhookId": - err = unpopulate(val, "WebhookID", &w.WebhookID) - delete(rawMsg, key) - case "webhookSecretUpdateTime": - err = unpopulate(val, "WebhookSecretUpdateTime", &w.WebhookSecretUpdateTime) + case "nextLink": + err = unpopulate(val, "NextLink", &w.NextLink) delete(rawMsg, key) - case "webhookUrl": - err = unpopulate(val, "WebhookURL", &w.WebhookURL) + case "value": + err = unpopulate(val, "Value", &w.Value) delete(rawMsg, key) } if err != nil { diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client.go index bb99d89ea86b..815fbafc6bc4 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type OfficeConsentsClient struct { } // NewOfficeConsentsClient creates a new instance of OfficeConsentsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewOfficeConsentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*OfficeConsentsClient, error) { @@ -46,7 +43,7 @@ func NewOfficeConsentsClient(subscriptionID string, credential azcore.TokenCrede // Delete - Delete the office365 consent. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - consentID - consent ID @@ -73,7 +70,7 @@ func (client *OfficeConsentsClient) Delete(ctx context.Context, resourceGroupNam } // deleteCreateRequest creates the Delete request. -func (client *OfficeConsentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, consentID string, options *OfficeConsentsClientDeleteOptions) (*policy.Request, error) { +func (client *OfficeConsentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, consentID string, _ *OfficeConsentsClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -96,7 +93,7 @@ func (client *OfficeConsentsClient) deleteCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -105,7 +102,7 @@ func (client *OfficeConsentsClient) deleteCreateRequest(ctx context.Context, res // Get - Gets an office365 consent. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - consentID - consent ID @@ -133,7 +130,7 @@ func (client *OfficeConsentsClient) Get(ctx context.Context, resourceGroupName s } // getCreateRequest creates the Get request. -func (client *OfficeConsentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, consentID string, options *OfficeConsentsClientGetOptions) (*policy.Request, error) { +func (client *OfficeConsentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, consentID string, _ *OfficeConsentsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -156,7 +153,7 @@ func (client *OfficeConsentsClient) getCreateRequest(ctx context.Context, resour return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -173,7 +170,7 @@ func (client *OfficeConsentsClient) getHandleResponse(resp *http.Response) (Offi // NewListPager - Gets all office365 consents. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - OfficeConsentsClientListOptions contains the optional parameters for the OfficeConsentsClient.NewListPager method. @@ -201,7 +198,7 @@ func (client *OfficeConsentsClient) NewListPager(resourceGroupName string, works } // listCreateRequest creates the List request. -func (client *OfficeConsentsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *OfficeConsentsClientListOptions) (*policy.Request, error) { +func (client *OfficeConsentsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *OfficeConsentsClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -220,7 +217,7 @@ func (client *OfficeConsentsClient) listCreateRequest(ctx context.Context, resou return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client_example_test.go deleted file mode 100644 index bbd70968f176..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client_example_test.go +++ /dev/null @@ -1,101 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/officeConsents/GetOfficeConsents.json -func ExampleOfficeConsentsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewOfficeConsentsClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.OfficeConsentList = armsecurityinsights.OfficeConsentList{ - // Value: []*armsecurityinsights.OfficeConsent{ - // { - // Name: to.Ptr("04e5fd05-ff86-4b97-b8d2-1c20933cb46c"), - // Type: to.Ptr("Microsoft.SecurityInsights/officeConsents"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/officeConsents/04e5fd05-ff86-4b97-b8d2-1c20933cb46c"), - // Properties: &armsecurityinsights.OfficeConsentProperties{ - // ConsentID: to.Ptr("04e5fd05-ff86-4b97-b8d2-1c20933cb46c"), - // TenantID: to.Ptr("5460b3d2-1e7b-4757-ad54-c858c7e3f252"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/officeConsents/GetOfficeConsentsById.json -func ExampleOfficeConsentsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewOfficeConsentsClient().Get(ctx, "myRg", "myWorkspace", "04e5fd05-ff86-4b97-b8d2-1c20933cb46c", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.OfficeConsent = armsecurityinsights.OfficeConsent{ - // Name: to.Ptr("04e5fd05-ff86-4b97-b8d2-1c20933cb46c"), - // Type: to.Ptr("Microsoft.SecurityInsights/officeConsents"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/officeConsents/04e5fd05-ff86-4b97-b8d2-1c20933cb46c"), - // Properties: &armsecurityinsights.OfficeConsentProperties{ - // ConsentID: to.Ptr("04e5fd05-ff86-4b97-b8d2-1c20933cb46c"), - // TenantID: to.Ptr("5460b3d2-1e7b-4757-ad54-c858c7e3f252"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/officeConsents/DeleteOfficeConsents.json -func ExampleOfficeConsentsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewOfficeConsentsClient().Delete(ctx, "myRg", "myWorkspace", "04e5fd05-ff86-4b97-b8d2-1c20933cb46c", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client.go index 024315048d31..1ae8c54967c0 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -39,7 +36,7 @@ func NewOperationsClient(credential azcore.TokenCredential, options *arm.ClientO // NewListPager - Lists all operations available Azure Security Insights Resource Provider. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - options - OperationsClientListOptions contains the optional parameters for the OperationsClient.NewListPager method. func (client *OperationsClient) NewListPager(options *OperationsClientListOptions) *runtime.Pager[OperationsClientListResponse] { return runtime.NewPager(runtime.PagingHandler[OperationsClientListResponse]{ @@ -65,14 +62,14 @@ func (client *OperationsClient) NewListPager(options *OperationsClientListOption } // listCreateRequest creates the List request. -func (client *OperationsClient) listCreateRequest(ctx context.Context, options *OperationsClientListOptions) (*policy.Request, error) { +func (client *OperationsClient) listCreateRequest(ctx context.Context, _ *OperationsClientListOptions) (*policy.Request, error) { urlPath := "/providers/Microsoft.SecurityInsights/operations" req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) if err != nil { return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client_example_test.go deleted file mode 100644 index 4c92cbb544b0..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client_example_test.go +++ /dev/null @@ -1,596 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/operations/ListOperations.json -func ExampleOperationsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewOperationsClient().NewListPager(nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.OperationsList = armsecurityinsights.OperationsList{ - // Value: []*armsecurityinsights.Operation{ - // { - // Name: to.Ptr("Microsoft.SecurityInsights/operations/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets operations"), - // Operation: to.Ptr("Get Operations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Operations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/automationRules/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets an automation rule"), - // Operation: to.Ptr("Get Automation Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("AutomationRules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/automationRules/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates an automation rule"), - // Operation: to.Ptr("Update Automation Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("AutomationRules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/automationRules/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes an automation rule"), - // Operation: to.Ptr("Delete Automation Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("AutomationRules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Bookmarks/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets bookmarks"), - // Operation: to.Ptr("Get Bookmarks"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmarks"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Bookmarks/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates bookmarks"), - // Operation: to.Ptr("Update Bookmarks"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmarks"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Bookmarks/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes bookmarks"), - // Operation: to.Ptr("Delete Bookmarks"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmarks"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Bookmarks/expand/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets related entities of an entity by a specific expansion"), - // Operation: to.Ptr("Expand on entity"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmarks"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/bookmarks/relations/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets a bookmark relation"), - // Operation: to.Ptr("Get Bookmark Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmark Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/bookmarks/relations/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates a bookmark relation"), - // Operation: to.Ptr("Update Bookmark Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmark Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/bookmarks/relations/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes a bookmark relation"), - // Operation: to.Ptr("Delete Bookmark Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmark Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets the alert rules"), - // Operation: to.Ptr("Get Alert Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates alert rules"), - // Operation: to.Ptr("Update Alert Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes alert rules"), - // Operation: to.Ptr("Delete Alert Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/actions/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets the response actions of an alert rule"), - // Operation: to.Ptr("Get Alert Rule Response Actions"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules Actions"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/actions/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates the response actions of an alert rule"), - // Operation: to.Ptr("Update Alert Rule Response Actions"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules Actions"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/actions/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes the response actions of an alert rule"), - // Operation: to.Ptr("Delete Alert Rule Response Actions"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules Actions"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/dataConnectors/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets the data connectors"), - // Operation: to.Ptr("Get Data Connectors"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("DataConnectors"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/dataConnectors/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates a data connector"), - // Operation: to.Ptr("Update Data Connectors"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("DataConnectors"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/dataConnectors/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes a data connector"), - // Operation: to.Ptr("Delete a Data Connector"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("DataConnectors"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Check user authorization and license"), - // Operation: to.Ptr("Check user authorization and license"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("DataConnectorsCheckRequirements"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets an incident"), - // Operation: to.Ptr("Get Incidents"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incidents"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates an incident"), - // Operation: to.Ptr("Update Incidents"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incidents"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes an incident"), - // Operation: to.Ptr("Delete Incidents"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incidents"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/comments/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets the incident comments"), - // Operation: to.Ptr("Get Incident Comments"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Comments"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/comments/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Creates a comment on the incident"), - // Operation: to.Ptr("Create Incident Comments"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Comments"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/comments/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes a comment on the incident"), - // Operation: to.Ptr("Delete Incident Comment"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Comments"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/relations/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets a relation between the incident and related resources"), - // Operation: to.Ptr("Get Incident Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/relations/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates a relation between the incident and related resources"), - // Operation: to.Ptr("Update Incident Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/relations/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes a relation between the incident and related resources"), - // Operation: to.Ptr("Delete Incident Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets Threat Intelligence"), - // Operation: to.Ptr("Get Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates Threat Intelligence"), - // Operation: to.Ptr("Update Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes Threat Intelligence"), - // Operation: to.Ptr("Delete Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/query/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Query Threat Intelligence"), - // Operation: to.Ptr("Query Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/metrics/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Collect Threat Intelligence Metrics"), - // Operation: to.Ptr("Collect Threat Intelligence Metrics"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/bulkDelete/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Bulk Delete Threat Intelligence"), - // Operation: to.Ptr("Bulk Delete Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/bulkTag/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Bulk Tags Threat Intelligence"), - // Operation: to.Ptr("Bulk Tags Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates Threat Intelligence Indicators"), - // Operation: to.Ptr("Update Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes Threat Intelligence Indicators"), - // Operation: to.Ptr("Delete Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/query/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Query Threat Intelligence Indicators"), - // Operation: to.Ptr("Query Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/metrics/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Get Threat Intelligence Indicator Metrics"), - // Operation: to.Ptr("Get Threat Intelligence Indicator Metrics"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/bulkDelete/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Bulk Delete Threat Intelligence Indicators"), - // Operation: to.Ptr("Bulk Delete Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/bulkTag/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Bulk Tags Threat Intelligence Indicators"), - // Operation: to.Ptr("Bulk Tags Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets Threat Intelligence Indicators"), - // Operation: to.Ptr("Get Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/metrics/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Collect Threat Intelligence Metrics"), - // Operation: to.Ptr("Collect Threat Intelligence Metrics"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/createIndicator/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Create Threat Intelligence Indicator"), - // Operation: to.Ptr("Create Threat Intelligence Indicator"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/appendTags/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Append tags to Threat Intelligence Indicator"), - // Operation: to.Ptr("Append tags to Threat Intelligence Indicator"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/replaceTags/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Replace Tags of Threat Intelligence Indicator"), - // Operation: to.Ptr("Replace Tags of Threat Intelligence Indicator"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/queryIndicators/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Query Threat Intelligence Indicators"), - // Operation: to.Ptr("Query Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Watchlists/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets Watchlists"), - // Operation: to.Ptr("Get Watchlists"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Watchlists"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Watchlists/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Create Watchlists"), - // Operation: to.Ptr("Create Watchlists"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Watchlists"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Watchlists/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes Watchlists"), - // Operation: to.Ptr("Delete Watchlists"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Watchlists"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/onboardingStates/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets an onboarding state"), - // Operation: to.Ptr("Get Onboarding States"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Onboarding States"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/onboardingStates/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates an onboarding state"), - // Operation: to.Ptr("Update Onboarding States"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Onboarding States"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/onboardingStates/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes an onboarding state"), - // Operation: to.Ptr("Delete Onboarding States"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Onboarding States"), - // }, - // Origin: to.Ptr("user"), - // }}, - // } - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/options.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/options.go index c52cb198c860..bebfa614cae2 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/options.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/options.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,6 +25,13 @@ type ActionsClientListByAlertRuleOptions struct { // placeholder for future optional parameters } +// AlertRuleClientBeginTriggerRuleRunOptions contains the optional parameters for the AlertRuleClient.BeginTriggerRuleRun +// method. +type AlertRuleClientBeginTriggerRuleRunOptions struct { + // Resumes the long-running operation from the provided token. + ResumeToken string +} + // AlertRuleTemplatesClientGetOptions contains the optional parameters for the AlertRuleTemplatesClient.Get method. type AlertRuleTemplatesClientGetOptions struct { // placeholder for future optional parameters @@ -80,6 +84,16 @@ type AutomationRulesClientListOptions struct { // placeholder for future optional parameters } +// BillingStatisticsClientGetOptions contains the optional parameters for the BillingStatisticsClient.Get method. +type BillingStatisticsClientGetOptions struct { + // placeholder for future optional parameters +} + +// BillingStatisticsClientListOptions contains the optional parameters for the BillingStatisticsClient.NewListPager method. +type BillingStatisticsClientListOptions struct { + // placeholder for future optional parameters +} + // BookmarkClientExpandOptions contains the optional parameters for the BookmarkClient.Expand method. type BookmarkClientExpandOptions struct { // placeholder for future optional parameters @@ -138,6 +152,154 @@ type BookmarksClientListOptions struct { // placeholder for future optional parameters } +// BusinessApplicationAgentClientGetOptions contains the optional parameters for the BusinessApplicationAgentClient.Get method. +type BusinessApplicationAgentClientGetOptions struct { + // placeholder for future optional parameters +} + +// BusinessApplicationAgentsClientCreateOrUpdateOptions contains the optional parameters for the BusinessApplicationAgentsClient.CreateOrUpdate +// method. +type BusinessApplicationAgentsClientCreateOrUpdateOptions struct { + // The Business Application Agent + AgentToUpsert *BusinessApplicationAgentResource +} + +// BusinessApplicationAgentsClientDeleteOptions contains the optional parameters for the BusinessApplicationAgentsClient.Delete +// method. +type BusinessApplicationAgentsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// BusinessApplicationAgentsClientListOptions contains the optional parameters for the BusinessApplicationAgentsClient.NewListPager +// method. +type BusinessApplicationAgentsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string +} + +// ClientListGeodataByIPOptions contains the optional parameters for the Client.ListGeodataByIP method. +type ClientListGeodataByIPOptions struct { + // placeholder for future optional parameters +} + +// ClientListWhoisByDomainOptions contains the optional parameters for the Client.ListWhoisByDomain method. +type ClientListWhoisByDomainOptions struct { + // placeholder for future optional parameters +} + +// ContentPackageClientInstallOptions contains the optional parameters for the ContentPackageClient.Install method. +type ContentPackageClientInstallOptions struct { + // placeholder for future optional parameters +} + +// ContentPackageClientUninstallOptions contains the optional parameters for the ContentPackageClient.Uninstall method. +type ContentPackageClientUninstallOptions struct { + // placeholder for future optional parameters +} + +// ContentPackagesClientGetOptions contains the optional parameters for the ContentPackagesClient.Get method. +type ContentPackagesClientGetOptions struct { + // placeholder for future optional parameters +} + +// ContentPackagesClientListOptions contains the optional parameters for the ContentPackagesClient.NewListPager method. +type ContentPackagesClientListOptions struct { + // Instructs the server to return only object count without actual body. Optional. + Count *bool + + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Searches for a substring in the response. Optional. + Search *string + + // Used to skip n elements in the OData query (offset). Returns a nextLink to the next page of results if there are any left. + Skip *int32 + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// ContentTemplateClientDeleteOptions contains the optional parameters for the ContentTemplateClient.Delete method. +type ContentTemplateClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// ContentTemplateClientGetOptions contains the optional parameters for the ContentTemplateClient.Get method. +type ContentTemplateClientGetOptions struct { + // placeholder for future optional parameters +} + +// ContentTemplateClientInstallOptions contains the optional parameters for the ContentTemplateClient.Install method. +type ContentTemplateClientInstallOptions struct { + // placeholder for future optional parameters +} + +// ContentTemplatesClientListOptions contains the optional parameters for the ContentTemplatesClient.NewListPager method. +type ContentTemplatesClientListOptions struct { + // Instructs the server to return only object count without actual body. Optional. + Count *bool + + // Expands the object with optional fiends that are not included by default. Optional. + Expand *string + + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Searches for a substring in the response. Optional. + Search *string + + // Used to skip n elements in the OData query (offset). Returns a nextLink to the next page of results if there are any left. + Skip *int32 + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// DataConnectorDefinitionsClientCreateOrUpdateOptions contains the optional parameters for the DataConnectorDefinitionsClient.CreateOrUpdate +// method. +type DataConnectorDefinitionsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// DataConnectorDefinitionsClientDeleteOptions contains the optional parameters for the DataConnectorDefinitionsClient.Delete +// method. +type DataConnectorDefinitionsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// DataConnectorDefinitionsClientGetOptions contains the optional parameters for the DataConnectorDefinitionsClient.Get method. +type DataConnectorDefinitionsClientGetOptions struct { + // placeholder for future optional parameters +} + +// DataConnectorDefinitionsClientListOptions contains the optional parameters for the DataConnectorDefinitionsClient.NewListPager +// method. +type DataConnectorDefinitionsClientListOptions struct { + // placeholder for future optional parameters +} + // DataConnectorsCheckRequirementsClientPostOptions contains the optional parameters for the DataConnectorsCheckRequirementsClient.Post // method. type DataConnectorsCheckRequirementsClientPostOptions struct { @@ -175,11 +337,6 @@ type DataConnectorsClientListOptions struct { // placeholder for future optional parameters } -// DomainWhoisClientGetOptions contains the optional parameters for the DomainWhoisClient.Get method. -type DomainWhoisClientGetOptions struct { - // placeholder for future optional parameters -} - // EntitiesClientExpandOptions contains the optional parameters for the EntitiesClient.Expand method. type EntitiesClientExpandOptions struct { // placeholder for future optional parameters @@ -200,11 +357,17 @@ type EntitiesClientListOptions struct { // placeholder for future optional parameters } -// EntitiesClientQueriesOptions contains the optional parameters for the EntitiesClient.Queries method. +// EntitiesClientQueriesOptions contains the optional parameters for the EntitiesClient.NewQueriesPager method. type EntitiesClientQueriesOptions struct { // placeholder for future optional parameters } +// EntitiesClientRunPlaybookOptions contains the optional parameters for the EntitiesClient.RunPlaybook method. +type EntitiesClientRunPlaybookOptions struct { + // Describes the request body for triggering a playbook on an entity. + RequestBody *EntityManualTriggerRequestBody +} + // EntitiesGetTimelineClientListOptions contains the optional parameters for the EntitiesGetTimelineClient.List method. type EntitiesGetTimelineClientListOptions struct { // placeholder for future optional parameters @@ -245,7 +408,7 @@ type EntityQueriesClientGetOptions struct { // EntityQueriesClientListOptions contains the optional parameters for the EntityQueriesClient.NewListPager method. type EntityQueriesClientListOptions struct { // The entity query kind we want to fetch - Kind *Enum13 + Kind *EntityQueryTemplateKind } // EntityQueryTemplatesClientGetOptions contains the optional parameters for the EntityQueryTemplatesClient.Get method. @@ -257,7 +420,7 @@ type EntityQueryTemplatesClientGetOptions struct { // method. type EntityQueryTemplatesClientListOptions struct { // The entity template query kind we want to fetch - Kind *Enum15 + Kind *EntityQueryTemplateKind } // EntityRelationsClientGetRelationOptions contains the optional parameters for the EntityRelationsClient.GetRelation method. @@ -267,7 +430,7 @@ type EntityRelationsClientGetRelationOptions struct { // FileImportsClientBeginDeleteOptions contains the optional parameters for the FileImportsClient.BeginDelete method. type FileImportsClientBeginDeleteOptions struct { - // Resumes the LRO from the provided token. + // Resumes the long-running operation from the provided token. ResumeToken string } @@ -298,11 +461,118 @@ type FileImportsClientListOptions struct { Top *int32 } -// IPGeodataClientGetOptions contains the optional parameters for the IPGeodataClient.Get method. -type IPGeodataClientGetOptions struct { +// GetClientSingleRecommendationOptions contains the optional parameters for the GetClient.SingleRecommendation method. +type GetClientSingleRecommendationOptions struct { + // placeholder for future optional parameters +} + +// GetRecommendationsClientListOptions contains the optional parameters for the GetRecommendationsClient.NewListPager method. +type GetRecommendationsClientListOptions struct { + // placeholder for future optional parameters +} + +// GetTriggeredAnalyticsRuleRunsClientListOptions contains the optional parameters for the GetTriggeredAnalyticsRuleRunsClient.NewListPager +// method. +type GetTriggeredAnalyticsRuleRunsClientListOptions struct { + // placeholder for future optional parameters +} + +// HuntCommentsClientCreateOrUpdateOptions contains the optional parameters for the HuntCommentsClient.CreateOrUpdate method. +type HuntCommentsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// HuntCommentsClientDeleteOptions contains the optional parameters for the HuntCommentsClient.Delete method. +type HuntCommentsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// HuntCommentsClientGetOptions contains the optional parameters for the HuntCommentsClient.Get method. +type HuntCommentsClientGetOptions struct { + // placeholder for future optional parameters +} + +// HuntCommentsClientListOptions contains the optional parameters for the HuntCommentsClient.NewListPager method. +type HuntCommentsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// HuntRelationsClientCreateOrUpdateOptions contains the optional parameters for the HuntRelationsClient.CreateOrUpdate method. +type HuntRelationsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// HuntRelationsClientDeleteOptions contains the optional parameters for the HuntRelationsClient.Delete method. +type HuntRelationsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// HuntRelationsClientGetOptions contains the optional parameters for the HuntRelationsClient.Get method. +type HuntRelationsClientGetOptions struct { + // placeholder for future optional parameters +} + +// HuntRelationsClientListOptions contains the optional parameters for the HuntRelationsClient.NewListPager method. +type HuntRelationsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// HuntsClientCreateOrUpdateOptions contains the optional parameters for the HuntsClient.CreateOrUpdate method. +type HuntsClientCreateOrUpdateOptions struct { // placeholder for future optional parameters } +// HuntsClientDeleteOptions contains the optional parameters for the HuntsClient.Delete method. +type HuntsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// HuntsClientGetOptions contains the optional parameters for the HuntsClient.Get method. +type HuntsClientGetOptions struct { + // placeholder for future optional parameters +} + +// HuntsClientListOptions contains the optional parameters for the HuntsClient.NewListPager method. +type HuntsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + // IncidentCommentsClientCreateOrUpdateOptions contains the optional parameters for the IncidentCommentsClient.CreateOrUpdate // method. type IncidentCommentsClientCreateOrUpdateOptions struct { @@ -369,13 +639,28 @@ type IncidentRelationsClientListOptions struct { Top *int32 } -// IncidentsClientCreateOrUpdateOptions contains the optional parameters for the IncidentsClient.CreateOrUpdate method. -type IncidentsClientCreateOrUpdateOptions struct { +// IncidentTasksClientCreateOrUpdateOptions contains the optional parameters for the IncidentTasksClient.CreateOrUpdate method. +type IncidentTasksClientCreateOrUpdateOptions struct { // placeholder for future optional parameters } -// IncidentsClientCreateTeamOptions contains the optional parameters for the IncidentsClient.CreateTeam method. -type IncidentsClientCreateTeamOptions struct { +// IncidentTasksClientDeleteOptions contains the optional parameters for the IncidentTasksClient.Delete method. +type IncidentTasksClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// IncidentTasksClientGetOptions contains the optional parameters for the IncidentTasksClient.Get method. +type IncidentTasksClientGetOptions struct { + // placeholder for future optional parameters +} + +// IncidentTasksClientListOptions contains the optional parameters for the IncidentTasksClient.NewListPager method. +type IncidentTasksClientListOptions struct { + // placeholder for future optional parameters +} + +// IncidentsClientCreateOrUpdateOptions contains the optional parameters for the IncidentsClient.CreateOrUpdate method. +type IncidentsClientCreateOrUpdateOptions struct { // placeholder for future optional parameters } @@ -481,6 +766,31 @@ type OperationsClientListOptions struct { // placeholder for future optional parameters } +// ProductPackageClientGetOptions contains the optional parameters for the ProductPackageClient.Get method. +type ProductPackageClientGetOptions struct { + // placeholder for future optional parameters +} + +// ProductPackagesClientListOptions contains the optional parameters for the ProductPackagesClient.NewListPager method. +type ProductPackagesClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Searches for a substring in the response. Optional. + Search *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + // ProductSettingsClientDeleteOptions contains the optional parameters for the ProductSettingsClient.Delete method. type ProductSettingsClientDeleteOptions struct { // placeholder for future optional parameters @@ -491,7 +801,7 @@ type ProductSettingsClientGetOptions struct { // placeholder for future optional parameters } -// ProductSettingsClientListOptions contains the optional parameters for the ProductSettingsClient.List method. +// ProductSettingsClientListOptions contains the optional parameters for the ProductSettingsClient.NewListPager method. type ProductSettingsClientListOptions struct { // placeholder for future optional parameters } @@ -501,6 +811,42 @@ type ProductSettingsClientUpdateOptions struct { // placeholder for future optional parameters } +// ProductTemplateClientGetOptions contains the optional parameters for the ProductTemplateClient.Get method. +type ProductTemplateClientGetOptions struct { + // placeholder for future optional parameters +} + +// ProductTemplatesClientListOptions contains the optional parameters for the ProductTemplatesClient.NewListPager method. +type ProductTemplatesClientListOptions struct { + // Instructs the server to return only object count without actual body. Optional. + Count *bool + + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Searches for a substring in the response. Optional. + Search *string + + // Used to skip n elements in the OData query (offset). Returns a nextLink to the next page of results if there are any left. + Skip *int32 + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// ReevaluateClientRecommendationOptions contains the optional parameters for the ReevaluateClient.Recommendation method. +type ReevaluateClientRecommendationOptions struct { + // placeholder for future optional parameters +} + // SecurityMLAnalyticsSettingsClientCreateOrUpdateOptions contains the optional parameters for the SecurityMLAnalyticsSettingsClient.CreateOrUpdate // method. type SecurityMLAnalyticsSettingsClientCreateOrUpdateOptions struct { @@ -575,6 +921,62 @@ type SourceControlsClientListOptions struct { // placeholder for future optional parameters } +// SystemsClientCreateOrUpdateOptions contains the optional parameters for the SystemsClient.CreateOrUpdate method. +type SystemsClientCreateOrUpdateOptions struct { + // The system to upsert. + SystemToUpsert *SystemResource +} + +// SystemsClientDeleteOptions contains the optional parameters for the SystemsClient.Delete method. +type SystemsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// SystemsClientGetOptions contains the optional parameters for the SystemsClient.Get method. +type SystemsClientGetOptions struct { + // placeholder for future optional parameters +} + +// SystemsClientListActionsOptions contains the optional parameters for the SystemsClient.NewListActionsPager method. +type SystemsClientListActionsOptions struct { + // placeholder for future optional parameters +} + +// SystemsClientListOptions contains the optional parameters for the SystemsClient.NewListPager method. +type SystemsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string +} + +// SystemsClientReportActionStatusOptions contains the optional parameters for the SystemsClient.ReportActionStatus method. +type SystemsClientReportActionStatusOptions struct { + // Report a status of the action that was performed by the agent + Payload *ReportActionStatusPayload +} + +// SystemsClientUndoActionOptions contains the optional parameters for the SystemsClient.UndoAction method. +type SystemsClientUndoActionOptions struct { + // Undo action, based on the actionId. + Payload *UndoActionPayload +} + +// ThreatIntelligenceClientCountOptions contains the optional parameters for the ThreatIntelligenceClient.Count method. +type ThreatIntelligenceClientCountOptions struct { + // The query to run on the TI objects in the workspace. + Query *CountQuery +} + +// ThreatIntelligenceClientQueryOptions contains the optional parameters for the ThreatIntelligenceClient.NewQueryPager method. +type ThreatIntelligenceClientQueryOptions struct { + // The query to run on the TI objects in the workspace. + Query *Query +} + // ThreatIntelligenceIndicatorClientAppendTagsOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.AppendTags // method. type ThreatIntelligenceIndicatorClientAppendTagsOptions struct { @@ -641,6 +1043,17 @@ type ThreatIntelligenceIndicatorsClientListOptions struct { Top *int32 } +// TriggeredAnalyticsRuleRunClientGetOptions contains the optional parameters for the TriggeredAnalyticsRuleRunClient.Get +// method. +type TriggeredAnalyticsRuleRunClientGetOptions struct { + // placeholder for future optional parameters +} + +// UpdateClientRecommendationOptions contains the optional parameters for the UpdateClient.Recommendation method. +type UpdateClientRecommendationOptions struct { + // placeholder for future optional parameters +} + // WatchlistItemsClientCreateOrUpdateOptions contains the optional parameters for the WatchlistItemsClient.CreateOrUpdate // method. type WatchlistItemsClientCreateOrUpdateOptions struct { @@ -665,14 +1078,17 @@ type WatchlistItemsClientListOptions struct { SkipToken *string } -// WatchlistsClientCreateOrUpdateOptions contains the optional parameters for the WatchlistsClient.CreateOrUpdate method. -type WatchlistsClientCreateOrUpdateOptions struct { - // placeholder for future optional parameters +// WatchlistsClientBeginCreateOrUpdateOptions contains the optional parameters for the WatchlistsClient.BeginCreateOrUpdate +// method. +type WatchlistsClientBeginCreateOrUpdateOptions struct { + // Resumes the long-running operation from the provided token. + ResumeToken string } -// WatchlistsClientDeleteOptions contains the optional parameters for the WatchlistsClient.Delete method. -type WatchlistsClientDeleteOptions struct { - // placeholder for future optional parameters +// WatchlistsClientBeginDeleteOptions contains the optional parameters for the WatchlistsClient.BeginDelete method. +type WatchlistsClientBeginDeleteOptions struct { + // Resumes the long-running operation from the provided token. + ResumeToken string } // WatchlistsClientGetOptions contains the optional parameters for the WatchlistsClient.Get method. @@ -687,3 +1103,166 @@ type WatchlistsClientListOptions struct { // specifies a starting point to use for subsequent calls. Optional. SkipToken *string } + +// WorkspaceManagerAssignmentJobsClientCreateOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Create +// method. +type WorkspaceManagerAssignmentJobsClientCreateOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentJobsClientDeleteOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Delete +// method. +type WorkspaceManagerAssignmentJobsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentJobsClientGetOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Get +// method. +type WorkspaceManagerAssignmentJobsClientGetOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentJobsClientListOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.NewListPager +// method. +type WorkspaceManagerAssignmentJobsClientListOptions struct { + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// WorkspaceManagerAssignmentsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.CreateOrUpdate +// method. +type WorkspaceManagerAssignmentsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentsClientDeleteOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.Delete +// method. +type WorkspaceManagerAssignmentsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentsClientGetOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.Get +// method. +type WorkspaceManagerAssignmentsClientGetOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentsClientListOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.NewListPager +// method. +type WorkspaceManagerAssignmentsClientListOptions struct { + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// WorkspaceManagerConfigurationsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.CreateOrUpdate +// method. +type WorkspaceManagerConfigurationsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerConfigurationsClientDeleteOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.Delete +// method. +type WorkspaceManagerConfigurationsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerConfigurationsClientGetOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.Get +// method. +type WorkspaceManagerConfigurationsClientGetOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerConfigurationsClientListOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.NewListPager +// method. +type WorkspaceManagerConfigurationsClientListOptions struct { + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// WorkspaceManagerGroupsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerGroupsClient.CreateOrUpdate +// method. +type WorkspaceManagerGroupsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerGroupsClientDeleteOptions contains the optional parameters for the WorkspaceManagerGroupsClient.Delete +// method. +type WorkspaceManagerGroupsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerGroupsClientGetOptions contains the optional parameters for the WorkspaceManagerGroupsClient.Get method. +type WorkspaceManagerGroupsClientGetOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerGroupsClientListOptions contains the optional parameters for the WorkspaceManagerGroupsClient.NewListPager +// method. +type WorkspaceManagerGroupsClientListOptions struct { + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// WorkspaceManagerMembersClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerMembersClient.CreateOrUpdate +// method. +type WorkspaceManagerMembersClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerMembersClientDeleteOptions contains the optional parameters for the WorkspaceManagerMembersClient.Delete +// method. +type WorkspaceManagerMembersClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerMembersClientGetOptions contains the optional parameters for the WorkspaceManagerMembersClient.Get method. +type WorkspaceManagerMembersClientGetOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerMembersClientListOptions contains the optional parameters for the WorkspaceManagerMembersClient.NewListPager +// method. +type WorkspaceManagerMembersClientListOptions struct { + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/polymorphic_helpers.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/polymorphic_helpers.go index 5a07d8b50e0f..407a132fd87f 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/polymorphic_helpers.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/polymorphic_helpers.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -10,6 +7,69 @@ package armsecurityinsights import "encoding/json" +func unmarshalActionClassification(rawMsg json.RawMessage) (ActionClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b ActionClassification + switch m["kind"] { + case string(ListActionKindLockUser): + b = &LockUserAction{} + case string(ListActionKindUnlockUser): + b = &UnlockUserAction{} + default: + b = &Action{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalActionClassificationArray(rawMsg json.RawMessage) ([]ActionClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]ActionClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalActionClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + +func unmarshalAgentConfigurationClassification(rawMsg json.RawMessage) (AgentConfigurationClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b AgentConfigurationClassification + switch m["type"] { + case string(AgentTypeSAP): + b = &SapAgentConfiguration{} + default: + b = &AgentConfiguration{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + func unmarshalAlertRuleClassification(rawMsg json.RawMessage) (AlertRuleClassification, error) { if rawMsg == nil || string(rawMsg) == "null" { return nil, nil @@ -120,6 +180,8 @@ func unmarshalAutomationRuleActionClassification(rawMsg json.RawMessage) (Automa } var b AutomationRuleActionClassification switch m["actionType"] { + case string(ActionTypeAddIncidentTask): + b = &AutomationRuleAddIncidentTaskAction{} case string(ActionTypeModifyProperties): b = &AutomationRuleModifyPropertiesAction{} case string(ActionTypeRunPlaybook): @@ -200,6 +262,87 @@ func unmarshalAutomationRuleConditionClassificationArray(rawMsg json.RawMessage) return fArray, nil } +func unmarshalBillingStatisticClassification(rawMsg json.RawMessage) (BillingStatisticClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b BillingStatisticClassification + switch m["kind"] { + case string(BillingStatisticKindSapSolutionUsage): + b = &SapSolutionUsageStatistic{} + default: + b = &BillingStatistic{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalBillingStatisticClassificationArray(rawMsg json.RawMessage) ([]BillingStatisticClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]BillingStatisticClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalBillingStatisticClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + +func unmarshalCcpAuthConfigClassification(rawMsg json.RawMessage) (CcpAuthConfigClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b CcpAuthConfigClassification + switch m["type"] { + case string(CcpAuthTypeAPIKey): + b = &APIKeyAuthModel{} + case string(CcpAuthTypeAWS): + b = &AWSAuthModel{} + case string(CcpAuthTypeBasic): + b = &BasicAuthModel{} + case string(CcpAuthTypeGCP): + b = &GCPAuthModel{} + case string(CcpAuthTypeGitHub): + b = &GitHubAuthModel{} + case string(CcpAuthTypeJwtToken): + b = &JwtAuthModel{} + case string(CcpAuthTypeNone): + b = &NoneAuthModel{} + case string(CcpAuthTypeOAuth2): + b = &OAuthModel{} + case string(CcpAuthTypeOracle): + b = &OracleAuthModel{} + case string(CcpAuthTypeServiceBus): + b = &GenericBlobSbsAuthModel{} + case string(CcpAuthTypeSession): + b = &SessionAuthModel{} + default: + b = &CcpAuthConfig{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (DataConnectorClassification, error) { if rawMsg == nil || string(rawMsg) == "null" { return nil, nil @@ -224,6 +367,8 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (DataConnector b = &ASCDataConnector{} case string(DataConnectorKindDynamics365): b = &Dynamics365DataConnector{} + case string(DataConnectorKindGCP): + b = &GCPDataConnector{} case string(DataConnectorKindGenericUI): b = &CodelessUIDataConnector{} case string(DataConnectorKindIOT): @@ -232,6 +377,8 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (DataConnector b = &MCASDataConnector{} case string(DataConnectorKindMicrosoftDefenderAdvancedThreatProtection): b = &MDATPDataConnector{} + case string(DataConnectorKindMicrosoftPurviewInformationProtection): + b = &MicrosoftPurviewInformationProtectionDataConnector{} case string(DataConnectorKindMicrosoftThreatIntelligence): b = &MSTIDataConnector{} case string(DataConnectorKindMicrosoftThreatProtection): @@ -246,6 +393,10 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (DataConnector b = &OfficeIRMDataConnector{} case string(DataConnectorKindOfficePowerBI): b = &OfficePowerBIDataConnector{} + case string(DataConnectorKindPurviewAudit): + b = &PurviewAuditDataConnector{} + case string(DataConnectorKindRestAPIPoller): + b = &RestAPIPollerDataConnector{} case string(DataConnectorKindThreatIntelligence): b = &TIDataConnector{} case string(DataConnectorKindThreatIntelligenceTaxii): @@ -278,6 +429,46 @@ func unmarshalDataConnectorClassificationArray(rawMsg json.RawMessage) ([]DataCo return fArray, nil } +func unmarshalDataConnectorDefinitionClassification(rawMsg json.RawMessage) (DataConnectorDefinitionClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b DataConnectorDefinitionClassification + switch m["kind"] { + case string(DataConnectorDefinitionKindCustomizable): + b = &CustomizableConnectorDefinition{} + default: + b = &DataConnectorDefinition{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalDataConnectorDefinitionClassificationArray(rawMsg json.RawMessage) ([]DataConnectorDefinitionClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]DataConnectorDefinitionClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalDataConnectorDefinitionClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + func unmarshalEntityClassification(rawMsg json.RawMessage) (EntityClassification, error) { if rawMsg == nil || string(rawMsg) == "null" { return nil, nil @@ -288,49 +479,49 @@ func unmarshalEntityClassification(rawMsg json.RawMessage) (EntityClassification } var b EntityClassification switch m["kind"] { - case string(EntityKindAccount): + case string(EntityKindEnumAccount): b = &AccountEntity{} - case string(EntityKindAzureResource): + case string(EntityKindEnumAzureResource): b = &AzureResourceEntity{} - case string(EntityKindBookmark): + case string(EntityKindEnumBookmark): b = &HuntingBookmark{} - case string(EntityKindCloudApplication): + case string(EntityKindEnumCloudApplication): b = &CloudApplicationEntity{} - case string(EntityKindDNSResolution): + case string(EntityKindEnumDNSResolution): b = &DNSEntity{} - case string(EntityKindFile): + case string(EntityKindEnumFile): b = &FileEntity{} - case string(EntityKindFileHash): + case string(EntityKindEnumFileHash): b = &FileHashEntity{} - case string(EntityKindHost): + case string(EntityKindEnumHost): b = &HostEntity{} - case string(EntityKindIoTDevice): + case string(EntityKindEnumIoTDevice): b = &IoTDeviceEntity{} - case string(EntityKindIP): + case string(EntityKindEnumIP): b = &IPEntity{} - case string(EntityKindMailCluster): + case string(EntityKindEnumMailCluster): b = &MailClusterEntity{} - case string(EntityKindMailMessage): + case string(EntityKindEnumMailMessage): b = &MailMessageEntity{} - case string(EntityKindMailbox): + case string(EntityKindEnumMailbox): b = &MailboxEntity{} - case string(EntityKindMalware): + case string(EntityKindEnumMalware): b = &MalwareEntity{} - case string(EntityKindNic): + case string(EntityKindEnumNic): b = &NicEntity{} - case string(EntityKindProcess): + case string(EntityKindEnumProcess): b = &ProcessEntity{} - case string(EntityKindRegistryKey): + case string(EntityKindEnumRegistryKey): b = &RegistryKeyEntity{} - case string(EntityKindRegistryValue): + case string(EntityKindEnumRegistryValue): b = &RegistryValueEntity{} - case string(EntityKindSecurityAlert): + case string(EntityKindEnumSecurityAlert): b = &SecurityAlert{} - case string(EntityKindSecurityGroup): + case string(EntityKindEnumSecurityGroup): b = &SecurityGroupEntity{} - case string(EntityKindSubmissionMail): + case string(EntityKindEnumSubmissionMail): b = &SubmissionMailEntity{} - case string(EntityKindURL): + case string(EntityKindEnumURL): b = &URLEntity{} default: b = &Entity{} @@ -614,6 +805,98 @@ func unmarshalSettingsClassificationArray(rawMsg json.RawMessage) ([]SettingsCla return fArray, nil } +func unmarshalSystemsConfigurationClassification(rawMsg json.RawMessage) (SystemsConfigurationClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b SystemsConfigurationClassification + switch m["type"] { + case string(ConfigurationTypeSAP): + b = &SapSystemsConfiguration{} + default: + b = &SystemsConfiguration{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalSystemsConfigurationConnectorClassification(rawMsg json.RawMessage) (SystemsConfigurationConnectorClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b SystemsConfigurationConnectorClassification + switch m["type"] { + case string(SystemConfigurationConnectorTypeRFC): + b = &RFCConnector{} + case string(SystemConfigurationConnectorTypeSapControl): + b = &SapControlConnector{} + default: + b = &SystemsConfigurationConnector{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalTIObjectClassification(rawMsg json.RawMessage) (TIObjectClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b TIObjectClassification + switch m["kind"] { + case string(TIObjectKindAttackPattern): + b = &AttackPattern{} + case string(TIObjectKindIdentity): + b = &Identity{} + case string(TIObjectKindIndicator): + b = &Indicator{} + case string(TIObjectKindRelationship): + b = &Relationship{} + case string(TIObjectKindThreatActor): + b = &ThreatActor{} + default: + b = &TIObject{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalTIObjectClassificationArray(rawMsg json.RawMessage) ([]TIObjectClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]TIObjectClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalTIObjectClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + func unmarshalThreatIntelligenceInformationClassification(rawMsg json.RawMessage) (ThreatIntelligenceInformationClassification, error) { if rawMsg == nil || string(rawMsg) == "null" { return nil, nil @@ -624,7 +907,7 @@ func unmarshalThreatIntelligenceInformationClassification(rawMsg json.RawMessage } var b ThreatIntelligenceInformationClassification switch m["kind"] { - case string(ThreatIntelligenceResourceKindEnumIndicator): + case string(ThreatIntelligenceResourceInnerKindIndicator): b = &ThreatIntelligenceIndicatorModel{} default: b = &ThreatIntelligenceInformation{} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/ipgeodata_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackage_client.go similarity index 51% rename from sdk/resourcemanager/securityinsights/armsecurityinsights/ipgeodata_client.go rename to sdk/resourcemanager/securityinsights/armsecurityinsights/productpackage_client.go index 5b0a50973f67..d419a7315de9 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/ipgeodata_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackage_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -20,61 +17,62 @@ import ( "strings" ) -// IPGeodataClient contains the methods for the IPGeodata group. -// Don't use this type directly, use NewIPGeodataClient() instead. -type IPGeodataClient struct { +// ProductPackageClient contains the methods for the ProductPackage group. +// Don't use this type directly, use NewProductPackageClient() instead. +type ProductPackageClient struct { internal *arm.Client subscriptionID string } -// NewIPGeodataClient creates a new instance of IPGeodataClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// NewProductPackageClient creates a new instance of ProductPackageClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. -func NewIPGeodataClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*IPGeodataClient, error) { +func NewProductPackageClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ProductPackageClient, error) { cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) if err != nil { return nil, err } - client := &IPGeodataClient{ + client := &ProductPackageClient{ subscriptionID: subscriptionID, internal: cl, } return client, nil } -// Get - Get geodata for a single IP address +// Get - Gets a package by its identifier from the catalog. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. -// - ipAddress - IP address (v4 or v6) to be enriched -// - options - IPGeodataClientGetOptions contains the optional parameters for the IPGeodataClient.Get method. -func (client *IPGeodataClient) Get(ctx context.Context, resourceGroupName string, ipAddress string, options *IPGeodataClientGetOptions) (IPGeodataClientGetResponse, error) { +// - workspaceName - The name of the workspace. +// - packageID - package Id +// - options - ProductPackageClientGetOptions contains the optional parameters for the ProductPackageClient.Get method. +func (client *ProductPackageClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *ProductPackageClientGetOptions) (ProductPackageClientGetResponse, error) { var err error - const operationName = "IPGeodataClient.Get" + const operationName = "ProductPackageClient.Get" ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) defer func() { endSpan(err) }() - req, err := client.getCreateRequest(ctx, resourceGroupName, ipAddress, options) + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, packageID, options) if err != nil { - return IPGeodataClientGetResponse{}, err + return ProductPackageClientGetResponse{}, err } httpResp, err := client.internal.Pipeline().Do(req) if err != nil { - return IPGeodataClientGetResponse{}, err + return ProductPackageClientGetResponse{}, err } if !runtime.HasStatusCode(httpResp, http.StatusOK) { err = runtime.NewResponseError(httpResp) - return IPGeodataClientGetResponse{}, err + return ProductPackageClientGetResponse{}, err } resp, err := client.getHandleResponse(httpResp) return resp, err } // getCreateRequest creates the Get request. -func (client *IPGeodataClient) getCreateRequest(ctx context.Context, resourceGroupName string, ipAddress string, options *IPGeodataClientGetOptions) (*policy.Request, error) { - urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/ip/geodata/" +func (client *ProductPackageClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, _ *ProductPackageClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages/{packageId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") } @@ -83,23 +81,30 @@ func (client *IPGeodataClient) getCreateRequest(ctx context.Context, resourceGro return nil, errors.New("parameter resourceGroupName cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if packageID == "" { + return nil, errors.New("parameter packageID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{packageId}", url.PathEscape(packageID)) req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) if err != nil { return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") - reqQP.Set("ipAddress", ipAddress) + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } // getHandleResponse handles the Get response. -func (client *IPGeodataClient) getHandleResponse(resp *http.Response) (IPGeodataClientGetResponse, error) { - result := IPGeodataClientGetResponse{} - if err := runtime.UnmarshalAsJSON(resp, &result.EnrichmentIPGeodata); err != nil { - return IPGeodataClientGetResponse{}, err +func (client *ProductPackageClient) getHandleResponse(resp *http.Response) (ProductPackageClientGetResponse, error) { + result := ProductPackageClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ProductPackageModel); err != nil { + return ProductPackageClientGetResponse{}, err } return result, nil } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackages_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackages_client.go new file mode 100644 index 000000000000..97e1e89ba31b --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackages_client.go @@ -0,0 +1,124 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// ProductPackagesClient contains the methods for the ProductPackages group. +// Don't use this type directly, use NewProductPackagesClient() instead. +type ProductPackagesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewProductPackagesClient creates a new instance of ProductPackagesClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewProductPackagesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ProductPackagesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ProductPackagesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets all packages from the catalog. Expandable properties: +// * properties/installed +// * properties/packagedContent +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - ProductPackagesClientListOptions contains the optional parameters for the ProductPackagesClient.NewListPager +// method. +func (client *ProductPackagesClient) NewListPager(resourceGroupName string, workspaceName string, options *ProductPackagesClientListOptions) *runtime.Pager[ProductPackagesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ProductPackagesClientListResponse]{ + More: func(page ProductPackagesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ProductPackagesClientListResponse) (ProductPackagesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ProductPackagesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return ProductPackagesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ProductPackagesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ProductPackagesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.Search != nil { + reqQP.Set("$search", *options.Search) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ProductPackagesClient) listHandleResponse(resp *http.Response) (ProductPackagesClientListResponse, error) { + result := ProductPackagesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ProductPackageList); err != nil { + return ProductPackagesClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client.go index 285f671f69aa..01e245d33e92 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type ProductSettingsClient struct { } // NewProductSettingsClient creates a new instance of ProductSettingsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewProductSettingsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ProductSettingsClient, error) { @@ -46,7 +43,7 @@ func NewProductSettingsClient(subscriptionID string, credential azcore.TokenCred // Delete - Delete setting of the product. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - settingsName - The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba @@ -73,7 +70,7 @@ func (client *ProductSettingsClient) Delete(ctx context.Context, resourceGroupNa } // deleteCreateRequest creates the Delete request. -func (client *ProductSettingsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, options *ProductSettingsClientDeleteOptions) (*policy.Request, error) { +func (client *ProductSettingsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, _ *ProductSettingsClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -96,7 +93,7 @@ func (client *ProductSettingsClient) deleteCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -105,7 +102,7 @@ func (client *ProductSettingsClient) deleteCreateRequest(ctx context.Context, re // Get - Gets a setting. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - settingsName - The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba @@ -133,7 +130,7 @@ func (client *ProductSettingsClient) Get(ctx context.Context, resourceGroupName } // getCreateRequest creates the Get request. -func (client *ProductSettingsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, options *ProductSettingsClientGetOptions) (*policy.Request, error) { +func (client *ProductSettingsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, _ *ProductSettingsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -156,7 +153,7 @@ func (client *ProductSettingsClient) getCreateRequest(ctx context.Context, resou return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -171,37 +168,38 @@ func (client *ProductSettingsClient) getHandleResponse(resp *http.Response) (Pro return result, nil } -// List - List of all the settings -// If the operation fails it returns an *azcore.ResponseError type. +// NewListPager - List of all the settings // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. -// - options - ProductSettingsClientListOptions contains the optional parameters for the ProductSettingsClient.List method. -func (client *ProductSettingsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, options *ProductSettingsClientListOptions) (ProductSettingsClientListResponse, error) { - var err error - const operationName = "ProductSettingsClient.List" - ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) - ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) - defer func() { endSpan(err) }() - req, err := client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) - if err != nil { - return ProductSettingsClientListResponse{}, err - } - httpResp, err := client.internal.Pipeline().Do(req) - if err != nil { - return ProductSettingsClientListResponse{}, err - } - if !runtime.HasStatusCode(httpResp, http.StatusOK) { - err = runtime.NewResponseError(httpResp) - return ProductSettingsClientListResponse{}, err - } - resp, err := client.listHandleResponse(httpResp) - return resp, err +// - options - ProductSettingsClientListOptions contains the optional parameters for the ProductSettingsClient.NewListPager +// method. +func (client *ProductSettingsClient) NewListPager(resourceGroupName string, workspaceName string, options *ProductSettingsClientListOptions) *runtime.Pager[ProductSettingsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ProductSettingsClientListResponse]{ + More: func(page ProductSettingsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ProductSettingsClientListResponse) (ProductSettingsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ProductSettingsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return ProductSettingsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) } // listCreateRequest creates the List request. -func (client *ProductSettingsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ProductSettingsClientListOptions) (*policy.Request, error) { +func (client *ProductSettingsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *ProductSettingsClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -220,7 +218,7 @@ func (client *ProductSettingsClient) listCreateRequest(ctx context.Context, reso return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -238,7 +236,7 @@ func (client *ProductSettingsClient) listHandleResponse(resp *http.Response) (Pr // Update - Updates setting. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - settingsName - The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba @@ -258,7 +256,7 @@ func (client *ProductSettingsClient) Update(ctx context.Context, resourceGroupNa if err != nil { return ProductSettingsClientUpdateResponse{}, err } - if !runtime.HasStatusCode(httpResp, http.StatusOK) { + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { err = runtime.NewResponseError(httpResp) return ProductSettingsClientUpdateResponse{}, err } @@ -267,7 +265,7 @@ func (client *ProductSettingsClient) Update(ctx context.Context, resourceGroupNa } // updateCreateRequest creates the Update request. -func (client *ProductSettingsClient) updateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, settings SettingsClassification, options *ProductSettingsClientUpdateOptions) (*policy.Request, error) { +func (client *ProductSettingsClient) updateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, settings SettingsClassification, _ *ProductSettingsClientUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -290,7 +288,7 @@ func (client *ProductSettingsClient) updateCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, settings); err != nil { diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client_example_test.go deleted file mode 100644 index af67c504d9dd..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client_example_test.go +++ /dev/null @@ -1,135 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/settings/GetAllSettings.json -func ExampleProductSettingsClient_List() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewProductSettingsClient().List(ctx, "myRg", "myWorkspace", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.SettingList = armsecurityinsights.SettingList{ - // Value: []armsecurityinsights.SettingsClassification{ - // &armsecurityinsights.EyesOn{ - // Name: to.Ptr("EyesOn"), - // Type: to.Ptr("Microsoft.SecurityInsights/settings"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/mms-eus/providers/Microsoft.OperationalInsights/workspaces/avdvirInt/providers/Microsoft.SecurityInsights/settings/EyesOn"), - // Kind: to.Ptr(armsecurityinsights.SettingKindEyesOn), - // Properties: &armsecurityinsights.EyesOnSettingsProperties{ - // IsEnabled: to.Ptr(true), - // }, - // }}, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/settings/GetEyesOnSetting.json -func ExampleProductSettingsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewProductSettingsClient().Get(ctx, "myRg", "myWorkspace", "EyesOn", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.ProductSettingsClientGetResponse{ - // SettingsClassification: &armsecurityinsights.EyesOn{ - // Name: to.Ptr("EyesOn"), - // Type: to.Ptr("Microsoft.SecurityInsights/settings"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/mms-eus/providers/Microsoft.OperationalInsights/workspaces/avdvirInt/providers/Microsoft.SecurityInsights/settings/EyesOn"), - // Kind: to.Ptr(armsecurityinsights.SettingKindEyesOn), - // Properties: &armsecurityinsights.EyesOnSettingsProperties{ - // IsEnabled: to.Ptr(true), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/settings/DeleteEyesOnSetting.json -func ExampleProductSettingsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewProductSettingsClient().Delete(ctx, "myRg", "myWorkspace", "EyesOn", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/settings/UpdateEyesOnSetting.json -func ExampleProductSettingsClient_Update() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewProductSettingsClient().Update(ctx, "myRg", "myWorkspace", "EyesOn", &armsecurityinsights.EyesOn{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Kind: to.Ptr(armsecurityinsights.SettingKindEyesOn), - Properties: &armsecurityinsights.EyesOnSettingsProperties{}, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.ProductSettingsClientUpdateResponse{ - // SettingsClassification: &armsecurityinsights.EyesOn{ - // Name: to.Ptr("EyesOn"), - // Type: to.Ptr("Microsoft.SecurityInsights/settings"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/mms-eus/providers/Microsoft.OperationalInsights/workspaces/avdvirInt/providers/Microsoft.SecurityInsights/settings/EyesOn"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.SettingKindEyesOn), - // Properties: &armsecurityinsights.EyesOnSettingsProperties{ - // IsEnabled: to.Ptr(true), - // }, - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/domainwhois_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplate_client.go similarity index 50% rename from sdk/resourcemanager/securityinsights/armsecurityinsights/domainwhois_client.go rename to sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplate_client.go index eb31c33a5708..dd5c4185c5cd 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/domainwhois_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplate_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -20,61 +17,62 @@ import ( "strings" ) -// DomainWhoisClient contains the methods for the DomainWhois group. -// Don't use this type directly, use NewDomainWhoisClient() instead. -type DomainWhoisClient struct { +// ProductTemplateClient contains the methods for the ProductTemplate group. +// Don't use this type directly, use NewProductTemplateClient() instead. +type ProductTemplateClient struct { internal *arm.Client subscriptionID string } -// NewDomainWhoisClient creates a new instance of DomainWhoisClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// NewProductTemplateClient creates a new instance of ProductTemplateClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. -func NewDomainWhoisClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*DomainWhoisClient, error) { +func NewProductTemplateClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ProductTemplateClient, error) { cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) if err != nil { return nil, err } - client := &DomainWhoisClient{ + client := &ProductTemplateClient{ subscriptionID: subscriptionID, internal: cl, } return client, nil } -// Get - Get whois information for a single domain name +// Get - Gets a template by its identifier. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. -// - domain - Domain name to be enriched -// - options - DomainWhoisClientGetOptions contains the optional parameters for the DomainWhoisClient.Get method. -func (client *DomainWhoisClient) Get(ctx context.Context, resourceGroupName string, domain string, options *DomainWhoisClientGetOptions) (DomainWhoisClientGetResponse, error) { +// - workspaceName - The name of the workspace. +// - templateID - template Id +// - options - ProductTemplateClientGetOptions contains the optional parameters for the ProductTemplateClient.Get method. +func (client *ProductTemplateClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *ProductTemplateClientGetOptions) (ProductTemplateClientGetResponse, error) { var err error - const operationName = "DomainWhoisClient.Get" + const operationName = "ProductTemplateClient.Get" ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) defer func() { endSpan(err) }() - req, err := client.getCreateRequest(ctx, resourceGroupName, domain, options) + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, templateID, options) if err != nil { - return DomainWhoisClientGetResponse{}, err + return ProductTemplateClientGetResponse{}, err } httpResp, err := client.internal.Pipeline().Do(req) if err != nil { - return DomainWhoisClientGetResponse{}, err + return ProductTemplateClientGetResponse{}, err } if !runtime.HasStatusCode(httpResp, http.StatusOK) { err = runtime.NewResponseError(httpResp) - return DomainWhoisClientGetResponse{}, err + return ProductTemplateClientGetResponse{}, err } resp, err := client.getHandleResponse(httpResp) return resp, err } // getCreateRequest creates the Get request. -func (client *DomainWhoisClient) getCreateRequest(ctx context.Context, resourceGroupName string, domain string, options *DomainWhoisClientGetOptions) (*policy.Request, error) { - urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/domain/whois/" +func (client *ProductTemplateClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, _ *ProductTemplateClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentproducttemplates/{templateId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") } @@ -83,23 +81,30 @@ func (client *DomainWhoisClient) getCreateRequest(ctx context.Context, resourceG return nil, errors.New("parameter resourceGroupName cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if templateID == "" { + return nil, errors.New("parameter templateID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{templateId}", url.PathEscape(templateID)) req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) if err != nil { return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") - reqQP.Set("domain", domain) + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } // getHandleResponse handles the Get response. -func (client *DomainWhoisClient) getHandleResponse(resp *http.Response) (DomainWhoisClientGetResponse, error) { - result := DomainWhoisClientGetResponse{} - if err := runtime.UnmarshalAsJSON(resp, &result.EnrichmentDomainWhois); err != nil { - return DomainWhoisClientGetResponse{}, err +func (client *ProductTemplateClient) getHandleResponse(resp *http.Response) (ProductTemplateClientGetResponse, error) { + result := ProductTemplateClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ProductTemplateModel); err != nil { + return ProductTemplateClientGetResponse{}, err } return result, nil } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplates_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplates_client.go new file mode 100644 index 000000000000..832cc2972233 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplates_client.go @@ -0,0 +1,128 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// ProductTemplatesClient contains the methods for the ProductTemplates group. +// Don't use this type directly, use NewProductTemplatesClient() instead. +type ProductTemplatesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewProductTemplatesClient creates a new instance of ProductTemplatesClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewProductTemplatesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ProductTemplatesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ProductTemplatesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets all templates in the catalog. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - ProductTemplatesClientListOptions contains the optional parameters for the ProductTemplatesClient.NewListPager +// method. +func (client *ProductTemplatesClient) NewListPager(resourceGroupName string, workspaceName string, options *ProductTemplatesClientListOptions) *runtime.Pager[ProductTemplatesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ProductTemplatesClientListResponse]{ + More: func(page ProductTemplatesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ProductTemplatesClientListResponse) (ProductTemplatesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ProductTemplatesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return ProductTemplatesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ProductTemplatesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ProductTemplatesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductTemplates" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Count != nil { + reqQP.Set("$count", strconv.FormatBool(*options.Count)) + } + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.Search != nil { + reqQP.Set("$search", *options.Search) + } + if options != nil && options.Skip != nil { + reqQP.Set("$skip", strconv.FormatInt(int64(*options.Skip), 10)) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ProductTemplatesClient) listHandleResponse(resp *http.Response) (ProductTemplatesClientListResponse, error) { + result := ProductTemplatesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ProductTemplateList); err != nil { + return ProductTemplatesClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/reevaluate_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/reevaluate_client.go new file mode 100644 index 000000000000..688cb65a8437 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/reevaluate_client.go @@ -0,0 +1,111 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ReevaluateClient contains the methods for the Reevaluate group. +// Don't use this type directly, use NewReevaluateClient() instead. +type ReevaluateClient struct { + internal *arm.Client + subscriptionID string +} + +// NewReevaluateClient creates a new instance of ReevaluateClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewReevaluateClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ReevaluateClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ReevaluateClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Recommendation - Reevaluate a recommendation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - recommendationID - Recommendation Id. +// - options - ReevaluateClientRecommendationOptions contains the optional parameters for the ReevaluateClient.Recommendation +// method. +func (client *ReevaluateClient) Recommendation(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, options *ReevaluateClientRecommendationOptions) (ReevaluateClientRecommendationResponse, error) { + var err error + const operationName = "ReevaluateClient.Recommendation" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.recommendationCreateRequest(ctx, resourceGroupName, workspaceName, recommendationID, options) + if err != nil { + return ReevaluateClientRecommendationResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ReevaluateClientRecommendationResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ReevaluateClientRecommendationResponse{}, err + } + resp, err := client.recommendationHandleResponse(httpResp) + return resp, err +} + +// recommendationCreateRequest creates the Recommendation request. +func (client *ReevaluateClient) recommendationCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, _ *ReevaluateClientRecommendationOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId}/triggerEvaluation" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if recommendationID == "" { + return nil, errors.New("parameter recommendationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{recommendationId}", url.PathEscape(recommendationID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// recommendationHandleResponse handles the Recommendation response. +func (client *ReevaluateClient) recommendationHandleResponse(resp *http.Response) (ReevaluateClientRecommendationResponse, error) { + result := ReevaluateClientRecommendationResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ReevaluateResponse); err != nil { + return ReevaluateClientRecommendationResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/responses.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/responses.go index d6afad42cbd6..e6178703e761 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/responses.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/responses.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -31,22 +28,17 @@ type ActionsClientListByAlertRuleResponse struct { ActionsList } +// AlertRuleClientTriggerRuleRunResponse contains the response from method AlertRuleClient.BeginTriggerRuleRun. +type AlertRuleClientTriggerRuleRunResponse struct { + // placeholder for future response values +} + // AlertRuleTemplatesClientGetResponse contains the response from method AlertRuleTemplatesClient.Get. type AlertRuleTemplatesClientGetResponse struct { // Alert rule template. AlertRuleTemplateClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRuleTemplatesClientGetResponse. -func (a *AlertRuleTemplatesClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalAlertRuleTemplateClassification(data) - if err != nil { - return err - } - a.AlertRuleTemplateClassification = res - return nil -} - // AlertRuleTemplatesClientListResponse contains the response from method AlertRuleTemplatesClient.NewListPager. type AlertRuleTemplatesClientListResponse struct { // List all the alert rule templates. @@ -59,16 +51,6 @@ type AlertRulesClientCreateOrUpdateResponse struct { AlertRuleClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRulesClientCreateOrUpdateResponse. -func (a *AlertRulesClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalAlertRuleClassification(data) - if err != nil { - return err - } - a.AlertRuleClassification = res - return nil -} - // AlertRulesClientDeleteResponse contains the response from method AlertRulesClient.Delete. type AlertRulesClientDeleteResponse struct { // placeholder for future response values @@ -80,16 +62,6 @@ type AlertRulesClientGetResponse struct { AlertRuleClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRulesClientGetResponse. -func (a *AlertRulesClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalAlertRuleClassification(data) - if err != nil { - return err - } - a.AlertRuleClassification = res - return nil -} - // AlertRulesClientListResponse contains the response from method AlertRulesClient.NewListPager. type AlertRulesClientListResponse struct { // List all the alert rules. @@ -117,6 +89,18 @@ type AutomationRulesClientListResponse struct { AutomationRulesList } +// BillingStatisticsClientGetResponse contains the response from method BillingStatisticsClient.Get. +type BillingStatisticsClientGetResponse struct { + // Billing statistic + BillingStatisticClassification +} + +// BillingStatisticsClientListResponse contains the response from method BillingStatisticsClient.NewListPager. +type BillingStatisticsClientListResponse struct { + // List of all Microsoft Sentinel billing statistics. + BillingStatisticList +} + // BookmarkClientExpandResponse contains the response from method BookmarkClient.Expand. type BookmarkClientExpandResponse struct { // The entity expansion result operation response. @@ -169,6 +153,112 @@ type BookmarksClientListResponse struct { BookmarkList } +// BusinessApplicationAgentClientGetResponse contains the response from method BusinessApplicationAgentClient.Get. +type BusinessApplicationAgentClientGetResponse struct { + // Describes the configuration of a Business Application Agent. + BusinessApplicationAgentResource +} + +// BusinessApplicationAgentsClientCreateOrUpdateResponse contains the response from method BusinessApplicationAgentsClient.CreateOrUpdate. +type BusinessApplicationAgentsClientCreateOrUpdateResponse struct { + // Describes the configuration of a Business Application Agent. + BusinessApplicationAgentResource +} + +// BusinessApplicationAgentsClientDeleteResponse contains the response from method BusinessApplicationAgentsClient.Delete. +type BusinessApplicationAgentsClientDeleteResponse struct { + // placeholder for future response values +} + +// BusinessApplicationAgentsClientListResponse contains the response from method BusinessApplicationAgentsClient.NewListPager. +type BusinessApplicationAgentsClientListResponse struct { + // List of agents. + BusinessApplicationAgentsList +} + +// ClientListGeodataByIPResponse contains the response from method Client.ListGeodataByIP. +type ClientListGeodataByIPResponse struct { + // Geodata information for a given IP address + EnrichmentIPGeodata +} + +// ClientListWhoisByDomainResponse contains the response from method Client.ListWhoisByDomain. +type ClientListWhoisByDomainResponse struct { + // Whois information for a given domain and associated metadata + EnrichmentDomainWhois +} + +// ContentPackageClientInstallResponse contains the response from method ContentPackageClient.Install. +type ContentPackageClientInstallResponse struct { + // Represents a Package in Azure Security Insights. + PackageModel +} + +// ContentPackageClientUninstallResponse contains the response from method ContentPackageClient.Uninstall. +type ContentPackageClientUninstallResponse struct { + // placeholder for future response values +} + +// ContentPackagesClientGetResponse contains the response from method ContentPackagesClient.Get. +type ContentPackagesClientGetResponse struct { + // Represents a Package in Azure Security Insights. + PackageModel +} + +// ContentPackagesClientListResponse contains the response from method ContentPackagesClient.NewListPager. +type ContentPackagesClientListResponse struct { + // List available packages. + PackageList +} + +// ContentTemplateClientDeleteResponse contains the response from method ContentTemplateClient.Delete. +type ContentTemplateClientDeleteResponse struct { + // placeholder for future response values +} + +// ContentTemplateClientGetResponse contains the response from method ContentTemplateClient.Get. +type ContentTemplateClientGetResponse struct { + // Template resource definition. + TemplateModel +} + +// ContentTemplateClientInstallResponse contains the response from method ContentTemplateClient.Install. +type ContentTemplateClientInstallResponse struct { + // Template resource definition. + TemplateModel +} + +// ContentTemplatesClientListResponse contains the response from method ContentTemplatesClient.NewListPager. +type ContentTemplatesClientListResponse struct { + // List of all the template. + TemplateList +} + +// DataConnectorDefinitionsClientCreateOrUpdateResponse contains the response from method DataConnectorDefinitionsClient.CreateOrUpdate. +type DataConnectorDefinitionsClientCreateOrUpdateResponse struct { + // An Azure resource, which encapsulate the entire info requires to display a data connector page in Azure portal, + // and the info required to define data connections. + DataConnectorDefinitionClassification +} + +// DataConnectorDefinitionsClientDeleteResponse contains the response from method DataConnectorDefinitionsClient.Delete. +type DataConnectorDefinitionsClientDeleteResponse struct { + // placeholder for future response values +} + +// DataConnectorDefinitionsClientGetResponse contains the response from method DataConnectorDefinitionsClient.Get. +type DataConnectorDefinitionsClientGetResponse struct { + // An Azure resource, which encapsulate the entire info requires to display a data connector page in Azure portal, + // and the info required to define data connections. + DataConnectorDefinitionClassification +} + +// DataConnectorDefinitionsClientListResponse contains the response from method DataConnectorDefinitionsClient.NewListPager. +type DataConnectorDefinitionsClientListResponse struct { + // Encapsulate the data connector definition object + DataConnectorDefinitionArmCollectionWrapper +} + // DataConnectorsCheckRequirementsClientPostResponse contains the response from method DataConnectorsCheckRequirementsClient.Post. type DataConnectorsCheckRequirementsClientPostResponse struct { // Data connector requirements status. @@ -186,16 +276,6 @@ type DataConnectorsClientCreateOrUpdateResponse struct { DataConnectorClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsClientCreateOrUpdateResponse. -func (d *DataConnectorsClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalDataConnectorClassification(data) - if err != nil { - return err - } - d.DataConnectorClassification = res - return nil -} - // DataConnectorsClientDeleteResponse contains the response from method DataConnectorsClient.Delete. type DataConnectorsClientDeleteResponse struct { // placeholder for future response values @@ -212,28 +292,12 @@ type DataConnectorsClientGetResponse struct { DataConnectorClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsClientGetResponse. -func (d *DataConnectorsClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalDataConnectorClassification(data) - if err != nil { - return err - } - d.DataConnectorClassification = res - return nil -} - // DataConnectorsClientListResponse contains the response from method DataConnectorsClient.NewListPager. type DataConnectorsClientListResponse struct { // List all the data connectors. DataConnectorList } -// DomainWhoisClientGetResponse contains the response from method DomainWhoisClient.Get. -type DomainWhoisClientGetResponse struct { - // Whois information for a given domain and associated metadata - EnrichmentDomainWhois -} - // EntitiesClientExpandResponse contains the response from method EntitiesClient.Expand. type EntitiesClientExpandResponse struct { // The entity expansion result operation response. @@ -252,28 +316,23 @@ type EntitiesClientGetResponse struct { EntityClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntitiesClientGetResponse. -func (e *EntitiesClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalEntityClassification(data) - if err != nil { - return err - } - e.EntityClassification = res - return nil -} - // EntitiesClientListResponse contains the response from method EntitiesClient.NewListPager. type EntitiesClientListResponse struct { // List of all the entities. EntityList } -// EntitiesClientQueriesResponse contains the response from method EntitiesClient.Queries. +// EntitiesClientQueriesResponse contains the response from method EntitiesClient.NewQueriesPager. type EntitiesClientQueriesResponse struct { // Retrieve queries for entity result operation response. GetQueriesResponse } +// EntitiesClientRunPlaybookResponse contains the response from method EntitiesClient.RunPlaybook. +type EntitiesClientRunPlaybookResponse struct { + // placeholder for future response values +} + // EntitiesGetTimelineClientListResponse contains the response from method EntitiesGetTimelineClient.List. type EntitiesGetTimelineClientListResponse struct { // The entity timeline result operation response. @@ -292,16 +351,6 @@ type EntityQueriesClientCreateOrUpdateResponse struct { EntityQueryClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueriesClientCreateOrUpdateResponse. -func (e *EntityQueriesClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalEntityQueryClassification(data) - if err != nil { - return err - } - e.EntityQueryClassification = res - return nil -} - // EntityQueriesClientDeleteResponse contains the response from method EntityQueriesClient.Delete. type EntityQueriesClientDeleteResponse struct { // placeholder for future response values @@ -313,16 +362,6 @@ type EntityQueriesClientGetResponse struct { EntityQueryClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueriesClientGetResponse. -func (e *EntityQueriesClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalEntityQueryClassification(data) - if err != nil { - return err - } - e.EntityQueryClassification = res - return nil -} - // EntityQueriesClientListResponse contains the response from method EntityQueriesClient.NewListPager. type EntityQueriesClientListResponse struct { // List of all the entity queries. @@ -335,16 +374,6 @@ type EntityQueryTemplatesClientGetResponse struct { EntityQueryTemplateClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryTemplatesClientGetResponse. -func (e *EntityQueryTemplatesClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalEntityQueryTemplateClassification(data) - if err != nil { - return err - } - e.EntityQueryTemplateClassification = res - return nil -} - // EntityQueryTemplatesClientListResponse contains the response from method EntityQueryTemplatesClient.NewListPager. type EntityQueryTemplatesClientListResponse struct { // List of all the entity query templates. @@ -381,10 +410,91 @@ type FileImportsClientListResponse struct { FileImportList } -// IPGeodataClientGetResponse contains the response from method IPGeodataClient.Get. -type IPGeodataClientGetResponse struct { - // Geodata information for a given IP address - EnrichmentIPGeodata +// GetClientSingleRecommendationResponse contains the response from method GetClient.SingleRecommendation. +type GetClientSingleRecommendationResponse struct { + // Recommendation object. + Recommendation +} + +// GetRecommendationsClientListResponse contains the response from method GetRecommendationsClient.NewListPager. +type GetRecommendationsClientListResponse struct { + // A list of recommendations + RecommendationList +} + +// GetTriggeredAnalyticsRuleRunsClientListResponse contains the response from method GetTriggeredAnalyticsRuleRunsClient.NewListPager. +type GetTriggeredAnalyticsRuleRunsClientListResponse struct { + // The triggered analytics rule run array + TriggeredAnalyticsRuleRuns +} + +// HuntCommentsClientCreateOrUpdateResponse contains the response from method HuntCommentsClient.CreateOrUpdate. +type HuntCommentsClientCreateOrUpdateResponse struct { + // Represents a Hunt Comment in Azure Security Insights + HuntComment +} + +// HuntCommentsClientDeleteResponse contains the response from method HuntCommentsClient.Delete. +type HuntCommentsClientDeleteResponse struct { + // placeholder for future response values +} + +// HuntCommentsClientGetResponse contains the response from method HuntCommentsClient.Get. +type HuntCommentsClientGetResponse struct { + // Represents a Hunt Comment in Azure Security Insights + HuntComment +} + +// HuntCommentsClientListResponse contains the response from method HuntCommentsClient.NewListPager. +type HuntCommentsClientListResponse struct { + // List of all hunt comments + HuntCommentList +} + +// HuntRelationsClientCreateOrUpdateResponse contains the response from method HuntRelationsClient.CreateOrUpdate. +type HuntRelationsClientCreateOrUpdateResponse struct { + // Represents a Hunt Relation in Azure Security Insights. + HuntRelation +} + +// HuntRelationsClientDeleteResponse contains the response from method HuntRelationsClient.Delete. +type HuntRelationsClientDeleteResponse struct { + // placeholder for future response values +} + +// HuntRelationsClientGetResponse contains the response from method HuntRelationsClient.Get. +type HuntRelationsClientGetResponse struct { + // Represents a Hunt Relation in Azure Security Insights. + HuntRelation +} + +// HuntRelationsClientListResponse contains the response from method HuntRelationsClient.NewListPager. +type HuntRelationsClientListResponse struct { + // List of all the hunt relations + HuntRelationList +} + +// HuntsClientCreateOrUpdateResponse contains the response from method HuntsClient.CreateOrUpdate. +type HuntsClientCreateOrUpdateResponse struct { + // Represents a Hunt in Azure Security Insights. + Hunt +} + +// HuntsClientDeleteResponse contains the response from method HuntsClient.Delete. +type HuntsClientDeleteResponse struct { + // placeholder for future response values +} + +// HuntsClientGetResponse contains the response from method HuntsClient.Get. +type HuntsClientGetResponse struct { + // Represents a Hunt in Azure Security Insights. + Hunt +} + +// HuntsClientListResponse contains the response from method HuntsClient.NewListPager. +type HuntsClientListResponse struct { + // List all the hunts. + HuntList } // IncidentCommentsClientCreateOrUpdateResponse contains the response from method IncidentCommentsClient.CreateOrUpdate. @@ -406,7 +516,6 @@ type IncidentCommentsClientGetResponse struct { // IncidentCommentsClientListResponse contains the response from method IncidentCommentsClient.NewListPager. type IncidentCommentsClientListResponse struct { - // List of incident comments. IncidentCommentList } @@ -433,18 +542,31 @@ type IncidentRelationsClientListResponse struct { RelationList } +// IncidentTasksClientCreateOrUpdateResponse contains the response from method IncidentTasksClient.CreateOrUpdate. +type IncidentTasksClientCreateOrUpdateResponse struct { + IncidentTask +} + +// IncidentTasksClientDeleteResponse contains the response from method IncidentTasksClient.Delete. +type IncidentTasksClientDeleteResponse struct { + // placeholder for future response values +} + +// IncidentTasksClientGetResponse contains the response from method IncidentTasksClient.Get. +type IncidentTasksClientGetResponse struct { + IncidentTask +} + +// IncidentTasksClientListResponse contains the response from method IncidentTasksClient.NewListPager. +type IncidentTasksClientListResponse struct { + IncidentTaskList +} + // IncidentsClientCreateOrUpdateResponse contains the response from method IncidentsClient.CreateOrUpdate. type IncidentsClientCreateOrUpdateResponse struct { - // Represents an incident in Azure Security Insights. Incident } -// IncidentsClientCreateTeamResponse contains the response from method IncidentsClient.CreateTeam. -type IncidentsClientCreateTeamResponse struct { - // Describes team information - TeamInformation -} - // IncidentsClientDeleteResponse contains the response from method IncidentsClient.Delete. type IncidentsClientDeleteResponse struct { // placeholder for future response values @@ -452,7 +574,6 @@ type IncidentsClientDeleteResponse struct { // IncidentsClientGetResponse contains the response from method IncidentsClient.Get. type IncidentsClientGetResponse struct { - // Represents an incident in Azure Security Insights. Incident } @@ -538,6 +659,18 @@ type OperationsClientListResponse struct { OperationsList } +// ProductPackageClientGetResponse contains the response from method ProductPackageClient.Get. +type ProductPackageClientGetResponse struct { + // Represents a Package in Azure Security Insights. + ProductPackageModel +} + +// ProductPackagesClientListResponse contains the response from method ProductPackagesClient.NewListPager. +type ProductPackagesClientListResponse struct { + // List available packages. + ProductPackageList +} + // ProductSettingsClientDeleteResponse contains the response from method ProductSettingsClient.Delete. type ProductSettingsClientDeleteResponse struct { // placeholder for future response values @@ -549,17 +682,7 @@ type ProductSettingsClientGetResponse struct { SettingsClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type ProductSettingsClientGetResponse. -func (p *ProductSettingsClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalSettingsClassification(data) - if err != nil { - return err - } - p.SettingsClassification = res - return nil -} - -// ProductSettingsClientListResponse contains the response from method ProductSettingsClient.List. +// ProductSettingsClientListResponse contains the response from method ProductSettingsClient.NewListPager. type ProductSettingsClientListResponse struct { // List of all the settings. SettingList @@ -571,14 +694,22 @@ type ProductSettingsClientUpdateResponse struct { SettingsClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type ProductSettingsClientUpdateResponse. -func (p *ProductSettingsClientUpdateResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalSettingsClassification(data) - if err != nil { - return err - } - p.SettingsClassification = res - return nil +// ProductTemplateClientGetResponse contains the response from method ProductTemplateClient.Get. +type ProductTemplateClientGetResponse struct { + // Template resource definition. + ProductTemplateModel +} + +// ProductTemplatesClientListResponse contains the response from method ProductTemplatesClient.NewListPager. +type ProductTemplatesClientListResponse struct { + // List of all the template. + ProductTemplateList +} + +// ReevaluateClientRecommendationResponse contains the response from method ReevaluateClient.Recommendation. +type ReevaluateClientRecommendationResponse struct { + // Reevaluate response object. + ReevaluateResponse } // SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse contains the response from method SecurityMLAnalyticsSettingsClient.CreateOrUpdate. @@ -587,16 +718,6 @@ type SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse struct { SecurityMLAnalyticsSettingClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse. -func (s *SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalSecurityMLAnalyticsSettingClassification(data) - if err != nil { - return err - } - s.SecurityMLAnalyticsSettingClassification = res - return nil -} - // SecurityMLAnalyticsSettingsClientDeleteResponse contains the response from method SecurityMLAnalyticsSettingsClient.Delete. type SecurityMLAnalyticsSettingsClientDeleteResponse struct { // placeholder for future response values @@ -608,16 +729,6 @@ type SecurityMLAnalyticsSettingsClientGetResponse struct { SecurityMLAnalyticsSettingClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsClientGetResponse. -func (s *SecurityMLAnalyticsSettingsClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalSecurityMLAnalyticsSettingClassification(data) - if err != nil { - return err - } - s.SecurityMLAnalyticsSettingClassification = res - return nil -} - // SecurityMLAnalyticsSettingsClientListResponse contains the response from method SecurityMLAnalyticsSettingsClient.NewListPager. type SecurityMLAnalyticsSettingsClientListResponse struct { // List all the SecurityMLAnalyticsSettings @@ -661,7 +772,8 @@ type SourceControlsClientCreateResponse struct { // SourceControlsClientDeleteResponse contains the response from method SourceControlsClient.Delete. type SourceControlsClientDeleteResponse struct { - // placeholder for future response values + // Warning response structure. + Warning } // SourceControlsClientGetResponse contains the response from method SourceControlsClient.Get. @@ -676,6 +788,57 @@ type SourceControlsClientListResponse struct { SourceControlList } +// SystemsClientCreateOrUpdateResponse contains the response from method SystemsClient.CreateOrUpdate. +type SystemsClientCreateOrUpdateResponse struct { + // Describes the system within the agent. + SystemResource +} + +// SystemsClientDeleteResponse contains the response from method SystemsClient.Delete. +type SystemsClientDeleteResponse struct { + // placeholder for future response values +} + +// SystemsClientGetResponse contains the response from method SystemsClient.Get. +type SystemsClientGetResponse struct { + // Describes the system within the agent. + SystemResource +} + +// SystemsClientListActionsResponse contains the response from method SystemsClient.NewListActionsPager. +type SystemsClientListActionsResponse struct { + // List all actions for a system to perform. + ListActionsResponse +} + +// SystemsClientListResponse contains the response from method SystemsClient.NewListPager. +type SystemsClientListResponse struct { + // List of Agent's Systems. + SystemsList +} + +// SystemsClientReportActionStatusResponse contains the response from method SystemsClient.ReportActionStatus. +type SystemsClientReportActionStatusResponse struct { + // placeholder for future response values +} + +// SystemsClientUndoActionResponse contains the response from method SystemsClient.UndoAction. +type SystemsClientUndoActionResponse struct { + // placeholder for future response values +} + +// ThreatIntelligenceClientCountResponse contains the response from method ThreatIntelligenceClient.Count. +type ThreatIntelligenceClientCountResponse struct { + // Count of all the threat intelligence objects on the workspace that match the provided query. + ThreatIntelligenceCount +} + +// ThreatIntelligenceClientQueryResponse contains the response from method ThreatIntelligenceClient.NewQueryPager. +type ThreatIntelligenceClientQueryResponse struct { + // List all the threat intelligence objects on the workspace that match the provided query. + ThreatIntelligenceList +} + // ThreatIntelligenceIndicatorClientAppendTagsResponse contains the response from method ThreatIntelligenceIndicatorClient.AppendTags. type ThreatIntelligenceIndicatorClientAppendTagsResponse struct { // placeholder for future response values @@ -687,32 +850,12 @@ type ThreatIntelligenceIndicatorClientCreateIndicatorResponse struct { ThreatIntelligenceInformationClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientCreateIndicatorResponse. -func (t *ThreatIntelligenceIndicatorClientCreateIndicatorResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalThreatIntelligenceInformationClassification(data) - if err != nil { - return err - } - t.ThreatIntelligenceInformationClassification = res - return nil -} - // ThreatIntelligenceIndicatorClientCreateResponse contains the response from method ThreatIntelligenceIndicatorClient.Create. type ThreatIntelligenceIndicatorClientCreateResponse struct { // Threat intelligence information object. ThreatIntelligenceInformationClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientCreateResponse. -func (t *ThreatIntelligenceIndicatorClientCreateResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalThreatIntelligenceInformationClassification(data) - if err != nil { - return err - } - t.ThreatIntelligenceInformationClassification = res - return nil -} - // ThreatIntelligenceIndicatorClientDeleteResponse contains the response from method ThreatIntelligenceIndicatorClient.Delete. type ThreatIntelligenceIndicatorClientDeleteResponse struct { // placeholder for future response values @@ -724,16 +867,6 @@ type ThreatIntelligenceIndicatorClientGetResponse struct { ThreatIntelligenceInformationClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientGetResponse. -func (t *ThreatIntelligenceIndicatorClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalThreatIntelligenceInformationClassification(data) - if err != nil { - return err - } - t.ThreatIntelligenceInformationClassification = res - return nil -} - // ThreatIntelligenceIndicatorClientQueryIndicatorsResponse contains the response from method ThreatIntelligenceIndicatorClient.NewQueryIndicatorsPager. type ThreatIntelligenceIndicatorClientQueryIndicatorsResponse struct { // List of all the threat intelligence information objects. @@ -746,16 +879,6 @@ type ThreatIntelligenceIndicatorClientReplaceTagsResponse struct { ThreatIntelligenceInformationClassification } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientReplaceTagsResponse. -func (t *ThreatIntelligenceIndicatorClientReplaceTagsResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalThreatIntelligenceInformationClassification(data) - if err != nil { - return err - } - t.ThreatIntelligenceInformationClassification = res - return nil -} - // ThreatIntelligenceIndicatorMetricsClientListResponse contains the response from method ThreatIntelligenceIndicatorMetricsClient.List. type ThreatIntelligenceIndicatorMetricsClientListResponse struct { // List of all the threat intelligence metric fields (type/threat type/source). @@ -768,6 +891,18 @@ type ThreatIntelligenceIndicatorsClientListResponse struct { ThreatIntelligenceInformationList } +// TriggeredAnalyticsRuleRunClientGetResponse contains the response from method TriggeredAnalyticsRuleRunClient.Get. +type TriggeredAnalyticsRuleRunClientGetResponse struct { + // The triggered analytics rule run + TriggeredAnalyticsRuleRun +} + +// UpdateClientRecommendationResponse contains the response from method UpdateClient.Recommendation. +type UpdateClientRecommendationResponse struct { + // Recommendation object. + Recommendation +} + // WatchlistItemsClientCreateOrUpdateResponse contains the response from method WatchlistItemsClient.CreateOrUpdate. type WatchlistItemsClientCreateOrUpdateResponse struct { // Represents a Watchlist item in Azure Security Insights. @@ -791,19 +926,15 @@ type WatchlistItemsClientListResponse struct { WatchlistItemList } -// WatchlistsClientCreateOrUpdateResponse contains the response from method WatchlistsClient.CreateOrUpdate. +// WatchlistsClientCreateOrUpdateResponse contains the response from method WatchlistsClient.BeginCreateOrUpdate. type WatchlistsClientCreateOrUpdateResponse struct { // Represents a Watchlist in Azure Security Insights. Watchlist - - // AzureAsyncOperation contains the information returned from the Azure-AsyncOperation header response. - AzureAsyncOperation *string } -// WatchlistsClientDeleteResponse contains the response from method WatchlistsClient.Delete. +// WatchlistsClientDeleteResponse contains the response from method WatchlistsClient.BeginDelete. type WatchlistsClientDeleteResponse struct { - // AzureAsyncOperation contains the information returned from the Azure-AsyncOperation header response. - AzureAsyncOperation *string + // placeholder for future response values } // WatchlistsClientGetResponse contains the response from method WatchlistsClient.Get. @@ -817,3 +948,118 @@ type WatchlistsClientListResponse struct { // List all the watchlists. WatchlistList } + +// WorkspaceManagerAssignmentJobsClientCreateResponse contains the response from method WorkspaceManagerAssignmentJobsClient.Create. +type WorkspaceManagerAssignmentJobsClientCreateResponse struct { + // The assignment job + Job +} + +// WorkspaceManagerAssignmentJobsClientDeleteResponse contains the response from method WorkspaceManagerAssignmentJobsClient.Delete. +type WorkspaceManagerAssignmentJobsClientDeleteResponse struct { + // placeholder for future response values +} + +// WorkspaceManagerAssignmentJobsClientGetResponse contains the response from method WorkspaceManagerAssignmentJobsClient.Get. +type WorkspaceManagerAssignmentJobsClientGetResponse struct { + // The assignment job + Job +} + +// WorkspaceManagerAssignmentJobsClientListResponse contains the response from method WorkspaceManagerAssignmentJobsClient.NewListPager. +type WorkspaceManagerAssignmentJobsClientListResponse struct { + // List of all the jobs + JobList +} + +// WorkspaceManagerAssignmentsClientCreateOrUpdateResponse contains the response from method WorkspaceManagerAssignmentsClient.CreateOrUpdate. +type WorkspaceManagerAssignmentsClientCreateOrUpdateResponse struct { + // The workspace manager assignment + WorkspaceManagerAssignment +} + +// WorkspaceManagerAssignmentsClientDeleteResponse contains the response from method WorkspaceManagerAssignmentsClient.Delete. +type WorkspaceManagerAssignmentsClientDeleteResponse struct { + // placeholder for future response values +} + +// WorkspaceManagerAssignmentsClientGetResponse contains the response from method WorkspaceManagerAssignmentsClient.Get. +type WorkspaceManagerAssignmentsClientGetResponse struct { + // The workspace manager assignment + WorkspaceManagerAssignment +} + +// WorkspaceManagerAssignmentsClientListResponse contains the response from method WorkspaceManagerAssignmentsClient.NewListPager. +type WorkspaceManagerAssignmentsClientListResponse struct { + // List of all the workspace manager assignments. + WorkspaceManagerAssignmentList +} + +// WorkspaceManagerConfigurationsClientCreateOrUpdateResponse contains the response from method WorkspaceManagerConfigurationsClient.CreateOrUpdate. +type WorkspaceManagerConfigurationsClientCreateOrUpdateResponse struct { + // The workspace manager configuration + WorkspaceManagerConfiguration +} + +// WorkspaceManagerConfigurationsClientDeleteResponse contains the response from method WorkspaceManagerConfigurationsClient.Delete. +type WorkspaceManagerConfigurationsClientDeleteResponse struct { + // placeholder for future response values +} + +// WorkspaceManagerConfigurationsClientGetResponse contains the response from method WorkspaceManagerConfigurationsClient.Get. +type WorkspaceManagerConfigurationsClientGetResponse struct { + // The workspace manager configuration + WorkspaceManagerConfiguration +} + +// WorkspaceManagerConfigurationsClientListResponse contains the response from method WorkspaceManagerConfigurationsClient.NewListPager. +type WorkspaceManagerConfigurationsClientListResponse struct { + // List all the workspace manager configurations for the workspace. + WorkspaceManagerConfigurationList +} + +// WorkspaceManagerGroupsClientCreateOrUpdateResponse contains the response from method WorkspaceManagerGroupsClient.CreateOrUpdate. +type WorkspaceManagerGroupsClientCreateOrUpdateResponse struct { + // The workspace manager group + WorkspaceManagerGroup +} + +// WorkspaceManagerGroupsClientDeleteResponse contains the response from method WorkspaceManagerGroupsClient.Delete. +type WorkspaceManagerGroupsClientDeleteResponse struct { + // placeholder for future response values +} + +// WorkspaceManagerGroupsClientGetResponse contains the response from method WorkspaceManagerGroupsClient.Get. +type WorkspaceManagerGroupsClientGetResponse struct { + // The workspace manager group + WorkspaceManagerGroup +} + +// WorkspaceManagerGroupsClientListResponse contains the response from method WorkspaceManagerGroupsClient.NewListPager. +type WorkspaceManagerGroupsClientListResponse struct { + // List of all the workspace manager groups. + WorkspaceManagerGroupList +} + +// WorkspaceManagerMembersClientCreateOrUpdateResponse contains the response from method WorkspaceManagerMembersClient.CreateOrUpdate. +type WorkspaceManagerMembersClientCreateOrUpdateResponse struct { + // The workspace manager member + WorkspaceManagerMember +} + +// WorkspaceManagerMembersClientDeleteResponse contains the response from method WorkspaceManagerMembersClient.Delete. +type WorkspaceManagerMembersClientDeleteResponse struct { + // placeholder for future response values +} + +// WorkspaceManagerMembersClientGetResponse contains the response from method WorkspaceManagerMembersClient.Get. +type WorkspaceManagerMembersClientGetResponse struct { + // The workspace manager member + WorkspaceManagerMember +} + +// WorkspaceManagerMembersClientListResponse contains the response from method WorkspaceManagerMembersClient.NewListPager. +type WorkspaceManagerMembersClientListResponse struct { + // List of workspace manager members + WorkspaceManagerMembersList +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/responses_serde.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/responses_serde.go new file mode 100644 index 000000000000..1c0b046ff67f --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/responses_serde.go @@ -0,0 +1,206 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRuleTemplatesClientGetResponse. +func (a *AlertRuleTemplatesClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalAlertRuleTemplateClassification(data) + if err != nil { + return err + } + a.AlertRuleTemplateClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRulesClientCreateOrUpdateResponse. +func (a *AlertRulesClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalAlertRuleClassification(data) + if err != nil { + return err + } + a.AlertRuleClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRulesClientGetResponse. +func (a *AlertRulesClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalAlertRuleClassification(data) + if err != nil { + return err + } + a.AlertRuleClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type BillingStatisticsClientGetResponse. +func (b *BillingStatisticsClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalBillingStatisticClassification(data) + if err != nil { + return err + } + b.BillingStatisticClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDefinitionsClientCreateOrUpdateResponse. +func (d *DataConnectorDefinitionsClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalDataConnectorDefinitionClassification(data) + if err != nil { + return err + } + d.DataConnectorDefinitionClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDefinitionsClientGetResponse. +func (d *DataConnectorDefinitionsClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalDataConnectorDefinitionClassification(data) + if err != nil { + return err + } + d.DataConnectorDefinitionClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsClientCreateOrUpdateResponse. +func (d *DataConnectorsClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalDataConnectorClassification(data) + if err != nil { + return err + } + d.DataConnectorClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsClientGetResponse. +func (d *DataConnectorsClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalDataConnectorClassification(data) + if err != nil { + return err + } + d.DataConnectorClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntitiesClientGetResponse. +func (e *EntitiesClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalEntityClassification(data) + if err != nil { + return err + } + e.EntityClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueriesClientCreateOrUpdateResponse. +func (e *EntityQueriesClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalEntityQueryClassification(data) + if err != nil { + return err + } + e.EntityQueryClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueriesClientGetResponse. +func (e *EntityQueriesClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalEntityQueryClassification(data) + if err != nil { + return err + } + e.EntityQueryClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryTemplatesClientGetResponse. +func (e *EntityQueryTemplatesClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalEntityQueryTemplateClassification(data) + if err != nil { + return err + } + e.EntityQueryTemplateClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductSettingsClientGetResponse. +func (p *ProductSettingsClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalSettingsClassification(data) + if err != nil { + return err + } + p.SettingsClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductSettingsClientUpdateResponse. +func (p *ProductSettingsClientUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalSettingsClassification(data) + if err != nil { + return err + } + p.SettingsClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse. +func (s *SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalSecurityMLAnalyticsSettingClassification(data) + if err != nil { + return err + } + s.SecurityMLAnalyticsSettingClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsClientGetResponse. +func (s *SecurityMLAnalyticsSettingsClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalSecurityMLAnalyticsSettingClassification(data) + if err != nil { + return err + } + s.SecurityMLAnalyticsSettingClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientCreateIndicatorResponse. +func (t *ThreatIntelligenceIndicatorClientCreateIndicatorResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalThreatIntelligenceInformationClassification(data) + if err != nil { + return err + } + t.ThreatIntelligenceInformationClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientCreateResponse. +func (t *ThreatIntelligenceIndicatorClientCreateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalThreatIntelligenceInformationClassification(data) + if err != nil { + return err + } + t.ThreatIntelligenceInformationClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientGetResponse. +func (t *ThreatIntelligenceIndicatorClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalThreatIntelligenceInformationClassification(data) + if err != nil { + return err + } + t.ThreatIntelligenceInformationClassification = res + return nil +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientReplaceTagsResponse. +func (t *ThreatIntelligenceIndicatorClientReplaceTagsResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalThreatIntelligenceInformationClassification(data) + if err != nil { + return err + } + t.ThreatIntelligenceInformationClassification = res + return nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client.go index 3a99d0e445ac..f810264915a0 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type SecurityMLAnalyticsSettingsClient struct { } // NewSecurityMLAnalyticsSettingsClient creates a new instance of SecurityMLAnalyticsSettingsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewSecurityMLAnalyticsSettingsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*SecurityMLAnalyticsSettingsClient, error) { @@ -46,7 +43,7 @@ func NewSecurityMLAnalyticsSettingsClient(subscriptionID string, credential azco // CreateOrUpdate - Creates or updates the Security ML Analytics Settings. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - settingsResourceName - Security ML Analytics Settings resource name @@ -76,7 +73,7 @@ func (client *SecurityMLAnalyticsSettingsClient) CreateOrUpdate(ctx context.Cont } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *SecurityMLAnalyticsSettingsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, securityMLAnalyticsSetting SecurityMLAnalyticsSettingClassification, options *SecurityMLAnalyticsSettingsClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *SecurityMLAnalyticsSettingsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, securityMLAnalyticsSetting SecurityMLAnalyticsSettingClassification, _ *SecurityMLAnalyticsSettingsClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/{settingsResourceName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -99,7 +96,7 @@ func (client *SecurityMLAnalyticsSettingsClient) createOrUpdateCreateRequest(ctx return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, securityMLAnalyticsSetting); err != nil { @@ -120,7 +117,7 @@ func (client *SecurityMLAnalyticsSettingsClient) createOrUpdateHandleResponse(re // Delete - Delete the Security ML Analytics Settings. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - settingsResourceName - Security ML Analytics Settings resource name @@ -148,7 +145,7 @@ func (client *SecurityMLAnalyticsSettingsClient) Delete(ctx context.Context, res } // deleteCreateRequest creates the Delete request. -func (client *SecurityMLAnalyticsSettingsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, options *SecurityMLAnalyticsSettingsClientDeleteOptions) (*policy.Request, error) { +func (client *SecurityMLAnalyticsSettingsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, _ *SecurityMLAnalyticsSettingsClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/{settingsResourceName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -171,7 +168,7 @@ func (client *SecurityMLAnalyticsSettingsClient) deleteCreateRequest(ctx context return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -180,7 +177,7 @@ func (client *SecurityMLAnalyticsSettingsClient) deleteCreateRequest(ctx context // Get - Gets the Security ML Analytics Settings. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - settingsResourceName - Security ML Analytics Settings resource name @@ -209,7 +206,7 @@ func (client *SecurityMLAnalyticsSettingsClient) Get(ctx context.Context, resour } // getCreateRequest creates the Get request. -func (client *SecurityMLAnalyticsSettingsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, options *SecurityMLAnalyticsSettingsClientGetOptions) (*policy.Request, error) { +func (client *SecurityMLAnalyticsSettingsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, _ *SecurityMLAnalyticsSettingsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/{settingsResourceName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -232,7 +229,7 @@ func (client *SecurityMLAnalyticsSettingsClient) getCreateRequest(ctx context.Co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -249,7 +246,7 @@ func (client *SecurityMLAnalyticsSettingsClient) getHandleResponse(resp *http.Re // NewListPager - Gets all Security ML Analytics Settings. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - SecurityMLAnalyticsSettingsClientListOptions contains the optional parameters for the SecurityMLAnalyticsSettingsClient.NewListPager @@ -278,7 +275,7 @@ func (client *SecurityMLAnalyticsSettingsClient) NewListPager(resourceGroupName } // listCreateRequest creates the List request. -func (client *SecurityMLAnalyticsSettingsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *SecurityMLAnalyticsSettingsClientListOptions) (*policy.Request, error) { +func (client *SecurityMLAnalyticsSettingsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *SecurityMLAnalyticsSettingsClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -297,7 +294,7 @@ func (client *SecurityMLAnalyticsSettingsClient) listCreateRequest(ctx context.C return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client_example_test.go deleted file mode 100644 index 31e18e77befb..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client_example_test.go +++ /dev/null @@ -1,399 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/securityMLAnalyticsSettings/GetAllSecurityMLAnalyticsSettings.json -func ExampleSecurityMLAnalyticsSettingsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewSecurityMLAnalyticsSettingsClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.SecurityMLAnalyticsSettingsList = armsecurityinsights.SecurityMLAnalyticsSettingsList{ - // Value: []armsecurityinsights.SecurityMLAnalyticsSettingClassification{ - // &armsecurityinsights.AnomalySecurityMLAnalyticsSettings{ - // Name: to.Ptr("f209187f-1d17-4431-94af-c141bf5f23db"), - // Type: to.Ptr("Microsoft.SecurityInsights/securityMLAnalyticsSettings"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/f209187f-1d17-4431-94af-c141bf5f23db"), - // Etag: to.Ptr("\"260090e2-0000-0d00-0000-5d6fb8670000\""), - // Kind: to.Ptr(armsecurityinsights.SecurityMLAnalyticsSettingsKindAnomaly), - // Properties: &armsecurityinsights.AnomalySecurityMLAnalyticsSettingsProperties{ - // Description: to.Ptr("When account logs from a source region that has rarely been logged in from during the last 14 days, an anomaly is triggered."), - // AnomalySettingsVersion: to.Ptr[int32](0), - // AnomalyVersion: to.Ptr("1.0.5"), - // CustomizableObservations: map[string]any{ - // "multiSelectObservations": nil, - // "prioritizeExcludeObservations": nil, - // "singleSelectObservations":[]any{ - // map[string]any{ - // "name": "Device vendor", - // "description": "Select device vendor of network connection logs from CommonSecurityLog", - // "rerun": "RerunAlways", - // "sequenceNumber": float64(1), - // "supportedValues":[]any{ - // "Palo Alto Networks", - // "Fortinet", - // "Check Point", - // }, - // "supportedValuesKql": nil, - // "value":[]any{ - // "Palo Alto Networks", - // }, - // "valuesKql": nil, - // }, - // }, - // "singleValueObservations": nil, - // "thresholdObservations":[]any{ - // map[string]any{ - // "name": "Daily data transfer threshold in MB", - // "description": "Suppress anomalies when daily data transfered (in MB) per hour is less than the chosen value", - // "maximum": "100", - // "minimum": "1", - // "rerun": "RerunAlways", - // "sequenceNumber": float64(1), - // "value": "25", - // }, - // map[string]any{ - // "name": "Number of standard deviations", - // "description": "Triggers anomalies when number of standard deviations is greater than the chosen value", - // "maximum": "10", - // "minimum": "2", - // "rerun": "RerunAlways", - // "sequenceNumber": float64(2), - // "value": "3", - // }, - // }, - // }, - // DisplayName: to.Ptr("Login from unusual region"), - // Enabled: to.Ptr(true), - // Frequency: to.Ptr("PT1H"), - // IsDefaultSettings: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-10-20T13:13:11.534Z"); return t}()), - // RequiredDataConnectors: []*armsecurityinsights.SecurityMLAnalyticsSettingsDataSource{ - // { - // ConnectorID: to.Ptr("AWS"), - // DataTypes: []*string{ - // to.Ptr("AWSCloudTrail")}, - // }}, - // SettingsDefinitionID: to.Ptr("f209187f-1d17-4431-94af-c141bf5f23db"), - // SettingsStatus: to.Ptr(armsecurityinsights.SettingsStatusProduction), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl)}, - // Techniques: []*string{ - // to.Ptr("T1037"), - // to.Ptr("T1021")}, - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/securityMLAnalyticsSettings/GetAnomalySecurityMLAnalyticsSetting.json -func ExampleSecurityMLAnalyticsSettingsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewSecurityMLAnalyticsSettingsClient().Get(ctx, "myRg", "myWorkspace", "myFirstAnomalySettings", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.SecurityMLAnalyticsSettingsClientGetResponse{ - // SecurityMLAnalyticsSettingClassification: &armsecurityinsights.AnomalySecurityMLAnalyticsSettings{ - // Name: to.Ptr("f209187f-1d17-4431-94af-c141bf5f23db"), - // Type: to.Ptr("Microsoft.SecurityInsights/securityMLAnalyticsSettings"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/f209187f-1d17-4431-94af-c141bf5f23db"), - // Etag: to.Ptr("\"260090e2-0000-0d00-0000-5d6fb8670000\""), - // Kind: to.Ptr(armsecurityinsights.SecurityMLAnalyticsSettingsKindAnomaly), - // Properties: &armsecurityinsights.AnomalySecurityMLAnalyticsSettingsProperties{ - // Description: to.Ptr("When account logs from a source region that has rarely been logged in from during the last 14 days, an anomaly is triggered."), - // AnomalySettingsVersion: to.Ptr[int32](0), - // AnomalyVersion: to.Ptr("1.0.5"), - // CustomizableObservations: map[string]any{ - // "multiSelectObservations": nil, - // "prioritizeExcludeObservations": nil, - // "singleSelectObservations":[]any{ - // map[string]any{ - // "name": "Device vendor", - // "description": "Select device vendor of network connection logs from CommonSecurityLog", - // "rerun": "RerunAlways", - // "sequenceNumber": float64(1), - // "supportedValues":[]any{ - // "Palo Alto Networks", - // "Fortinet", - // "Check Point", - // }, - // "supportedValuesKql": nil, - // "value":[]any{ - // "Palo Alto Networks", - // }, - // "valuesKql": nil, - // }, - // }, - // "singleValueObservations": nil, - // "thresholdObservations":[]any{ - // map[string]any{ - // "name": "Daily data transfer threshold in MB", - // "description": "Suppress anomalies when daily data transfered (in MB) per hour is less than the chosen value", - // "maximum": "100", - // "minimum": "1", - // "rerun": "RerunAlways", - // "sequenceNumber": float64(1), - // "value": "25", - // }, - // map[string]any{ - // "name": "Number of standard deviations", - // "description": "Triggers anomalies when number of standard deviations is greater than the chosen value", - // "maximum": "10", - // "minimum": "2", - // "rerun": "RerunAlways", - // "sequenceNumber": float64(2), - // "value": "3", - // }, - // }, - // }, - // DisplayName: to.Ptr("Login from unusual region"), - // Enabled: to.Ptr(true), - // Frequency: to.Ptr("PT1H"), - // IsDefaultSettings: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-10-20T13:13:11.534Z"); return t}()), - // RequiredDataConnectors: []*armsecurityinsights.SecurityMLAnalyticsSettingsDataSource{ - // { - // ConnectorID: to.Ptr("AWS"), - // DataTypes: []*string{ - // to.Ptr("AWSCloudTrail")}, - // }}, - // SettingsDefinitionID: to.Ptr("f209187f-1d17-4431-94af-c141bf5f23db"), - // SettingsStatus: to.Ptr(armsecurityinsights.SettingsStatusProduction), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl)}, - // Techniques: []*string{ - // to.Ptr("T1037"), - // to.Ptr("T1021")}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/securityMLAnalyticsSettings/CreateAnomalySecurityMLAnalyticsSetting.json -func ExampleSecurityMLAnalyticsSettingsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewSecurityMLAnalyticsSettingsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "f209187f-1d17-4431-94af-c141bf5f23db", &armsecurityinsights.AnomalySecurityMLAnalyticsSettings{ - Etag: to.Ptr("\"260090e2-0000-0d00-0000-5d6fb8670000\""), - Kind: to.Ptr(armsecurityinsights.SecurityMLAnalyticsSettingsKindAnomaly), - Properties: &armsecurityinsights.AnomalySecurityMLAnalyticsSettingsProperties{ - Description: to.Ptr("When account logs from a source region that has rarely been logged in from during the last 14 days, an anomaly is triggered."), - AnomalySettingsVersion: to.Ptr[int32](0), - AnomalyVersion: to.Ptr("1.0.5"), - CustomizableObservations: map[string]any{ - "multiSelectObservations": nil, - "prioritizeExcludeObservations": nil, - "singleSelectObservations": []any{ - map[string]any{ - "name": "Device vendor", - "description": "Select device vendor of network connection logs from CommonSecurityLog", - "rerun": "RerunAlways", - "sequenceNumber": float64(1), - "supportedValues": []any{ - "Palo Alto Networks", - "Fortinet", - "Check Point", - }, - "supportedValuesKql": nil, - "value": []any{ - "Palo Alto Networks", - }, - "valuesKql": nil, - }, - }, - "singleValueObservations": nil, - "thresholdObservations": []any{ - map[string]any{ - "name": "Daily data transfer threshold in MB", - "description": "Suppress anomalies when daily data transfered (in MB) per hour is less than the chosen value", - "maximum": "100", - "minimum": "1", - "rerun": "RerunAlways", - "sequenceNumber": float64(1), - "value": "25", - }, - map[string]any{ - "name": "Number of standard deviations", - "description": "Triggers anomalies when number of standard deviations is greater than the chosen value", - "maximum": "10", - "minimum": "2", - "rerun": "RerunAlways", - "sequenceNumber": float64(2), - "value": "3", - }, - }, - }, - DisplayName: to.Ptr("Login from unusual region"), - Enabled: to.Ptr(true), - Frequency: to.Ptr("PT1H"), - IsDefaultSettings: to.Ptr(true), - RequiredDataConnectors: []*armsecurityinsights.SecurityMLAnalyticsSettingsDataSource{ - { - ConnectorID: to.Ptr("AWS"), - DataTypes: []*string{ - to.Ptr("AWSCloudTrail")}, - }}, - SettingsDefinitionID: to.Ptr("f209187f-1d17-4431-94af-c141bf5f23db"), - SettingsStatus: to.Ptr(armsecurityinsights.SettingsStatusProduction), - Tactics: []*armsecurityinsights.AttackTactic{ - to.Ptr(armsecurityinsights.AttackTacticExfiltration), - to.Ptr(armsecurityinsights.AttackTacticCommandAndControl)}, - Techniques: []*string{ - to.Ptr("T1037"), - to.Ptr("T1021")}, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse{ - // SecurityMLAnalyticsSettingClassification: &armsecurityinsights.AnomalySecurityMLAnalyticsSettings{ - // Name: to.Ptr("f209187f-1d17-4431-94af-c141bf5f23db"), - // Type: to.Ptr("Microsoft.SecurityInsights/securityMLAnalyticsSettings"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/f209187f-1d17-4431-94af-c141bf5f23db"), - // Etag: to.Ptr("\"01005144-0000-0d00-0000-6058632c0000\""), - // Kind: to.Ptr(armsecurityinsights.SecurityMLAnalyticsSettingsKindAnomaly), - // Properties: &armsecurityinsights.AnomalySecurityMLAnalyticsSettingsProperties{ - // Description: to.Ptr("When account logs from a source region that has rarely been logged in from during the last 14 days, an anomaly is triggered."), - // AnomalySettingsVersion: to.Ptr[int32](0), - // AnomalyVersion: to.Ptr("1.0.5"), - // CustomizableObservations: map[string]any{ - // "multiSelectObservations": nil, - // "prioritizeExcludeObservations": nil, - // "singleSelectObservations":[]any{ - // map[string]any{ - // "name": "Device vendor", - // "description": "Select device vendor of network connection logs from CommonSecurityLog", - // "rerun": "RerunAlways", - // "sequenceNumber": float64(1), - // "supportedValues":[]any{ - // "Palo Alto Networks", - // "Fortinet", - // "Check Point", - // }, - // "supportedValuesKql": nil, - // "value":[]any{ - // "Palo Alto Networks", - // }, - // "valuesKql": nil, - // }, - // }, - // "singleValueObservations": nil, - // "thresholdObservations":[]any{ - // map[string]any{ - // "name": "Daily data transfer threshold in MB", - // "description": "Suppress anomalies when daily data transfered (in MB) per hour is less than the chosen value", - // "maximum": "100", - // "minimum": "1", - // "rerun": "RerunAlways", - // "sequenceNumber": float64(1), - // "value": "25", - // }, - // map[string]any{ - // "name": "Number of standard deviations", - // "description": "Triggers anomalies when number of standard deviations is greater than the chosen value", - // "maximum": "10", - // "minimum": "2", - // "rerun": "RerunAlways", - // "sequenceNumber": float64(2), - // "value": "3", - // }, - // }, - // }, - // DisplayName: to.Ptr("Login from unusual region"), - // Enabled: to.Ptr(true), - // Frequency: to.Ptr("PT1H"), - // IsDefaultSettings: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-10-20T13:17:11.534Z"); return t}()), - // RequiredDataConnectors: []*armsecurityinsights.SecurityMLAnalyticsSettingsDataSource{ - // { - // ConnectorID: to.Ptr("AWS"), - // DataTypes: []*string{ - // to.Ptr("AWSCloudTrail")}, - // }}, - // SettingsDefinitionID: to.Ptr("f209187f-1d17-4431-94af-c141bf5f23db"), - // SettingsStatus: to.Ptr(armsecurityinsights.SettingsStatusProduction), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl)}, - // Techniques: []*string{ - // to.Ptr("T1037"), - // to.Ptr("T1021")}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/securityMLAnalyticsSettings/DeleteSecurityMLAnalyticsSetting.json -func ExampleSecurityMLAnalyticsSettingsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewSecurityMLAnalyticsSettingsClient().Delete(ctx, "myRg", "myWorkspace", "f209187f-1d17-4431-94af-c141bf5f23db", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client.go index 024986c42c1a..de1d4f9b3057 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type SentinelOnboardingStatesClient struct { } // NewSentinelOnboardingStatesClient creates a new instance of SentinelOnboardingStatesClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewSentinelOnboardingStatesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*SentinelOnboardingStatesClient, error) { @@ -46,7 +43,7 @@ func NewSentinelOnboardingStatesClient(subscriptionID string, credential azcore. // Create - Create Sentinel onboarding state // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - sentinelOnboardingStateName - The Sentinel onboarding state name. Supports - default @@ -98,7 +95,7 @@ func (client *SentinelOnboardingStatesClient) createCreateRequest(ctx context.Co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if options != nil && options.SentinelOnboardingStateParameter != nil { @@ -122,7 +119,7 @@ func (client *SentinelOnboardingStatesClient) createHandleResponse(resp *http.Re // Delete - Delete Sentinel onboarding state // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - sentinelOnboardingStateName - The Sentinel onboarding state name. Supports - default @@ -150,7 +147,7 @@ func (client *SentinelOnboardingStatesClient) Delete(ctx context.Context, resour } // deleteCreateRequest creates the Delete request. -func (client *SentinelOnboardingStatesClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string, options *SentinelOnboardingStatesClientDeleteOptions) (*policy.Request, error) { +func (client *SentinelOnboardingStatesClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string, _ *SentinelOnboardingStatesClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates/{sentinelOnboardingStateName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -173,7 +170,7 @@ func (client *SentinelOnboardingStatesClient) deleteCreateRequest(ctx context.Co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -182,7 +179,7 @@ func (client *SentinelOnboardingStatesClient) deleteCreateRequest(ctx context.Co // Get - Get Sentinel onboarding state // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - sentinelOnboardingStateName - The Sentinel onboarding state name. Supports - default @@ -211,7 +208,7 @@ func (client *SentinelOnboardingStatesClient) Get(ctx context.Context, resourceG } // getCreateRequest creates the Get request. -func (client *SentinelOnboardingStatesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string, options *SentinelOnboardingStatesClientGetOptions) (*policy.Request, error) { +func (client *SentinelOnboardingStatesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string, _ *SentinelOnboardingStatesClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates/{sentinelOnboardingStateName}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -234,7 +231,7 @@ func (client *SentinelOnboardingStatesClient) getCreateRequest(ctx context.Conte return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -252,7 +249,7 @@ func (client *SentinelOnboardingStatesClient) getHandleResponse(resp *http.Respo // List - Gets all Sentinel onboarding states // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - SentinelOnboardingStatesClientListOptions contains the optional parameters for the SentinelOnboardingStatesClient.List @@ -280,7 +277,7 @@ func (client *SentinelOnboardingStatesClient) List(ctx context.Context, resource } // listCreateRequest creates the List request. -func (client *SentinelOnboardingStatesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *SentinelOnboardingStatesClientListOptions) (*policy.Request, error) { +func (client *SentinelOnboardingStatesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *SentinelOnboardingStatesClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -299,7 +296,7 @@ func (client *SentinelOnboardingStatesClient) listCreateRequest(ctx context.Cont return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client_example_test.go deleted file mode 100644 index aaaff2be9988..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client_example_test.go +++ /dev/null @@ -1,128 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/onboardingStates/GetSentinelOnboardingState.json -func ExampleSentinelOnboardingStatesClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewSentinelOnboardingStatesClient().Get(ctx, "myRg", "myWorkspace", "default", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.SentinelOnboardingState = armsecurityinsights.SentinelOnboardingState{ - // Name: to.Ptr("default"), - // Type: to.Ptr("Microsoft.SecurityInsights/onboardingStates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/onboardingStates/default"), - // Properties: &armsecurityinsights.SentinelOnboardingStateProperties{ - // CustomerManagedKey: to.Ptr(false), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/onboardingStates/CreateSentinelOnboardingState.json -func ExampleSentinelOnboardingStatesClient_Create() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewSentinelOnboardingStatesClient().Create(ctx, "myRg", "myWorkspace", "default", &armsecurityinsights.SentinelOnboardingStatesClientCreateOptions{SentinelOnboardingStateParameter: &armsecurityinsights.SentinelOnboardingState{ - Properties: &armsecurityinsights.SentinelOnboardingStateProperties{ - CustomerManagedKey: to.Ptr(false), - }, - }, - }) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.SentinelOnboardingState = armsecurityinsights.SentinelOnboardingState{ - // Name: to.Ptr("default"), - // Type: to.Ptr("Microsoft.SecurityInsights/onboardingStates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/onboardingStates/default"), - // Properties: &armsecurityinsights.SentinelOnboardingStateProperties{ - // CustomerManagedKey: to.Ptr(false), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/onboardingStates/DeleteSentinelOnboardingState.json -func ExampleSentinelOnboardingStatesClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewSentinelOnboardingStatesClient().Delete(ctx, "myRg", "myWorkspace", "default", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/onboardingStates/GetAllSentinelOnboardingStates.json -func ExampleSentinelOnboardingStatesClient_List() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewSentinelOnboardingStatesClient().List(ctx, "myRg", "myWorkspace", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.SentinelOnboardingStatesList = armsecurityinsights.SentinelOnboardingStatesList{ - // Value: []*armsecurityinsights.SentinelOnboardingState{ - // { - // Name: to.Ptr("default"), - // Type: to.Ptr("Microsoft.SecurityInsights/onboardingStates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/onboardingStates/default"), - // Properties: &armsecurityinsights.SentinelOnboardingStateProperties{ - // CustomerManagedKey: to.Ptr(false), - // }, - // }}, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client.go index bce65ab3489b..bd99420868c8 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type SourceControlClient struct { } // NewSourceControlClient creates a new instance of SourceControlClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewSourceControlClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*SourceControlClient, error) { @@ -45,13 +42,13 @@ func NewSourceControlClient(subscriptionID string, credential azcore.TokenCreden // NewListRepositoriesPager - Gets a list of repositories metadata. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. -// - repoType - The repo type. +// - repositoryAccess - The repository access credentials. // - options - SourceControlClientListRepositoriesOptions contains the optional parameters for the SourceControlClient.NewListRepositoriesPager // method. -func (client *SourceControlClient) NewListRepositoriesPager(resourceGroupName string, workspaceName string, repoType RepoType, options *SourceControlClientListRepositoriesOptions) *runtime.Pager[SourceControlClientListRepositoriesResponse] { +func (client *SourceControlClient) NewListRepositoriesPager(resourceGroupName string, workspaceName string, repositoryAccess RepositoryAccessProperties, options *SourceControlClientListRepositoriesOptions) *runtime.Pager[SourceControlClientListRepositoriesResponse] { return runtime.NewPager(runtime.PagingHandler[SourceControlClientListRepositoriesResponse]{ More: func(page SourceControlClientListRepositoriesResponse) bool { return page.NextLink != nil && len(*page.NextLink) > 0 @@ -63,7 +60,7 @@ func (client *SourceControlClient) NewListRepositoriesPager(resourceGroupName st nextLink = *page.NextLink } resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { - return client.listRepositoriesCreateRequest(ctx, resourceGroupName, workspaceName, repoType, options) + return client.listRepositoriesCreateRequest(ctx, resourceGroupName, workspaceName, repositoryAccess, options) }, nil) if err != nil { return SourceControlClientListRepositoriesResponse{}, err @@ -75,7 +72,7 @@ func (client *SourceControlClient) NewListRepositoriesPager(resourceGroupName st } // listRepositoriesCreateRequest creates the ListRepositories request. -func (client *SourceControlClient) listRepositoriesCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, repoType RepoType, options *SourceControlClientListRepositoriesOptions) (*policy.Request, error) { +func (client *SourceControlClient) listRepositoriesCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, repositoryAccess RepositoryAccessProperties, _ *SourceControlClientListRepositoriesOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/listRepositories" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -94,10 +91,10 @@ func (client *SourceControlClient) listRepositoriesCreateRequest(ctx context.Con return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} - if err := runtime.MarshalAsJSON(req, repoType); err != nil { + if err := runtime.MarshalAsJSON(req, repositoryAccess); err != nil { return nil, err } return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client_example_test.go deleted file mode 100644 index e1c98238cc2a..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client_example_test.go +++ /dev/null @@ -1,53 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/repositories/GetRepositories.json -func ExampleSourceControlClient_NewListRepositoriesPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewSourceControlClient().NewListRepositoriesPager("myRg", "myWorkspace", armsecurityinsights.RepoTypeGithub, nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.RepoList = armsecurityinsights.RepoList{ - // Value: []*armsecurityinsights.Repo{ - // { - // Branches: []*string{ - // to.Ptr("master"), - // to.Ptr("develop")}, - // FullName: to.Ptr("reponame"), - // URL: to.Ptr("https://api.github.com/repos/user/reponame"), - // }}, - // } - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client.go index f875f8633ad7..e2f6029bba62 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type SourceControlsClient struct { } // NewSourceControlsClient creates a new instance of SourceControlsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewSourceControlsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*SourceControlsClient, error) { @@ -46,7 +43,7 @@ func NewSourceControlsClient(subscriptionID string, credential azcore.TokenCrede // Create - Creates a source control. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - sourceControlID - Source control Id @@ -75,7 +72,7 @@ func (client *SourceControlsClient) Create(ctx context.Context, resourceGroupNam } // createCreateRequest creates the Create request. -func (client *SourceControlsClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, sourceControl SourceControl, options *SourceControlsClientCreateOptions) (*policy.Request, error) { +func (client *SourceControlsClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, sourceControl SourceControl, _ *SourceControlsClientCreateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -98,7 +95,7 @@ func (client *SourceControlsClient) createCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, sourceControl); err != nil { @@ -119,18 +116,19 @@ func (client *SourceControlsClient) createHandleResponse(resp *http.Response) (S // Delete - Delete a source control. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - sourceControlID - Source control Id +// - repositoryAccess - The repository access credentials. // - options - SourceControlsClientDeleteOptions contains the optional parameters for the SourceControlsClient.Delete method. -func (client *SourceControlsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, options *SourceControlsClientDeleteOptions) (SourceControlsClientDeleteResponse, error) { +func (client *SourceControlsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, repositoryAccess RepositoryAccessProperties, options *SourceControlsClientDeleteOptions) (SourceControlsClientDeleteResponse, error) { var err error const operationName = "SourceControlsClient.Delete" ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) defer func() { endSpan(err) }() - req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, sourceControlID, options) + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, sourceControlID, repositoryAccess, options) if err != nil { return SourceControlsClientDeleteResponse{}, err } @@ -138,16 +136,17 @@ func (client *SourceControlsClient) Delete(ctx context.Context, resourceGroupNam if err != nil { return SourceControlsClientDeleteResponse{}, err } - if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + if !runtime.HasStatusCode(httpResp, http.StatusOK) { err = runtime.NewResponseError(httpResp) return SourceControlsClientDeleteResponse{}, err } - return SourceControlsClientDeleteResponse{}, nil + resp, err := client.deleteHandleResponse(httpResp) + return resp, err } // deleteCreateRequest creates the Delete request. -func (client *SourceControlsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, options *SourceControlsClientDeleteOptions) (*policy.Request, error) { - urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}" +func (client *SourceControlsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, repositoryAccess RepositoryAccessProperties, _ *SourceControlsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}/delete" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") } @@ -164,21 +163,33 @@ func (client *SourceControlsClient) deleteCreateRequest(ctx context.Context, res return nil, errors.New("parameter sourceControlID cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{sourceControlId}", url.PathEscape(sourceControlID)) - req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) if err != nil { return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, repositoryAccess); err != nil { + return nil, err + } return req, nil } +// deleteHandleResponse handles the Delete response. +func (client *SourceControlsClient) deleteHandleResponse(resp *http.Response) (SourceControlsClientDeleteResponse, error) { + result := SourceControlsClientDeleteResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Warning); err != nil { + return SourceControlsClientDeleteResponse{}, err + } + return result, nil +} + // Get - Gets a source control byt its identifier. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - sourceControlID - Source control Id @@ -206,7 +217,7 @@ func (client *SourceControlsClient) Get(ctx context.Context, resourceGroupName s } // getCreateRequest creates the Get request. -func (client *SourceControlsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, options *SourceControlsClientGetOptions) (*policy.Request, error) { +func (client *SourceControlsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, _ *SourceControlsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -229,7 +240,7 @@ func (client *SourceControlsClient) getCreateRequest(ctx context.Context, resour return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -246,7 +257,7 @@ func (client *SourceControlsClient) getHandleResponse(resp *http.Response) (Sour // NewListPager - Gets all source controls, without source control items. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - SourceControlsClientListOptions contains the optional parameters for the SourceControlsClient.NewListPager method. @@ -274,7 +285,7 @@ func (client *SourceControlsClient) NewListPager(resourceGroupName string, works } // listCreateRequest creates the List request. -func (client *SourceControlsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *SourceControlsClientListOptions) (*policy.Request, error) { +func (client *SourceControlsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *SourceControlsClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -293,7 +304,7 @@ func (client *SourceControlsClient) listCreateRequest(ctx context.Context, resou return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client_example_test.go deleted file mode 100644 index 05496507b619..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client_example_test.go +++ /dev/null @@ -1,305 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/sourcecontrols/GetSourceControls.json -func ExampleSourceControlsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewSourceControlsClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.SourceControlList = armsecurityinsights.SourceControlList{ - // Value: []*armsecurityinsights.SourceControl{ - // { - // Name: to.Ptr("789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // Type: to.Ptr("Microsoft.SecurityInsights/SourceControls"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/sourcecontrols/789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // SystemData: &armsecurityinsights.SystemData{ - // CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-01T17:18:19.123Z"); return t}()), - // CreatedBy: to.Ptr("user1"), - // CreatedByType: to.Ptr(armsecurityinsights.CreatedByTypeUser), - // LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-02T17:18:19.123Z"); return t}()), - // LastModifiedBy: to.Ptr("user2"), - // LastModifiedByType: to.Ptr(armsecurityinsights.CreatedByTypeUser), - // }, - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.SourceControlProperties{ - // Description: to.Ptr("this is a source control"), - // ContentTypes: []*armsecurityinsights.ContentType{ - // to.Ptr(armsecurityinsights.ContentType("AnalyticRules")), - // to.Ptr(armsecurityinsights.ContentTypeWorkbook)}, - // DisplayName: to.Ptr("My Source Control"), - // ID: to.Ptr("789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // LastDeploymentInfo: &armsecurityinsights.DeploymentInfo{ - // Deployment: &armsecurityinsights.Deployment{ - // DeploymentID: to.Ptr("4985046420"), - // DeploymentLogsURL: to.Ptr("https://github.com/user/repo/actions"), - // DeploymentResult: to.Ptr(armsecurityinsights.DeploymentResultSuccess), - // DeploymentState: to.Ptr(armsecurityinsights.DeploymentStateCompleted), - // DeploymentTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-01T17:18:19.123Z"); return t}()), - // }, - // DeploymentFetchStatus: to.Ptr(armsecurityinsights.DeploymentFetchStatusSuccess), - // Message: to.Ptr("Successful deployment"), - // }, - // RepoType: to.Ptr(armsecurityinsights.RepoTypeGithub), - // Repository: &armsecurityinsights.Repository{ - // Branch: to.Ptr("master"), - // DeploymentLogsURL: to.Ptr("https://github.com/user/repo/actions"), - // DisplayURL: to.Ptr("https://github.com/user/repo"), - // PathMapping: []*armsecurityinsights.ContentPathMap{ - // { - // Path: to.Ptr("path/to/rules"), - // ContentType: to.Ptr(armsecurityinsights.ContentType("AnalyticRules")), - // }, - // { - // Path: to.Ptr("path/to/workbooks"), - // ContentType: to.Ptr(armsecurityinsights.ContentTypeWorkbook), - // }}, - // URL: to.Ptr("https://github.com/user/repo"), - // }, - // RepositoryResourceInfo: &armsecurityinsights.RepositoryResourceInfo{ - // GitHubResourceInfo: &armsecurityinsights.GitHubResourceInfo{ - // AppInstallationID: to.Ptr("123"), - // }, - // Webhook: &armsecurityinsights.Webhook{ - // WebhookID: to.Ptr("342768323"), - // WebhookSecretUpdateTime: to.Ptr("2021-01-01T17:18:19.1234567Z"), - // WebhookURL: to.Ptr("https://cac.sentinel.azure.com/workspaces/b7c525e9-1bfa-4435-88c0-817e13abb088/webhooks/ado/sourceControl/789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // }, - // }, - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/sourcecontrols/GetSourceControlById.json -func ExampleSourceControlsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewSourceControlsClient().Get(ctx, "myRg", "myWorkspace", "789e0c1f-4a3d-43ad-809c-e713b677b04a", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.SourceControl = armsecurityinsights.SourceControl{ - // Name: to.Ptr("789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // Type: to.Ptr("Microsoft.SecurityInsights/SourceControls"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/sourcecontrols/789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // SystemData: &armsecurityinsights.SystemData{ - // CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-01T17:18:19.123Z"); return t}()), - // CreatedBy: to.Ptr("user1"), - // CreatedByType: to.Ptr(armsecurityinsights.CreatedByTypeUser), - // LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-02T17:18:19.123Z"); return t}()), - // LastModifiedBy: to.Ptr("user2"), - // LastModifiedByType: to.Ptr(armsecurityinsights.CreatedByTypeUser), - // }, - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.SourceControlProperties{ - // Description: to.Ptr("this is a source control"), - // ContentTypes: []*armsecurityinsights.ContentType{ - // to.Ptr(armsecurityinsights.ContentType("AnalyticRules")), - // to.Ptr(armsecurityinsights.ContentTypeWorkbook)}, - // DisplayName: to.Ptr("My Source Control"), - // ID: to.Ptr("789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // LastDeploymentInfo: &armsecurityinsights.DeploymentInfo{ - // Deployment: &armsecurityinsights.Deployment{ - // DeploymentID: to.Ptr("4985046420"), - // DeploymentLogsURL: to.Ptr("https://github.com/user/repo/actions"), - // DeploymentResult: to.Ptr(armsecurityinsights.DeploymentResultSuccess), - // DeploymentState: to.Ptr(armsecurityinsights.DeploymentStateCompleted), - // DeploymentTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-01T17:18:19.123Z"); return t}()), - // }, - // DeploymentFetchStatus: to.Ptr(armsecurityinsights.DeploymentFetchStatusSuccess), - // Message: to.Ptr("Successful deployment"), - // }, - // RepoType: to.Ptr(armsecurityinsights.RepoTypeGithub), - // Repository: &armsecurityinsights.Repository{ - // Branch: to.Ptr("master"), - // DeploymentLogsURL: to.Ptr("https://github.com/user/repo/actions"), - // DisplayURL: to.Ptr("https://github.com/user/repo"), - // PathMapping: []*armsecurityinsights.ContentPathMap{ - // { - // Path: to.Ptr("path/to/rules"), - // ContentType: to.Ptr(armsecurityinsights.ContentType("AnalyticRules")), - // }, - // { - // Path: to.Ptr("path/to/workbooks"), - // ContentType: to.Ptr(armsecurityinsights.ContentTypeWorkbook), - // }}, - // URL: to.Ptr("https://github.com/user/repo"), - // }, - // RepositoryResourceInfo: &armsecurityinsights.RepositoryResourceInfo{ - // GitHubResourceInfo: &armsecurityinsights.GitHubResourceInfo{ - // AppInstallationID: to.Ptr("123"), - // }, - // Webhook: &armsecurityinsights.Webhook{ - // WebhookID: to.Ptr("342768323"), - // WebhookSecretUpdateTime: to.Ptr("2021-01-01T17:18:19.1234567Z"), - // WebhookURL: to.Ptr("https://cac.sentinel.azure.com/workspaces/b7c525e9-1bfa-4435-88c0-817e13abb088/webhooks/ado/sourceControl/789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/sourcecontrols/DeleteSourceControl.json -func ExampleSourceControlsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewSourceControlsClient().Delete(ctx, "myRg", "myWorkspace", "789e0c1f-4a3d-43ad-809c-e713b677b04a", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/sourcecontrols/CreateSourceControl.json -func ExampleSourceControlsClient_Create() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewSourceControlsClient().Create(ctx, "myRg", "myWorkspace", "789e0c1f-4a3d-43ad-809c-e713b677b04a", armsecurityinsights.SourceControl{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.SourceControlProperties{ - Description: to.Ptr("This is a source control"), - ContentTypes: []*armsecurityinsights.ContentType{ - to.Ptr(armsecurityinsights.ContentType("AnalyticRules")), - to.Ptr(armsecurityinsights.ContentTypeWorkbook)}, - DisplayName: to.Ptr("My Source Control"), - RepoType: to.Ptr(armsecurityinsights.RepoTypeGithub), - Repository: &armsecurityinsights.Repository{ - Branch: to.Ptr("master"), - DisplayURL: to.Ptr("https://github.com/user/repo"), - PathMapping: []*armsecurityinsights.ContentPathMap{ - { - Path: to.Ptr("path/to/rules"), - ContentType: to.Ptr(armsecurityinsights.ContentType("AnalyticRules")), - }, - { - Path: to.Ptr("path/to/workbooks"), - ContentType: to.Ptr(armsecurityinsights.ContentTypeWorkbook), - }}, - URL: to.Ptr("https://github.com/user/repo"), - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.SourceControl = armsecurityinsights.SourceControl{ - // Name: to.Ptr("789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // Type: to.Ptr("Microsoft.SecurityInsights/SourceControls"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/sourcecontrols/789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // SystemData: &armsecurityinsights.SystemData{ - // CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-01T17:18:19.123Z"); return t}()), - // CreatedBy: to.Ptr("user1"), - // CreatedByType: to.Ptr(armsecurityinsights.CreatedByTypeUser), - // LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-02T17:18:19.123Z"); return t}()), - // LastModifiedBy: to.Ptr("user2"), - // LastModifiedByType: to.Ptr(armsecurityinsights.CreatedByTypeUser), - // }, - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.SourceControlProperties{ - // Description: to.Ptr("this is a source control"), - // ContentTypes: []*armsecurityinsights.ContentType{ - // to.Ptr(armsecurityinsights.ContentType("AnalyticRules")), - // to.Ptr(armsecurityinsights.ContentTypeWorkbook)}, - // DisplayName: to.Ptr("My Source Control"), - // ID: to.Ptr("789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // LastDeploymentInfo: &armsecurityinsights.DeploymentInfo{ - // Deployment: &armsecurityinsights.Deployment{ - // DeploymentID: to.Ptr("4985046420"), - // DeploymentLogsURL: to.Ptr("https://github.com/user/repo/actions"), - // DeploymentResult: to.Ptr(armsecurityinsights.DeploymentResultSuccess), - // DeploymentState: to.Ptr(armsecurityinsights.DeploymentStateCompleted), - // DeploymentTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-01-01T17:18:19.123Z"); return t}()), - // }, - // DeploymentFetchStatus: to.Ptr(armsecurityinsights.DeploymentFetchStatusSuccess), - // Message: to.Ptr("Successful deployment"), - // }, - // RepoType: to.Ptr(armsecurityinsights.RepoTypeGithub), - // Repository: &armsecurityinsights.Repository{ - // Branch: to.Ptr("master"), - // DeploymentLogsURL: to.Ptr("https://github.com/user/repo/actions"), - // DisplayURL: to.Ptr("https://github.com/user/repo"), - // PathMapping: []*armsecurityinsights.ContentPathMap{ - // { - // Path: to.Ptr("path/to/rules"), - // ContentType: to.Ptr(armsecurityinsights.ContentType("AnalyticRules")), - // }, - // { - // Path: to.Ptr("path/to/workbooks"), - // ContentType: to.Ptr(armsecurityinsights.ContentTypeWorkbook), - // }}, - // URL: to.Ptr("https://github.com/user/repo"), - // }, - // RepositoryResourceInfo: &armsecurityinsights.RepositoryResourceInfo{ - // GitHubResourceInfo: &armsecurityinsights.GitHubResourceInfo{ - // AppInstallationID: to.Ptr("123"), - // }, - // Webhook: &armsecurityinsights.Webhook{ - // WebhookID: to.Ptr("342768323"), - // WebhookSecretUpdateTime: to.Ptr("2021-01-01T17:18:19.1234567Z"), - // WebhookURL: to.Ptr("https://cac.sentinel.azure.com/workspaces/b7c525e9-1bfa-4435-88c0-817e13abb088/webhooks/ado/sourceControl/789e0c1f-4a3d-43ad-809c-e713b677b04a"), - // }, - // }, - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/systems_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/systems_client.go new file mode 100644 index 000000000000..de2978319d1e --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/systems_client.go @@ -0,0 +1,549 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// SystemsClient contains the methods for the Systems group. +// Don't use this type directly, use NewSystemsClient() instead. +type SystemsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewSystemsClient creates a new instance of SystemsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewSystemsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*SystemsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &SystemsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates the system. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - agentResourceName - Business Application Agent Name +// - systemResourceName - The name of the system. +// - options - SystemsClientCreateOrUpdateOptions contains the optional parameters for the SystemsClient.CreateOrUpdate method. +func (client *SystemsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *SystemsClientCreateOrUpdateOptions) (SystemsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "SystemsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, agentResourceName, systemResourceName, options) + if err != nil { + return SystemsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SystemsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return SystemsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *SystemsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *SystemsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents/{agentResourceName}/systems/{systemResourceName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if agentResourceName == "" { + return nil, errors.New("parameter agentResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{agentResourceName}", url.PathEscape(agentResourceName)) + if systemResourceName == "" { + return nil, errors.New("parameter systemResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{systemResourceName}", url.PathEscape(systemResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.SystemToUpsert != nil { + if err := runtime.MarshalAsJSON(req, *options.SystemToUpsert); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *SystemsClient) createOrUpdateHandleResponse(resp *http.Response) (SystemsClientCreateOrUpdateResponse, error) { + result := SystemsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.SystemResource); err != nil { + return SystemsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Deletes the system. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - agentResourceName - Business Application Agent Name +// - systemResourceName - The name of the system. +// - options - SystemsClientDeleteOptions contains the optional parameters for the SystemsClient.Delete method. +func (client *SystemsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *SystemsClientDeleteOptions) (SystemsClientDeleteResponse, error) { + var err error + const operationName = "SystemsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, agentResourceName, systemResourceName, options) + if err != nil { + return SystemsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SystemsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return SystemsClientDeleteResponse{}, err + } + return SystemsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *SystemsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, _ *SystemsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents/{agentResourceName}/systems/{systemResourceName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if agentResourceName == "" { + return nil, errors.New("parameter agentResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{agentResourceName}", url.PathEscape(agentResourceName)) + if systemResourceName == "" { + return nil, errors.New("parameter systemResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{systemResourceName}", url.PathEscape(systemResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets the system. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - agentResourceName - Business Application Agent Name +// - systemResourceName - The name of the system. +// - options - SystemsClientGetOptions contains the optional parameters for the SystemsClient.Get method. +func (client *SystemsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *SystemsClientGetOptions) (SystemsClientGetResponse, error) { + var err error + const operationName = "SystemsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, agentResourceName, systemResourceName, options) + if err != nil { + return SystemsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SystemsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return SystemsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *SystemsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, _ *SystemsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents/{agentResourceName}/systems/{systemResourceName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if agentResourceName == "" { + return nil, errors.New("parameter agentResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{agentResourceName}", url.PathEscape(agentResourceName)) + if systemResourceName == "" { + return nil, errors.New("parameter systemResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{systemResourceName}", url.PathEscape(systemResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *SystemsClient) getHandleResponse(resp *http.Response) (SystemsClientGetResponse, error) { + result := SystemsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.SystemResource); err != nil { + return SystemsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - ListAll the systems. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - agentResourceName - Business Application Agent Name +// - options - SystemsClientListOptions contains the optional parameters for the SystemsClient.NewListPager method. +func (client *SystemsClient) NewListPager(resourceGroupName string, workspaceName string, agentResourceName string, options *SystemsClientListOptions) *runtime.Pager[SystemsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[SystemsClientListResponse]{ + More: func(page SystemsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *SystemsClientListResponse) (SystemsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "SystemsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, agentResourceName, options) + }, nil) + if err != nil { + return SystemsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *SystemsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, options *SystemsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents/{agentResourceName}/systems" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if agentResourceName == "" { + return nil, errors.New("parameter agentResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{agentResourceName}", url.PathEscape(agentResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *SystemsClient) listHandleResponse(resp *http.Response) (SystemsClientListResponse, error) { + result := SystemsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.SystemsList); err != nil { + return SystemsClientListResponse{}, err + } + return result, nil +} + +// NewListActionsPager - List of actions for a business application system. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - agentResourceName - Business Application Agent Name +// - systemResourceName - The name of the system. +// - options - SystemsClientListActionsOptions contains the optional parameters for the SystemsClient.NewListActionsPager method. +func (client *SystemsClient) NewListActionsPager(resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *SystemsClientListActionsOptions) *runtime.Pager[SystemsClientListActionsResponse] { + return runtime.NewPager(runtime.PagingHandler[SystemsClientListActionsResponse]{ + More: func(page SystemsClientListActionsResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *SystemsClientListActionsResponse) (SystemsClientListActionsResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "SystemsClient.NewListActionsPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listActionsCreateRequest(ctx, resourceGroupName, workspaceName, agentResourceName, systemResourceName, options) + }, nil) + if err != nil { + return SystemsClientListActionsResponse{}, err + } + return client.listActionsHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listActionsCreateRequest creates the ListActions request. +func (client *SystemsClient) listActionsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, _ *SystemsClientListActionsOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents/{agentResourceName}/systems/{systemResourceName}/listActions" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if agentResourceName == "" { + return nil, errors.New("parameter agentResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{agentResourceName}", url.PathEscape(agentResourceName)) + if systemResourceName == "" { + return nil, errors.New("parameter systemResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{systemResourceName}", url.PathEscape(systemResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listActionsHandleResponse handles the ListActions response. +func (client *SystemsClient) listActionsHandleResponse(resp *http.Response) (SystemsClientListActionsResponse, error) { + result := SystemsClientListActionsResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ListActionsResponse); err != nil { + return SystemsClientListActionsResponse{}, err + } + return result, nil +} + +// ReportActionStatus - Report the status of the action. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - agentResourceName - Business Application Agent Name +// - systemResourceName - The name of the system. +// - options - SystemsClientReportActionStatusOptions contains the optional parameters for the SystemsClient.ReportActionStatus +// method. +func (client *SystemsClient) ReportActionStatus(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *SystemsClientReportActionStatusOptions) (SystemsClientReportActionStatusResponse, error) { + var err error + const operationName = "SystemsClient.ReportActionStatus" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.reportActionStatusCreateRequest(ctx, resourceGroupName, workspaceName, agentResourceName, systemResourceName, options) + if err != nil { + return SystemsClientReportActionStatusResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SystemsClientReportActionStatusResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return SystemsClientReportActionStatusResponse{}, err + } + return SystemsClientReportActionStatusResponse{}, nil +} + +// reportActionStatusCreateRequest creates the ReportActionStatus request. +func (client *SystemsClient) reportActionStatusCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *SystemsClientReportActionStatusOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents/{agentResourceName}/systems/{systemResourceName}/reportActionStatus" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if agentResourceName == "" { + return nil, errors.New("parameter agentResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{agentResourceName}", url.PathEscape(agentResourceName)) + if systemResourceName == "" { + return nil, errors.New("parameter systemResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{systemResourceName}", url.PathEscape(systemResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.Payload != nil { + if err := runtime.MarshalAsJSON(req, *options.Payload); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} + +// UndoAction - Undo action, based on the actionId. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - agentResourceName - Business Application Agent Name +// - systemResourceName - The name of the system. +// - options - SystemsClientUndoActionOptions contains the optional parameters for the SystemsClient.UndoAction method. +func (client *SystemsClient) UndoAction(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *SystemsClientUndoActionOptions) (SystemsClientUndoActionResponse, error) { + var err error + const operationName = "SystemsClient.UndoAction" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.undoActionCreateRequest(ctx, resourceGroupName, workspaceName, agentResourceName, systemResourceName, options) + if err != nil { + return SystemsClientUndoActionResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SystemsClientUndoActionResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return SystemsClientUndoActionResponse{}, err + } + return SystemsClientUndoActionResponse{}, nil +} + +// undoActionCreateRequest creates the UndoAction request. +func (client *SystemsClient) undoActionCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, agentResourceName string, systemResourceName string, options *SystemsClientUndoActionOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/businessApplicationAgents/{agentResourceName}/systems/{systemResourceName}/undoAction" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if agentResourceName == "" { + return nil, errors.New("parameter agentResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{agentResourceName}", url.PathEscape(agentResourceName)) + if systemResourceName == "" { + return nil, errors.New("parameter systemResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{systemResourceName}", url.PathEscape(systemResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.Payload != nil { + if err := runtime.MarshalAsJSON(req, *options.Payload); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligence_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligence_client.go new file mode 100644 index 000000000000..241d9bd2b18c --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligence_client.go @@ -0,0 +1,193 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ThreatIntelligenceClient contains the methods for the ThreatIntelligence group. +// Don't use this type directly, use NewThreatIntelligenceClient() instead. +type ThreatIntelligenceClient struct { + internal *arm.Client + subscriptionID string +} + +// NewThreatIntelligenceClient creates a new instance of ThreatIntelligenceClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewThreatIntelligenceClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ThreatIntelligenceClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ThreatIntelligenceClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Count - Gets the count of all TI objects for the workspace. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - tiType - TI type +// - options - ThreatIntelligenceClientCountOptions contains the optional parameters for the ThreatIntelligenceClient.Count +// method. +func (client *ThreatIntelligenceClient) Count(ctx context.Context, resourceGroupName string, workspaceName string, tiType TiType, options *ThreatIntelligenceClientCountOptions) (ThreatIntelligenceClientCountResponse, error) { + var err error + const operationName = "ThreatIntelligenceClient.Count" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.countCreateRequest(ctx, resourceGroupName, workspaceName, tiType, options) + if err != nil { + return ThreatIntelligenceClientCountResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ThreatIntelligenceClientCountResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ThreatIntelligenceClientCountResponse{}, err + } + resp, err := client.countHandleResponse(httpResp) + return resp, err +} + +// countCreateRequest creates the Count request. +func (client *ThreatIntelligenceClient) countCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, tiType TiType, options *ThreatIntelligenceClientCountOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/{tiType}/count" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if tiType == "" { + return nil, errors.New("parameter tiType cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{tiType}", url.PathEscape(string(tiType))) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.Query != nil { + if err := runtime.MarshalAsJSON(req, *options.Query); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} + +// countHandleResponse handles the Count response. +func (client *ThreatIntelligenceClient) countHandleResponse(resp *http.Response) (ThreatIntelligenceClientCountResponse, error) { + result := ThreatIntelligenceClientCountResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ThreatIntelligenceCount); err != nil { + return ThreatIntelligenceClientCountResponse{}, err + } + return result, nil +} + +// NewQueryPager - Gets all TI objects for the workspace. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - tiType - TI type +// - options - ThreatIntelligenceClientQueryOptions contains the optional parameters for the ThreatIntelligenceClient.NewQueryPager +// method. +func (client *ThreatIntelligenceClient) NewQueryPager(resourceGroupName string, workspaceName string, tiType TiType, options *ThreatIntelligenceClientQueryOptions) *runtime.Pager[ThreatIntelligenceClientQueryResponse] { + return runtime.NewPager(runtime.PagingHandler[ThreatIntelligenceClientQueryResponse]{ + More: func(page ThreatIntelligenceClientQueryResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ThreatIntelligenceClientQueryResponse) (ThreatIntelligenceClientQueryResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ThreatIntelligenceClient.NewQueryPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.queryCreateRequest(ctx, resourceGroupName, workspaceName, tiType, options) + }, nil) + if err != nil { + return ThreatIntelligenceClientQueryResponse{}, err + } + return client.queryHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// queryCreateRequest creates the Query request. +func (client *ThreatIntelligenceClient) queryCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, tiType TiType, options *ThreatIntelligenceClientQueryOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/{tiType}/query" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if tiType == "" { + return nil, errors.New("parameter tiType cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{tiType}", url.PathEscape(string(tiType))) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.Query != nil { + if err := runtime.MarshalAsJSON(req, *options.Query); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} + +// queryHandleResponse handles the Query response. +func (client *ThreatIntelligenceClient) queryHandleResponse(resp *http.Response) (ThreatIntelligenceClientQueryResponse, error) { + result := ThreatIntelligenceClientQueryResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ThreatIntelligenceList); err != nil { + return ThreatIntelligenceClientQueryResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client.go index 338e1e12bde0..9d163b2cfea8 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type ThreatIntelligenceIndicatorClient struct { } // NewThreatIntelligenceIndicatorClient creates a new instance of ThreatIntelligenceIndicatorClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewThreatIntelligenceIndicatorClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ThreatIntelligenceIndicatorClient, error) { @@ -46,7 +43,7 @@ func NewThreatIntelligenceIndicatorClient(subscriptionID string, credential azco // AppendTags - Append tags to a threat intelligence indicator. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - name - Threat intelligence indicator name field. @@ -75,7 +72,7 @@ func (client *ThreatIntelligenceIndicatorClient) AppendTags(ctx context.Context, } // appendTagsCreateRequest creates the AppendTags request. -func (client *ThreatIntelligenceIndicatorClient) appendTagsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceAppendTags ThreatIntelligenceAppendTags, options *ThreatIntelligenceIndicatorClientAppendTagsOptions) (*policy.Request, error) { +func (client *ThreatIntelligenceIndicatorClient) appendTagsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceAppendTags ThreatIntelligenceAppendTags, _ *ThreatIntelligenceIndicatorClientAppendTagsOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}/appendTags" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -98,7 +95,7 @@ func (client *ThreatIntelligenceIndicatorClient) appendTagsCreateRequest(ctx con return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, threatIntelligenceAppendTags); err != nil { @@ -110,7 +107,7 @@ func (client *ThreatIntelligenceIndicatorClient) appendTagsCreateRequest(ctx con // Create - Update a threat Intelligence indicator. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - name - Threat intelligence indicator name field. @@ -140,7 +137,7 @@ func (client *ThreatIntelligenceIndicatorClient) Create(ctx context.Context, res } // createCreateRequest creates the Create request. -func (client *ThreatIntelligenceIndicatorClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceProperties ThreatIntelligenceIndicatorModel, options *ThreatIntelligenceIndicatorClientCreateOptions) (*policy.Request, error) { +func (client *ThreatIntelligenceIndicatorClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceProperties ThreatIntelligenceIndicatorModel, _ *ThreatIntelligenceIndicatorClientCreateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -163,7 +160,7 @@ func (client *ThreatIntelligenceIndicatorClient) createCreateRequest(ctx context return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, threatIntelligenceProperties); err != nil { @@ -184,7 +181,7 @@ func (client *ThreatIntelligenceIndicatorClient) createHandleResponse(resp *http // CreateIndicator - Create a new threat intelligence indicator. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - threatIntelligenceProperties - Properties of threat intelligence indicators to create and update. @@ -213,7 +210,7 @@ func (client *ThreatIntelligenceIndicatorClient) CreateIndicator(ctx context.Con } // createIndicatorCreateRequest creates the CreateIndicator request. -func (client *ThreatIntelligenceIndicatorClient) createIndicatorCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceProperties ThreatIntelligenceIndicatorModel, options *ThreatIntelligenceIndicatorClientCreateIndicatorOptions) (*policy.Request, error) { +func (client *ThreatIntelligenceIndicatorClient) createIndicatorCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceProperties ThreatIntelligenceIndicatorModel, _ *ThreatIntelligenceIndicatorClientCreateIndicatorOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/createIndicator" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -232,7 +229,7 @@ func (client *ThreatIntelligenceIndicatorClient) createIndicatorCreateRequest(ct return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, threatIntelligenceProperties); err != nil { @@ -253,7 +250,7 @@ func (client *ThreatIntelligenceIndicatorClient) createIndicatorHandleResponse(r // Delete - Delete a threat intelligence indicator. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - name - Threat intelligence indicator name field. @@ -281,7 +278,7 @@ func (client *ThreatIntelligenceIndicatorClient) Delete(ctx context.Context, res } // deleteCreateRequest creates the Delete request. -func (client *ThreatIntelligenceIndicatorClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, name string, options *ThreatIntelligenceIndicatorClientDeleteOptions) (*policy.Request, error) { +func (client *ThreatIntelligenceIndicatorClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, name string, _ *ThreatIntelligenceIndicatorClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -304,7 +301,7 @@ func (client *ThreatIntelligenceIndicatorClient) deleteCreateRequest(ctx context return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -313,7 +310,7 @@ func (client *ThreatIntelligenceIndicatorClient) deleteCreateRequest(ctx context // Get - View a threat intelligence indicator by name. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - name - Threat intelligence indicator name field. @@ -342,7 +339,7 @@ func (client *ThreatIntelligenceIndicatorClient) Get(ctx context.Context, resour } // getCreateRequest creates the Get request. -func (client *ThreatIntelligenceIndicatorClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, name string, options *ThreatIntelligenceIndicatorClientGetOptions) (*policy.Request, error) { +func (client *ThreatIntelligenceIndicatorClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, name string, _ *ThreatIntelligenceIndicatorClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -365,7 +362,7 @@ func (client *ThreatIntelligenceIndicatorClient) getCreateRequest(ctx context.Co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -382,7 +379,7 @@ func (client *ThreatIntelligenceIndicatorClient) getHandleResponse(resp *http.Re // NewQueryIndicatorsPager - Query threat intelligence indicators as per filtering criteria. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - threatIntelligenceFilteringCriteria - Filtering criteria for querying threat intelligence indicators. @@ -412,7 +409,7 @@ func (client *ThreatIntelligenceIndicatorClient) NewQueryIndicatorsPager(resourc } // queryIndicatorsCreateRequest creates the QueryIndicators request. -func (client *ThreatIntelligenceIndicatorClient) queryIndicatorsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria, options *ThreatIntelligenceIndicatorClientQueryIndicatorsOptions) (*policy.Request, error) { +func (client *ThreatIntelligenceIndicatorClient) queryIndicatorsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria, _ *ThreatIntelligenceIndicatorClientQueryIndicatorsOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/queryIndicators" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -431,7 +428,7 @@ func (client *ThreatIntelligenceIndicatorClient) queryIndicatorsCreateRequest(ct return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, threatIntelligenceFilteringCriteria); err != nil { @@ -452,7 +449,7 @@ func (client *ThreatIntelligenceIndicatorClient) queryIndicatorsHandleResponse(r // ReplaceTags - Replace tags added to a threat intelligence indicator. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - name - Threat intelligence indicator name field. @@ -482,7 +479,7 @@ func (client *ThreatIntelligenceIndicatorClient) ReplaceTags(ctx context.Context } // replaceTagsCreateRequest creates the ReplaceTags request. -func (client *ThreatIntelligenceIndicatorClient) replaceTagsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceReplaceTags ThreatIntelligenceIndicatorModel, options *ThreatIntelligenceIndicatorClientReplaceTagsOptions) (*policy.Request, error) { +func (client *ThreatIntelligenceIndicatorClient) replaceTagsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceReplaceTags ThreatIntelligenceIndicatorModel, _ *ThreatIntelligenceIndicatorClientReplaceTagsOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}/replaceTags" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -505,7 +502,7 @@ func (client *ThreatIntelligenceIndicatorClient) replaceTagsCreateRequest(ctx co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, threatIntelligenceReplaceTags); err != nil { diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client_example_test.go deleted file mode 100644 index 580bd2d976e0..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client_example_test.go +++ /dev/null @@ -1,438 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/CreateThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_CreateIndicator() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewThreatIntelligenceIndicatorClient().CreateIndicator(ctx, "myRg", "myWorkspace", armsecurityinsights.ThreatIntelligenceIndicatorModel{ - Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - Description: to.Ptr("debugging indicators"), - Confidence: to.Ptr[int32](78), - CreatedByRef: to.Ptr("contoso@contoso.com"), - DisplayName: to.Ptr("new schema"), - ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{}, - GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{}, - KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{}, - Labels: []*string{}, - Modified: to.Ptr(""), - Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - PatternType: to.Ptr("url"), - Revoked: to.Ptr(false), - Source: to.Ptr("Azure Sentinel"), - ThreatIntelligenceTags: []*string{ - to.Ptr("new schema")}, - ThreatTypes: []*string{ - to.Ptr("compromised")}, - ValidFrom: to.Ptr("2021-09-15T17:44:00.114052Z"), - ValidUntil: to.Ptr(""), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.ThreatIntelligenceIndicatorClientCreateIndicatorResponse{ - // ThreatIntelligenceInformationClassification: &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("180105c7-a28d-b1a2-4a78-234f6ec80fd6"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/180105c7-a28d-b1a2-4a78-234f6ec80fd6"), - // Etag: to.Ptr("\"0000322c-0000-0800-0000-5e976c960000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2021-09-15T20:20:38.6160949Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("new schema"), - // ExternalID: to.Ptr("indicator--a2b6a95e-2108-4a38-bd49-ef95811bbcd7"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T20:20:38.6161887Z"), - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("new schema")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2021-09-15T17:44:00.114052Z"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/GetThreatIntelligenceById.json -func ExampleThreatIntelligenceIndicatorClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewThreatIntelligenceIndicatorClient().Get(ctx, "myRg", "myWorkspace", "e16ef847-962e-d7b6-9c8b-a33e4bd30e47", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.ThreatIntelligenceIndicatorClientGetResponse{ - // ThreatIntelligenceInformationClassification: &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Etag: to.Ptr("\"00002a2c-0000-0800-0000-5e97683b0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2021-04-15T19:51:17.1050923Z"), - // CreatedByRef: to.Ptr("aztestConnectors@dataconnector.ccsctp.net"), - // DisplayName: to.Ptr("updated indicator"), - // ExternalID: to.Ptr("indicator--73be1729-babb-4348-a6c4-94621cae2530"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2021-04-15T20:18:49.2259902Z"), - // Pattern: to.Ptr("[url:value = 'https://abc.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("patching tags")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2021-04-15T17:44:00.114052Z"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/UpdateThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_Create() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewThreatIntelligenceIndicatorClient().Create(ctx, "myRg", "myWorkspace", "d9cd6f0b-96b9-3984-17cd-a779d1e15a93", armsecurityinsights.ThreatIntelligenceIndicatorModel{ - Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - Description: to.Ptr("debugging indicators"), - Confidence: to.Ptr[int32](78), - CreatedByRef: to.Ptr("contoso@contoso.com"), - DisplayName: to.Ptr("new schema"), - ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{}, - GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{}, - KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{}, - Labels: []*string{}, - Modified: to.Ptr(""), - Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - PatternType: to.Ptr("url"), - Revoked: to.Ptr(false), - Source: to.Ptr("Azure Sentinel"), - ThreatIntelligenceTags: []*string{ - to.Ptr("new schema")}, - ThreatTypes: []*string{ - to.Ptr("compromised")}, - ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - ValidUntil: to.Ptr(""), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.ThreatIntelligenceIndicatorClientCreateResponse{ - // ThreatIntelligenceInformationClassification: &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("180105c7-a28d-b1a2-4a78-234f6ec80fd6"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/180105c7-a28d-b1a2-4a78-234f6ec80fd6"), - // Etag: to.Ptr("\"0000322c-0000-0800-0000-5e976c960000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2021-04-15T20:20:38.6160949Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("new schema"), - // ExternalID: to.Ptr("indicator--a2b6a95e-2108-4a38-bd49-ef95811bbcd7"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T20:20:38.6161887Z"), - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("new schema")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2021-04-15T17:44:00.114052Z"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/DeleteThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewThreatIntelligenceIndicatorClient().Delete(ctx, "myRg", "myWorkspace", "d9cd6f0b-96b9-3984-17cd-a779d1e15a93", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/QueryThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_NewQueryIndicatorsPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewThreatIntelligenceIndicatorClient().NewQueryIndicatorsPager("myRg", "myWorkspace", armsecurityinsights.ThreatIntelligenceFilteringCriteria{ - MaxConfidence: to.Ptr[int32](80), - MaxValidUntil: to.Ptr("2021-04-25T17:44:00.114052Z"), - MinConfidence: to.Ptr[int32](25), - MinValidUntil: to.Ptr("2021-04-05T17:44:00.114052Z"), - PageSize: to.Ptr[int32](100), - SortBy: []*armsecurityinsights.ThreatIntelligenceSortingCriteria{ - { - ItemKey: to.Ptr("lastUpdatedTimeUtc"), - SortOrder: to.Ptr(armsecurityinsights.ThreatIntelligenceSortingCriteriaEnumDescending), - }}, - Sources: []*string{ - to.Ptr("Azure Sentinel")}, - }, nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.ThreatIntelligenceInformationList = armsecurityinsights.ThreatIntelligenceInformationList{ - // Value: []armsecurityinsights.ThreatIntelligenceInformationClassification{ - // &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("27d963e6-e6e4-e0f9-e9d7-c53985b3bbe8"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/27d963e6-e6e4-e0f9-e9d7-c53985b3bbe8"), - // Etag: to.Ptr("\"00002f2c-0000-0800-0000-5e976a8e0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators 2"), - // Confidence: to.Ptr[int32](90), - // Created: to.Ptr("2021-04-15T20:11:57.9666134Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("new schema 2"), - // ExternalID: to.Ptr("indicator--8516d567-0daa-4614-8745-e3591e1b48cf"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T20:15:11.0746926Z"), - // ParsedPattern: []*armsecurityinsights.ThreatIntelligenceParsedPattern{ - // { - // PatternTypeKey: to.Ptr("network-traffic"), - // PatternTypeValues: []*armsecurityinsights.ThreatIntelligenceParsedPatternTypeValue{ - // { - // Value: to.Ptr("SSH-2.0-PuTTY_Release_0.64"), - // ValueType: to.Ptr("0"), - // }, - // { - // Value: to.Ptr("194.88.106.146"), - // ValueType: to.Ptr("1"), - // }}, - // }}, - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("new schema")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2021-04-15T17:44:00.114052Z"), - // }, - // }, - // &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Etag: to.Ptr("\"00002a2c-0000-0800-0000-5e97683b0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2021-04-15T19:51:17.1050923Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("updated indicator"), - // ExternalID: to.Ptr("indicator--73be1729-babb-4348-a6c4-94621cae2530"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2021-04-15T20:15:11.074903Z"), - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("patching tags")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2021-04-15T17:44:00.114052Z"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/AppendTagsThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_AppendTags() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewThreatIntelligenceIndicatorClient().AppendTags(ctx, "myRg", "myWorkspace", "d9cd6f0b-96b9-3984-17cd-a779d1e15a93", armsecurityinsights.ThreatIntelligenceAppendTags{ - ThreatIntelligenceTags: []*string{ - to.Ptr("tag1"), - to.Ptr("tag2")}, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/ReplaceTagsThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_ReplaceTags() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewThreatIntelligenceIndicatorClient().ReplaceTags(ctx, "myRg", "myWorkspace", "d9cd6f0b-96b9-3984-17cd-a779d1e15a93", armsecurityinsights.ThreatIntelligenceIndicatorModel{ - Etag: to.Ptr("\"0000262c-0000-0800-0000-5e9767060000\""), - Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - ThreatIntelligenceTags: []*string{ - to.Ptr("patching tags")}, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.ThreatIntelligenceIndicatorClientReplaceTagsResponse{ - // ThreatIntelligenceInformationClassification: &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Etag: to.Ptr("\"00002a2c-0000-0800-0000-5e97683b0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2021-04-15T19:51:17.1050923Z"), - // CreatedByRef: to.Ptr("aztestConnectors@dataconnector.ccsctp.net"), - // DisplayName: to.Ptr("updated indicator"), - // ExternalID: to.Ptr("indicator--73be1729-babb-4348-a6c4-94621cae2530"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2021-04-15T19:56:08.828946Z"), - // Pattern: to.Ptr("[url:value = 'https://abc.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("patching tags")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2021-04-15T17:44:00.114052Z"), - // }, - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client.go index f1251c15ae6d..eac81bdf254f 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type ThreatIntelligenceIndicatorMetricsClient struct { } // NewThreatIntelligenceIndicatorMetricsClient creates a new instance of ThreatIntelligenceIndicatorMetricsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewThreatIntelligenceIndicatorMetricsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ThreatIntelligenceIndicatorMetricsClient, error) { @@ -46,7 +43,7 @@ func NewThreatIntelligenceIndicatorMetricsClient(subscriptionID string, credenti // List - Get threat intelligence indicators metrics (Indicators counts by Type, Threat Type, Source). // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - ThreatIntelligenceIndicatorMetricsClientListOptions contains the optional parameters for the ThreatIntelligenceIndicatorMetricsClient.List @@ -74,7 +71,7 @@ func (client *ThreatIntelligenceIndicatorMetricsClient) List(ctx context.Context } // listCreateRequest creates the List request. -func (client *ThreatIntelligenceIndicatorMetricsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ThreatIntelligenceIndicatorMetricsClientListOptions) (*policy.Request, error) { +func (client *ThreatIntelligenceIndicatorMetricsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, _ *ThreatIntelligenceIndicatorMetricsClientListOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/metrics" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -93,7 +90,7 @@ func (client *ThreatIntelligenceIndicatorMetricsClient) listCreateRequest(ctx co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client_example_test.go deleted file mode 100644 index 161336e742d5..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client_example_test.go +++ /dev/null @@ -1,65 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/CollectThreatIntelligenceMetrics.json -func ExampleThreatIntelligenceIndicatorMetricsClient_List() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewThreatIntelligenceIndicatorMetricsClient().List(ctx, "myRg", "myWorkspace", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.ThreatIntelligenceMetricsList = armsecurityinsights.ThreatIntelligenceMetricsList{ - // Value: []*armsecurityinsights.ThreatIntelligenceMetrics{ - // { - // Properties: &armsecurityinsights.ThreatIntelligenceMetric{ - // LastUpdatedTimeUTC: to.Ptr("2021-09-01T19:44:44.117403Z"), - // PatternTypeMetrics: []*armsecurityinsights.ThreatIntelligenceMetricEntity{ - // { - // MetricName: to.Ptr("url"), - // MetricValue: to.Ptr[int32](20), - // }}, - // SourceMetrics: []*armsecurityinsights.ThreatIntelligenceMetricEntity{ - // { - // MetricName: to.Ptr("Azure Sentinel"), - // MetricValue: to.Ptr[int32](10315), - // }, - // { - // MetricName: to.Ptr("zinga"), - // MetricValue: to.Ptr[int32](2), - // }}, - // ThreatTypeMetrics: []*armsecurityinsights.ThreatIntelligenceMetricEntity{ - // { - // MetricName: to.Ptr("compromised"), - // MetricValue: to.Ptr[int32](20), - // }}, - // }, - // }}, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client.go index 0c46a4244ac7..63de3368bbc0 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -29,7 +26,7 @@ type ThreatIntelligenceIndicatorsClient struct { } // NewThreatIntelligenceIndicatorsClient creates a new instance of ThreatIntelligenceIndicatorsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewThreatIntelligenceIndicatorsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ThreatIntelligenceIndicatorsClient, error) { @@ -46,7 +43,7 @@ func NewThreatIntelligenceIndicatorsClient(subscriptionID string, credential azc // NewListPager - Get all threat intelligence indicators. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - ThreatIntelligenceIndicatorsClientListOptions contains the optional parameters for the ThreatIntelligenceIndicatorsClient.NewListPager @@ -106,7 +103,7 @@ func (client *ThreatIntelligenceIndicatorsClient) listCreateRequest(ctx context. if options != nil && options.Top != nil { reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) } - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client_example_test.go deleted file mode 100644 index 2dd351bee7e7..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client_example_test.go +++ /dev/null @@ -1,112 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/GetThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewThreatIntelligenceIndicatorsClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.ThreatIntelligenceIndicatorsClientListOptions{Filter: nil, - Orderby: nil, - Top: nil, - SkipToken: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.ThreatIntelligenceInformationList = armsecurityinsights.ThreatIntelligenceInformationList{ - // Value: []armsecurityinsights.ThreatIntelligenceInformationClassification{ - // &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("27d963e6-e6e4-e0f9-e9d7-c53985b3bbe8"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/27d963e6-e6e4-e0f9-e9d7-c53985b3bbe8"), - // Etag: to.Ptr("\"00002f2c-0000-0800-0000-5e976a8e0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](90), - // Created: to.Ptr("2021-04-15T20:11:57.9666134Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("new schema 2"), - // ExternalID: to.Ptr("indicator--8516d567-0daa-4614-8745-e3591e1b48cf"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2021-04-15T20:15:11.0746926Z"), - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("new schema")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2021-04-15T17:44:00.114052Z"), - // }, - // }, - // &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Etag: to.Ptr("\"00002a2c-0000-0800-0000-5e97683b0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceKindEnumIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2021-04-15T19:51:17.1050923Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("updated indicator"), - // ExternalID: to.Ptr("indicator--73be1729-babb-4348-a6c4-94621cae2530"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2021-04-15T20:15:11.074903Z"), - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("patching tags")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2021-04-15T17:44:00.114052Z"), - // }, - // }}, - // } - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/time_rfc3339.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/time_rfc3339.go index 0cbb5478f4b6..5bc0c658674c 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/time_rfc3339.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/time_rfc3339.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -60,6 +57,9 @@ func (t *dateTimeRFC3339) UnmarshalJSON(data []byte) error { } func (t *dateTimeRFC3339) UnmarshalText(data []byte) error { + if len(data) == 0 { + return nil + } tzOffset := tzOffsetRegex.Match(data) hasT := strings.Contains(string(data), "T") || strings.Contains(string(data), "t") var layout string diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/triggeredanalyticsrulerun_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/triggeredanalyticsrulerun_client.go new file mode 100644 index 000000000000..c5b6bef1cfbd --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/triggeredanalyticsrulerun_client.go @@ -0,0 +1,111 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// TriggeredAnalyticsRuleRunClient contains the methods for the TriggeredAnalyticsRuleRun group. +// Don't use this type directly, use NewTriggeredAnalyticsRuleRunClient() instead. +type TriggeredAnalyticsRuleRunClient struct { + internal *arm.Client + subscriptionID string +} + +// NewTriggeredAnalyticsRuleRunClient creates a new instance of TriggeredAnalyticsRuleRunClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewTriggeredAnalyticsRuleRunClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*TriggeredAnalyticsRuleRunClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &TriggeredAnalyticsRuleRunClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Gets the triggered analytics rule run. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - ruleRunID - the triggered rule id +// - options - TriggeredAnalyticsRuleRunClientGetOptions contains the optional parameters for the TriggeredAnalyticsRuleRunClient.Get +// method. +func (client *TriggeredAnalyticsRuleRunClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ruleRunID string, options *TriggeredAnalyticsRuleRunClientGetOptions) (TriggeredAnalyticsRuleRunClientGetResponse, error) { + var err error + const operationName = "TriggeredAnalyticsRuleRunClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, ruleRunID, options) + if err != nil { + return TriggeredAnalyticsRuleRunClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return TriggeredAnalyticsRuleRunClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return TriggeredAnalyticsRuleRunClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *TriggeredAnalyticsRuleRunClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleRunID string, _ *TriggeredAnalyticsRuleRunClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns/{ruleRunId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if ruleRunID == "" { + return nil, errors.New("parameter ruleRunID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{ruleRunId}", url.PathEscape(ruleRunID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *TriggeredAnalyticsRuleRunClient) getHandleResponse(resp *http.Response) (TriggeredAnalyticsRuleRunClientGetResponse, error) { + result := TriggeredAnalyticsRuleRunClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TriggeredAnalyticsRuleRun); err != nil { + return TriggeredAnalyticsRuleRunClientGetResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/update_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/update_client.go new file mode 100644 index 000000000000..e678a90758fd --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/update_client.go @@ -0,0 +1,114 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// UpdateClient contains the methods for the Update group. +// Don't use this type directly, use NewUpdateClient() instead. +type UpdateClient struct { + internal *arm.Client + subscriptionID string +} + +// NewUpdateClient creates a new instance of UpdateClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewUpdateClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*UpdateClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &UpdateClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Recommendation - Patch a recommendation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - recommendationID - Recommendation Id. +// - recommendationPatch - Recommendation Fields to Update. +// - options - UpdateClientRecommendationOptions contains the optional parameters for the UpdateClient.Recommendation method. +func (client *UpdateClient) Recommendation(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, recommendationPatch RecommendationPatch, options *UpdateClientRecommendationOptions) (UpdateClientRecommendationResponse, error) { + var err error + const operationName = "UpdateClient.Recommendation" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.recommendationCreateRequest(ctx, resourceGroupName, workspaceName, recommendationID, recommendationPatch, options) + if err != nil { + return UpdateClientRecommendationResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return UpdateClientRecommendationResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return UpdateClientRecommendationResponse{}, err + } + resp, err := client.recommendationHandleResponse(httpResp) + return resp, err +} + +// recommendationCreateRequest creates the Recommendation request. +func (client *UpdateClient) recommendationCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, recommendationPatch RecommendationPatch, _ *UpdateClientRecommendationOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if recommendationID == "" { + return nil, errors.New("parameter recommendationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{recommendationId}", url.PathEscape(recommendationID)) + req, err := runtime.NewRequest(ctx, http.MethodPatch, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, recommendationPatch); err != nil { + return nil, err + } + return req, nil +} + +// recommendationHandleResponse handles the Recommendation response. +func (client *UpdateClient) recommendationHandleResponse(resp *http.Response) (UpdateClientRecommendationResponse, error) { + result := UpdateClientRecommendationResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Recommendation); err != nil { + return UpdateClientRecommendationResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client.go index 16773e249ff9..a380ad396d3a 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type WatchlistItemsClient struct { } // NewWatchlistItemsClient creates a new instance of WatchlistItemsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewWatchlistItemsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WatchlistItemsClient, error) { @@ -46,7 +43,7 @@ func NewWatchlistItemsClient(subscriptionID string, credential azcore.TokenCrede // CreateOrUpdate - Creates or updates a watchlist item. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - watchlistAlias - Watchlist Alias @@ -77,7 +74,7 @@ func (client *WatchlistItemsClient) CreateOrUpdate(ctx context.Context, resource } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *WatchlistItemsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, watchlistItem WatchlistItem, options *WatchlistItemsClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *WatchlistItemsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, watchlistItem WatchlistItem, _ *WatchlistItemsClientCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -104,7 +101,7 @@ func (client *WatchlistItemsClient) createOrUpdateCreateRequest(ctx context.Cont return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, watchlistItem); err != nil { @@ -125,7 +122,7 @@ func (client *WatchlistItemsClient) createOrUpdateHandleResponse(resp *http.Resp // Delete - Delete a watchlist item. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - watchlistAlias - Watchlist Alias @@ -153,7 +150,7 @@ func (client *WatchlistItemsClient) Delete(ctx context.Context, resourceGroupNam } // deleteCreateRequest creates the Delete request. -func (client *WatchlistItemsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, options *WatchlistItemsClientDeleteOptions) (*policy.Request, error) { +func (client *WatchlistItemsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, _ *WatchlistItemsClientDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -180,7 +177,7 @@ func (client *WatchlistItemsClient) deleteCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -189,7 +186,7 @@ func (client *WatchlistItemsClient) deleteCreateRequest(ctx context.Context, res // Get - Gets a watchlist, without its watchlist items. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - watchlistAlias - Watchlist Alias @@ -218,7 +215,7 @@ func (client *WatchlistItemsClient) Get(ctx context.Context, resourceGroupName s } // getCreateRequest creates the Get request. -func (client *WatchlistItemsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, options *WatchlistItemsClientGetOptions) (*policy.Request, error) { +func (client *WatchlistItemsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, _ *WatchlistItemsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -245,7 +242,7 @@ func (client *WatchlistItemsClient) getCreateRequest(ctx context.Context, resour return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -262,7 +259,7 @@ func (client *WatchlistItemsClient) getHandleResponse(resp *http.Response) (Watc // NewListPager - Gets all watchlist Items. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - watchlistAlias - Watchlist Alias @@ -317,7 +314,7 @@ func (client *WatchlistItemsClient) listCreateRequest(ctx context.Context, resou if options != nil && options.SkipToken != nil { reqQP.Set("$skipToken", *options.SkipToken) } - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client_example_test.go deleted file mode 100644 index afad7a041d8c..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client_example_test.go +++ /dev/null @@ -1,213 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/GetWatchlistItems.json -func ExampleWatchlistItemsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewWatchlistItemsClient().NewListPager("myRg", "myWorkspace", "highValueAsset", &armsecurityinsights.WatchlistItemsClientListOptions{SkipToken: nil}) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.WatchlistItemList = armsecurityinsights.WatchlistItemList{ - // Value: []*armsecurityinsights.WatchlistItem{ - // { - // Name: to.Ptr("fd37d325-7090-47fe-851a-5b5a00c3f576"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists/WatchlistItems"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/Watchlists/highValueAsset/WatchlistItems/fd37d325-7090-47fe-851a-5b5a00c3f576"), - // Etag: to.Ptr("\"f2089bfa-0000-0d00-0000-601c58b42021\""), - // Properties: &armsecurityinsights.WatchlistItemProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-02-04T20:27:32.378Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // EntityMapping: map[string]any{ - // }, - // IsDeleted: to.Ptr(false), - // ItemsKeyValue: map[string]any{ - // "Header-1": "v1_1", - // "Header-2": "v1_2", - // "Header-3": "v1_3", - // "Header-4": "v1_4", - // "Header-5": "v1_5", - // }, - // TenantID: to.Ptr("3f8901fe-63d9-4875-9ad5-9fb3b8105797"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-02-04T20:27:32.378Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistItemID: to.Ptr("fd37d325-7090-47fe-851a-5b5a00c3f576"), - // WatchlistItemType: to.Ptr("watchlist-item"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/GetWatchlistItemById.json -func ExampleWatchlistItemsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewWatchlistItemsClient().Get(ctx, "myRg", "myWorkspace", "highValueAsset", "3f8901fe-63d9-4875-9ad5-9fb3b8105797", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.WatchlistItem = armsecurityinsights.WatchlistItem{ - // Name: to.Ptr("fd37d325-7090-47fe-851a-5b5a00c3f576"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists/WatchlistItems"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/Watchlists/highValueAsset/WatchlistItems/fd37d325-7090-47fe-851a-5b5a00c3f576"), - // Etag: to.Ptr("\"f2089bfa-0000-0d00-0000-601c58b42021\""), - // Properties: &armsecurityinsights.WatchlistItemProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-02-04T20:27:32.378Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // EntityMapping: map[string]any{ - // }, - // IsDeleted: to.Ptr(false), - // ItemsKeyValue: map[string]any{ - // "Header-1": "v1_1", - // "Header-2": "v1_2", - // "Header-3": "v1_3", - // "Header-4": "v1_4", - // "Header-5": "v1_5", - // }, - // TenantID: to.Ptr("3f8901fe-63d9-4875-9ad5-9fb3b8105797"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-02-04T20:27:32.378Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistItemID: to.Ptr("fd37d325-7090-47fe-851a-5b5a00c3f576"), - // WatchlistItemType: to.Ptr("watchlist-item"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/DeleteWatchlistItem.json -func ExampleWatchlistItemsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewWatchlistItemsClient().Delete(ctx, "myRg", "myWorkspace", "highValueAsset", "4008512e-1d30-48b2-9ee2-d3612ed9d3ea", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/CreateWatchlistItem.json -func ExampleWatchlistItemsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewWatchlistItemsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "highValueAsset", "82ba292c-dc97-4dfc-969d-d4dd9e666842", armsecurityinsights.WatchlistItem{ - Etag: to.Ptr("0300bf09-0000-0000-0000-5c37296e0000"), - Properties: &armsecurityinsights.WatchlistItemProperties{ - ItemsKeyValue: map[string]any{ - "Business tier": "10.0.2.0/24", - "Data tier": "10.0.2.0/24", - "Gateway subnet": "10.0.255.224/27", - "Private DMZ in": "10.0.0.0/27", - "Public DMZ out": "10.0.0.96/27", - "Web Tier": "10.0.1.0/24", - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.WatchlistItem = armsecurityinsights.WatchlistItem{ - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists/WatchlistItems"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/Watchlists/highValueAsset/WatchlistItems/82ba292c-dc97-4dfc-969d-d4dd9e666842"), - // Etag: to.Ptr("0300bf09-0000-0000-0000-5c37296e0000"), - // Properties: &armsecurityinsights.WatchlistItemProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-11-15T04:58:56.074Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // IsDeleted: to.Ptr(false), - // ItemsKeyValue: map[string]any{ - // "Business tier": "10.0.2.0/24", - // "Data tier": "10.0.2.0/24", - // "Gateway subnet": "10.0.255.224/27", - // "Private DMZ in": "10.0.0.0/27", - // "Public DMZ out": "10.0.0.96/27", - // "Web Tier": "10.0.1.0/24", - // }, - // TenantID: to.Ptr("4008512e-1d30-48b2-9ee2-d3612ed9d3ea"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-11-16T16:05:20.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistItemID: to.Ptr("82ba292c-dc97-4dfc-969d-d4dd9e666842"), - // WatchlistItemType: to.Ptr("watchlist-item"), - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client.go index 66f0e39aa75b..ef826fa1417c 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client.go @@ -1,6 +1,3 @@ -//go:build go1.18 -// +build go1.18 - // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. See License.txt in the project root for license information. // Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. @@ -28,7 +25,7 @@ type WatchlistsClient struct { } // NewWatchlistsClient creates a new instance of WatchlistsClient with the specified values. -// - subscriptionID - The ID of the target subscription. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewWatchlistsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WatchlistsClient, error) { @@ -43,45 +40,70 @@ func NewWatchlistsClient(subscriptionID string, credential azcore.TokenCredentia return client, nil } -// CreateOrUpdate - Create or update a Watchlist and its Watchlist Items (bulk creation, e.g. through text/csv content type). -// To create a Watchlist and its Items, we should call this endpoint with either rawContent or a +// BeginCreateOrUpdate - Create or update a Watchlist and its Watchlist Items (bulk creation, e.g. through text/csv content +// type). To create a Watchlist and its Items, we should call this endpoint with either rawContent or a // valid SAR URI and contentType properties. The rawContent is mainly used for small watchlist (content size below 3.8 MB). // The SAS URI enables the creation of large watchlist, where the content size can // go up to 500 MB. The status of processing such large file can be polled through the URL returned in Azure-AsyncOperation // header. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - watchlistAlias - Watchlist Alias // - watchlist - The watchlist -// - options - WatchlistsClientCreateOrUpdateOptions contains the optional parameters for the WatchlistsClient.CreateOrUpdate +// - options - WatchlistsClientBeginCreateOrUpdateOptions contains the optional parameters for the WatchlistsClient.BeginCreateOrUpdate // method. -func (client *WatchlistsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist Watchlist, options *WatchlistsClientCreateOrUpdateOptions) (WatchlistsClientCreateOrUpdateResponse, error) { +func (client *WatchlistsClient) BeginCreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist Watchlist, options *WatchlistsClientBeginCreateOrUpdateOptions) (*runtime.Poller[WatchlistsClientCreateOrUpdateResponse], error) { + if options == nil || options.ResumeToken == "" { + resp, err := client.createOrUpdate(ctx, resourceGroupName, workspaceName, watchlistAlias, watchlist, options) + if err != nil { + return nil, err + } + poller, err := runtime.NewPoller(resp, client.internal.Pipeline(), &runtime.NewPollerOptions[WatchlistsClientCreateOrUpdateResponse]{ + Tracer: client.internal.Tracer(), + }) + return poller, err + } else { + return runtime.NewPollerFromResumeToken(options.ResumeToken, client.internal.Pipeline(), &runtime.NewPollerFromResumeTokenOptions[WatchlistsClientCreateOrUpdateResponse]{ + Tracer: client.internal.Tracer(), + }) + } +} + +// CreateOrUpdate - Create or update a Watchlist and its Watchlist Items (bulk creation, e.g. through text/csv content type). +// To create a Watchlist and its Items, we should call this endpoint with either rawContent or a +// valid SAR URI and contentType properties. The rawContent is mainly used for small watchlist (content size below 3.8 MB). +// The SAS URI enables the creation of large watchlist, where the content size can +// go up to 500 MB. The status of processing such large file can be polled through the URL returned in Azure-AsyncOperation +// header. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +func (client *WatchlistsClient) createOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist Watchlist, options *WatchlistsClientBeginCreateOrUpdateOptions) (*http.Response, error) { var err error - const operationName = "WatchlistsClient.CreateOrUpdate" + const operationName = "WatchlistsClient.BeginCreateOrUpdate" ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) defer func() { endSpan(err) }() req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, watchlistAlias, watchlist, options) if err != nil { - return WatchlistsClientCreateOrUpdateResponse{}, err + return nil, err } httpResp, err := client.internal.Pipeline().Do(req) if err != nil { - return WatchlistsClientCreateOrUpdateResponse{}, err + return nil, err } if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { err = runtime.NewResponseError(httpResp) - return WatchlistsClientCreateOrUpdateResponse{}, err + return nil, err } - resp, err := client.createOrUpdateHandleResponse(httpResp) - return resp, err + return httpResp, nil } // createOrUpdateCreateRequest creates the CreateOrUpdate request. -func (client *WatchlistsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist Watchlist, options *WatchlistsClientCreateOrUpdateOptions) (*policy.Request, error) { +func (client *WatchlistsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist Watchlist, _ *WatchlistsClientBeginCreateOrUpdateOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -104,7 +126,7 @@ func (client *WatchlistsClient) createOrUpdateCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, watchlist); err != nil { @@ -113,50 +135,58 @@ func (client *WatchlistsClient) createOrUpdateCreateRequest(ctx context.Context, return req, nil } -// createOrUpdateHandleResponse handles the CreateOrUpdate response. -func (client *WatchlistsClient) createOrUpdateHandleResponse(resp *http.Response) (WatchlistsClientCreateOrUpdateResponse, error) { - result := WatchlistsClientCreateOrUpdateResponse{} - if val := resp.Header.Get("Azure-AsyncOperation"); val != "" { - result.AzureAsyncOperation = &val - } - if err := runtime.UnmarshalAsJSON(resp, &result.Watchlist); err != nil { - return WatchlistsClientCreateOrUpdateResponse{}, err +// BeginDelete - Delete a watchlist. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - watchlistAlias - Watchlist Alias +// - options - WatchlistsClientBeginDeleteOptions contains the optional parameters for the WatchlistsClient.BeginDelete method. +func (client *WatchlistsClient) BeginDelete(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, options *WatchlistsClientBeginDeleteOptions) (*runtime.Poller[WatchlistsClientDeleteResponse], error) { + if options == nil || options.ResumeToken == "" { + resp, err := client.deleteOperation(ctx, resourceGroupName, workspaceName, watchlistAlias, options) + if err != nil { + return nil, err + } + poller, err := runtime.NewPoller(resp, client.internal.Pipeline(), &runtime.NewPollerOptions[WatchlistsClientDeleteResponse]{ + Tracer: client.internal.Tracer(), + }) + return poller, err + } else { + return runtime.NewPollerFromResumeToken(options.ResumeToken, client.internal.Pipeline(), &runtime.NewPollerFromResumeTokenOptions[WatchlistsClientDeleteResponse]{ + Tracer: client.internal.Tracer(), + }) } - return result, nil } // Delete - Delete a watchlist. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview -// - resourceGroupName - The name of the resource group. The name is case insensitive. -// - workspaceName - The name of the workspace. -// - watchlistAlias - Watchlist Alias -// - options - WatchlistsClientDeleteOptions contains the optional parameters for the WatchlistsClient.Delete method. -func (client *WatchlistsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, options *WatchlistsClientDeleteOptions) (WatchlistsClientDeleteResponse, error) { +// Generated from API version 2025-04-01-preview +func (client *WatchlistsClient) deleteOperation(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, options *WatchlistsClientBeginDeleteOptions) (*http.Response, error) { var err error - const operationName = "WatchlistsClient.Delete" + const operationName = "WatchlistsClient.BeginDelete" ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) defer func() { endSpan(err) }() req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, watchlistAlias, options) if err != nil { - return WatchlistsClientDeleteResponse{}, err + return nil, err } httpResp, err := client.internal.Pipeline().Do(req) if err != nil { - return WatchlistsClientDeleteResponse{}, err + return nil, err } - if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + if !runtime.HasStatusCode(httpResp, http.StatusAccepted, http.StatusNoContent) { err = runtime.NewResponseError(httpResp) - return WatchlistsClientDeleteResponse{}, err + return nil, err } - resp, err := client.deleteHandleResponse(httpResp) - return resp, err + return httpResp, nil } // deleteCreateRequest creates the Delete request. -func (client *WatchlistsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, options *WatchlistsClientDeleteOptions) (*policy.Request, error) { +func (client *WatchlistsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, _ *WatchlistsClientBeginDeleteOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -179,25 +209,16 @@ func (client *WatchlistsClient) deleteCreateRequest(ctx context.Context, resourc return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } -// deleteHandleResponse handles the Delete response. -func (client *WatchlistsClient) deleteHandleResponse(resp *http.Response) (WatchlistsClientDeleteResponse, error) { - result := WatchlistsClientDeleteResponse{} - if val := resp.Header.Get("Azure-AsyncOperation"); val != "" { - result.AzureAsyncOperation = &val - } - return result, nil -} - // Get - Gets a watchlist, without its watchlist items. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - watchlistAlias - Watchlist Alias @@ -225,7 +246,7 @@ func (client *WatchlistsClient) Get(ctx context.Context, resourceGroupName strin } // getCreateRequest creates the Get request. -func (client *WatchlistsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, options *WatchlistsClientGetOptions) (*policy.Request, error) { +func (client *WatchlistsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, _ *WatchlistsClientGetOptions) (*policy.Request, error) { urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}" if client.subscriptionID == "" { return nil, errors.New("parameter client.subscriptionID cannot be empty") @@ -248,7 +269,7 @@ func (client *WatchlistsClient) getCreateRequest(ctx context.Context, resourceGr return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -265,7 +286,7 @@ func (client *WatchlistsClient) getHandleResponse(resp *http.Response) (Watchlis // NewListPager - Gets all watchlists, without watchlist items. // -// Generated from API version 2022-09-01-preview +// Generated from API version 2025-04-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - WatchlistsClientListOptions contains the optional parameters for the WatchlistsClient.NewListPager method. @@ -315,7 +336,7 @@ func (client *WatchlistsClient) listCreateRequest(ctx context.Context, resourceG if options != nil && options.SkipToken != nil { reqQP.Set("$skipToken", *options.SkipToken) } - reqQP.Set("api-version", "2022-09-01-preview") + reqQP.Set("api-version", "2025-04-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client_example_test.go deleted file mode 100644 index 3357c5ec8e1e..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client_example_test.go +++ /dev/null @@ -1,279 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/GetWatchlists.json -func ExampleWatchlistsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewWatchlistsClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.WatchlistsClientListOptions{SkipToken: nil}) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.WatchlistList = armsecurityinsights.WatchlistList{ - // Value: []*armsecurityinsights.Watchlist{ - // { - // Name: to.Ptr("highValueAsset"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/watchlists/highValueAsset"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.WatchlistProperties{ - // Description: to.Ptr("Watchlist from CSV content"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:54.774Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DefaultDuration: to.Ptr("P1279DT12H30M5S"), - // DisplayName: to.Ptr("High Value Assets Watchlist"), - // IsDeleted: to.Ptr(false), - // ItemsSearchKey: to.Ptr("header1"), - // Labels: []*string{ - // to.Ptr("Tag1"), - // to.Ptr("Tag2")}, - // Provider: to.Ptr("Microsoft"), - // Source: to.Ptr("watchlist.csv"), - // SourceType: to.Ptr(armsecurityinsights.SourceTypeLocalFile), - // TenantID: to.Ptr("f686d426-8d16-42db-81b7-ab578e110ccd"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:57.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistAlias: to.Ptr("highValueAsset"), - // WatchlistID: to.Ptr("76d5a51f-ba1f-4038-9d22-59fda38dc017"), - // WatchlistType: to.Ptr("watchlist"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/GetWatchlistByAlias.json -func ExampleWatchlistsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewWatchlistsClient().Get(ctx, "myRg", "myWorkspace", "highValueAsset", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Watchlist = armsecurityinsights.Watchlist{ - // Name: to.Ptr("highValueAsset"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/watchlists/highValueAsset"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.WatchlistProperties{ - // Description: to.Ptr("Watchlist from CSV content"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:54.774Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DefaultDuration: to.Ptr("P1279DT12H30M5S"), - // DisplayName: to.Ptr("High Value Assets Watchlist"), - // IsDeleted: to.Ptr(false), - // ItemsSearchKey: to.Ptr("header1"), - // Labels: []*string{ - // to.Ptr("Tag1"), - // to.Ptr("Tag2")}, - // Provider: to.Ptr("Microsoft"), - // Source: to.Ptr("watchlist.csv"), - // SourceType: to.Ptr(armsecurityinsights.SourceTypeLocalFile), - // TenantID: to.Ptr("f686d426-8d16-42db-81b7-ab578e110ccd"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:57.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistAlias: to.Ptr("highValueAsset"), - // WatchlistID: to.Ptr("76d5a51f-ba1f-4038-9d22-59fda38dc017"), - // WatchlistType: to.Ptr("watchlist"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/DeleteWatchlist.json -func ExampleWatchlistsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewWatchlistsClient().Delete(ctx, "myRg", "myWorkspace", "highValueAsset", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/CreateWatchlistAndWatchlistItems.json -func ExampleWatchlistsClient_CreateOrUpdate_createsOrUpdatesAWatchlistAndBulkCreatesWatchlistItems() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewWatchlistsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "highValueAsset", armsecurityinsights.Watchlist{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.WatchlistProperties{ - Description: to.Ptr("Watchlist from CSV content"), - ContentType: to.Ptr("text/csv"), - DisplayName: to.Ptr("High Value Assets Watchlist"), - ItemsSearchKey: to.Ptr("header1"), - NumberOfLinesToSkip: to.Ptr[int32](1), - Provider: to.Ptr("Microsoft"), - RawContent: to.Ptr("This line will be skipped\nheader1,header2\nvalue1,value2"), - Source: to.Ptr("watchlist.csv"), - SourceType: to.Ptr(armsecurityinsights.SourceTypeLocalFile), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Watchlist = armsecurityinsights.Watchlist{ - // Name: to.Ptr("highValueAsset"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/watchlists/highValueAsset"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.WatchlistProperties{ - // Description: to.Ptr("Watchlist from CSV content"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:54.774Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DisplayName: to.Ptr("High Value Assets Watchlist"), - // IsDeleted: to.Ptr(false), - // ItemsSearchKey: to.Ptr("header1"), - // Provider: to.Ptr("Microsoft"), - // Source: to.Ptr("watchlist.csv"), - // SourceType: to.Ptr(armsecurityinsights.SourceTypeLocalFile), - // TenantID: to.Ptr("f686d426-8d16-42db-81b7-ab578e110ccd"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:57.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistAlias: to.Ptr("highValueAsset"), - // WatchlistID: to.Ptr("76d5a51f-ba1f-4038-9d22-59fda38dc017"), - // WatchlistType: to.Ptr("watchlist"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/6c4f3c695f0250dcb261598a62004f0aef10b9db/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/CreateWatchlist.json -func ExampleWatchlistsClient_CreateOrUpdate_createsOrUpdatesAWatchlist() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewWatchlistsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "highValueAsset", armsecurityinsights.Watchlist{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.WatchlistProperties{ - Description: to.Ptr("Watchlist from CSV content"), - DisplayName: to.Ptr("High Value Assets Watchlist"), - ItemsSearchKey: to.Ptr("header1"), - Provider: to.Ptr("Microsoft"), - Source: to.Ptr("watchlist.csv"), - SourceType: to.Ptr(armsecurityinsights.SourceTypeLocalFile), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Watchlist = armsecurityinsights.Watchlist{ - // Name: to.Ptr("highValueAsset"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/watchlists/highValueAsset"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.WatchlistProperties{ - // Description: to.Ptr("Watchlist from CSV content"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:54.774Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DisplayName: to.Ptr("High Value Assets Watchlist"), - // IsDeleted: to.Ptr(false), - // ItemsSearchKey: to.Ptr("header1"), - // Provider: to.Ptr("Microsoft"), - // Source: to.Ptr("watchlist.csv"), - // SourceType: to.Ptr(armsecurityinsights.SourceTypeLocalFile), - // TenantID: to.Ptr("f686d426-8d16-42db-81b7-ab578e110ccd"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:57.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistAlias: to.Ptr("highValueAsset"), - // WatchlistID: to.Ptr("76d5a51f-ba1f-4038-9d22-59fda38dc017"), - // WatchlistType: to.Ptr("watchlist"), - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignmentjobs_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignmentjobs_client.go new file mode 100644 index 000000000000..33803b60798b --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignmentjobs_client.go @@ -0,0 +1,331 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// WorkspaceManagerAssignmentJobsClient contains the methods for the WorkspaceManagerAssignmentJobs group. +// Don't use this type directly, use NewWorkspaceManagerAssignmentJobsClient() instead. +type WorkspaceManagerAssignmentJobsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewWorkspaceManagerAssignmentJobsClient creates a new instance of WorkspaceManagerAssignmentJobsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewWorkspaceManagerAssignmentJobsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WorkspaceManagerAssignmentJobsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &WorkspaceManagerAssignmentJobsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Create - Create a job for the specified workspace manager assignment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - options - WorkspaceManagerAssignmentJobsClientCreateOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Create +// method. +func (client *WorkspaceManagerAssignmentJobsClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentJobsClientCreateOptions) (WorkspaceManagerAssignmentJobsClientCreateResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentJobsClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, options) + if err != nil { + return WorkspaceManagerAssignmentJobsClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentJobsClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentJobsClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *WorkspaceManagerAssignmentJobsClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, _ *WorkspaceManagerAssignmentJobsClientCreateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *WorkspaceManagerAssignmentJobsClient) createHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentJobsClientCreateResponse, error) { + result := WorkspaceManagerAssignmentJobsClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Job); err != nil { + return WorkspaceManagerAssignmentJobsClientCreateResponse{}, err + } + return result, nil +} + +// Delete - Deletes the specified job from the specified workspace manager assignment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - jobName - The job name +// - options - WorkspaceManagerAssignmentJobsClientDeleteOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Delete +// method. +func (client *WorkspaceManagerAssignmentJobsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, options *WorkspaceManagerAssignmentJobsClientDeleteOptions) (WorkspaceManagerAssignmentJobsClientDeleteResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentJobsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, jobName, options) + if err != nil { + return WorkspaceManagerAssignmentJobsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentJobsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentJobsClientDeleteResponse{}, err + } + return WorkspaceManagerAssignmentJobsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *WorkspaceManagerAssignmentJobsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, _ *WorkspaceManagerAssignmentJobsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + if jobName == "" { + return nil, errors.New("parameter jobName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{jobName}", url.PathEscape(jobName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a job +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - jobName - The job name +// - options - WorkspaceManagerAssignmentJobsClientGetOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Get +// method. +func (client *WorkspaceManagerAssignmentJobsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, options *WorkspaceManagerAssignmentJobsClientGetOptions) (WorkspaceManagerAssignmentJobsClientGetResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentJobsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, jobName, options) + if err != nil { + return WorkspaceManagerAssignmentJobsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentJobsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentJobsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *WorkspaceManagerAssignmentJobsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, _ *WorkspaceManagerAssignmentJobsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + if jobName == "" { + return nil, errors.New("parameter jobName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{jobName}", url.PathEscape(jobName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *WorkspaceManagerAssignmentJobsClient) getHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentJobsClientGetResponse, error) { + result := WorkspaceManagerAssignmentJobsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Job); err != nil { + return WorkspaceManagerAssignmentJobsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Get all jobs for the specified workspace manager assignment +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - options - WorkspaceManagerAssignmentJobsClientListOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.NewListPager +// method. +func (client *WorkspaceManagerAssignmentJobsClient) NewListPager(resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentJobsClientListOptions) *runtime.Pager[WorkspaceManagerAssignmentJobsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[WorkspaceManagerAssignmentJobsClientListResponse]{ + More: func(page WorkspaceManagerAssignmentJobsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *WorkspaceManagerAssignmentJobsClientListResponse) (WorkspaceManagerAssignmentJobsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "WorkspaceManagerAssignmentJobsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, options) + }, nil) + if err != nil { + return WorkspaceManagerAssignmentJobsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *WorkspaceManagerAssignmentJobsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentJobsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *WorkspaceManagerAssignmentJobsClient) listHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentJobsClientListResponse, error) { + result := WorkspaceManagerAssignmentJobsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.JobList); err != nil { + return WorkspaceManagerAssignmentJobsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignments_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignments_client.go new file mode 100644 index 000000000000..ef28a8ddf3bd --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignments_client.go @@ -0,0 +1,320 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// WorkspaceManagerAssignmentsClient contains the methods for the WorkspaceManagerAssignments group. +// Don't use this type directly, use NewWorkspaceManagerAssignmentsClient() instead. +type WorkspaceManagerAssignmentsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewWorkspaceManagerAssignmentsClient creates a new instance of WorkspaceManagerAssignmentsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewWorkspaceManagerAssignmentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WorkspaceManagerAssignmentsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &WorkspaceManagerAssignmentsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a workspace manager assignment. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - workspaceManagerAssignment - The workspace manager assignment +// - options - WorkspaceManagerAssignmentsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.CreateOrUpdate +// method. +func (client *WorkspaceManagerAssignmentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, workspaceManagerAssignment WorkspaceManagerAssignment, options *WorkspaceManagerAssignmentsClientCreateOrUpdateOptions) (WorkspaceManagerAssignmentsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, workspaceManagerAssignment, options) + if err != nil { + return WorkspaceManagerAssignmentsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *WorkspaceManagerAssignmentsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, workspaceManagerAssignment WorkspaceManagerAssignment, _ *WorkspaceManagerAssignmentsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, workspaceManagerAssignment); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *WorkspaceManagerAssignmentsClient) createOrUpdateHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentsClientCreateOrUpdateResponse, error) { + result := WorkspaceManagerAssignmentsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerAssignment); err != nil { + return WorkspaceManagerAssignmentsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Deletes a workspace manager assignment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - options - WorkspaceManagerAssignmentsClientDeleteOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.Delete +// method. +func (client *WorkspaceManagerAssignmentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentsClientDeleteOptions) (WorkspaceManagerAssignmentsClientDeleteResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, options) + if err != nil { + return WorkspaceManagerAssignmentsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentsClientDeleteResponse{}, err + } + return WorkspaceManagerAssignmentsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *WorkspaceManagerAssignmentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, _ *WorkspaceManagerAssignmentsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a workspace manager assignment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - options - WorkspaceManagerAssignmentsClientGetOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.Get +// method. +func (client *WorkspaceManagerAssignmentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentsClientGetOptions) (WorkspaceManagerAssignmentsClientGetResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, options) + if err != nil { + return WorkspaceManagerAssignmentsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *WorkspaceManagerAssignmentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, _ *WorkspaceManagerAssignmentsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *WorkspaceManagerAssignmentsClient) getHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentsClientGetResponse, error) { + result := WorkspaceManagerAssignmentsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerAssignment); err != nil { + return WorkspaceManagerAssignmentsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Get all workspace manager assignments for the Sentinel workspace manager. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - WorkspaceManagerAssignmentsClientListOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.NewListPager +// method. +func (client *WorkspaceManagerAssignmentsClient) NewListPager(resourceGroupName string, workspaceName string, options *WorkspaceManagerAssignmentsClientListOptions) *runtime.Pager[WorkspaceManagerAssignmentsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[WorkspaceManagerAssignmentsClientListResponse]{ + More: func(page WorkspaceManagerAssignmentsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *WorkspaceManagerAssignmentsClientListResponse) (WorkspaceManagerAssignmentsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "WorkspaceManagerAssignmentsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return WorkspaceManagerAssignmentsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *WorkspaceManagerAssignmentsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *WorkspaceManagerAssignmentsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *WorkspaceManagerAssignmentsClient) listHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentsClientListResponse, error) { + result := WorkspaceManagerAssignmentsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerAssignmentList); err != nil { + return WorkspaceManagerAssignmentsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerconfigurations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerconfigurations_client.go new file mode 100644 index 000000000000..f79b916dde96 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerconfigurations_client.go @@ -0,0 +1,320 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// WorkspaceManagerConfigurationsClient contains the methods for the WorkspaceManagerConfigurations group. +// Don't use this type directly, use NewWorkspaceManagerConfigurationsClient() instead. +type WorkspaceManagerConfigurationsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewWorkspaceManagerConfigurationsClient creates a new instance of WorkspaceManagerConfigurationsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewWorkspaceManagerConfigurationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WorkspaceManagerConfigurationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &WorkspaceManagerConfigurationsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a workspace manager configuration. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerConfigurationName - The name of the workspace manager configuration +// - workspaceManagerConfiguration - The workspace manager configuration +// - options - WorkspaceManagerConfigurationsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.CreateOrUpdate +// method. +func (client *WorkspaceManagerConfigurationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, workspaceManagerConfiguration WorkspaceManagerConfiguration, options *WorkspaceManagerConfigurationsClientCreateOrUpdateOptions) (WorkspaceManagerConfigurationsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "WorkspaceManagerConfigurationsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerConfigurationName, workspaceManagerConfiguration, options) + if err != nil { + return WorkspaceManagerConfigurationsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerConfigurationsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerConfigurationsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *WorkspaceManagerConfigurationsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, workspaceManagerConfiguration WorkspaceManagerConfiguration, _ *WorkspaceManagerConfigurationsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerConfigurationName == "" { + return nil, errors.New("parameter workspaceManagerConfigurationName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerConfigurationName}", url.PathEscape(workspaceManagerConfigurationName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, workspaceManagerConfiguration); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *WorkspaceManagerConfigurationsClient) createOrUpdateHandleResponse(resp *http.Response) (WorkspaceManagerConfigurationsClientCreateOrUpdateResponse, error) { + result := WorkspaceManagerConfigurationsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerConfiguration); err != nil { + return WorkspaceManagerConfigurationsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Deletes a workspace manager configuration +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerConfigurationName - The name of the workspace manager configuration +// - options - WorkspaceManagerConfigurationsClientDeleteOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.Delete +// method. +func (client *WorkspaceManagerConfigurationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, options *WorkspaceManagerConfigurationsClientDeleteOptions) (WorkspaceManagerConfigurationsClientDeleteResponse, error) { + var err error + const operationName = "WorkspaceManagerConfigurationsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerConfigurationName, options) + if err != nil { + return WorkspaceManagerConfigurationsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerConfigurationsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerConfigurationsClientDeleteResponse{}, err + } + return WorkspaceManagerConfigurationsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *WorkspaceManagerConfigurationsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, _ *WorkspaceManagerConfigurationsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerConfigurationName == "" { + return nil, errors.New("parameter workspaceManagerConfigurationName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerConfigurationName}", url.PathEscape(workspaceManagerConfigurationName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a workspace manager configuration +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerConfigurationName - The name of the workspace manager configuration +// - options - WorkspaceManagerConfigurationsClientGetOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.Get +// method. +func (client *WorkspaceManagerConfigurationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, options *WorkspaceManagerConfigurationsClientGetOptions) (WorkspaceManagerConfigurationsClientGetResponse, error) { + var err error + const operationName = "WorkspaceManagerConfigurationsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerConfigurationName, options) + if err != nil { + return WorkspaceManagerConfigurationsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerConfigurationsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerConfigurationsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *WorkspaceManagerConfigurationsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, _ *WorkspaceManagerConfigurationsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerConfigurationName == "" { + return nil, errors.New("parameter workspaceManagerConfigurationName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerConfigurationName}", url.PathEscape(workspaceManagerConfigurationName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *WorkspaceManagerConfigurationsClient) getHandleResponse(resp *http.Response) (WorkspaceManagerConfigurationsClientGetResponse, error) { + result := WorkspaceManagerConfigurationsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerConfiguration); err != nil { + return WorkspaceManagerConfigurationsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all workspace manager configurations for a Sentinel workspace. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - WorkspaceManagerConfigurationsClientListOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.NewListPager +// method. +func (client *WorkspaceManagerConfigurationsClient) NewListPager(resourceGroupName string, workspaceName string, options *WorkspaceManagerConfigurationsClientListOptions) *runtime.Pager[WorkspaceManagerConfigurationsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[WorkspaceManagerConfigurationsClientListResponse]{ + More: func(page WorkspaceManagerConfigurationsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *WorkspaceManagerConfigurationsClientListResponse) (WorkspaceManagerConfigurationsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "WorkspaceManagerConfigurationsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return WorkspaceManagerConfigurationsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *WorkspaceManagerConfigurationsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *WorkspaceManagerConfigurationsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *WorkspaceManagerConfigurationsClient) listHandleResponse(resp *http.Response) (WorkspaceManagerConfigurationsClientListResponse, error) { + result := WorkspaceManagerConfigurationsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerConfigurationList); err != nil { + return WorkspaceManagerConfigurationsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagergroups_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagergroups_client.go new file mode 100644 index 000000000000..9dad36c0dac6 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagergroups_client.go @@ -0,0 +1,320 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// WorkspaceManagerGroupsClient contains the methods for the WorkspaceManagerGroups group. +// Don't use this type directly, use NewWorkspaceManagerGroupsClient() instead. +type WorkspaceManagerGroupsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewWorkspaceManagerGroupsClient creates a new instance of WorkspaceManagerGroupsClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewWorkspaceManagerGroupsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WorkspaceManagerGroupsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &WorkspaceManagerGroupsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a workspace manager group. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerGroupName - The name of the workspace manager group +// - workspaceManagerGroup - The workspace manager group object +// - options - WorkspaceManagerGroupsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerGroupsClient.CreateOrUpdate +// method. +func (client *WorkspaceManagerGroupsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, workspaceManagerGroup WorkspaceManagerGroup, options *WorkspaceManagerGroupsClientCreateOrUpdateOptions) (WorkspaceManagerGroupsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "WorkspaceManagerGroupsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerGroupName, workspaceManagerGroup, options) + if err != nil { + return WorkspaceManagerGroupsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerGroupsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerGroupsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *WorkspaceManagerGroupsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, workspaceManagerGroup WorkspaceManagerGroup, _ *WorkspaceManagerGroupsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerGroupName == "" { + return nil, errors.New("parameter workspaceManagerGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerGroupName}", url.PathEscape(workspaceManagerGroupName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, workspaceManagerGroup); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *WorkspaceManagerGroupsClient) createOrUpdateHandleResponse(resp *http.Response) (WorkspaceManagerGroupsClientCreateOrUpdateResponse, error) { + result := WorkspaceManagerGroupsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerGroup); err != nil { + return WorkspaceManagerGroupsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Deletes a workspace manager group +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerGroupName - The name of the workspace manager group +// - options - WorkspaceManagerGroupsClientDeleteOptions contains the optional parameters for the WorkspaceManagerGroupsClient.Delete +// method. +func (client *WorkspaceManagerGroupsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, options *WorkspaceManagerGroupsClientDeleteOptions) (WorkspaceManagerGroupsClientDeleteResponse, error) { + var err error + const operationName = "WorkspaceManagerGroupsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerGroupName, options) + if err != nil { + return WorkspaceManagerGroupsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerGroupsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerGroupsClientDeleteResponse{}, err + } + return WorkspaceManagerGroupsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *WorkspaceManagerGroupsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, _ *WorkspaceManagerGroupsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerGroupName == "" { + return nil, errors.New("parameter workspaceManagerGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerGroupName}", url.PathEscape(workspaceManagerGroupName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a workspace manager group +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerGroupName - The name of the workspace manager group +// - options - WorkspaceManagerGroupsClientGetOptions contains the optional parameters for the WorkspaceManagerGroupsClient.Get +// method. +func (client *WorkspaceManagerGroupsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, options *WorkspaceManagerGroupsClientGetOptions) (WorkspaceManagerGroupsClientGetResponse, error) { + var err error + const operationName = "WorkspaceManagerGroupsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerGroupName, options) + if err != nil { + return WorkspaceManagerGroupsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerGroupsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerGroupsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *WorkspaceManagerGroupsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, _ *WorkspaceManagerGroupsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerGroupName == "" { + return nil, errors.New("parameter workspaceManagerGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerGroupName}", url.PathEscape(workspaceManagerGroupName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *WorkspaceManagerGroupsClient) getHandleResponse(resp *http.Response) (WorkspaceManagerGroupsClientGetResponse, error) { + result := WorkspaceManagerGroupsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerGroup); err != nil { + return WorkspaceManagerGroupsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all workspace manager groups in the Sentinel workspace manager +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - WorkspaceManagerGroupsClientListOptions contains the optional parameters for the WorkspaceManagerGroupsClient.NewListPager +// method. +func (client *WorkspaceManagerGroupsClient) NewListPager(resourceGroupName string, workspaceName string, options *WorkspaceManagerGroupsClientListOptions) *runtime.Pager[WorkspaceManagerGroupsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[WorkspaceManagerGroupsClientListResponse]{ + More: func(page WorkspaceManagerGroupsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *WorkspaceManagerGroupsClientListResponse) (WorkspaceManagerGroupsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "WorkspaceManagerGroupsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return WorkspaceManagerGroupsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *WorkspaceManagerGroupsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *WorkspaceManagerGroupsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *WorkspaceManagerGroupsClient) listHandleResponse(resp *http.Response) (WorkspaceManagerGroupsClientListResponse, error) { + result := WorkspaceManagerGroupsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerGroupList); err != nil { + return WorkspaceManagerGroupsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagermembers_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagermembers_client.go new file mode 100644 index 000000000000..d156f9d83e76 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagermembers_client.go @@ -0,0 +1,320 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// WorkspaceManagerMembersClient contains the methods for the WorkspaceManagerMembers group. +// Don't use this type directly, use NewWorkspaceManagerMembersClient() instead. +type WorkspaceManagerMembersClient struct { + internal *arm.Client + subscriptionID string +} + +// NewWorkspaceManagerMembersClient creates a new instance of WorkspaceManagerMembersClient with the specified values. +// - subscriptionID - The ID of the target subscription. The value must be an UUID. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewWorkspaceManagerMembersClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WorkspaceManagerMembersClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &WorkspaceManagerMembersClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a workspace manager member +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerMemberName - The name of the workspace manager member +// - workspaceManagerMember - The workspace manager member object +// - options - WorkspaceManagerMembersClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerMembersClient.CreateOrUpdate +// method. +func (client *WorkspaceManagerMembersClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, workspaceManagerMember WorkspaceManagerMember, options *WorkspaceManagerMembersClientCreateOrUpdateOptions) (WorkspaceManagerMembersClientCreateOrUpdateResponse, error) { + var err error + const operationName = "WorkspaceManagerMembersClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerMemberName, workspaceManagerMember, options) + if err != nil { + return WorkspaceManagerMembersClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerMembersClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerMembersClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *WorkspaceManagerMembersClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, workspaceManagerMember WorkspaceManagerMember, _ *WorkspaceManagerMembersClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerMemberName == "" { + return nil, errors.New("parameter workspaceManagerMemberName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerMemberName}", url.PathEscape(workspaceManagerMemberName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, workspaceManagerMember); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *WorkspaceManagerMembersClient) createOrUpdateHandleResponse(resp *http.Response) (WorkspaceManagerMembersClientCreateOrUpdateResponse, error) { + result := WorkspaceManagerMembersClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerMember); err != nil { + return WorkspaceManagerMembersClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Deletes a workspace manager member +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerMemberName - The name of the workspace manager member +// - options - WorkspaceManagerMembersClientDeleteOptions contains the optional parameters for the WorkspaceManagerMembersClient.Delete +// method. +func (client *WorkspaceManagerMembersClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, options *WorkspaceManagerMembersClientDeleteOptions) (WorkspaceManagerMembersClientDeleteResponse, error) { + var err error + const operationName = "WorkspaceManagerMembersClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerMemberName, options) + if err != nil { + return WorkspaceManagerMembersClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerMembersClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerMembersClientDeleteResponse{}, err + } + return WorkspaceManagerMembersClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *WorkspaceManagerMembersClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, _ *WorkspaceManagerMembersClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerMemberName == "" { + return nil, errors.New("parameter workspaceManagerMemberName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerMemberName}", url.PathEscape(workspaceManagerMemberName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a workspace manager member +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerMemberName - The name of the workspace manager member +// - options - WorkspaceManagerMembersClientGetOptions contains the optional parameters for the WorkspaceManagerMembersClient.Get +// method. +func (client *WorkspaceManagerMembersClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, options *WorkspaceManagerMembersClientGetOptions) (WorkspaceManagerMembersClientGetResponse, error) { + var err error + const operationName = "WorkspaceManagerMembersClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerMemberName, options) + if err != nil { + return WorkspaceManagerMembersClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerMembersClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerMembersClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *WorkspaceManagerMembersClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, _ *WorkspaceManagerMembersClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerMemberName == "" { + return nil, errors.New("parameter workspaceManagerMemberName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerMemberName}", url.PathEscape(workspaceManagerMemberName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *WorkspaceManagerMembersClient) getHandleResponse(resp *http.Response) (WorkspaceManagerMembersClientGetResponse, error) { + result := WorkspaceManagerMembersClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerMember); err != nil { + return WorkspaceManagerMembersClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all workspace manager members that exist for the given Sentinel workspace manager +// +// Generated from API version 2025-04-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - WorkspaceManagerMembersClientListOptions contains the optional parameters for the WorkspaceManagerMembersClient.NewListPager +// method. +func (client *WorkspaceManagerMembersClient) NewListPager(resourceGroupName string, workspaceName string, options *WorkspaceManagerMembersClientListOptions) *runtime.Pager[WorkspaceManagerMembersClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[WorkspaceManagerMembersClientListResponse]{ + More: func(page WorkspaceManagerMembersClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *WorkspaceManagerMembersClientListResponse) (WorkspaceManagerMembersClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "WorkspaceManagerMembersClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return WorkspaceManagerMembersClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *WorkspaceManagerMembersClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *WorkspaceManagerMembersClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2025-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *WorkspaceManagerMembersClient) listHandleResponse(resp *http.Response) (WorkspaceManagerMembersClientListResponse, error) { + result := WorkspaceManagerMembersClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerMembersList); err != nil { + return WorkspaceManagerMembersClientListResponse{}, err + } + return result, nil +}