diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/CHANGELOG.md b/sdk/resourcemanager/securityinsights/armsecurityinsights/CHANGELOG.md index 30bd23889197..ce080281d98a 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/CHANGELOG.md +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/CHANGELOG.md @@ -1,5 +1,393 @@ # Release History +## 2.0.0-beta.4 (2024-02-29) +### Breaking Changes + +- Function `*IncidentsClient.CreateTeam` parameter(s) have been changed from `(context.Context, string, string, string, TeamProperties, *IncidentsClientCreateTeamOptions)` to `(context.Context, string, string, string, TeamInformation, *IncidentsClientCreateTeamOptions)` +- Function `*SourceControlClient.NewListRepositoriesPager` parameter(s) have been changed from `(string, string, RepoType, *SourceControlClientListRepositoriesOptions)` to `(string, string, RepositoryAccessProperties, *SourceControlClientListRepositoriesOptions)` +- Function `*SourceControlsClient.Delete` parameter(s) have been changed from `(context.Context, string, string, string, *SourceControlsClientDeleteOptions)` to `(context.Context, string, string, string, RepositoryAccessProperties, *SourceControlsClientDeleteOptions)` +- Type of `AccountEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `AzureResourceEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `CloudApplicationEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `DNSEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `Entity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `EntityQueriesClientListOptions.Kind` has been changed from `*Enum13` to `*Enum21` +- Type of `EntityQueryTemplatesClientListOptions.Kind` has been changed from `*Enum15` to `*Enum23` +- Type of `ExpansionResultAggregation.EntityKind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `FileEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `FileHashEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `HostEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `HuntingBookmark.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `IPEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `IncidentEntitiesResultsMetadata.EntityKind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `IoTDeviceEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `MailClusterEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `MailMessageEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `MailboxEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `MalwareEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `MetadataProperties.Kind` has been changed from `*Kind` to `*string` +- Type of `MetadataPropertiesPatch.Kind` has been changed from `*Kind` to `*string` +- Type of `NicEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `ProcessEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `RegistryKeyEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `RegistryValueEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `SecurityAlert.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `SecurityGroupEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `SubmissionMailEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `ThreatIntelligenceIndicatorModel.Kind` has been changed from `*ThreatIntelligenceResourceKindEnum` to `*ThreatIntelligenceResourceInnerKind` +- Type of `ThreatIntelligenceInformation.Kind` has been changed from `*ThreatIntelligenceResourceKindEnum` to `*ThreatIntelligenceResourceInnerKind` +- Type of `ThreatIntelligenceSortingCriteria.SortOrder` has been changed from `*ThreatIntelligenceSortingCriteriaEnum` to `*ThreatIntelligenceSortingOrder` +- Type of `URLEntity.Kind` has been changed from `*EntityKind` to `*EntityKindEnum` +- Type of `Webhook.WebhookSecretUpdateTime` has been changed from `*string` to `*time.Time` +- `OperatorAND`, `OperatorOR` from enum `Operator` has been removed +- `RepoTypeDevOps` from enum `RepoType` has been removed +- Enum `EntityKind` has been removed +- Enum `Enum13` has been removed +- Enum `Enum15` has been removed +- Enum `ThreatIntelligenceResourceKindEnum` has been removed +- Enum `ThreatIntelligenceSortingCriteriaEnum` has been removed +- Struct `ContentPathMap` has been removed +- Struct `MSTIDataConnectorDataTypesBingSafetyPhishingURL` has been removed +- Struct `TeamProperties` has been removed +- Field `BingSafetyPhishingURL` of struct `MSTIDataConnectorDataTypes` has been removed +- Field `PathMapping` of struct `Repository` has been removed + +### Features Added + +- New value `ActionTypeAddIncidentTask` added to enum type `ActionType` +- New value `ContentTypeAutomationRule`, `ContentTypeHuntingQuery`, `ContentTypeParser`, `ContentTypePlaybook` added to enum type `ContentType` +- New value `DataConnectorKindGCP`, `DataConnectorKindMicrosoftPurviewInformationProtection`, `DataConnectorKindRestAPIPoller` added to enum type `DataConnectorKind` +- New value `OperatorAfterAbsolute`, `OperatorAfterRelative`, `OperatorArrayContains`, `OperatorArrayNotContains`, `OperatorBeforeAbsolute`, `OperatorBeforeRelative`, `OperatorEquals`, `OperatorGreaterThan`, `OperatorGreaterThanEqual`, `OperatorIsFalse`, `OperatorIsNull`, `OperatorIsTrue`, `OperatorLessThan`, `OperatorLessThanEqual`, `OperatorNotEquals`, `OperatorOnOrAfterAbsolute`, `OperatorOnOrAfterRelative`, `OperatorOnOrBeforeAbsolute`, `OperatorOnOrBeforeRelative`, `OperatorStringContains`, `OperatorStringEndsWith`, `OperatorStringIsEmpty`, `OperatorStringNotContains`, `OperatorStringNotEndsWith`, `OperatorStringNotStartsWith`, `OperatorStringStartsWith` added to enum type `Operator` +- New value `RepoTypeAzureDevOps` added to enum type `RepoType` +- New enum type `AlertProperty` with values `AlertPropertyAlertLink`, `AlertPropertyConfidenceLevel`, `AlertPropertyConfidenceScore`, `AlertPropertyExtendedLinks`, `AlertPropertyProductComponentName`, `AlertPropertyProductName`, `AlertPropertyProviderName`, `AlertPropertyRemediationSteps`, `AlertPropertySubTechniques`, `AlertPropertyTechniques` +- New enum type `BillingStatisticKind` with values `BillingStatisticKindSapSolutionUsage` +- New enum type `CcpAuthType` with values `CcpAuthTypeAPIKey`, `CcpAuthTypeAWS`, `CcpAuthTypeBasic`, `CcpAuthTypeGCP`, `CcpAuthTypeGitHub`, `CcpAuthTypeJwtToken`, `CcpAuthTypeNone`, `CcpAuthTypeOAuth2`, `CcpAuthTypeOracle`, `CcpAuthTypeServiceBus`, `CcpAuthTypeSession` +- New enum type `Connective` with values `ConnectiveAnd`, `ConnectiveOr` +- New enum type `DataConnectorDefinitionKind` with values `DataConnectorDefinitionKindCustomizable` +- New enum type `EnrichmentType` with values `EnrichmentTypeMain` +- New enum type `EntityKindEnum` with values `EntityKindEnumAccount`, `EntityKindEnumAzureResource`, `EntityKindEnumBookmark`, `EntityKindEnumCloudApplication`, `EntityKindEnumDNSResolution`, `EntityKindEnumFile`, `EntityKindEnumFileHash`, `EntityKindEnumHost`, `EntityKindEnumIP`, `EntityKindEnumIoTDevice`, `EntityKindEnumMailCluster`, `EntityKindEnumMailMessage`, `EntityKindEnumMailbox`, `EntityKindEnumMalware`, `EntityKindEnumNic`, `EntityKindEnumProcess`, `EntityKindEnumRegistryKey`, `EntityKindEnumRegistryValue`, `EntityKindEnumSecurityAlert`, `EntityKindEnumSecurityGroup`, `EntityKindEnumSubmissionMail`, `EntityKindEnumURL` +- New enum type `Enum21` with values `Enum21Activity`, `Enum21Expansion` +- New enum type `Enum23` with values `Enum23Activity` +- New enum type `Flag` with values `FlagFalse`, `FlagTrue` +- New enum type `HTTPMethodVerb` with values `HTTPMethodVerbDELETE`, `HTTPMethodVerbGET`, `HTTPMethodVerbPOST`, `HTTPMethodVerbPUT` +- New enum type `HypothesisStatus` with values `HypothesisStatusInvalidated`, `HypothesisStatusUnknown`, `HypothesisStatusValidated` +- New enum type `IncidentTaskStatus` with values `IncidentTaskStatusCompleted`, `IncidentTaskStatusNew` +- New enum type `Mode` with values `ModeDisabled`, `ModeEnabled` +- New enum type `MtpProvider` with values `MtpProviderMicrosoftDefenderForCloudApps`, `MtpProviderMicrosoftDefenderForIdentity` +- New enum type `PackageKind` with values `PackageKindSolution`, `PackageKindStandalone` +- New enum type `ProviderPermissionsScope` with values `ProviderPermissionsScopeResourceGroup`, `ProviderPermissionsScopeSubscription`, `ProviderPermissionsScopeWorkspace` +- New enum type `ProvisioningState` with values `ProvisioningStateAccepted`, `ProvisioningStateCanceled`, `ProvisioningStateFailed`, `ProvisioningStateInProgress`, `ProvisioningStateSucceeded` +- New enum type `RepositoryAccessKind` with values `RepositoryAccessKindApp`, `RepositoryAccessKindOAuth`, `RepositoryAccessKindPAT` +- New enum type `RestAPIPollerRequestPagingKind` with values `RestAPIPollerRequestPagingKindCountBasedPaging`, `RestAPIPollerRequestPagingKindLinkHeader`, `RestAPIPollerRequestPagingKindNextPageToken`, `RestAPIPollerRequestPagingKindNextPageURL`, `RestAPIPollerRequestPagingKindOffset`, `RestAPIPollerRequestPagingKindPersistentLinkHeader`, `RestAPIPollerRequestPagingKindPersistentToken` +- New enum type `SortingDirection` with values `SortingDirectionASC`, `SortingDirectionDESC` +- New enum type `State` with values `StateActive`, `StateCompletedBySystem`, `StateCompletedByUser`, `StateDismissed`, `StateInProgress` +- New enum type `Status` with values `StatusActive`, `StatusApproved`, `StatusBacklog`, `StatusClosed`, `StatusFailed`, `StatusInProgress`, `StatusNew`, `StatusSucceeded` +- New enum type `TIObjectKind` with values `TIObjectKindAttackPattern`, `TIObjectKindIdentity`, `TIObjectKindIndicator`, `TIObjectKindRelationship`, `TIObjectKindThreatActor` +- New enum type `ThreatIntelligenceResourceInnerKind` with values `ThreatIntelligenceResourceInnerKindIndicator` +- New enum type `ThreatIntelligenceSortingOrder` with values `ThreatIntelligenceSortingOrderAscending`, `ThreatIntelligenceSortingOrderDescending`, `ThreatIntelligenceSortingOrderUnsorted` +- New enum type `TiType` with values `TiTypeMain` +- New enum type `WarningCode` with values `WarningCodeSourceControlDeletedWithWarnings`, `WarningCodeSourceControlWarningDeletePipelineFromAzureDevOps`, `WarningCodeSourceControlWarningDeleteRoleAssignment`, `WarningCodeSourceControlWarningDeleteServicePrincipal`, `WarningCodeSourceControlWarningDeleteWorkflowAndSecretFromGitHub` +- New function `*APIKeyAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*AWSAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `NewAlertRuleClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AlertRuleClient, error)` +- New function `*AlertRuleClient.BeginTriggerRuleRun(context.Context, string, string, string, AnalyticsRuleRunTrigger, *AlertRuleClientBeginTriggerRuleRunOptions) (*runtime.Poller[AlertRuleClientTriggerRuleRunResponse], error)` +- New function `*AttackPattern.GetTIObject() *TIObject` +- New function `*AutomationRuleAddIncidentTaskAction.GetAutomationRuleAction() *AutomationRuleAction` +- New function `*BasicAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*BillingStatistic.GetBillingStatistic() *BillingStatistic` +- New function `NewBillingStatisticsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*BillingStatisticsClient, error)` +- New function `*BillingStatisticsClient.Get(context.Context, string, string, string, *BillingStatisticsClientGetOptions) (BillingStatisticsClientGetResponse, error)` +- New function `*BillingStatisticsClient.NewListPager(string, string, *BillingStatisticsClientListOptions) *runtime.Pager[BillingStatisticsClientListResponse]` +- New function `*CcpAuthConfig.GetCcpAuthConfig() *CcpAuthConfig` +- New function `NewClient(string, azcore.TokenCredential, *arm.ClientOptions) (*Client, error)` +- New function `*Client.ListGeodataByIP(context.Context, string, string, EnrichmentType, EnrichmentIPAddressBody, *ClientListGeodataByIPOptions) (ClientListGeodataByIPResponse, error)` +- New function `*Client.ListWhoisByDomain(context.Context, string, string, EnrichmentType, EnrichmentDomainBody, *ClientListWhoisByDomainOptions) (ClientListWhoisByDomainResponse, error)` +- New function `*ClientFactory.NewAlertRuleClient() *AlertRuleClient` +- New function `*ClientFactory.NewBillingStatisticsClient() *BillingStatisticsClient` +- New function `*ClientFactory.NewClient() *Client` +- New function `*ClientFactory.NewContentPackageClient() *ContentPackageClient` +- New function `*ClientFactory.NewContentPackagesClient() *ContentPackagesClient` +- New function `*ClientFactory.NewContentTemplateClient() *ContentTemplateClient` +- New function `*ClientFactory.NewContentTemplatesClient() *ContentTemplatesClient` +- New function `*ClientFactory.NewDataConnectorDefinitionsClient() *DataConnectorDefinitionsClient` +- New function `*ClientFactory.NewGetClient() *GetClient` +- New function `*ClientFactory.NewGetRecommendationsClient() *GetRecommendationsClient` +- New function `*ClientFactory.NewGetTriggeredAnalyticsRuleRunsClient() *GetTriggeredAnalyticsRuleRunsClient` +- New function `*ClientFactory.NewHuntCommentsClient() *HuntCommentsClient` +- New function `*ClientFactory.NewHuntRelationsClient() *HuntRelationsClient` +- New function `*ClientFactory.NewHuntsClient() *HuntsClient` +- New function `*ClientFactory.NewIncidentTasksClient() *IncidentTasksClient` +- New function `*ClientFactory.NewProductPackageClient() *ProductPackageClient` +- New function `*ClientFactory.NewProductPackagesClient() *ProductPackagesClient` +- New function `*ClientFactory.NewProductTemplateClient() *ProductTemplateClient` +- New function `*ClientFactory.NewProductTemplatesClient() *ProductTemplatesClient` +- New function `*ClientFactory.NewReevaluateClient() *ReevaluateClient` +- New function `*ClientFactory.NewThreatIntelligenceClient() *ThreatIntelligenceClient` +- New function `*ClientFactory.NewTriggeredAnalyticsRuleRunClient() *TriggeredAnalyticsRuleRunClient` +- New function `*ClientFactory.NewUpdateClient() *UpdateClient` +- New function `*ClientFactory.NewWorkspaceManagerAssignmentJobsClient() *WorkspaceManagerAssignmentJobsClient` +- New function `*ClientFactory.NewWorkspaceManagerAssignmentsClient() *WorkspaceManagerAssignmentsClient` +- New function `*ClientFactory.NewWorkspaceManagerConfigurationsClient() *WorkspaceManagerConfigurationsClient` +- New function `*ClientFactory.NewWorkspaceManagerGroupsClient() *WorkspaceManagerGroupsClient` +- New function `*ClientFactory.NewWorkspaceManagerMembersClient() *WorkspaceManagerMembersClient` +- New function `NewContentPackageClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ContentPackageClient, error)` +- New function `*ContentPackageClient.Install(context.Context, string, string, string, PackageModel, *ContentPackageClientInstallOptions) (ContentPackageClientInstallResponse, error)` +- New function `*ContentPackageClient.Uninstall(context.Context, string, string, string, *ContentPackageClientUninstallOptions) (ContentPackageClientUninstallResponse, error)` +- New function `NewContentPackagesClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ContentPackagesClient, error)` +- New function `*ContentPackagesClient.Get(context.Context, string, string, string, *ContentPackagesClientGetOptions) (ContentPackagesClientGetResponse, error)` +- New function `*ContentPackagesClient.NewListPager(string, string, *ContentPackagesClientListOptions) *runtime.Pager[ContentPackagesClientListResponse]` +- New function `NewContentTemplateClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ContentTemplateClient, error)` +- New function `*ContentTemplateClient.Delete(context.Context, string, string, string, *ContentTemplateClientDeleteOptions) (ContentTemplateClientDeleteResponse, error)` +- New function `*ContentTemplateClient.Get(context.Context, string, string, string, *ContentTemplateClientGetOptions) (ContentTemplateClientGetResponse, error)` +- New function `*ContentTemplateClient.Install(context.Context, string, string, string, TemplateModel, *ContentTemplateClientInstallOptions) (ContentTemplateClientInstallResponse, error)` +- New function `NewContentTemplatesClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ContentTemplatesClient, error)` +- New function `*ContentTemplatesClient.NewListPager(string, string, *ContentTemplatesClientListOptions) *runtime.Pager[ContentTemplatesClientListResponse]` +- New function `*CustomizableConnectorDefinition.GetDataConnectorDefinition() *DataConnectorDefinition` +- New function `*DataConnectorDefinition.GetDataConnectorDefinition() *DataConnectorDefinition` +- New function `NewDataConnectorDefinitionsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*DataConnectorDefinitionsClient, error)` +- New function `*DataConnectorDefinitionsClient.CreateOrUpdate(context.Context, string, string, string, DataConnectorDefinitionClassification, *DataConnectorDefinitionsClientCreateOrUpdateOptions) (DataConnectorDefinitionsClientCreateOrUpdateResponse, error)` +- New function `*DataConnectorDefinitionsClient.Delete(context.Context, string, string, string, *DataConnectorDefinitionsClientDeleteOptions) (DataConnectorDefinitionsClientDeleteResponse, error)` +- New function `*DataConnectorDefinitionsClient.Get(context.Context, string, string, string, *DataConnectorDefinitionsClientGetOptions) (DataConnectorDefinitionsClientGetResponse, error)` +- New function `*DataConnectorDefinitionsClient.NewListPager(string, string, *DataConnectorDefinitionsClientListOptions) *runtime.Pager[DataConnectorDefinitionsClientListResponse]` +- New function `*EntitiesClient.RunPlaybook(context.Context, string, string, string, *EntitiesClientRunPlaybookOptions) (EntitiesClientRunPlaybookResponse, error)` +- New function `*GCPAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*GCPDataConnector.GetDataConnector() *DataConnector` +- New function `*GenericBlobSbsAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `NewGetClient(string, azcore.TokenCredential, *arm.ClientOptions) (*GetClient, error)` +- New function `*GetClient.SingleRecommendation(context.Context, string, string, string, *GetClientSingleRecommendationOptions) (GetClientSingleRecommendationResponse, error)` +- New function `NewGetRecommendationsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*GetRecommendationsClient, error)` +- New function `*GetRecommendationsClient.List(context.Context, string, string, *GetRecommendationsClientListOptions) (GetRecommendationsClientListResponse, error)` +- New function `NewGetTriggeredAnalyticsRuleRunsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*GetTriggeredAnalyticsRuleRunsClient, error)` +- New function `*GetTriggeredAnalyticsRuleRunsClient.NewListPager(string, string, *GetTriggeredAnalyticsRuleRunsClientListOptions) *runtime.Pager[GetTriggeredAnalyticsRuleRunsClientListResponse]` +- New function `*GitHubAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `NewHuntCommentsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*HuntCommentsClient, error)` +- New function `*HuntCommentsClient.CreateOrUpdate(context.Context, string, string, string, string, HuntComment, *HuntCommentsClientCreateOrUpdateOptions) (HuntCommentsClientCreateOrUpdateResponse, error)` +- New function `*HuntCommentsClient.Delete(context.Context, string, string, string, string, *HuntCommentsClientDeleteOptions) (HuntCommentsClientDeleteResponse, error)` +- New function `*HuntCommentsClient.Get(context.Context, string, string, string, string, *HuntCommentsClientGetOptions) (HuntCommentsClientGetResponse, error)` +- New function `*HuntCommentsClient.NewListPager(string, string, string, *HuntCommentsClientListOptions) *runtime.Pager[HuntCommentsClientListResponse]` +- New function `NewHuntRelationsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*HuntRelationsClient, error)` +- New function `*HuntRelationsClient.CreateOrUpdate(context.Context, string, string, string, string, HuntRelation, *HuntRelationsClientCreateOrUpdateOptions) (HuntRelationsClientCreateOrUpdateResponse, error)` +- New function `*HuntRelationsClient.Delete(context.Context, string, string, string, string, *HuntRelationsClientDeleteOptions) (HuntRelationsClientDeleteResponse, error)` +- New function `*HuntRelationsClient.Get(context.Context, string, string, string, string, *HuntRelationsClientGetOptions) (HuntRelationsClientGetResponse, error)` +- New function `*HuntRelationsClient.NewListPager(string, string, string, *HuntRelationsClientListOptions) *runtime.Pager[HuntRelationsClientListResponse]` +- New function `NewHuntsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*HuntsClient, error)` +- New function `*HuntsClient.CreateOrUpdate(context.Context, string, string, string, Hunt, *HuntsClientCreateOrUpdateOptions) (HuntsClientCreateOrUpdateResponse, error)` +- New function `*HuntsClient.Delete(context.Context, string, string, string, *HuntsClientDeleteOptions) (HuntsClientDeleteResponse, error)` +- New function `*HuntsClient.Get(context.Context, string, string, string, *HuntsClientGetOptions) (HuntsClientGetResponse, error)` +- New function `*HuntsClient.NewListPager(string, string, *HuntsClientListOptions) *runtime.Pager[HuntsClientListResponse]` +- New function `*Identity.GetTIObject() *TIObject` +- New function `NewIncidentTasksClient(string, azcore.TokenCredential, *arm.ClientOptions) (*IncidentTasksClient, error)` +- New function `*IncidentTasksClient.CreateOrUpdate(context.Context, string, string, string, string, IncidentTask, *IncidentTasksClientCreateOrUpdateOptions) (IncidentTasksClientCreateOrUpdateResponse, error)` +- New function `*IncidentTasksClient.Delete(context.Context, string, string, string, string, *IncidentTasksClientDeleteOptions) (IncidentTasksClientDeleteResponse, error)` +- New function `*IncidentTasksClient.Get(context.Context, string, string, string, string, *IncidentTasksClientGetOptions) (IncidentTasksClientGetResponse, error)` +- New function `*IncidentTasksClient.NewListPager(string, string, string, *IncidentTasksClientListOptions) *runtime.Pager[IncidentTasksClientListResponse]` +- New function `*Indicator.GetTIObject() *TIObject` +- New function `*JwtAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*MicrosoftPurviewInformationProtectionCheckRequirements.GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements` +- New function `*MicrosoftPurviewInformationProtectionDataConnector.GetDataConnector() *DataConnector` +- New function `*OAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*OracleAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `NewProductPackageClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ProductPackageClient, error)` +- New function `*ProductPackageClient.Get(context.Context, string, string, string, *ProductPackageClientGetOptions) (ProductPackageClientGetResponse, error)` +- New function `NewProductPackagesClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ProductPackagesClient, error)` +- New function `*ProductPackagesClient.NewListPager(string, string, *ProductPackagesClientListOptions) *runtime.Pager[ProductPackagesClientListResponse]` +- New function `NewProductTemplateClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ProductTemplateClient, error)` +- New function `*ProductTemplateClient.Get(context.Context, string, string, string, *ProductTemplateClientGetOptions) (ProductTemplateClientGetResponse, error)` +- New function `NewProductTemplatesClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ProductTemplatesClient, error)` +- New function `*ProductTemplatesClient.NewListPager(string, string, *ProductTemplatesClientListOptions) *runtime.Pager[ProductTemplatesClientListResponse]` +- New function `NewReevaluateClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ReevaluateClient, error)` +- New function `*ReevaluateClient.Recommendation(context.Context, string, string, string, *ReevaluateClientRecommendationOptions) (ReevaluateClientRecommendationResponse, error)` +- New function `*Relationship.GetTIObject() *TIObject` +- New function `*RestAPIPollerDataConnector.GetDataConnector() *DataConnector` +- New function `*SapSolutionUsageStatistic.GetBillingStatistic() *BillingStatistic` +- New function `*SessionAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New function `*TIObject.GetTIObject() *TIObject` +- New function `*ThreatActor.GetTIObject() *TIObject` +- New function `NewThreatIntelligenceClient(string, azcore.TokenCredential, *arm.ClientOptions) (*ThreatIntelligenceClient, error)` +- New function `*ThreatIntelligenceClient.Count(context.Context, string, string, TiType, *ThreatIntelligenceClientCountOptions) (ThreatIntelligenceClientCountResponse, error)` +- New function `*ThreatIntelligenceClient.NewQueryPager(string, string, TiType, *ThreatIntelligenceClientQueryOptions) *runtime.Pager[ThreatIntelligenceClientQueryResponse]` +- New function `NewTriggeredAnalyticsRuleRunClient(string, azcore.TokenCredential, *arm.ClientOptions) (*TriggeredAnalyticsRuleRunClient, error)` +- New function `*TriggeredAnalyticsRuleRunClient.Get(context.Context, string, string, string, *TriggeredAnalyticsRuleRunClientGetOptions) (TriggeredAnalyticsRuleRunClientGetResponse, error)` +- New function `NewUpdateClient(string, azcore.TokenCredential, *arm.ClientOptions) (*UpdateClient, error)` +- New function `*UpdateClient.Recommendation(context.Context, string, string, string, RecommendationPatch, *UpdateClientRecommendationOptions) (UpdateClientRecommendationResponse, error)` +- New function `NewWorkspaceManagerAssignmentJobsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*WorkspaceManagerAssignmentJobsClient, error)` +- New function `*WorkspaceManagerAssignmentJobsClient.Create(context.Context, string, string, string, *WorkspaceManagerAssignmentJobsClientCreateOptions) (WorkspaceManagerAssignmentJobsClientCreateResponse, error)` +- New function `*WorkspaceManagerAssignmentJobsClient.Delete(context.Context, string, string, string, string, *WorkspaceManagerAssignmentJobsClientDeleteOptions) (WorkspaceManagerAssignmentJobsClientDeleteResponse, error)` +- New function `*WorkspaceManagerAssignmentJobsClient.Get(context.Context, string, string, string, string, *WorkspaceManagerAssignmentJobsClientGetOptions) (WorkspaceManagerAssignmentJobsClientGetResponse, error)` +- New function `*WorkspaceManagerAssignmentJobsClient.NewListPager(string, string, string, *WorkspaceManagerAssignmentJobsClientListOptions) *runtime.Pager[WorkspaceManagerAssignmentJobsClientListResponse]` +- New function `NewWorkspaceManagerAssignmentsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*WorkspaceManagerAssignmentsClient, error)` +- New function `*WorkspaceManagerAssignmentsClient.CreateOrUpdate(context.Context, string, string, string, WorkspaceManagerAssignment, *WorkspaceManagerAssignmentsClientCreateOrUpdateOptions) (WorkspaceManagerAssignmentsClientCreateOrUpdateResponse, error)` +- New function `*WorkspaceManagerAssignmentsClient.Delete(context.Context, string, string, string, *WorkspaceManagerAssignmentsClientDeleteOptions) (WorkspaceManagerAssignmentsClientDeleteResponse, error)` +- New function `*WorkspaceManagerAssignmentsClient.Get(context.Context, string, string, string, *WorkspaceManagerAssignmentsClientGetOptions) (WorkspaceManagerAssignmentsClientGetResponse, error)` +- New function `*WorkspaceManagerAssignmentsClient.NewListPager(string, string, *WorkspaceManagerAssignmentsClientListOptions) *runtime.Pager[WorkspaceManagerAssignmentsClientListResponse]` +- New function `NewWorkspaceManagerConfigurationsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*WorkspaceManagerConfigurationsClient, error)` +- New function `*WorkspaceManagerConfigurationsClient.CreateOrUpdate(context.Context, string, string, string, WorkspaceManagerConfiguration, *WorkspaceManagerConfigurationsClientCreateOrUpdateOptions) (WorkspaceManagerConfigurationsClientCreateOrUpdateResponse, error)` +- New function `*WorkspaceManagerConfigurationsClient.Delete(context.Context, string, string, string, *WorkspaceManagerConfigurationsClientDeleteOptions) (WorkspaceManagerConfigurationsClientDeleteResponse, error)` +- New function `*WorkspaceManagerConfigurationsClient.Get(context.Context, string, string, string, *WorkspaceManagerConfigurationsClientGetOptions) (WorkspaceManagerConfigurationsClientGetResponse, error)` +- New function `*WorkspaceManagerConfigurationsClient.NewListPager(string, string, *WorkspaceManagerConfigurationsClientListOptions) *runtime.Pager[WorkspaceManagerConfigurationsClientListResponse]` +- New function `NewWorkspaceManagerGroupsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*WorkspaceManagerGroupsClient, error)` +- New function `*WorkspaceManagerGroupsClient.CreateOrUpdate(context.Context, string, string, string, WorkspaceManagerGroup, *WorkspaceManagerGroupsClientCreateOrUpdateOptions) (WorkspaceManagerGroupsClientCreateOrUpdateResponse, error)` +- New function `*WorkspaceManagerGroupsClient.Delete(context.Context, string, string, string, *WorkspaceManagerGroupsClientDeleteOptions) (WorkspaceManagerGroupsClientDeleteResponse, error)` +- New function `*WorkspaceManagerGroupsClient.Get(context.Context, string, string, string, *WorkspaceManagerGroupsClientGetOptions) (WorkspaceManagerGroupsClientGetResponse, error)` +- New function `*WorkspaceManagerGroupsClient.NewListPager(string, string, *WorkspaceManagerGroupsClientListOptions) *runtime.Pager[WorkspaceManagerGroupsClientListResponse]` +- New function `NewWorkspaceManagerMembersClient(string, azcore.TokenCredential, *arm.ClientOptions) (*WorkspaceManagerMembersClient, error)` +- New function `*WorkspaceManagerMembersClient.CreateOrUpdate(context.Context, string, string, string, WorkspaceManagerMember, *WorkspaceManagerMembersClientCreateOrUpdateOptions) (WorkspaceManagerMembersClientCreateOrUpdateResponse, error)` +- New function `*WorkspaceManagerMembersClient.Delete(context.Context, string, string, string, *WorkspaceManagerMembersClientDeleteOptions) (WorkspaceManagerMembersClientDeleteResponse, error)` +- New function `*WorkspaceManagerMembersClient.Get(context.Context, string, string, string, *WorkspaceManagerMembersClientGetOptions) (WorkspaceManagerMembersClientGetResponse, error)` +- New function `*WorkspaceManagerMembersClient.NewListPager(string, string, *WorkspaceManagerMembersClientListOptions) *runtime.Pager[WorkspaceManagerMembersClientListResponse]` +- New function `*NoneAuthModel.GetCcpAuthConfig() *CcpAuthConfig` +- New struct `APIKeyAuthModel` +- New struct `AWSAuthModel` +- New struct `AddIncidentTaskActionProperties` +- New struct `AlertPropertyMapping` +- New struct `AnalyticsRuleRunTrigger` +- New struct `AnalyticsRuleRunTriggerProperties` +- New struct `AssignmentItem` +- New struct `AttackPattern` +- New struct `AutomationRuleAddIncidentTaskAction` +- New struct `BasicAuthModel` +- New struct `BillingStatisticList` +- New struct `CcpResponseConfig` +- New struct `ConditionClause` +- New struct `ConditionProperties` +- New struct `ConnectivityCriterion` +- New struct `ConnectorDataType` +- New struct `ConnectorDefinitionsAvailability` +- New struct `ConnectorDefinitionsPermissions` +- New struct `ConnectorDefinitionsResourceProvider` +- New struct `CustomPermissionDetails` +- New struct `CustomizableConnectionsConfig` +- New struct `CustomizableConnectorDefinition` +- New struct `CustomizableConnectorDefinitionProperties` +- New struct `CustomizableConnectorUIConfig` +- New struct `DCRConfiguration` +- New struct `DataConnectorDefinitionArmCollectionWrapper` +- New struct `EnrichmentDomainBody` +- New struct `EnrichmentIPAddressBody` +- New struct `EnrichmentIPGeodataAutoGenerated` +- New struct `EntityManualTriggerRequestBody` +- New struct `Error` +- New struct `GCPAuthModel` +- New struct `GCPAuthProperties` +- New struct `GCPDataConnector` +- New struct `GCPDataConnectorProperties` +- New struct `GCPRequestProperties` +- New struct `GenericBlobSbsAuthModel` +- New struct `GitHubAuthModel` +- New struct `GraphQuery` +- New struct `Hunt` +- New struct `HuntComment` +- New struct `HuntCommentList` +- New struct `HuntCommentProperties` +- New struct `HuntList` +- New struct `HuntOwner` +- New struct `HuntProperties` +- New struct `HuntRelation` +- New struct `HuntRelationList` +- New struct `HuntRelationProperties` +- New struct `Identity` +- New struct `IncidentTask` +- New struct `IncidentTaskList` +- New struct `IncidentTaskProperties` +- New struct `Indicator` +- New struct `IndicatorObservablesItem` +- New struct `InstructionStep` +- New struct `InstructionStepDetails` +- New struct `Job` +- New struct `JobItem` +- New struct `JobList` +- New struct `JobProperties` +- New struct `JwtAuthModel` +- New struct `MTPDataConnectorDataTypesAlerts` +- New struct `MicrosoftPurviewInformationProtectionCheckRequirements` +- New struct `MicrosoftPurviewInformationProtectionCheckRequirementsProperties` +- New struct `MicrosoftPurviewInformationProtectionConnectorDataTypes` +- New struct `MicrosoftPurviewInformationProtectionConnectorDataTypesLogs` +- New struct `MicrosoftPurviewInformationProtectionDataConnector` +- New struct `MicrosoftPurviewInformationProtectionDataConnectorProperties` +- New struct `MtpFilteredProviders` +- New struct `NoneAuthModel` +- New struct `OAuthModel` +- New struct `OracleAuthModel` +- New struct `PackageList` +- New struct `PackageModel` +- New struct `PackageProperties` +- New struct `ProductPackageList` +- New struct `ProductPackageModel` +- New struct `ProductPackageProperties` +- New struct `ProductTemplateList` +- New struct `ProductTemplateModel` +- New struct `ProductTemplateProperties` +- New struct `PullRequest` +- New struct `Query` +- New struct `QueryAutoGenerated` +- New struct `QueryCondition` +- New struct `QueryProperties` +- New struct `QuerySortBy` +- New struct `Recommendation` +- New struct `RecommendationList` +- New struct `RecommendationPatch` +- New struct `RecommendationPatchProperties` +- New struct `RecommendationProperties` +- New struct `RecommendedSuggestion` +- New struct `ReevaluateResponse` +- New struct `Relationship` +- New struct `RelationshipHint` +- New struct `RepositoryAccess` +- New struct `RepositoryAccessObject` +- New struct `RepositoryAccessProperties` +- New struct `ResourceProviderRequiredPermissions` +- New struct `RestAPIPollerDataConnector` +- New struct `RestAPIPollerDataConnectorProperties` +- New struct `RestAPIPollerRequestConfig` +- New struct `RestAPIPollerRequestPagingConfig` +- New struct `SapSolutionUsageStatistic` +- New struct `SapSolutionUsageStatisticProperties` +- New struct `SentinelEntityMapping` +- New struct `ServicePrincipal` +- New struct `SessionAuthModel` +- New struct `TIObjectCommonProperties` +- New struct `TemplateList` +- New struct `TemplateModel` +- New struct `TemplateProperties` +- New struct `ThreatActor` +- New struct `ThreatIntelligenceCount` +- New struct `ThreatIntelligenceList` +- New struct `TriggeredAnalyticsRuleRun` +- New struct `TriggeredAnalyticsRuleRunProperties` +- New struct `TriggeredAnalyticsRuleRuns` +- New struct `UserInfoAutoGenerated` +- New struct `Warning` +- New struct `WarningBody` +- New struct `WorkspaceManagerAssignment` +- New struct `WorkspaceManagerAssignmentList` +- New struct `WorkspaceManagerAssignmentProperties` +- New struct `WorkspaceManagerConfiguration` +- New struct `WorkspaceManagerConfigurationList` +- New struct `WorkspaceManagerConfigurationProperties` +- New struct `WorkspaceManagerGroup` +- New struct `WorkspaceManagerGroupList` +- New struct `WorkspaceManagerGroupProperties` +- New struct `WorkspaceManagerMember` +- New struct `WorkspaceManagerMemberProperties` +- New struct `WorkspaceManagerMembersList` +- New field `AlertDynamicProperties` in struct `AlertDetailsOverride` +- New field `SubTechniques` in struct `FusionAlertRuleProperties` +- New field `SubTechniques` in struct `FusionAlertRuleTemplateProperties` +- New field `SubTechniques` in struct `MLBehaviorAnalyticsAlertRuleProperties` +- New field `Alerts` in struct `MTPDataConnectorDataTypes` +- New field `FilteredProviders` in struct `MTPDataConnectorProperties` +- New field `SentinelEntitiesMappings`, `SubTechniques` in struct `NrtAlertRuleProperties` +- New field `SentinelEntitiesMappings` in struct `NrtAlertRuleTemplateProperties` +- New field `InstallationID` in struct `Repo` +- New field `SentinelEntitiesMappings`, `SubTechniques` in struct `ScheduledAlertRuleProperties` +- New field `SentinelEntitiesMappings`, `SubTechniques` in struct `ScheduledAlertRuleTemplateProperties` +- New field `Intent`, `Techniques` in struct `SecurityAlertTimelineItem` +- New field `PullRequest`, `RepositoryAccess`, `ServicePrincipal` in struct `SourceControlProperties` +- New anonymous field `Warning` in struct `SourceControlsClientDeleteResponse` +- New field `SubTechniques` in struct `ThreatIntelligenceAlertRuleProperties` + + ## 1.2.0 (2023-11-24) ### Features Added diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/README.md b/sdk/resourcemanager/securityinsights/armsecurityinsights/README.md index c0ed49fc5de0..652cb4339dea 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/README.md +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/README.md @@ -1,6 +1,6 @@ # Azure Security Insight Module for Go -[![PkgGoDev](https://pkg.go.dev/badge/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights)](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights) +[![PkgGoDev](https://pkg.go.dev/badge/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2)](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2) The `armsecurityinsights` module provides operations for working with Azure Security Insight. @@ -20,7 +20,7 @@ This project uses [Go modules](https://github.com/golang/go/wiki/Modules) for ve Install the Azure Security Insight module: ```sh -go get github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights +go get github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2 ``` ## Authorization @@ -57,7 +57,7 @@ clientFactory, err := armsecurityinsights.NewClientFactory(, cr A client groups a set of related APIs, providing access to its functionality. Create one or more clients to access the APIs you require using client factory. ```go -client := clientFactory.NewEntityQueriesClient() +client := clientFactory.NewActionsClient() ``` ## Fakes diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client.go index 72a154e151ad..93920a12182b 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client.go @@ -46,7 +46,7 @@ func NewActionsClient(subscriptionID string, credential azcore.TokenCredential, // CreateOrUpdate - Creates or updates the action of alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -103,7 +103,7 @@ func (client *ActionsClient) createOrUpdateCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, action); err != nil { @@ -124,7 +124,7 @@ func (client *ActionsClient) createOrUpdateHandleResponse(resp *http.Response) ( // Delete - Delete the action of alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -179,7 +179,7 @@ func (client *ActionsClient) deleteCreateRequest(ctx context.Context, resourceGr return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -188,7 +188,7 @@ func (client *ActionsClient) deleteCreateRequest(ctx context.Context, resourceGr // Get - Gets the action of alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -244,7 +244,7 @@ func (client *ActionsClient) getCreateRequest(ctx context.Context, resourceGroup return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -261,7 +261,7 @@ func (client *ActionsClient) getHandleResponse(resp *http.Response) (ActionsClie // NewListByAlertRulePager - Gets all actions of alert rule. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -314,7 +314,7 @@ func (client *ActionsClient) listByAlertRuleCreateRequest(ctx context.Context, r return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client_example_test.go deleted file mode 100644 index eed851d2ac81..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/actions_client_example_test.go +++ /dev/null @@ -1,140 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/actions/GetAllActionsByAlertRule.json -func ExampleActionsClient_NewListByAlertRulePager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewActionsClient().NewListByAlertRulePager("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.ActionsList = armsecurityinsights.ActionsList{ - // Value: []*armsecurityinsights.ActionResponse{ - // { - // Name: to.Ptr("912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules/actions"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5/actions/912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.ActionResponseProperties{ - // LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/MyAlerts"), - // WorkflowID: to.Ptr("cd3765391efd48549fd7681ded1d48d7"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/actions/GetActionOfAlertRuleById.json -func ExampleActionsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewActionsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "912bec42-cb66-4c03-ac63-1761b6898c3e", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.ActionResponse = armsecurityinsights.ActionResponse{ - // Name: to.Ptr("912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules/actions"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5/actions/912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.ActionResponseProperties{ - // LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/MyAlerts"), - // WorkflowID: to.Ptr("cd3765391efd48549fd7681ded1d48d7"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/actions/CreateActionOfAlertRule.json -func ExampleActionsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewActionsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "912bec42-cb66-4c03-ac63-1761b6898c3e", armsecurityinsights.ActionRequest{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.ActionRequestProperties{ - LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/MyAlerts"), - TriggerURI: to.Ptr("https://prod-31.northcentralus.logic.azure.com:443/workflows/cd3765391efd48549fd7681ded1d48d7/triggers/manual/paths/invoke?api-version=2016-10-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=signature"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.ActionResponse = armsecurityinsights.ActionResponse{ - // Name: to.Ptr("912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules/actions"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5/actions/912bec42-cb66-4c03-ac63-1761b6898c3e"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.ActionResponseProperties{ - // LogicAppResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.Logic/workflows/MyAlerts"), - // WorkflowID: to.Ptr("cd3765391efd48549fd7681ded1d48d7"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/actions/DeleteActionOfAlertRule.json -func ExampleActionsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewActionsClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "912bec42-cb66-4c03-ac63-1761b6898c3e", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrule_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrule_client.go new file mode 100644 index 000000000000..0b4ad49c1349 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrule_client.go @@ -0,0 +1,130 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AlertRuleClient contains the methods for the AlertRule group. +// Don't use this type directly, use NewAlertRuleClient() instead. +type AlertRuleClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAlertRuleClient creates a new instance of AlertRuleClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAlertRuleClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AlertRuleClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AlertRuleClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// BeginTriggerRuleRun - triggers analytics rule run +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - ruleID - Alert rule ID +// - analyticsRuleRunTriggerParameter - The Analytics Rule Run Trigger parameter +// - options - AlertRuleClientBeginTriggerRuleRunOptions contains the optional parameters for the AlertRuleClient.BeginTriggerRuleRun +// method. +func (client *AlertRuleClient) BeginTriggerRuleRun(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, analyticsRuleRunTriggerParameter AnalyticsRuleRunTrigger, options *AlertRuleClientBeginTriggerRuleRunOptions) (*runtime.Poller[AlertRuleClientTriggerRuleRunResponse], error) { + if options == nil || options.ResumeToken == "" { + resp, err := client.triggerRuleRun(ctx, resourceGroupName, workspaceName, ruleID, analyticsRuleRunTriggerParameter, options) + if err != nil { + return nil, err + } + poller, err := runtime.NewPoller(resp, client.internal.Pipeline(), &runtime.NewPollerOptions[AlertRuleClientTriggerRuleRunResponse]{ + FinalStateVia: runtime.FinalStateViaLocation, + Tracer: client.internal.Tracer(), + }) + return poller, err + } else { + return runtime.NewPollerFromResumeToken(options.ResumeToken, client.internal.Pipeline(), &runtime.NewPollerFromResumeTokenOptions[AlertRuleClientTriggerRuleRunResponse]{ + Tracer: client.internal.Tracer(), + }) + } +} + +// TriggerRuleRun - triggers analytics rule run +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +func (client *AlertRuleClient) triggerRuleRun(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, analyticsRuleRunTriggerParameter AnalyticsRuleRunTrigger, options *AlertRuleClientBeginTriggerRuleRunOptions) (*http.Response, error) { + var err error + const operationName = "AlertRuleClient.BeginTriggerRuleRun" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.triggerRuleRunCreateRequest(ctx, resourceGroupName, workspaceName, ruleID, analyticsRuleRunTriggerParameter, options) + if err != nil { + return nil, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return nil, err + } + if !runtime.HasStatusCode(httpResp, http.StatusAccepted) { + err = runtime.NewResponseError(httpResp) + return nil, err + } + return httpResp, nil +} + +// triggerRuleRunCreateRequest creates the TriggerRuleRun request. +func (client *AlertRuleClient) triggerRuleRunCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, analyticsRuleRunTriggerParameter AnalyticsRuleRunTrigger, options *AlertRuleClientBeginTriggerRuleRunOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/triggerRuleRun" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if ruleID == "" { + return nil, errors.New("parameter ruleID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{ruleId}", url.PathEscape(ruleID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, analyticsRuleRunTriggerParameter); err != nil { + return nil, err + } + return req, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client.go index e287783d9bca..ecab48598a31 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client.go @@ -46,7 +46,7 @@ func NewAlertRulesClient(subscriptionID string, credential azcore.TokenCredentia // CreateOrUpdate - Creates or updates the alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -99,7 +99,7 @@ func (client *AlertRulesClient) createOrUpdateCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, alertRule); err != nil { @@ -120,7 +120,7 @@ func (client *AlertRulesClient) createOrUpdateHandleResponse(resp *http.Response // Delete - Delete the alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -170,7 +170,7 @@ func (client *AlertRulesClient) deleteCreateRequest(ctx context.Context, resourc return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -179,7 +179,7 @@ func (client *AlertRulesClient) deleteCreateRequest(ctx context.Context, resourc // Get - Gets the alert rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - ruleID - Alert rule ID @@ -230,7 +230,7 @@ func (client *AlertRulesClient) getCreateRequest(ctx context.Context, resourceGr return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -247,7 +247,7 @@ func (client *AlertRulesClient) getHandleResponse(resp *http.Response) (AlertRul // NewListPager - Gets all alert rules. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - AlertRulesClientListOptions contains the optional parameters for the AlertRulesClient.NewListPager method. @@ -294,7 +294,7 @@ func (client *AlertRulesClient) listCreateRequest(ctx context.Context, resourceG return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client_example_test.go deleted file mode 100644 index 2aaaf251864b..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertrules_client_example_test.go +++ /dev/null @@ -1,577 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/alertRules/GetAllAlertRules.json -func ExampleAlertRulesClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewAlertRulesClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.AlertRulesList = armsecurityinsights.AlertRulesList{ - // Value: []armsecurityinsights.AlertRuleClassification{ - // &armsecurityinsights.ScheduledAlertRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - // Properties: &armsecurityinsights.ScheduledAlertRuleProperties{ - // AlertDetailsOverride: &armsecurityinsights.AlertDetailsOverride{ - // AlertDescriptionFormat: to.Ptr("Suspicious activity was made by {{ComputerIP}}"), - // AlertDisplayNameFormat: to.Ptr("Alert from {{Computer}}"), - // }, - // CustomDetails: map[string]*string{ - // "OperatingSystemName": to.Ptr("OSName"), - // "OperatingSystemType": to.Ptr("OSType"), - // }, - // EntityMappings: []*armsecurityinsights.EntityMapping{ - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeHost), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("Computer"), - // Identifier: to.Ptr("FullName"), - // }}, - // }, - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeIP), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("ComputerIP"), - // Identifier: to.Ptr("Address"), - // }}, - // }}, - // EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - // AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - // }, - // Query: to.Ptr("Heartbeat"), - // QueryFrequency: to.Ptr("PT1H"), - // QueryPeriod: to.Ptr("P2DT1H30M"), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - // TriggerThreshold: to.Ptr[int32](0), - // Description: to.Ptr("An example for a scheduled rule"), - // DisplayName: to.Ptr("My scheduled rule"), - // Enabled: to.Ptr(true), - // IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - // CreateIncident: to.Ptr(true), - // GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - // Enabled: to.Ptr(true), - // GroupByAlertDetails: []*armsecurityinsights.AlertDetail{ - // to.Ptr(armsecurityinsights.AlertDetailDisplayName)}, - // GroupByCustomDetails: []*string{ - // to.Ptr("OperatingSystemType"), - // to.Ptr("OperatingSystemName")}, - // GroupByEntities: []*armsecurityinsights.EntityMappingType{ - // to.Ptr(armsecurityinsights.EntityMappingTypeHost)}, - // LookbackDuration: to.Ptr("PT5H"), - // MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - // ReopenClosedIncident: to.Ptr(false), - // }, - // }, - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-01T13:17:30.000Z"); return t}()), - // SuppressionDuration: to.Ptr("PT1H"), - // SuppressionEnabled: to.Ptr(false), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // }, - // }, - // &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRule{ - // Name: to.Ptr("microsoftSecurityIncidentCreationRuleExample"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/microsoftSecurityIncidentCreationRuleExample"), - // Etag: to.Ptr("\"260097e0-0000-0d00-0000-5d6fa88f0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation), - // Properties: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleProperties{ - // ProductFilter: to.Ptr(armsecurityinsights.MicrosoftSecurityProductNameMicrosoftCloudAppSecurity), - // DisplayName: to.Ptr("testing displayname"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-04T12:05:35.729Z"); return t}()), - // }, - // }, - // &armsecurityinsights.FusionAlertRule{ - // Name: to.Ptr("myFirstFusionRule"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/myFirstFusionRule"), - // Etag: to.Ptr("\"25005c11-0000-0d00-0000-5d6cc0e20000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - // Properties: &armsecurityinsights.FusionAlertRuleProperties{ - // Description: to.Ptr("In this mode, Sentinel combines low fidelity alerts, which themselves may not be actionable, and events across multiple products, into high fidelity security interesting incidents. The system looks at multiple products to produce actionable incidents. Custom tailored to each tenant, Fusion not only reduces false positive rates but also can detect attacks with limited or missing information. \nIncidents generated by Fusion system will encase two or more alerts. By design, Fusion incidents are low volume, high fidelity and will be high severity, which is why Fusion is turned ON by default in Azure Sentinel.\n\nFor Fusion to work, please configure the following data sources in Data Connectors tab:\nRequired - Azure Active Directory Identity Protection\nRequired - Microsoft Cloud App Security\nIf Available - Palo Alto Network\n\nFor full list of scenarios covered by Fusion, and detail instructions on how to configure the required data sources, go to aka.ms/SentinelFusion"), - // AlertRuleTemplateName: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - // DisplayName: to.Ptr("Advanced Multi-Stage Attack Detection"), - // Enabled: to.Ptr(false), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-02T07:12:34.906Z"); return t}()), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement), - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl)}, - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/alertRules/GetFusionAlertRule.json -func ExampleAlertRulesClient_Get_getAFusionAlertRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().Get(ctx, "myRg", "myWorkspace", "myFirstFusionRule", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientGetResponse{ - // AlertRuleClassification: &armsecurityinsights.FusionAlertRule{ - // Name: to.Ptr("myFirstFusionRule"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/myFirstFusionRule"), - // Etag: to.Ptr("\"260090e2-0000-0d00-0000-5d6fb8670000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - // Properties: &armsecurityinsights.FusionAlertRuleProperties{ - // Description: to.Ptr("In this mode, Sentinel combines low fidelity alerts, which themselves may not be actionable, and events across multiple products, into high fidelity security interesting incidents. The system looks at multiple products to produce actionable incidents. Custom tailored to each tenant, Fusion not only reduces false positive rates but also can detect attacks with limited or missing information. \nIncidents generated by Fusion system will encase two or more alerts. By design, Fusion incidents are low volume, high fidelity and will be high severity, which is why Fusion is turned ON by default in Azure Sentinel.\n\nFor Fusion to work, please configure the following data sources in Data Connectors tab:\nRequired - Azure Active Directory Identity Protection\nRequired - Microsoft Cloud App Security\nIf Available - Palo Alto Network\n\nFor full list of scenarios covered by Fusion, and detail instructions on how to configure the required data sources, go to aka.ms/SentinelFusion"), - // AlertRuleTemplateName: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - // DisplayName: to.Ptr("Advanced Multi-Stage Attack Detection"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-04T13:13:11.534Z"); return t}()), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement), - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl)}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/alertRules/GetMicrosoftSecurityIncidentCreationAlertRule.json -func ExampleAlertRulesClient_Get_getAMicrosoftSecurityIncidentCreationRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().Get(ctx, "myRg", "myWorkspace", "microsoftSecurityIncidentCreationRuleExample", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientGetResponse{ - // AlertRuleClassification: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRule{ - // Name: to.Ptr("microsoftSecurityIncidentCreationRuleExample"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/microsoftSecurityIncidentCreationRuleExample"), - // Etag: to.Ptr("\"260097e0-0000-0d00-0000-5d6fa88f0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation), - // Properties: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleProperties{ - // ProductFilter: to.Ptr(armsecurityinsights.MicrosoftSecurityProductNameMicrosoftCloudAppSecurity), - // DisplayName: to.Ptr("testing displayname"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-04T12:05:35.729Z"); return t}()), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/alertRules/GetScheduledAlertRule.json -func ExampleAlertRulesClient_Get_getAScheduledAlertRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientGetResponse{ - // AlertRuleClassification: &armsecurityinsights.ScheduledAlertRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - // Properties: &armsecurityinsights.ScheduledAlertRuleProperties{ - // AlertDetailsOverride: &armsecurityinsights.AlertDetailsOverride{ - // AlertDescriptionFormat: to.Ptr("Suspicious activity was made by {{ComputerIP}}"), - // AlertDisplayNameFormat: to.Ptr("Alert from {{Computer}}"), - // }, - // CustomDetails: map[string]*string{ - // "OperatingSystemName": to.Ptr("OSName"), - // "OperatingSystemType": to.Ptr("OSType"), - // }, - // EntityMappings: []*armsecurityinsights.EntityMapping{ - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeHost), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("Computer"), - // Identifier: to.Ptr("FullName"), - // }}, - // }, - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeIP), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("ComputerIP"), - // Identifier: to.Ptr("Address"), - // }}, - // }}, - // EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - // AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - // }, - // Query: to.Ptr("Heartbeat"), - // QueryFrequency: to.Ptr("PT1H"), - // QueryPeriod: to.Ptr("P2DT1H30M"), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - // TriggerThreshold: to.Ptr[int32](0), - // Description: to.Ptr("An example for a scheduled rule"), - // DisplayName: to.Ptr("My scheduled rule"), - // Enabled: to.Ptr(true), - // IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - // CreateIncident: to.Ptr(true), - // GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - // Enabled: to.Ptr(true), - // GroupByAlertDetails: []*armsecurityinsights.AlertDetail{ - // to.Ptr(armsecurityinsights.AlertDetailDisplayName)}, - // GroupByCustomDetails: []*string{ - // to.Ptr("OperatingSystemType"), - // to.Ptr("OperatingSystemName")}, - // GroupByEntities: []*armsecurityinsights.EntityMappingType{ - // to.Ptr(armsecurityinsights.EntityMappingTypeHost)}, - // LookbackDuration: to.Ptr("PT5H"), - // MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - // ReopenClosedIncident: to.Ptr(false), - // }, - // }, - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // SuppressionDuration: to.Ptr("PT1H"), - // SuppressionEnabled: to.Ptr(false), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/alertRules/CreateFusionAlertRule.json -func ExampleAlertRulesClient_CreateOrUpdate_createsOrUpdatesAFusionAlertRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "myFirstFusionRule", &armsecurityinsights.FusionAlertRule{ - Etag: to.Ptr("3d00c3ca-0000-0100-0000-5d42d5010000"), - Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - Properties: &armsecurityinsights.FusionAlertRuleProperties{ - AlertRuleTemplateName: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - Enabled: to.Ptr(true), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientCreateOrUpdateResponse{ - // AlertRuleClassification: &armsecurityinsights.FusionAlertRule{ - // Name: to.Ptr("myFirstFusionRule"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/myFirstFusionRule"), - // Etag: to.Ptr("\"260090e2-0000-0d00-0000-5d6fb8670000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - // Properties: &armsecurityinsights.FusionAlertRuleProperties{ - // Description: to.Ptr("In this mode, Sentinel combines low fidelity alerts, which themselves may not be actionable, and events across multiple products, into high fidelity security interesting incidents. The system looks at multiple products to produce actionable incidents. Custom tailored to each tenant, Fusion not only reduces false positive rates but also can detect attacks with limited or missing information. \nIncidents generated by Fusion system will encase two or more alerts. By design, Fusion incidents are low volume, high fidelity and will be high severity, which is why Fusion is turned ON by default in Azure Sentinel.\n\nFor Fusion to work, please configure the following data sources in Data Connectors tab:\nRequired - Azure Active Directory Identity Protection\nRequired - Microsoft Cloud App Security\nIf Available - Palo Alto Network\n\nFor full list of scenarios covered by Fusion, and detail instructions on how to configure the required data sources, go to aka.ms/SentinelFusion"), - // AlertRuleTemplateName: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - // DisplayName: to.Ptr("Advanced Multi-Stage Attack Detection"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-04T13:13:11.534Z"); return t}()), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement), - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl)}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/alertRules/CreateMicrosoftSecurityIncidentCreationAlertRule.json -func ExampleAlertRulesClient_CreateOrUpdate_createsOrUpdatesAMicrosoftSecurityIncidentCreationRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "microsoftSecurityIncidentCreationRuleExample", &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRule{ - Etag: to.Ptr("\"260097e0-0000-0d00-0000-5d6fa88f0000\""), - Kind: to.Ptr(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation), - Properties: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleProperties{ - ProductFilter: to.Ptr(armsecurityinsights.MicrosoftSecurityProductNameMicrosoftCloudAppSecurity), - DisplayName: to.Ptr("testing displayname"), - Enabled: to.Ptr(true), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientCreateOrUpdateResponse{ - // AlertRuleClassification: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRule{ - // Name: to.Ptr("microsoftSecurityIncidentCreationRuleExample"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/microsoftSecurityIncidentCreationRuleExample"), - // Etag: to.Ptr("\"260097e0-0000-0d00-0000-5d6fa88f0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation), - // Properties: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleProperties{ - // ProductFilter: to.Ptr(armsecurityinsights.MicrosoftSecurityProductNameMicrosoftCloudAppSecurity), - // DisplayName: to.Ptr("testing displayname"), - // Enabled: to.Ptr(true), - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-09-04T12:05:35.729Z"); return t}()), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/alertRules/CreateScheduledAlertRule.json -func ExampleAlertRulesClient_CreateOrUpdate_createsOrUpdatesAScheduledAlertRule() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRulesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.ScheduledAlertRule{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - Properties: &armsecurityinsights.ScheduledAlertRuleProperties{ - AlertDetailsOverride: &armsecurityinsights.AlertDetailsOverride{ - AlertDescriptionFormat: to.Ptr("Suspicious activity was made by {{ComputerIP}}"), - AlertDisplayNameFormat: to.Ptr("Alert from {{Computer}}"), - }, - CustomDetails: map[string]*string{ - "OperatingSystemName": to.Ptr("OSName"), - "OperatingSystemType": to.Ptr("OSType"), - }, - EntityMappings: []*armsecurityinsights.EntityMapping{ - { - EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeHost), - FieldMappings: []*armsecurityinsights.FieldMapping{ - { - ColumnName: to.Ptr("Computer"), - Identifier: to.Ptr("FullName"), - }}, - }, - { - EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeIP), - FieldMappings: []*armsecurityinsights.FieldMapping{ - { - ColumnName: to.Ptr("ComputerIP"), - Identifier: to.Ptr("Address"), - }}, - }}, - EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - }, - Query: to.Ptr("Heartbeat"), - QueryFrequency: to.Ptr("PT1H"), - QueryPeriod: to.Ptr("P2DT1H30M"), - Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - TriggerThreshold: to.Ptr[int32](0), - Description: to.Ptr("An example for a scheduled rule"), - DisplayName: to.Ptr("My scheduled rule"), - Enabled: to.Ptr(true), - IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - CreateIncident: to.Ptr(true), - GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - Enabled: to.Ptr(true), - GroupByAlertDetails: []*armsecurityinsights.AlertDetail{ - to.Ptr(armsecurityinsights.AlertDetailDisplayName)}, - GroupByCustomDetails: []*string{ - to.Ptr("OperatingSystemType"), - to.Ptr("OperatingSystemName")}, - GroupByEntities: []*armsecurityinsights.EntityMappingType{ - to.Ptr(armsecurityinsights.EntityMappingTypeHost)}, - LookbackDuration: to.Ptr("PT5H"), - MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - ReopenClosedIncident: to.Ptr(false), - }, - }, - SuppressionDuration: to.Ptr("PT1H"), - SuppressionEnabled: to.Ptr(false), - Tactics: []*armsecurityinsights.AttackTactic{ - to.Ptr(armsecurityinsights.AttackTacticPersistence), - to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRulesClientCreateOrUpdateResponse{ - // AlertRuleClassification: &armsecurityinsights.ScheduledAlertRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/alertRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - // Properties: &armsecurityinsights.ScheduledAlertRuleProperties{ - // AlertDetailsOverride: &armsecurityinsights.AlertDetailsOverride{ - // AlertDescriptionFormat: to.Ptr("Suspicious activity was made by {{ComputerIP}}"), - // AlertDisplayNameFormat: to.Ptr("Alert from {{Computer}}"), - // }, - // CustomDetails: map[string]*string{ - // "OperatingSystemName": to.Ptr("OSName"), - // "OperatingSystemType": to.Ptr("OSType"), - // }, - // EntityMappings: []*armsecurityinsights.EntityMapping{ - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeHost), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("Computer"), - // Identifier: to.Ptr("FullName"), - // }}, - // }, - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeIP), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("ComputerIP"), - // Identifier: to.Ptr("Address"), - // }}, - // }}, - // EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - // AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - // }, - // Query: to.Ptr("Heartbeat"), - // QueryFrequency: to.Ptr("PT1H"), - // QueryPeriod: to.Ptr("P2DT1H30M"), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - // TriggerThreshold: to.Ptr[int32](0), - // Description: to.Ptr("An example for a scheduled rule"), - // DisplayName: to.Ptr("My scheduled rule"), - // Enabled: to.Ptr(true), - // IncidentConfiguration: &armsecurityinsights.IncidentConfiguration{ - // CreateIncident: to.Ptr(true), - // GroupingConfiguration: &armsecurityinsights.GroupingConfiguration{ - // Enabled: to.Ptr(true), - // GroupByAlertDetails: []*armsecurityinsights.AlertDetail{ - // to.Ptr(armsecurityinsights.AlertDetailDisplayName)}, - // GroupByCustomDetails: []*string{ - // to.Ptr("OperatingSystemType"), - // to.Ptr("OperatingSystemName")}, - // GroupByEntities: []*armsecurityinsights.EntityMappingType{ - // to.Ptr(armsecurityinsights.EntityMappingTypeHost)}, - // LookbackDuration: to.Ptr("PT5H"), - // MatchingMethod: to.Ptr(armsecurityinsights.MatchingMethodSelected), - // ReopenClosedIncident: to.Ptr(false), - // }, - // }, - // LastModifiedUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-01T13:17:30.000Z"); return t}()), - // SuppressionDuration: to.Ptr("PT1H"), - // SuppressionEnabled: to.Ptr(false), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/alertRules/DeleteAlertRule.json -func ExampleAlertRulesClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewAlertRulesClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client.go index d385c2311012..dba9ef2e742a 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client.go @@ -46,7 +46,7 @@ func NewAlertRuleTemplatesClient(subscriptionID string, credential azcore.TokenC // Get - Gets the alert rule template. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - alertRuleTemplateID - Alert rule template ID @@ -97,7 +97,7 @@ func (client *AlertRuleTemplatesClient) getCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -114,7 +114,7 @@ func (client *AlertRuleTemplatesClient) getHandleResponse(resp *http.Response) ( // NewListPager - Gets all alert rule templates. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - AlertRuleTemplatesClientListOptions contains the optional parameters for the AlertRuleTemplatesClient.NewListPager @@ -162,7 +162,7 @@ func (client *AlertRuleTemplatesClient) listCreateRequest(ctx context.Context, r return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client_example_test.go deleted file mode 100644 index 795200a1e72e..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/alertruletemplates_client_example_test.go +++ /dev/null @@ -1,191 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/alertRuleTemplates/GetAlertRuleTemplates.json -func ExampleAlertRuleTemplatesClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewAlertRuleTemplatesClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.AlertRuleTemplatesList = armsecurityinsights.AlertRuleTemplatesList{ - // Value: []armsecurityinsights.AlertRuleTemplateClassification{ - // &armsecurityinsights.ScheduledAlertRuleTemplate{ - // Name: to.Ptr("65360bb0-8986-4ade-a89d-af3cf44d28aa"), - // Type: to.Ptr("Microsoft.SecurityInsights/AlertRuleTemplates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/AlertRuleTemplates/65360bb0-8986-4ade-a89d-af3cf44d28aa"), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - // Properties: &armsecurityinsights.ScheduledAlertRuleTemplateProperties{ - // Description: to.Ptr("This alert monitors changes to Amazon VPC (Virtual Private Cloud) settings such as new ACL entries and routes in route tables.\nMore information: https://medium.com/@GorillaStack/the-most-important-aws-cloudtrail-security-events-to-track-a5b9873f8255 \nand https://aws.amazon.com/vpc/"), - // AlertRulesCreatedByTemplateCount: to.Ptr[int32](0), - // CreatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-02-27T00:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("Changes to Amazon VPC settings"), - // LastUpdatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-02-27T10:00:00.000Z"); return t}()), - // Query: to.Ptr("let timeframe = 1d;\nAWSCloudTrail\n| where TimeGenerated >= ago(timeframe)\n| where EventName == \"CreateNetworkAclEntry\"\n or EventName == \"CreateRoute\"\n| project TimeGenerated, EventName, EventTypeName, UserIdentityAccountId, UserIdentityPrincipalid, UserAgent, UserIdentityUserName, SessionMfaAuthenticated, SourceIpAddress, AWSRegion, EventSource, AdditionalEventData, ResponseElements\n| extend AccountCustomEntity = UserIdentityUserName, IPCustomEntity = SourceIpAddress"), - // QueryFrequency: to.Ptr("P1D"), - // QueryPeriod: to.Ptr("P1D"), - // RequiredDataConnectors: []*armsecurityinsights.AlertRuleTemplateDataSource{ - // { - // ConnectorID: to.Ptr("AWS"), - // DataTypes: []*string{ - // to.Ptr("AWSCloudTrail")}, - // }}, - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // Status: to.Ptr(armsecurityinsights.TemplateStatusAvailable), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPrivilegeEscalation), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - // TriggerThreshold: to.Ptr[int32](0), - // Version: to.Ptr("1.0.1"), - // }, - // }, - // &armsecurityinsights.FusionAlertRuleTemplate{ - // Name: to.Ptr("f71aba3d-28fb-450b-b192-4e76a83015c8"), - // Type: to.Ptr("Microsoft.SecurityInsights/AlertRuleTemplates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/AlertRuleTemplates/f71aba3d-28fb-450b-b192-4e76a83015c8"), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindFusion), - // Properties: &armsecurityinsights.FusionAlertRuleTemplateProperties{ - // Description: to.Ptr("Place holder: Fusion uses graph powered machine learning algorithms to correlate between millions of lower fidelity anomalous activities from different products such as Azure AD Identity Protection, and Microsoft Cloud App Security, to combine them into a manageable number of interesting security cases.\n"), - // AlertRulesCreatedByTemplateCount: to.Ptr[int32](0), - // CreatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-07-25T00:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("Advanced Multi-Stage Attack Detection"), - // LastUpdatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-27T10:00:00.000Z"); return t}()), - // Severity: to.Ptr(armsecurityinsights.AlertSeverityHigh), - // Status: to.Ptr(armsecurityinsights.TemplateStatusAvailable), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement), - // to.Ptr(armsecurityinsights.AttackTacticExfiltration), - // to.Ptr(armsecurityinsights.AttackTacticCommandAndControl)}, - // }, - // }, - // &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleTemplate{ - // Name: to.Ptr("b3cfc7c0-092c-481c-a55b-34a3979758cb"), - // Type: to.Ptr("Microsoft.SecurityInsights/AlertRuleTemplates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/AlertRuleTemplates/b3cfc7c0-092c-481c-a55b-34a3979758cb"), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation), - // Properties: &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties{ - // Description: to.Ptr("Create incidents based on all alerts generated in Microsoft Cloud App Security"), - // AlertRulesCreatedByTemplateCount: to.Ptr[int32](0), - // CreatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-07-16T00:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("Create incidents based on Microsoft Cloud App Security alerts"), - // LastUpdatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-05-27T10:00:00.000Z"); return t}()), - // ProductFilter: to.Ptr(armsecurityinsights.MicrosoftSecurityProductNameMicrosoftCloudAppSecurity), - // Status: to.Ptr(armsecurityinsights.TemplateStatusAvailable), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/alertRuleTemplates/GetAlertRuleTemplateById.json -func ExampleAlertRuleTemplatesClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAlertRuleTemplatesClient().Get(ctx, "myRg", "myWorkspace", "65360bb0-8986-4ade-a89d-af3cf44d28aa", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.AlertRuleTemplatesClientGetResponse{ - // AlertRuleTemplateClassification: &armsecurityinsights.ScheduledAlertRuleTemplate{ - // Name: to.Ptr("65360bb0-8986-4ade-a89d-af3cf44d28aa"), - // Type: to.Ptr("Microsoft.SecurityInsights/AlertRuleTemplates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRuleTemplates/65360bb0-8986-4ade-a89d-af3cf44d28aa"), - // Kind: to.Ptr(armsecurityinsights.AlertRuleKindScheduled), - // Properties: &armsecurityinsights.ScheduledAlertRuleTemplateProperties{ - // Description: to.Ptr("This alert monitors changes to Amazon VPC (Virtual Private Cloud) settings such as new ACL entries and routes in route tables.\nMore information: https://medium.com/@GorillaStack/the-most-important-aws-cloudtrail-security-events-to-track-a5b9873f8255 \nand https://aws.amazon.com/vpc/"), - // AlertDetailsOverride: &armsecurityinsights.AlertDetailsOverride{ - // AlertDescriptionFormat: to.Ptr("Suspicious activity was made by {{AccountCustomEntity}}"), - // AlertDisplayNameFormat: to.Ptr("Alert on event {{EventName}}"), - // }, - // AlertRulesCreatedByTemplateCount: to.Ptr[int32](0), - // CreatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-02-27T00:00:00.000Z"); return t}()), - // CustomDetails: map[string]*string{ - // "EventNames": to.Ptr("EventName"), - // "EventTypes": to.Ptr("EventTypeName"), - // }, - // DisplayName: to.Ptr("Changes to Amazon VPC settings"), - // EntityMappings: []*armsecurityinsights.EntityMapping{ - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeAccount), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("AccountCustomEntity"), - // Identifier: to.Ptr("FullName"), - // }}, - // }, - // { - // EntityType: to.Ptr(armsecurityinsights.EntityMappingTypeIP), - // FieldMappings: []*armsecurityinsights.FieldMapping{ - // { - // ColumnName: to.Ptr("IPCustomEntity"), - // Identifier: to.Ptr("Address"), - // }}, - // }}, - // EventGroupingSettings: &armsecurityinsights.EventGroupingSettings{ - // AggregationKind: to.Ptr(armsecurityinsights.EventGroupingAggregationKindAlertPerResult), - // }, - // LastUpdatedDateUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-02-27T10:00:00.000Z"); return t}()), - // Query: to.Ptr("let timeframe = 1d;\nAWSCloudTrail\n| where TimeGenerated >= ago(timeframe)\n| where EventName == \"CreateNetworkAclEntry\"\n or EventName == \"CreateRoute\"\n| project TimeGenerated, EventName, EventTypeName, UserIdentityAccountId, UserIdentityPrincipalid, UserAgent, UserIdentityUserName, SessionMfaAuthenticated, SourceIpAddress, AWSRegion, EventSource, AdditionalEventData, ResponseElements\n| extend AccountCustomEntity = UserIdentityUserName, IPCustomEntity = SourceIpAddress"), - // QueryFrequency: to.Ptr("P1D"), - // QueryPeriod: to.Ptr("P1D"), - // RequiredDataConnectors: []*armsecurityinsights.AlertRuleTemplateDataSource{ - // { - // ConnectorID: to.Ptr("AWS"), - // DataTypes: []*string{ - // to.Ptr("AWSCloudTrail")}, - // }}, - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // Status: to.Ptr(armsecurityinsights.TemplateStatusAvailable), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPrivilegeEscalation), - // to.Ptr(armsecurityinsights.AttackTacticLateralMovement)}, - // TriggerOperator: to.Ptr(armsecurityinsights.TriggerOperatorGreaterThan), - // TriggerThreshold: to.Ptr[int32](0), - // Version: to.Ptr("1.0.2"), - // }, - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client.go index e19bb5273bbe..c357de8d90df 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client.go @@ -43,10 +43,10 @@ func NewAutomationRulesClient(subscriptionID string, credential azcore.TokenCred return client, nil } -// CreateOrUpdate - Creates or updates the automation rule +// CreateOrUpdate - Creates or updates the automation rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - automationRuleID - Automation rule ID @@ -98,7 +98,7 @@ func (client *AutomationRulesClient) createOrUpdateCreateRequest(ctx context.Con return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if options != nil && options.AutomationRuleToUpsert != nil { @@ -119,10 +119,10 @@ func (client *AutomationRulesClient) createOrUpdateHandleResponse(resp *http.Res return result, nil } -// Delete - Delete the automation rule +// Delete - Delete the automation rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - automationRuleID - Automation rule ID @@ -173,7 +173,7 @@ func (client *AutomationRulesClient) deleteCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -188,10 +188,10 @@ func (client *AutomationRulesClient) deleteHandleResponse(resp *http.Response) ( return result, nil } -// Get - Gets the automation rule +// Get - Gets the automation rule. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - automationRuleID - Automation rule ID @@ -242,7 +242,7 @@ func (client *AutomationRulesClient) getCreateRequest(ctx context.Context, resou return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -257,9 +257,9 @@ func (client *AutomationRulesClient) getHandleResponse(resp *http.Response) (Aut return result, nil } -// NewListPager - Gets all automation rules +// NewListPager - Gets all automation rules. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - AutomationRulesClientListOptions contains the optional parameters for the AutomationRulesClient.NewListPager @@ -307,7 +307,7 @@ func (client *AutomationRulesClient) listCreateRequest(ctx context.Context, reso return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client_example_test.go deleted file mode 100644 index 1e11d5f3bfc7..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/automationrules_client_example_test.go +++ /dev/null @@ -1,252 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/automationRules/AutomationRules_Get.json -func ExampleAutomationRulesClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAutomationRulesClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.AutomationRule = armsecurityinsights.AutomationRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/automationRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/automationRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.AutomationRuleProperties{ - // Actions: []armsecurityinsights.AutomationRuleActionClassification{ - // &armsecurityinsights.AutomationRuleModifyPropertiesAction{ - // ActionType: to.Ptr(armsecurityinsights.ActionTypeModifyProperties), - // Order: to.Ptr[int32](1), - // ActionConfiguration: &armsecurityinsights.IncidentPropertiesAction{ - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - // }, - // }}, - // CreatedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("High severity incidents escalation"), - // LastModifiedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // Order: to.Ptr[int32](1), - // TriggeringLogic: &armsecurityinsights.AutomationRuleTriggeringLogic{ - // Conditions: []armsecurityinsights.AutomationRuleConditionClassification{ - // &armsecurityinsights.PropertyConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypeProperty), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyValuesCondition{ - // Operator: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedOperatorContains), - // PropertyName: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedPropertyIncidentRelatedAnalyticRuleIDs), - // PropertyValues: []*string{ - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/fab3d2d4-747f-46a7-8ef0-9c0be8112bf7"), - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/8deb8303-e94d-46ff-96e0-5fd94b33df1a")}, - // }, - // }}, - // IsEnabled: to.Ptr(true), - // TriggersOn: to.Ptr(armsecurityinsights.TriggersOnIncidents), - // TriggersWhen: to.Ptr(armsecurityinsights.TriggersWhenCreated), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/automationRules/AutomationRules_CreateOrUpdate.json -func ExampleAutomationRulesClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAutomationRulesClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.AutomationRulesClientCreateOrUpdateOptions{AutomationRuleToUpsert: nil}) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.AutomationRule = armsecurityinsights.AutomationRule{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/automationRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/automationRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.AutomationRuleProperties{ - // Actions: []armsecurityinsights.AutomationRuleActionClassification{ - // &armsecurityinsights.AutomationRuleModifyPropertiesAction{ - // ActionType: to.Ptr(armsecurityinsights.ActionTypeModifyProperties), - // Order: to.Ptr[int32](1), - // ActionConfiguration: &armsecurityinsights.IncidentPropertiesAction{ - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - // }, - // }}, - // CreatedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("High severity incidents escalation"), - // LastModifiedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // Order: to.Ptr[int32](1), - // TriggeringLogic: &armsecurityinsights.AutomationRuleTriggeringLogic{ - // Conditions: []armsecurityinsights.AutomationRuleConditionClassification{ - // &armsecurityinsights.PropertyConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypeProperty), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyValuesCondition{ - // Operator: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedOperatorContains), - // PropertyName: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedPropertyIncidentRelatedAnalyticRuleIDs), - // PropertyValues: []*string{ - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/fab3d2d4-747f-46a7-8ef0-9c0be8112bf7"), - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/8deb8303-e94d-46ff-96e0-5fd94b33df1a")}, - // }, - // }}, - // IsEnabled: to.Ptr(true), - // TriggersOn: to.Ptr(armsecurityinsights.TriggersOnIncidents), - // TriggersWhen: to.Ptr(armsecurityinsights.TriggersWhenCreated), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/automationRules/AutomationRules_Delete.json -func ExampleAutomationRulesClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewAutomationRulesClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Interface = map[string]any{ - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/automationRules/AutomationRules_List.json -func ExampleAutomationRulesClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewAutomationRulesClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.AutomationRulesList = armsecurityinsights.AutomationRulesList{ - // Value: []*armsecurityinsights.AutomationRule{ - // { - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/automationRules"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/automationRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.AutomationRuleProperties{ - // Actions: []armsecurityinsights.AutomationRuleActionClassification{ - // &armsecurityinsights.AutomationRuleModifyPropertiesAction{ - // ActionType: to.Ptr(armsecurityinsights.ActionTypeModifyProperties), - // Order: to.Ptr[int32](1), - // ActionConfiguration: &armsecurityinsights.IncidentPropertiesAction{ - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - // }, - // }}, - // CreatedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:00.000Z"); return t}()), - // DisplayName: to.Ptr("High severity incidents escalation"), - // LastModifiedBy: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // Order: to.Ptr[int32](1), - // TriggeringLogic: &armsecurityinsights.AutomationRuleTriggeringLogic{ - // Conditions: []armsecurityinsights.AutomationRuleConditionClassification{ - // &armsecurityinsights.PropertyConditionProperties{ - // ConditionType: to.Ptr(armsecurityinsights.ConditionTypeProperty), - // ConditionProperties: &armsecurityinsights.AutomationRulePropertyValuesCondition{ - // Operator: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedOperatorContains), - // PropertyName: to.Ptr(armsecurityinsights.AutomationRulePropertyConditionSupportedPropertyIncidentRelatedAnalyticRuleIDs), - // PropertyValues: []*string{ - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/fab3d2d4-747f-46a7-8ef0-9c0be8112bf7"), - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/8deb8303-e94d-46ff-96e0-5fd94b33df1a")}, - // }, - // }}, - // IsEnabled: to.Ptr(true), - // TriggersOn: to.Ptr(armsecurityinsights.TriggersOnIncidents), - // TriggersWhen: to.Ptr(armsecurityinsights.TriggersWhenCreated), - // }, - // }, - // }}, - // } - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/autorest.md b/sdk/resourcemanager/securityinsights/armsecurityinsights/autorest.md index 9129287bad6a..1eed09779988 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/autorest.md +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/autorest.md @@ -5,11 +5,10 @@ ``` yaml azure-arm: true require: -- https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/readme.md -- https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/readme.go.md +- /mnt/vss/_work/1/s/azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md +- /mnt/vss/_work/1/s/azure-rest-api-specs/specification/securityinsights/resource-manager/readme.go.md license-header: MICROSOFT_MIT_NO_VERSION -module-version: 1.2.0 +module-version: 2.0.0-beta.4 modelerfour: lenient-model-deduplication: true -tag: package-2021-10 ``` \ No newline at end of file diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/billingstatistics_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/billingstatistics_client.go new file mode 100644 index 000000000000..ed9f64f0aee1 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/billingstatistics_client.go @@ -0,0 +1,178 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// BillingStatisticsClient contains the methods for the BillingStatistics group. +// Don't use this type directly, use NewBillingStatisticsClient() instead. +type BillingStatisticsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewBillingStatisticsClient creates a new instance of BillingStatisticsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewBillingStatisticsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*BillingStatisticsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &BillingStatisticsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Gets a billing statistic +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - billingStatisticName - The name of the billing statistic +// - options - BillingStatisticsClientGetOptions contains the optional parameters for the BillingStatisticsClient.Get method. +func (client *BillingStatisticsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, billingStatisticName string, options *BillingStatisticsClientGetOptions) (BillingStatisticsClientGetResponse, error) { + var err error + const operationName = "BillingStatisticsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, billingStatisticName, options) + if err != nil { + return BillingStatisticsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return BillingStatisticsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return BillingStatisticsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *BillingStatisticsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, billingStatisticName string, options *BillingStatisticsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/billingStatistics/{billingStatisticName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if billingStatisticName == "" { + return nil, errors.New("parameter billingStatisticName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{billingStatisticName}", url.PathEscape(billingStatisticName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *BillingStatisticsClient) getHandleResponse(resp *http.Response) (BillingStatisticsClientGetResponse, error) { + result := BillingStatisticsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return BillingStatisticsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all Microsoft Sentinel billing statistics. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - BillingStatisticsClientListOptions contains the optional parameters for the BillingStatisticsClient.NewListPager +// method. +func (client *BillingStatisticsClient) NewListPager(resourceGroupName string, workspaceName string, options *BillingStatisticsClientListOptions) *runtime.Pager[BillingStatisticsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[BillingStatisticsClientListResponse]{ + More: func(page BillingStatisticsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *BillingStatisticsClientListResponse) (BillingStatisticsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "BillingStatisticsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return BillingStatisticsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *BillingStatisticsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *BillingStatisticsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/billingStatistics" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *BillingStatisticsClient) listHandleResponse(resp *http.Response) (BillingStatisticsClientListResponse, error) { + result := BillingStatisticsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.BillingStatisticList); err != nil { + return BillingStatisticsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client.go new file mode 100644 index 000000000000..ccc7c180fcde --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmark_client.go @@ -0,0 +1,117 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// BookmarkClient contains the methods for the Bookmark group. +// Don't use this type directly, use NewBookmarkClient() instead. +type BookmarkClient struct { + internal *arm.Client + subscriptionID string +} + +// NewBookmarkClient creates a new instance of BookmarkClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewBookmarkClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*BookmarkClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &BookmarkClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Expand - Expand an bookmark +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - bookmarkID - Bookmark ID +// - parameters - The parameters required to execute an expand operation on the given bookmark. +// - options - BookmarkClientExpandOptions contains the optional parameters for the BookmarkClient.Expand method. +func (client *BookmarkClient) Expand(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, parameters BookmarkExpandParameters, options *BookmarkClientExpandOptions) (BookmarkClientExpandResponse, error) { + var err error + const operationName = "BookmarkClient.Expand" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.expandCreateRequest(ctx, resourceGroupName, workspaceName, bookmarkID, parameters, options) + if err != nil { + return BookmarkClientExpandResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return BookmarkClientExpandResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return BookmarkClientExpandResponse{}, err + } + resp, err := client.expandHandleResponse(httpResp) + return resp, err +} + +// expandCreateRequest creates the Expand request. +func (client *BookmarkClient) expandCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, parameters BookmarkExpandParameters, options *BookmarkClientExpandOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/expand" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if bookmarkID == "" { + return nil, errors.New("parameter bookmarkID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{bookmarkId}", url.PathEscape(bookmarkID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// expandHandleResponse handles the Expand response. +func (client *BookmarkClient) expandHandleResponse(resp *http.Response) (BookmarkClientExpandResponse, error) { + result := BookmarkClientExpandResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.BookmarkExpandResponse); err != nil { + return BookmarkClientExpandResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client.go new file mode 100644 index 000000000000..aa39a828bb89 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarkrelations_client.go @@ -0,0 +1,345 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// BookmarkRelationsClient contains the methods for the BookmarkRelations group. +// Don't use this type directly, use NewBookmarkRelationsClient() instead. +type BookmarkRelationsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewBookmarkRelationsClient creates a new instance of BookmarkRelationsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewBookmarkRelationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*BookmarkRelationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &BookmarkRelationsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates the bookmark relation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - bookmarkID - Bookmark ID +// - relationName - Relation Name +// - relation - The relation model +// - options - BookmarkRelationsClientCreateOrUpdateOptions contains the optional parameters for the BookmarkRelationsClient.CreateOrUpdate +// method. +func (client *BookmarkRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, relation Relation, options *BookmarkRelationsClientCreateOrUpdateOptions) (BookmarkRelationsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "BookmarkRelationsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, bookmarkID, relationName, relation, options) + if err != nil { + return BookmarkRelationsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return BookmarkRelationsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return BookmarkRelationsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *BookmarkRelationsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, relation Relation, options *BookmarkRelationsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if bookmarkID == "" { + return nil, errors.New("parameter bookmarkID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{bookmarkId}", url.PathEscape(bookmarkID)) + if relationName == "" { + return nil, errors.New("parameter relationName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{relationName}", url.PathEscape(relationName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, relation); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *BookmarkRelationsClient) createOrUpdateHandleResponse(resp *http.Response) (BookmarkRelationsClientCreateOrUpdateResponse, error) { + result := BookmarkRelationsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Relation); err != nil { + return BookmarkRelationsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete the bookmark relation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - bookmarkID - Bookmark ID +// - relationName - Relation Name +// - options - BookmarkRelationsClientDeleteOptions contains the optional parameters for the BookmarkRelationsClient.Delete +// method. +func (client *BookmarkRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, options *BookmarkRelationsClientDeleteOptions) (BookmarkRelationsClientDeleteResponse, error) { + var err error + const operationName = "BookmarkRelationsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, bookmarkID, relationName, options) + if err != nil { + return BookmarkRelationsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return BookmarkRelationsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return BookmarkRelationsClientDeleteResponse{}, err + } + return BookmarkRelationsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *BookmarkRelationsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, options *BookmarkRelationsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if bookmarkID == "" { + return nil, errors.New("parameter bookmarkID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{bookmarkId}", url.PathEscape(bookmarkID)) + if relationName == "" { + return nil, errors.New("parameter relationName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{relationName}", url.PathEscape(relationName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a bookmark relation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - bookmarkID - Bookmark ID +// - relationName - Relation Name +// - options - BookmarkRelationsClientGetOptions contains the optional parameters for the BookmarkRelationsClient.Get method. +func (client *BookmarkRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, options *BookmarkRelationsClientGetOptions) (BookmarkRelationsClientGetResponse, error) { + var err error + const operationName = "BookmarkRelationsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, bookmarkID, relationName, options) + if err != nil { + return BookmarkRelationsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return BookmarkRelationsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return BookmarkRelationsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *BookmarkRelationsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, options *BookmarkRelationsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if bookmarkID == "" { + return nil, errors.New("parameter bookmarkID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{bookmarkId}", url.PathEscape(bookmarkID)) + if relationName == "" { + return nil, errors.New("parameter relationName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{relationName}", url.PathEscape(relationName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *BookmarkRelationsClient) getHandleResponse(resp *http.Response) (BookmarkRelationsClientGetResponse, error) { + result := BookmarkRelationsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Relation); err != nil { + return BookmarkRelationsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all bookmark relations. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - bookmarkID - Bookmark ID +// - options - BookmarkRelationsClientListOptions contains the optional parameters for the BookmarkRelationsClient.NewListPager +// method. +func (client *BookmarkRelationsClient) NewListPager(resourceGroupName string, workspaceName string, bookmarkID string, options *BookmarkRelationsClientListOptions) *runtime.Pager[BookmarkRelationsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[BookmarkRelationsClientListResponse]{ + More: func(page BookmarkRelationsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *BookmarkRelationsClientListResponse) (BookmarkRelationsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "BookmarkRelationsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, bookmarkID, options) + }, nil) + if err != nil { + return BookmarkRelationsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *BookmarkRelationsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, options *BookmarkRelationsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if bookmarkID == "" { + return nil, errors.New("parameter bookmarkID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{bookmarkId}", url.PathEscape(bookmarkID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *BookmarkRelationsClient) listHandleResponse(resp *http.Response) (BookmarkRelationsClientListResponse, error) { + result := BookmarkRelationsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RelationList); err != nil { + return BookmarkRelationsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client.go index 77a9090b03ed..662f94164ffe 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client.go @@ -46,7 +46,7 @@ func NewBookmarksClient(subscriptionID string, credential azcore.TokenCredential // CreateOrUpdate - Creates or updates the bookmark. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -99,7 +99,7 @@ func (client *BookmarksClient) createOrUpdateCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, bookmark); err != nil { @@ -120,7 +120,7 @@ func (client *BookmarksClient) createOrUpdateHandleResponse(resp *http.Response) // Delete - Delete the bookmark. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -170,7 +170,7 @@ func (client *BookmarksClient) deleteCreateRequest(ctx context.Context, resource return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -179,7 +179,7 @@ func (client *BookmarksClient) deleteCreateRequest(ctx context.Context, resource // Get - Gets a bookmark. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - bookmarkID - Bookmark ID @@ -230,7 +230,7 @@ func (client *BookmarksClient) getCreateRequest(ctx context.Context, resourceGro return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -247,7 +247,7 @@ func (client *BookmarksClient) getHandleResponse(resp *http.Response) (Bookmarks // NewListPager - Gets all bookmarks. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - BookmarksClientListOptions contains the optional parameters for the BookmarksClient.NewListPager method. @@ -294,7 +294,7 @@ func (client *BookmarksClient) listCreateRequest(ctx context.Context, resourceGr return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client_example_test.go deleted file mode 100644 index 72c8990ecdb7..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/bookmarks_client_example_test.go +++ /dev/null @@ -1,218 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/bookmarks/GetBookmarks.json -func ExampleBookmarksClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewBookmarksClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.BookmarkList = armsecurityinsights.BookmarkList{ - // Value: []*armsecurityinsights.Bookmark{ - // { - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.BookmarkProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DisplayName: to.Ptr("My bookmark"), - // IncidentInfo: &armsecurityinsights.IncidentInfo{ - // IncidentID: to.Ptr("DDA55F97-170B-40B9-B8ED-CBFD05481E7D"), - // RelationName: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0018"), - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityLow), - // Title: to.Ptr("New case 1"), - // }, - // Labels: []*string{ - // to.Ptr("Tag1"), - // to.Ptr("Tag2")}, - // Notes: to.Ptr("Found a suspicious activity"), - // Query: to.Ptr("SecurityEvent | where TimeGenerated > ago(1d) and TimeGenerated < ago(2d)"), - // QueryResult: to.Ptr("Security Event query result"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/bookmarks/GetBookmarkById.json -func ExampleBookmarksClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewBookmarksClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Bookmark = armsecurityinsights.Bookmark{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.BookmarkProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DisplayName: to.Ptr("My bookmark"), - // IncidentInfo: &armsecurityinsights.IncidentInfo{ - // IncidentID: to.Ptr("DDA55F97-170B-40B9-B8ED-CBFD05481E7D"), - // RelationName: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0018"), - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityLow), - // Title: to.Ptr("New case 1"), - // }, - // Labels: []*string{ - // to.Ptr("Tag1"), - // to.Ptr("Tag2")}, - // Notes: to.Ptr("Found a suspicious activity"), - // Query: to.Ptr("SecurityEvent | where TimeGenerated > ago(1d) and TimeGenerated < ago(2d)"), - // QueryResult: to.Ptr("Security Event query result"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/bookmarks/CreateBookmark.json -func ExampleBookmarksClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewBookmarksClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", armsecurityinsights.Bookmark{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.BookmarkProperties{ - Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t }()), - CreatedBy: &armsecurityinsights.UserInfo{ - ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - }, - DisplayName: to.Ptr("My bookmark"), - Labels: []*string{ - to.Ptr("Tag1"), - to.Ptr("Tag2")}, - Notes: to.Ptr("Found a suspicious activity"), - Query: to.Ptr("SecurityEvent | where TimeGenerated > ago(1d) and TimeGenerated < ago(2d)"), - QueryResult: to.Ptr("Security Event query result"), - Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t }()), - UpdatedBy: &armsecurityinsights.UserInfo{ - ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Bookmark = armsecurityinsights.Bookmark{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.BookmarkProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DisplayName: to.Ptr("My bookmark"), - // Labels: []*string{ - // to.Ptr("Tag1"), - // to.Ptr("Tag2")}, - // Notes: to.Ptr("Found a suspicious activity"), - // Query: to.Ptr("SecurityEvent | where TimeGenerated > ago(1d) and TimeGenerated < ago(2d)"), - // QueryResult: to.Ptr("Security Event query result"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/bookmarks/DeleteBookmark.json -func ExampleBookmarksClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewBookmarksClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/client.go new file mode 100644 index 000000000000..82c9824354ef --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/client.go @@ -0,0 +1,190 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// Client contains the methods for the SecurityInsights group. +// Don't use this type directly, use NewClient() instead. +type Client struct { + internal *arm.Client + subscriptionID string +} + +// NewClient creates a new instance of Client with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*Client, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &Client{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// ListGeodataByIP - Get geodata for a single IP address +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - enrichmentType - Enrichment type +// - ipAddressBody - IP address (v4 or v6) to be enriched +// - options - ClientListGeodataByIPOptions contains the optional parameters for the Client.ListGeodataByIP method. +func (client *Client) ListGeodataByIP(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType EnrichmentType, ipAddressBody EnrichmentIPAddressBody, options *ClientListGeodataByIPOptions) (ClientListGeodataByIPResponse, error) { + var err error + const operationName = "Client.ListGeodataByIP" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.listGeodataByIPCreateRequest(ctx, resourceGroupName, workspaceName, enrichmentType, ipAddressBody, options) + if err != nil { + return ClientListGeodataByIPResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ClientListGeodataByIPResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ClientListGeodataByIPResponse{}, err + } + resp, err := client.listGeodataByIPHandleResponse(httpResp) + return resp, err +} + +// listGeodataByIPCreateRequest creates the ListGeodataByIP request. +func (client *Client) listGeodataByIPCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType EnrichmentType, ipAddressBody EnrichmentIPAddressBody, options *ClientListGeodataByIPOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/enrichment/{enrichmentType}/listGeodataByIp" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if enrichmentType == "" { + return nil, errors.New("parameter enrichmentType cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{enrichmentType}", url.PathEscape(string(enrichmentType))) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, ipAddressBody); err != nil { + return nil, err + } + return req, nil +} + +// listGeodataByIPHandleResponse handles the ListGeodataByIP response. +func (client *Client) listGeodataByIPHandleResponse(resp *http.Response) (ClientListGeodataByIPResponse, error) { + result := ClientListGeodataByIPResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EnrichmentIPGeodataAutoGenerated); err != nil { + return ClientListGeodataByIPResponse{}, err + } + return result, nil +} + +// ListWhoisByDomain - Get whois information for a single domain name +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - enrichmentType - Enrichment type +// - domainBody - Domain name to be enriched. Only domain name is accepted +// - options - ClientListWhoisByDomainOptions contains the optional parameters for the Client.ListWhoisByDomain method. +func (client *Client) ListWhoisByDomain(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType EnrichmentType, domainBody EnrichmentDomainBody, options *ClientListWhoisByDomainOptions) (ClientListWhoisByDomainResponse, error) { + var err error + const operationName = "Client.ListWhoisByDomain" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.listWhoisByDomainCreateRequest(ctx, resourceGroupName, workspaceName, enrichmentType, domainBody, options) + if err != nil { + return ClientListWhoisByDomainResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ClientListWhoisByDomainResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ClientListWhoisByDomainResponse{}, err + } + resp, err := client.listWhoisByDomainHandleResponse(httpResp) + return resp, err +} + +// listWhoisByDomainCreateRequest creates the ListWhoisByDomain request. +func (client *Client) listWhoisByDomainCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType EnrichmentType, domainBody EnrichmentDomainBody, options *ClientListWhoisByDomainOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/enrichment/{enrichmentType}/listWhoisByDomain" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if enrichmentType == "" { + return nil, errors.New("parameter enrichmentType cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{enrichmentType}", url.PathEscape(string(enrichmentType))) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, domainBody); err != nil { + return nil, err + } + return req, nil +} + +// listWhoisByDomainHandleResponse handles the ListWhoisByDomain response. +func (client *Client) listWhoisByDomainHandleResponse(resp *http.Response) (ClientListWhoisByDomainResponse, error) { + result := ClientListWhoisByDomainResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EnrichmentDomainWhois); err != nil { + return ClientListWhoisByDomainResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/client_factory.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/client_factory.go index a3998dd1152a..a119984435a9 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/client_factory.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/client_factory.go @@ -17,8 +17,7 @@ import ( // Don't use this type directly, use NewClientFactory instead. type ClientFactory struct { subscriptionID string - credential azcore.TokenCredential - options *arm.ClientOptions + internal *arm.Client } // NewClientFactory creates a new instance of ClientFactory with the specified values. @@ -27,108 +26,507 @@ type ClientFactory struct { // - credential - used to authorize requests. Usually a credential from azidentity. // - options - pass nil to accept the default values. func NewClientFactory(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ClientFactory, error) { - _, err := arm.NewClient(moduleName, moduleVersion, credential, options) + internal, err := arm.NewClient(moduleName, moduleVersion, credential, options) if err != nil { return nil, err } return &ClientFactory{ - subscriptionID: subscriptionID, credential: credential, - options: options.Clone(), + subscriptionID: subscriptionID, + internal: internal, }, nil } // NewActionsClient creates a new instance of ActionsClient. func (c *ClientFactory) NewActionsClient() *ActionsClient { - subClient, _ := NewActionsClient(c.subscriptionID, c.credential, c.options) - return subClient + return &ActionsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewAlertRuleClient creates a new instance of AlertRuleClient. +func (c *ClientFactory) NewAlertRuleClient() *AlertRuleClient { + return &AlertRuleClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewAlertRuleTemplatesClient creates a new instance of AlertRuleTemplatesClient. func (c *ClientFactory) NewAlertRuleTemplatesClient() *AlertRuleTemplatesClient { - subClient, _ := NewAlertRuleTemplatesClient(c.subscriptionID, c.credential, c.options) - return subClient + return &AlertRuleTemplatesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewAlertRulesClient creates a new instance of AlertRulesClient. func (c *ClientFactory) NewAlertRulesClient() *AlertRulesClient { - subClient, _ := NewAlertRulesClient(c.subscriptionID, c.credential, c.options) - return subClient + return &AlertRulesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewAutomationRulesClient creates a new instance of AutomationRulesClient. func (c *ClientFactory) NewAutomationRulesClient() *AutomationRulesClient { - subClient, _ := NewAutomationRulesClient(c.subscriptionID, c.credential, c.options) - return subClient + return &AutomationRulesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewBillingStatisticsClient creates a new instance of BillingStatisticsClient. +func (c *ClientFactory) NewBillingStatisticsClient() *BillingStatisticsClient { + return &BillingStatisticsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewBookmarkClient creates a new instance of BookmarkClient. +func (c *ClientFactory) NewBookmarkClient() *BookmarkClient { + return &BookmarkClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewBookmarkRelationsClient creates a new instance of BookmarkRelationsClient. +func (c *ClientFactory) NewBookmarkRelationsClient() *BookmarkRelationsClient { + return &BookmarkRelationsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewBookmarksClient creates a new instance of BookmarksClient. func (c *ClientFactory) NewBookmarksClient() *BookmarksClient { - subClient, _ := NewBookmarksClient(c.subscriptionID, c.credential, c.options) - return subClient + return &BookmarksClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewClient creates a new instance of Client. +func (c *ClientFactory) NewClient() *Client { + return &Client{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewContentPackageClient creates a new instance of ContentPackageClient. +func (c *ClientFactory) NewContentPackageClient() *ContentPackageClient { + return &ContentPackageClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewContentPackagesClient creates a new instance of ContentPackagesClient. +func (c *ClientFactory) NewContentPackagesClient() *ContentPackagesClient { + return &ContentPackagesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewContentTemplateClient creates a new instance of ContentTemplateClient. +func (c *ClientFactory) NewContentTemplateClient() *ContentTemplateClient { + return &ContentTemplateClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewContentTemplatesClient creates a new instance of ContentTemplatesClient. +func (c *ClientFactory) NewContentTemplatesClient() *ContentTemplatesClient { + return &ContentTemplatesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewDataConnectorDefinitionsClient creates a new instance of DataConnectorDefinitionsClient. +func (c *ClientFactory) NewDataConnectorDefinitionsClient() *DataConnectorDefinitionsClient { + return &DataConnectorDefinitionsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewDataConnectorsCheckRequirementsClient creates a new instance of DataConnectorsCheckRequirementsClient. +func (c *ClientFactory) NewDataConnectorsCheckRequirementsClient() *DataConnectorsCheckRequirementsClient { + return &DataConnectorsCheckRequirementsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewDataConnectorsClient creates a new instance of DataConnectorsClient. func (c *ClientFactory) NewDataConnectorsClient() *DataConnectorsClient { - subClient, _ := NewDataConnectorsClient(c.subscriptionID, c.credential, c.options) - return subClient + return &DataConnectorsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewDomainWhoisClient creates a new instance of DomainWhoisClient. +func (c *ClientFactory) NewDomainWhoisClient() *DomainWhoisClient { + return &DomainWhoisClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewEntitiesClient creates a new instance of EntitiesClient. +func (c *ClientFactory) NewEntitiesClient() *EntitiesClient { + return &EntitiesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewEntitiesGetTimelineClient creates a new instance of EntitiesGetTimelineClient. +func (c *ClientFactory) NewEntitiesGetTimelineClient() *EntitiesGetTimelineClient { + return &EntitiesGetTimelineClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewEntitiesRelationsClient creates a new instance of EntitiesRelationsClient. +func (c *ClientFactory) NewEntitiesRelationsClient() *EntitiesRelationsClient { + return &EntitiesRelationsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewEntityQueriesClient creates a new instance of EntityQueriesClient. +func (c *ClientFactory) NewEntityQueriesClient() *EntityQueriesClient { + return &EntityQueriesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewEntityQueryTemplatesClient creates a new instance of EntityQueryTemplatesClient. +func (c *ClientFactory) NewEntityQueryTemplatesClient() *EntityQueryTemplatesClient { + return &EntityQueryTemplatesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewEntityRelationsClient creates a new instance of EntityRelationsClient. +func (c *ClientFactory) NewEntityRelationsClient() *EntityRelationsClient { + return &EntityRelationsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewFileImportsClient creates a new instance of FileImportsClient. +func (c *ClientFactory) NewFileImportsClient() *FileImportsClient { + return &FileImportsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewGetClient creates a new instance of GetClient. +func (c *ClientFactory) NewGetClient() *GetClient { + return &GetClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewGetRecommendationsClient creates a new instance of GetRecommendationsClient. +func (c *ClientFactory) NewGetRecommendationsClient() *GetRecommendationsClient { + return &GetRecommendationsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewGetTriggeredAnalyticsRuleRunsClient creates a new instance of GetTriggeredAnalyticsRuleRunsClient. +func (c *ClientFactory) NewGetTriggeredAnalyticsRuleRunsClient() *GetTriggeredAnalyticsRuleRunsClient { + return &GetTriggeredAnalyticsRuleRunsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewHuntCommentsClient creates a new instance of HuntCommentsClient. +func (c *ClientFactory) NewHuntCommentsClient() *HuntCommentsClient { + return &HuntCommentsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewHuntRelationsClient creates a new instance of HuntRelationsClient. +func (c *ClientFactory) NewHuntRelationsClient() *HuntRelationsClient { + return &HuntRelationsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewHuntsClient creates a new instance of HuntsClient. +func (c *ClientFactory) NewHuntsClient() *HuntsClient { + return &HuntsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewIPGeodataClient creates a new instance of IPGeodataClient. +func (c *ClientFactory) NewIPGeodataClient() *IPGeodataClient { + return &IPGeodataClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewIncidentCommentsClient creates a new instance of IncidentCommentsClient. func (c *ClientFactory) NewIncidentCommentsClient() *IncidentCommentsClient { - subClient, _ := NewIncidentCommentsClient(c.subscriptionID, c.credential, c.options) - return subClient + return &IncidentCommentsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewIncidentRelationsClient creates a new instance of IncidentRelationsClient. func (c *ClientFactory) NewIncidentRelationsClient() *IncidentRelationsClient { - subClient, _ := NewIncidentRelationsClient(c.subscriptionID, c.credential, c.options) - return subClient + return &IncidentRelationsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewIncidentTasksClient creates a new instance of IncidentTasksClient. +func (c *ClientFactory) NewIncidentTasksClient() *IncidentTasksClient { + return &IncidentTasksClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewIncidentsClient creates a new instance of IncidentsClient. func (c *ClientFactory) NewIncidentsClient() *IncidentsClient { - subClient, _ := NewIncidentsClient(c.subscriptionID, c.credential, c.options) - return subClient + return &IncidentsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewMetadataClient creates a new instance of MetadataClient. +func (c *ClientFactory) NewMetadataClient() *MetadataClient { + return &MetadataClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewOfficeConsentsClient creates a new instance of OfficeConsentsClient. +func (c *ClientFactory) NewOfficeConsentsClient() *OfficeConsentsClient { + return &OfficeConsentsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewOperationsClient creates a new instance of OperationsClient. func (c *ClientFactory) NewOperationsClient() *OperationsClient { - subClient, _ := NewOperationsClient(c.credential, c.options) - return subClient + return &OperationsClient{ + internal: c.internal, + } +} + +// NewProductPackageClient creates a new instance of ProductPackageClient. +func (c *ClientFactory) NewProductPackageClient() *ProductPackageClient { + return &ProductPackageClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewProductPackagesClient creates a new instance of ProductPackagesClient. +func (c *ClientFactory) NewProductPackagesClient() *ProductPackagesClient { + return &ProductPackagesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewProductSettingsClient creates a new instance of ProductSettingsClient. +func (c *ClientFactory) NewProductSettingsClient() *ProductSettingsClient { + return &ProductSettingsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewProductTemplateClient creates a new instance of ProductTemplateClient. +func (c *ClientFactory) NewProductTemplateClient() *ProductTemplateClient { + return &ProductTemplateClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewProductTemplatesClient creates a new instance of ProductTemplatesClient. +func (c *ClientFactory) NewProductTemplatesClient() *ProductTemplatesClient { + return &ProductTemplatesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewReevaluateClient creates a new instance of ReevaluateClient. +func (c *ClientFactory) NewReevaluateClient() *ReevaluateClient { + return &ReevaluateClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewSecurityMLAnalyticsSettingsClient creates a new instance of SecurityMLAnalyticsSettingsClient. +func (c *ClientFactory) NewSecurityMLAnalyticsSettingsClient() *SecurityMLAnalyticsSettingsClient { + return &SecurityMLAnalyticsSettingsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewSentinelOnboardingStatesClient creates a new instance of SentinelOnboardingStatesClient. func (c *ClientFactory) NewSentinelOnboardingStatesClient() *SentinelOnboardingStatesClient { - subClient, _ := NewSentinelOnboardingStatesClient(c.subscriptionID, c.credential, c.options) - return subClient + return &SentinelOnboardingStatesClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewSourceControlClient creates a new instance of SourceControlClient. +func (c *ClientFactory) NewSourceControlClient() *SourceControlClient { + return &SourceControlClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewSourceControlsClient creates a new instance of SourceControlsClient. +func (c *ClientFactory) NewSourceControlsClient() *SourceControlsClient { + return &SourceControlsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewThreatIntelligenceClient creates a new instance of ThreatIntelligenceClient. +func (c *ClientFactory) NewThreatIntelligenceClient() *ThreatIntelligenceClient { + return &ThreatIntelligenceClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewThreatIntelligenceIndicatorClient creates a new instance of ThreatIntelligenceIndicatorClient. func (c *ClientFactory) NewThreatIntelligenceIndicatorClient() *ThreatIntelligenceIndicatorClient { - subClient, _ := NewThreatIntelligenceIndicatorClient(c.subscriptionID, c.credential, c.options) - return subClient + return &ThreatIntelligenceIndicatorClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewThreatIntelligenceIndicatorMetricsClient creates a new instance of ThreatIntelligenceIndicatorMetricsClient. func (c *ClientFactory) NewThreatIntelligenceIndicatorMetricsClient() *ThreatIntelligenceIndicatorMetricsClient { - subClient, _ := NewThreatIntelligenceIndicatorMetricsClient(c.subscriptionID, c.credential, c.options) - return subClient + return &ThreatIntelligenceIndicatorMetricsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewThreatIntelligenceIndicatorsClient creates a new instance of ThreatIntelligenceIndicatorsClient. func (c *ClientFactory) NewThreatIntelligenceIndicatorsClient() *ThreatIntelligenceIndicatorsClient { - subClient, _ := NewThreatIntelligenceIndicatorsClient(c.subscriptionID, c.credential, c.options) - return subClient + return &ThreatIntelligenceIndicatorsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewTriggeredAnalyticsRuleRunClient creates a new instance of TriggeredAnalyticsRuleRunClient. +func (c *ClientFactory) NewTriggeredAnalyticsRuleRunClient() *TriggeredAnalyticsRuleRunClient { + return &TriggeredAnalyticsRuleRunClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewUpdateClient creates a new instance of UpdateClient. +func (c *ClientFactory) NewUpdateClient() *UpdateClient { + return &UpdateClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewWatchlistItemsClient creates a new instance of WatchlistItemsClient. func (c *ClientFactory) NewWatchlistItemsClient() *WatchlistItemsClient { - subClient, _ := NewWatchlistItemsClient(c.subscriptionID, c.credential, c.options) - return subClient + return &WatchlistItemsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } // NewWatchlistsClient creates a new instance of WatchlistsClient. func (c *ClientFactory) NewWatchlistsClient() *WatchlistsClient { - subClient, _ := NewWatchlistsClient(c.subscriptionID, c.credential, c.options) - return subClient + return &WatchlistsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewWorkspaceManagerAssignmentJobsClient creates a new instance of WorkspaceManagerAssignmentJobsClient. +func (c *ClientFactory) NewWorkspaceManagerAssignmentJobsClient() *WorkspaceManagerAssignmentJobsClient { + return &WorkspaceManagerAssignmentJobsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewWorkspaceManagerAssignmentsClient creates a new instance of WorkspaceManagerAssignmentsClient. +func (c *ClientFactory) NewWorkspaceManagerAssignmentsClient() *WorkspaceManagerAssignmentsClient { + return &WorkspaceManagerAssignmentsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewWorkspaceManagerConfigurationsClient creates a new instance of WorkspaceManagerConfigurationsClient. +func (c *ClientFactory) NewWorkspaceManagerConfigurationsClient() *WorkspaceManagerConfigurationsClient { + return &WorkspaceManagerConfigurationsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewWorkspaceManagerGroupsClient creates a new instance of WorkspaceManagerGroupsClient. +func (c *ClientFactory) NewWorkspaceManagerGroupsClient() *WorkspaceManagerGroupsClient { + return &WorkspaceManagerGroupsClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } +} + +// NewWorkspaceManagerMembersClient creates a new instance of WorkspaceManagerMembersClient. +func (c *ClientFactory) NewWorkspaceManagerMembersClient() *WorkspaceManagerMembersClient { + return &WorkspaceManagerMembersClient{ + subscriptionID: c.subscriptionID, + internal: c.internal, + } } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/constants.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/constants.go index 69001ac6ca96..d843159a4864 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/constants.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/constants.go @@ -10,13 +10,15 @@ package armsecurityinsights const ( moduleName = "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" - moduleVersion = "v1.2.0" + moduleVersion = "v2.0.0-beta.4" ) -// ActionType - The type of the automation rule action +// ActionType - The type of the automation rule action. type ActionType string const ( + // ActionTypeAddIncidentTask - Add a task to an incident object + ActionTypeAddIncidentTask ActionType = "AddIncidentTask" // ActionTypeModifyProperties - Modify an object's properties ActionTypeModifyProperties ActionType = "ModifyProperties" // ActionTypeRunPlaybook - Run a playbook on an object @@ -26,6 +28,7 @@ const ( // PossibleActionTypeValues returns the possible values for the ActionType const type. func PossibleActionTypeValues() []ActionType { return []ActionType{ + ActionTypeAddIncidentTask, ActionTypeModifyProperties, ActionTypeRunPlaybook, } @@ -49,21 +52,69 @@ func PossibleAlertDetailValues() []AlertDetail { } } +// AlertProperty - The V3 alert property +type AlertProperty string + +const ( + // AlertPropertyAlertLink - Alert's link + AlertPropertyAlertLink AlertProperty = "AlertLink" + // AlertPropertyConfidenceLevel - Confidence level property + AlertPropertyConfidenceLevel AlertProperty = "ConfidenceLevel" + // AlertPropertyConfidenceScore - Confidence score + AlertPropertyConfidenceScore AlertProperty = "ConfidenceScore" + // AlertPropertyExtendedLinks - Extended links to the alert + AlertPropertyExtendedLinks AlertProperty = "ExtendedLinks" + // AlertPropertyProductComponentName - Product component name alert property + AlertPropertyProductComponentName AlertProperty = "ProductComponentName" + // AlertPropertyProductName - Product name alert property + AlertPropertyProductName AlertProperty = "ProductName" + // AlertPropertyProviderName - Provider name alert property + AlertPropertyProviderName AlertProperty = "ProviderName" + // AlertPropertyRemediationSteps - Remediation steps alert property + AlertPropertyRemediationSteps AlertProperty = "RemediationSteps" + // AlertPropertySubTechniques - SubTechniques alert property + AlertPropertySubTechniques AlertProperty = "SubTechniques" + // AlertPropertyTechniques - Techniques alert property + AlertPropertyTechniques AlertProperty = "Techniques" +) + +// PossibleAlertPropertyValues returns the possible values for the AlertProperty const type. +func PossibleAlertPropertyValues() []AlertProperty { + return []AlertProperty{ + AlertPropertyAlertLink, + AlertPropertyConfidenceLevel, + AlertPropertyConfidenceScore, + AlertPropertyExtendedLinks, + AlertPropertyProductComponentName, + AlertPropertyProductName, + AlertPropertyProviderName, + AlertPropertyRemediationSteps, + AlertPropertySubTechniques, + AlertPropertyTechniques, + } +} + // AlertRuleKind - The kind of the alert rule type AlertRuleKind string const ( AlertRuleKindFusion AlertRuleKind = "Fusion" + AlertRuleKindMLBehaviorAnalytics AlertRuleKind = "MLBehaviorAnalytics" AlertRuleKindMicrosoftSecurityIncidentCreation AlertRuleKind = "MicrosoftSecurityIncidentCreation" + AlertRuleKindNRT AlertRuleKind = "NRT" AlertRuleKindScheduled AlertRuleKind = "Scheduled" + AlertRuleKindThreatIntelligence AlertRuleKind = "ThreatIntelligence" ) // PossibleAlertRuleKindValues returns the possible values for the AlertRuleKind const type. func PossibleAlertRuleKindValues() []AlertRuleKind { return []AlertRuleKind{ AlertRuleKindFusion, + AlertRuleKindMLBehaviorAnalytics, AlertRuleKindMicrosoftSecurityIncidentCreation, + AlertRuleKindNRT, AlertRuleKindScheduled, + AlertRuleKindThreatIntelligence, } } @@ -146,19 +197,23 @@ func PossibleAntispamMailDirectionValues() []AntispamMailDirection { type AttackTactic string const ( - AttackTacticCollection AttackTactic = "Collection" - AttackTacticCommandAndControl AttackTactic = "CommandAndControl" - AttackTacticCredentialAccess AttackTactic = "CredentialAccess" - AttackTacticDefenseEvasion AttackTactic = "DefenseEvasion" - AttackTacticDiscovery AttackTactic = "Discovery" - AttackTacticExecution AttackTactic = "Execution" - AttackTacticExfiltration AttackTactic = "Exfiltration" - AttackTacticImpact AttackTactic = "Impact" - AttackTacticInitialAccess AttackTactic = "InitialAccess" - AttackTacticLateralMovement AttackTactic = "LateralMovement" - AttackTacticPersistence AttackTactic = "Persistence" - AttackTacticPreAttack AttackTactic = "PreAttack" - AttackTacticPrivilegeEscalation AttackTactic = "PrivilegeEscalation" + AttackTacticCollection AttackTactic = "Collection" + AttackTacticCommandAndControl AttackTactic = "CommandAndControl" + AttackTacticCredentialAccess AttackTactic = "CredentialAccess" + AttackTacticDefenseEvasion AttackTactic = "DefenseEvasion" + AttackTacticDiscovery AttackTactic = "Discovery" + AttackTacticExecution AttackTactic = "Execution" + AttackTacticExfiltration AttackTactic = "Exfiltration" + AttackTacticImpact AttackTactic = "Impact" + AttackTacticImpairProcessControl AttackTactic = "ImpairProcessControl" + AttackTacticInhibitResponseFunction AttackTactic = "InhibitResponseFunction" + AttackTacticInitialAccess AttackTactic = "InitialAccess" + AttackTacticLateralMovement AttackTactic = "LateralMovement" + AttackTacticPersistence AttackTactic = "Persistence" + AttackTacticPreAttack AttackTactic = "PreAttack" + AttackTacticPrivilegeEscalation AttackTactic = "PrivilegeEscalation" + AttackTacticReconnaissance AttackTactic = "Reconnaissance" + AttackTacticResourceDevelopment AttackTactic = "ResourceDevelopment" ) // PossibleAttackTacticValues returns the possible values for the AttackTactic const type. @@ -172,11 +227,142 @@ func PossibleAttackTacticValues() []AttackTactic { AttackTacticExecution, AttackTacticExfiltration, AttackTacticImpact, + AttackTacticImpairProcessControl, + AttackTacticInhibitResponseFunction, AttackTacticInitialAccess, AttackTacticLateralMovement, AttackTacticPersistence, AttackTacticPreAttack, AttackTacticPrivilegeEscalation, + AttackTacticReconnaissance, + AttackTacticResourceDevelopment, + } +} + +type AutomationRuleBooleanConditionSupportedOperator string + +const ( + // AutomationRuleBooleanConditionSupportedOperatorAnd - Evaluates as true if all the item conditions are evaluated as true + AutomationRuleBooleanConditionSupportedOperatorAnd AutomationRuleBooleanConditionSupportedOperator = "And" + // AutomationRuleBooleanConditionSupportedOperatorOr - Evaluates as true if at least one of the item conditions are evaluated + // as true + AutomationRuleBooleanConditionSupportedOperatorOr AutomationRuleBooleanConditionSupportedOperator = "Or" +) + +// PossibleAutomationRuleBooleanConditionSupportedOperatorValues returns the possible values for the AutomationRuleBooleanConditionSupportedOperator const type. +func PossibleAutomationRuleBooleanConditionSupportedOperatorValues() []AutomationRuleBooleanConditionSupportedOperator { + return []AutomationRuleBooleanConditionSupportedOperator{ + AutomationRuleBooleanConditionSupportedOperatorAnd, + AutomationRuleBooleanConditionSupportedOperatorOr, + } +} + +type AutomationRulePropertyArrayChangedConditionSupportedArrayType string + +const ( + // AutomationRulePropertyArrayChangedConditionSupportedArrayTypeAlerts - Evaluate the condition on the alerts + AutomationRulePropertyArrayChangedConditionSupportedArrayTypeAlerts AutomationRulePropertyArrayChangedConditionSupportedArrayType = "Alerts" + // AutomationRulePropertyArrayChangedConditionSupportedArrayTypeComments - Evaluate the condition on the comments + AutomationRulePropertyArrayChangedConditionSupportedArrayTypeComments AutomationRulePropertyArrayChangedConditionSupportedArrayType = "Comments" + // AutomationRulePropertyArrayChangedConditionSupportedArrayTypeLabels - Evaluate the condition on the labels + AutomationRulePropertyArrayChangedConditionSupportedArrayTypeLabels AutomationRulePropertyArrayChangedConditionSupportedArrayType = "Labels" + // AutomationRulePropertyArrayChangedConditionSupportedArrayTypeTactics - Evaluate the condition on the tactics + AutomationRulePropertyArrayChangedConditionSupportedArrayTypeTactics AutomationRulePropertyArrayChangedConditionSupportedArrayType = "Tactics" +) + +// PossibleAutomationRulePropertyArrayChangedConditionSupportedArrayTypeValues returns the possible values for the AutomationRulePropertyArrayChangedConditionSupportedArrayType const type. +func PossibleAutomationRulePropertyArrayChangedConditionSupportedArrayTypeValues() []AutomationRulePropertyArrayChangedConditionSupportedArrayType { + return []AutomationRulePropertyArrayChangedConditionSupportedArrayType{ + AutomationRulePropertyArrayChangedConditionSupportedArrayTypeAlerts, + AutomationRulePropertyArrayChangedConditionSupportedArrayTypeComments, + AutomationRulePropertyArrayChangedConditionSupportedArrayTypeLabels, + AutomationRulePropertyArrayChangedConditionSupportedArrayTypeTactics, + } +} + +type AutomationRulePropertyArrayChangedConditionSupportedChangeType string + +const ( + // AutomationRulePropertyArrayChangedConditionSupportedChangeTypeAdded - Evaluate the condition on items added to the array + AutomationRulePropertyArrayChangedConditionSupportedChangeTypeAdded AutomationRulePropertyArrayChangedConditionSupportedChangeType = "Added" +) + +// PossibleAutomationRulePropertyArrayChangedConditionSupportedChangeTypeValues returns the possible values for the AutomationRulePropertyArrayChangedConditionSupportedChangeType const type. +func PossibleAutomationRulePropertyArrayChangedConditionSupportedChangeTypeValues() []AutomationRulePropertyArrayChangedConditionSupportedChangeType { + return []AutomationRulePropertyArrayChangedConditionSupportedChangeType{ + AutomationRulePropertyArrayChangedConditionSupportedChangeTypeAdded, + } +} + +type AutomationRulePropertyArrayConditionSupportedArrayConditionType string + +const ( + // AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAnyItem - Evaluate the condition as true if any item fulfills + // it + AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAnyItem AutomationRulePropertyArrayConditionSupportedArrayConditionType = "AnyItem" +) + +// PossibleAutomationRulePropertyArrayConditionSupportedArrayConditionTypeValues returns the possible values for the AutomationRulePropertyArrayConditionSupportedArrayConditionType const type. +func PossibleAutomationRulePropertyArrayConditionSupportedArrayConditionTypeValues() []AutomationRulePropertyArrayConditionSupportedArrayConditionType { + return []AutomationRulePropertyArrayConditionSupportedArrayConditionType{ + AutomationRulePropertyArrayConditionSupportedArrayConditionTypeAnyItem, + } +} + +type AutomationRulePropertyArrayConditionSupportedArrayType string + +const ( + // AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetailValues - Evaluate the condition on a custom detail's + // values + AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetailValues AutomationRulePropertyArrayConditionSupportedArrayType = "CustomDetailValues" + // AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetails - Evaluate the condition on the custom detail keys + AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetails AutomationRulePropertyArrayConditionSupportedArrayType = "CustomDetails" +) + +// PossibleAutomationRulePropertyArrayConditionSupportedArrayTypeValues returns the possible values for the AutomationRulePropertyArrayConditionSupportedArrayType const type. +func PossibleAutomationRulePropertyArrayConditionSupportedArrayTypeValues() []AutomationRulePropertyArrayConditionSupportedArrayType { + return []AutomationRulePropertyArrayConditionSupportedArrayType{ + AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetailValues, + AutomationRulePropertyArrayConditionSupportedArrayTypeCustomDetails, + } +} + +type AutomationRulePropertyChangedConditionSupportedChangedType string + +const ( + // AutomationRulePropertyChangedConditionSupportedChangedTypeChangedFrom - Evaluate the condition on the previous value of + // the property + AutomationRulePropertyChangedConditionSupportedChangedTypeChangedFrom AutomationRulePropertyChangedConditionSupportedChangedType = "ChangedFrom" + // AutomationRulePropertyChangedConditionSupportedChangedTypeChangedTo - Evaluate the condition on the updated value of the + // property + AutomationRulePropertyChangedConditionSupportedChangedTypeChangedTo AutomationRulePropertyChangedConditionSupportedChangedType = "ChangedTo" +) + +// PossibleAutomationRulePropertyChangedConditionSupportedChangedTypeValues returns the possible values for the AutomationRulePropertyChangedConditionSupportedChangedType const type. +func PossibleAutomationRulePropertyChangedConditionSupportedChangedTypeValues() []AutomationRulePropertyChangedConditionSupportedChangedType { + return []AutomationRulePropertyChangedConditionSupportedChangedType{ + AutomationRulePropertyChangedConditionSupportedChangedTypeChangedFrom, + AutomationRulePropertyChangedConditionSupportedChangedTypeChangedTo, + } +} + +type AutomationRulePropertyChangedConditionSupportedPropertyType string + +const ( + // AutomationRulePropertyChangedConditionSupportedPropertyTypeIncidentOwner - Evaluate the condition on the incident owner + AutomationRulePropertyChangedConditionSupportedPropertyTypeIncidentOwner AutomationRulePropertyChangedConditionSupportedPropertyType = "IncidentOwner" + // AutomationRulePropertyChangedConditionSupportedPropertyTypeIncidentSeverity - Evaluate the condition on the incident severity + AutomationRulePropertyChangedConditionSupportedPropertyTypeIncidentSeverity AutomationRulePropertyChangedConditionSupportedPropertyType = "IncidentSeverity" + // AutomationRulePropertyChangedConditionSupportedPropertyTypeIncidentStatus - Evaluate the condition on the incident status + AutomationRulePropertyChangedConditionSupportedPropertyTypeIncidentStatus AutomationRulePropertyChangedConditionSupportedPropertyType = "IncidentStatus" +) + +// PossibleAutomationRulePropertyChangedConditionSupportedPropertyTypeValues returns the possible values for the AutomationRulePropertyChangedConditionSupportedPropertyType const type. +func PossibleAutomationRulePropertyChangedConditionSupportedPropertyTypeValues() []AutomationRulePropertyChangedConditionSupportedPropertyType { + return []AutomationRulePropertyChangedConditionSupportedPropertyType{ + AutomationRulePropertyChangedConditionSupportedPropertyTypeIncidentOwner, + AutomationRulePropertyChangedConditionSupportedPropertyTypeIncidentSeverity, + AutomationRulePropertyChangedConditionSupportedPropertyTypeIncidentStatus, } } @@ -222,7 +408,7 @@ func PossibleAutomationRulePropertyConditionSupportedOperatorValues() []Automati } } -// AutomationRulePropertyConditionSupportedProperty - The property to evaluate in an automation rule property condition +// AutomationRulePropertyConditionSupportedProperty - The property to evaluate in an automation rule property condition. type AutomationRulePropertyConditionSupportedProperty string const ( @@ -242,6 +428,8 @@ const ( AutomationRulePropertyConditionSupportedPropertyAccountSid AutomationRulePropertyConditionSupportedProperty = "AccountSid" // AutomationRulePropertyConditionSupportedPropertyAccountUPNSuffix - The account user principal name suffix AutomationRulePropertyConditionSupportedPropertyAccountUPNSuffix AutomationRulePropertyConditionSupportedProperty = "AccountUPNSuffix" + // AutomationRulePropertyConditionSupportedPropertyAlertAnalyticRuleIDs - The analytic rule ids of the alert + AutomationRulePropertyConditionSupportedPropertyAlertAnalyticRuleIDs AutomationRulePropertyConditionSupportedProperty = "AlertAnalyticRuleIds" // AutomationRulePropertyConditionSupportedPropertyAlertProductNames - The name of the product of the alert AutomationRulePropertyConditionSupportedPropertyAlertProductNames AutomationRulePropertyConditionSupportedProperty = "AlertProductNames" // AutomationRulePropertyConditionSupportedPropertyAzureResourceResourceID - The Azure resource id @@ -272,6 +460,10 @@ const ( AutomationRulePropertyConditionSupportedPropertyHostOSVersion AutomationRulePropertyConditionSupportedProperty = "HostOSVersion" // AutomationRulePropertyConditionSupportedPropertyIPAddress - The IP address AutomationRulePropertyConditionSupportedPropertyIPAddress AutomationRulePropertyConditionSupportedProperty = "IPAddress" + // AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsKey - The incident custom detail key + AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsKey AutomationRulePropertyConditionSupportedProperty = "IncidentCustomDetailsKey" + // AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsValue - The incident custom detail value + AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsValue AutomationRulePropertyConditionSupportedProperty = "IncidentCustomDetailsValue" // AutomationRulePropertyConditionSupportedPropertyIncidentDescription - The description of the incident AutomationRulePropertyConditionSupportedPropertyIncidentDescription AutomationRulePropertyConditionSupportedProperty = "IncidentDescription" // AutomationRulePropertyConditionSupportedPropertyIncidentLabel - The labels of the incident @@ -288,6 +480,8 @@ const ( AutomationRulePropertyConditionSupportedPropertyIncidentTactics AutomationRulePropertyConditionSupportedProperty = "IncidentTactics" // AutomationRulePropertyConditionSupportedPropertyIncidentTitle - The title of the incident AutomationRulePropertyConditionSupportedPropertyIncidentTitle AutomationRulePropertyConditionSupportedProperty = "IncidentTitle" + // AutomationRulePropertyConditionSupportedPropertyIncidentUpdatedBySource - The update source of the incident + AutomationRulePropertyConditionSupportedPropertyIncidentUpdatedBySource AutomationRulePropertyConditionSupportedProperty = "IncidentUpdatedBySource" // AutomationRulePropertyConditionSupportedPropertyIoTDeviceID - "The IoT device id AutomationRulePropertyConditionSupportedPropertyIoTDeviceID AutomationRulePropertyConditionSupportedProperty = "IoTDeviceId" // AutomationRulePropertyConditionSupportedPropertyIoTDeviceModel - The IoT device model @@ -347,6 +541,7 @@ func PossibleAutomationRulePropertyConditionSupportedPropertyValues() []Automati AutomationRulePropertyConditionSupportedPropertyAccountPUID, AutomationRulePropertyConditionSupportedPropertyAccountSid, AutomationRulePropertyConditionSupportedPropertyAccountUPNSuffix, + AutomationRulePropertyConditionSupportedPropertyAlertAnalyticRuleIDs, AutomationRulePropertyConditionSupportedPropertyAlertProductNames, AutomationRulePropertyConditionSupportedPropertyAzureResourceResourceID, AutomationRulePropertyConditionSupportedPropertyAzureResourceSubscriptionID, @@ -362,6 +557,8 @@ func PossibleAutomationRulePropertyConditionSupportedPropertyValues() []Automati AutomationRulePropertyConditionSupportedPropertyHostNetBiosName, AutomationRulePropertyConditionSupportedPropertyHostOSVersion, AutomationRulePropertyConditionSupportedPropertyIPAddress, + AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsKey, + AutomationRulePropertyConditionSupportedPropertyIncidentCustomDetailsValue, AutomationRulePropertyConditionSupportedPropertyIncidentDescription, AutomationRulePropertyConditionSupportedPropertyIncidentLabel, AutomationRulePropertyConditionSupportedPropertyIncidentProviderName, @@ -370,6 +567,7 @@ func PossibleAutomationRulePropertyConditionSupportedPropertyValues() []Automati AutomationRulePropertyConditionSupportedPropertyIncidentStatus, AutomationRulePropertyConditionSupportedPropertyIncidentTactics, AutomationRulePropertyConditionSupportedPropertyIncidentTitle, + AutomationRulePropertyConditionSupportedPropertyIncidentUpdatedBySource, AutomationRulePropertyConditionSupportedPropertyIoTDeviceID, AutomationRulePropertyConditionSupportedPropertyIoTDeviceModel, AutomationRulePropertyConditionSupportedPropertyIoTDeviceName, @@ -396,17 +594,77 @@ func PossibleAutomationRulePropertyConditionSupportedPropertyValues() []Automati } } +// BillingStatisticKind - The kind of the billing statistic +type BillingStatisticKind string + +const ( + BillingStatisticKindSapSolutionUsage BillingStatisticKind = "SapSolutionUsage" +) + +// PossibleBillingStatisticKindValues returns the possible values for the BillingStatisticKind const type. +func PossibleBillingStatisticKindValues() []BillingStatisticKind { + return []BillingStatisticKind{ + BillingStatisticKindSapSolutionUsage, + } +} + +// CcpAuthType - Type of paging +type CcpAuthType string + +const ( + CcpAuthTypeAPIKey CcpAuthType = "APIKey" + CcpAuthTypeAWS CcpAuthType = "AWS" + CcpAuthTypeBasic CcpAuthType = "Basic" + CcpAuthTypeGCP CcpAuthType = "GCP" + CcpAuthTypeGitHub CcpAuthType = "GitHub" + CcpAuthTypeJwtToken CcpAuthType = "JwtToken" + CcpAuthTypeNone CcpAuthType = "None" + CcpAuthTypeOAuth2 CcpAuthType = "OAuth2" + CcpAuthTypeOracle CcpAuthType = "Oracle" + CcpAuthTypeServiceBus CcpAuthType = "ServiceBus" + CcpAuthTypeSession CcpAuthType = "Session" +) + +// PossibleCcpAuthTypeValues returns the possible values for the CcpAuthType const type. +func PossibleCcpAuthTypeValues() []CcpAuthType { + return []CcpAuthType{ + CcpAuthTypeAPIKey, + CcpAuthTypeAWS, + CcpAuthTypeBasic, + CcpAuthTypeGCP, + CcpAuthTypeGitHub, + CcpAuthTypeJwtToken, + CcpAuthTypeNone, + CcpAuthTypeOAuth2, + CcpAuthTypeOracle, + CcpAuthTypeServiceBus, + CcpAuthTypeSession, + } +} + type ConditionType string const ( + // ConditionTypeBoolean - Apply a boolean operator (e.g AND, OR) to conditions + ConditionTypeBoolean ConditionType = "Boolean" // ConditionTypeProperty - Evaluate an object property value ConditionTypeProperty ConditionType = "Property" + // ConditionTypePropertyArray - Evaluate an object array property value + ConditionTypePropertyArray ConditionType = "PropertyArray" + // ConditionTypePropertyArrayChanged - Evaluate an object array property changed value + ConditionTypePropertyArrayChanged ConditionType = "PropertyArrayChanged" + // ConditionTypePropertyChanged - Evaluate an object property changed value + ConditionTypePropertyChanged ConditionType = "PropertyChanged" ) // PossibleConditionTypeValues returns the possible values for the ConditionType const type. func PossibleConditionTypeValues() []ConditionType { return []ConditionType{ + ConditionTypeBoolean, ConditionTypeProperty, + ConditionTypePropertyArray, + ConditionTypePropertyArrayChanged, + ConditionTypePropertyChanged, } } @@ -457,6 +715,80 @@ func PossibleConfidenceScoreStatusValues() []ConfidenceScoreStatus { } } +// ConnectAuthKind - The authentication kind used to poll the data +type ConnectAuthKind string + +const ( + ConnectAuthKindAPIKey ConnectAuthKind = "APIKey" + ConnectAuthKindBasic ConnectAuthKind = "Basic" + ConnectAuthKindOAuth2 ConnectAuthKind = "OAuth2" +) + +// PossibleConnectAuthKindValues returns the possible values for the ConnectAuthKind const type. +func PossibleConnectAuthKindValues() []ConnectAuthKind { + return []ConnectAuthKind{ + ConnectAuthKindAPIKey, + ConnectAuthKindBasic, + ConnectAuthKindOAuth2, + } +} + +// Connective - Represents boolean connectives used to join clauses in conditions. +type Connective string + +const ( + // ConnectiveAnd - 'And' connective + ConnectiveAnd Connective = "And" + // ConnectiveOr - 'Or' connective + ConnectiveOr Connective = "Or" +) + +// PossibleConnectiveValues returns the possible values for the Connective const type. +func PossibleConnectiveValues() []Connective { + return []Connective{ + ConnectiveAnd, + ConnectiveOr, + } +} + +// ConnectivityType - type of connectivity +type ConnectivityType string + +const ( + ConnectivityTypeIsConnectedQuery ConnectivityType = "IsConnectedQuery" +) + +// PossibleConnectivityTypeValues returns the possible values for the ConnectivityType const type. +func PossibleConnectivityTypeValues() []ConnectivityType { + return []ConnectivityType{ + ConnectivityTypeIsConnectedQuery, + } +} + +// ContentType - The content type of a source control path. +type ContentType string + +const ( + ContentTypeAnalyticRule ContentType = "AnalyticRule" + ContentTypeAutomationRule ContentType = "AutomationRule" + ContentTypeHuntingQuery ContentType = "HuntingQuery" + ContentTypeParser ContentType = "Parser" + ContentTypePlaybook ContentType = "Playbook" + ContentTypeWorkbook ContentType = "Workbook" +) + +// PossibleContentTypeValues returns the possible values for the ContentType const type. +func PossibleContentTypeValues() []ContentType { + return []ContentType{ + ContentTypeAnalyticRule, + ContentTypeAutomationRule, + ContentTypeHuntingQuery, + ContentTypeParser, + ContentTypePlaybook, + ContentTypeWorkbook, + } +} + // CreatedByType - The type of identity that created the resource. type CreatedByType string @@ -477,31 +809,123 @@ func PossibleCreatedByTypeValues() []CreatedByType { } } +// CustomEntityQueryKind - The kind of the entity query that supports put request. +type CustomEntityQueryKind string + +const ( + CustomEntityQueryKindActivity CustomEntityQueryKind = "Activity" +) + +// PossibleCustomEntityQueryKindValues returns the possible values for the CustomEntityQueryKind const type. +func PossibleCustomEntityQueryKindValues() []CustomEntityQueryKind { + return []CustomEntityQueryKind{ + CustomEntityQueryKindActivity, + } +} + +// DataConnectorAuthorizationState - Describes the state of user's authorization for a connector kind. +type DataConnectorAuthorizationState string + +const ( + DataConnectorAuthorizationStateInvalid DataConnectorAuthorizationState = "Invalid" + DataConnectorAuthorizationStateValid DataConnectorAuthorizationState = "Valid" +) + +// PossibleDataConnectorAuthorizationStateValues returns the possible values for the DataConnectorAuthorizationState const type. +func PossibleDataConnectorAuthorizationStateValues() []DataConnectorAuthorizationState { + return []DataConnectorAuthorizationState{ + DataConnectorAuthorizationStateInvalid, + DataConnectorAuthorizationStateValid, + } +} + +// DataConnectorDefinitionKind - The kind of the data connector definitions +type DataConnectorDefinitionKind string + +const ( + DataConnectorDefinitionKindCustomizable DataConnectorDefinitionKind = "Customizable" +) + +// PossibleDataConnectorDefinitionKindValues returns the possible values for the DataConnectorDefinitionKind const type. +func PossibleDataConnectorDefinitionKindValues() []DataConnectorDefinitionKind { + return []DataConnectorDefinitionKind{ + DataConnectorDefinitionKindCustomizable, + } +} + // DataConnectorKind - The kind of the data connector type DataConnectorKind string const ( + DataConnectorKindAPIPolling DataConnectorKind = "APIPolling" DataConnectorKindAmazonWebServicesCloudTrail DataConnectorKind = "AmazonWebServicesCloudTrail" + DataConnectorKindAmazonWebServicesS3 DataConnectorKind = "AmazonWebServicesS3" DataConnectorKindAzureActiveDirectory DataConnectorKind = "AzureActiveDirectory" DataConnectorKindAzureAdvancedThreatProtection DataConnectorKind = "AzureAdvancedThreatProtection" DataConnectorKindAzureSecurityCenter DataConnectorKind = "AzureSecurityCenter" + DataConnectorKindDynamics365 DataConnectorKind = "Dynamics365" + DataConnectorKindGCP DataConnectorKind = "GCP" + DataConnectorKindGenericUI DataConnectorKind = "GenericUI" + DataConnectorKindIOT DataConnectorKind = "IOT" DataConnectorKindMicrosoftCloudAppSecurity DataConnectorKind = "MicrosoftCloudAppSecurity" DataConnectorKindMicrosoftDefenderAdvancedThreatProtection DataConnectorKind = "MicrosoftDefenderAdvancedThreatProtection" + DataConnectorKindMicrosoftPurviewInformationProtection DataConnectorKind = "MicrosoftPurviewInformationProtection" + DataConnectorKindMicrosoftThreatIntelligence DataConnectorKind = "MicrosoftThreatIntelligence" + DataConnectorKindMicrosoftThreatProtection DataConnectorKind = "MicrosoftThreatProtection" DataConnectorKindOffice365 DataConnectorKind = "Office365" + DataConnectorKindOffice365Project DataConnectorKind = "Office365Project" + DataConnectorKindOfficeATP DataConnectorKind = "OfficeATP" + DataConnectorKindOfficeIRM DataConnectorKind = "OfficeIRM" + DataConnectorKindOfficePowerBI DataConnectorKind = "OfficePowerBI" + DataConnectorKindRestAPIPoller DataConnectorKind = "RestApiPoller" DataConnectorKindThreatIntelligence DataConnectorKind = "ThreatIntelligence" + DataConnectorKindThreatIntelligenceTaxii DataConnectorKind = "ThreatIntelligenceTaxii" ) // PossibleDataConnectorKindValues returns the possible values for the DataConnectorKind const type. func PossibleDataConnectorKindValues() []DataConnectorKind { return []DataConnectorKind{ + DataConnectorKindAPIPolling, DataConnectorKindAmazonWebServicesCloudTrail, + DataConnectorKindAmazonWebServicesS3, DataConnectorKindAzureActiveDirectory, DataConnectorKindAzureAdvancedThreatProtection, DataConnectorKindAzureSecurityCenter, + DataConnectorKindDynamics365, + DataConnectorKindGCP, + DataConnectorKindGenericUI, + DataConnectorKindIOT, DataConnectorKindMicrosoftCloudAppSecurity, DataConnectorKindMicrosoftDefenderAdvancedThreatProtection, + DataConnectorKindMicrosoftPurviewInformationProtection, + DataConnectorKindMicrosoftThreatIntelligence, + DataConnectorKindMicrosoftThreatProtection, DataConnectorKindOffice365, + DataConnectorKindOffice365Project, + DataConnectorKindOfficeATP, + DataConnectorKindOfficeIRM, + DataConnectorKindOfficePowerBI, + DataConnectorKindRestAPIPoller, DataConnectorKindThreatIntelligence, + DataConnectorKindThreatIntelligenceTaxii, + } +} + +// DataConnectorLicenseState - Describes the state of user's license for a connector kind. +type DataConnectorLicenseState string + +const ( + DataConnectorLicenseStateInvalid DataConnectorLicenseState = "Invalid" + DataConnectorLicenseStateUnknown DataConnectorLicenseState = "Unknown" + DataConnectorLicenseStateValid DataConnectorLicenseState = "Valid" +) + +// PossibleDataConnectorLicenseStateValues returns the possible values for the DataConnectorLicenseState const type. +func PossibleDataConnectorLicenseStateValues() []DataConnectorLicenseState { + return []DataConnectorLicenseState{ + DataConnectorLicenseStateInvalid, + DataConnectorLicenseStateUnknown, + DataConnectorLicenseStateValid, } } @@ -521,6 +945,27 @@ func PossibleDataTypeStateValues() []DataTypeState { } } +// DeleteStatus - Indicates whether the file was deleted from the storage account. +type DeleteStatus string + +const ( + // DeleteStatusDeleted - The file was deleted. + DeleteStatusDeleted DeleteStatus = "Deleted" + // DeleteStatusNotDeleted - The file was not deleted. + DeleteStatusNotDeleted DeleteStatus = "NotDeleted" + // DeleteStatusUnspecified - Unspecified + DeleteStatusUnspecified DeleteStatus = "Unspecified" +) + +// PossibleDeleteStatusValues returns the possible values for the DeleteStatus const type. +func PossibleDeleteStatusValues() []DeleteStatus { + return []DeleteStatus{ + DeleteStatusDeleted, + DeleteStatusNotDeleted, + DeleteStatusUnspecified, + } +} + // DeliveryAction - The delivery action of this mail message like Delivered, Blocked, Replaced etc type DeliveryAction string @@ -587,6 +1032,86 @@ func PossibleDeliveryLocationValues() []DeliveryLocation { } } +// DeploymentFetchStatus - Status while trying to fetch the deployment information. +type DeploymentFetchStatus string + +const ( + DeploymentFetchStatusNotFound DeploymentFetchStatus = "NotFound" + DeploymentFetchStatusSuccess DeploymentFetchStatus = "Success" + DeploymentFetchStatusUnauthorized DeploymentFetchStatus = "Unauthorized" +) + +// PossibleDeploymentFetchStatusValues returns the possible values for the DeploymentFetchStatus const type. +func PossibleDeploymentFetchStatusValues() []DeploymentFetchStatus { + return []DeploymentFetchStatus{ + DeploymentFetchStatusNotFound, + DeploymentFetchStatusSuccess, + DeploymentFetchStatusUnauthorized, + } +} + +// DeploymentResult - Status while trying to fetch the deployment information. +type DeploymentResult string + +const ( + DeploymentResultCanceled DeploymentResult = "Canceled" + DeploymentResultFailed DeploymentResult = "Failed" + DeploymentResultSuccess DeploymentResult = "Success" +) + +// PossibleDeploymentResultValues returns the possible values for the DeploymentResult const type. +func PossibleDeploymentResultValues() []DeploymentResult { + return []DeploymentResult{ + DeploymentResultCanceled, + DeploymentResultFailed, + DeploymentResultSuccess, + } +} + +// DeploymentState - The current state of the deployment. +type DeploymentState string + +const ( + DeploymentStateCanceling DeploymentState = "Canceling" + DeploymentStateCompleted DeploymentState = "Completed" + DeploymentStateInProgress DeploymentState = "In_Progress" + DeploymentStateQueued DeploymentState = "Queued" +) + +// PossibleDeploymentStateValues returns the possible values for the DeploymentState const type. +func PossibleDeploymentStateValues() []DeploymentState { + return []DeploymentState{ + DeploymentStateCanceling, + DeploymentStateCompleted, + DeploymentStateInProgress, + DeploymentStateQueued, + } +} + +// DeviceImportance - Device importance, determines if the device classified as 'crown jewel' +type DeviceImportance string + +const ( + // DeviceImportanceHigh - High + DeviceImportanceHigh DeviceImportance = "High" + // DeviceImportanceLow - Low + DeviceImportanceLow DeviceImportance = "Low" + // DeviceImportanceNormal - Normal + DeviceImportanceNormal DeviceImportance = "Normal" + // DeviceImportanceUnknown - Unknown - Default value + DeviceImportanceUnknown DeviceImportance = "Unknown" +) + +// PossibleDeviceImportanceValues returns the possible values for the DeviceImportance const type. +func PossibleDeviceImportanceValues() []DeviceImportance { + return []DeviceImportance{ + DeviceImportanceHigh, + DeviceImportanceLow, + DeviceImportanceNormal, + DeviceImportanceUnknown, + } +} + // ElevationToken - The elevation token associated with the process. type ElevationToken string @@ -608,6 +1133,33 @@ func PossibleElevationTokenValues() []ElevationToken { } } +type EnrichmentType string + +const ( + EnrichmentTypeMain EnrichmentType = "main" +) + +// PossibleEnrichmentTypeValues returns the possible values for the EnrichmentType const type. +func PossibleEnrichmentTypeValues() []EnrichmentType { + return []EnrichmentType{ + EnrichmentTypeMain, + } +} + +type EntityItemQueryKind string + +const ( + // EntityItemQueryKindInsight - insight + EntityItemQueryKindInsight EntityItemQueryKind = "Insight" +) + +// PossibleEntityItemQueryKindValues returns the possible values for the EntityItemQueryKind const type. +func PossibleEntityItemQueryKindValues() []EntityItemQueryKind { + return []EntityItemQueryKind{ + EntityItemQueryKindInsight, + } +} + // EntityKindEnum - The kind of the entity type EntityKindEnum string @@ -640,6 +1192,8 @@ const ( EntityKindEnumMailbox EntityKindEnum = "Mailbox" // EntityKindEnumMalware - Entity represents malware in the system. EntityKindEnumMalware EntityKindEnum = "Malware" + // EntityKindEnumNic - Entity represents network interface in the system. + EntityKindEnumNic EntityKindEnum = "Nic" // EntityKindEnumProcess - Entity represents process in the system. EntityKindEnumProcess EntityKindEnum = "Process" // EntityKindEnumRegistryKey - Entity represents registry key in the system. @@ -673,6 +1227,7 @@ func PossibleEntityKindEnumValues() []EntityKindEnum { EntityKindEnumMailMessage, EntityKindEnumMailbox, EntityKindEnumMalware, + EntityKindEnumNic, EntityKindEnumProcess, EntityKindEnumRegistryKey, EntityKindEnumRegistryValue, @@ -749,6 +1304,184 @@ func PossibleEntityMappingTypeValues() []EntityMappingType { } } +// EntityProviders - The entity provider that is synced. +type EntityProviders string + +const ( + EntityProvidersActiveDirectory EntityProviders = "ActiveDirectory" + EntityProvidersAzureActiveDirectory EntityProviders = "AzureActiveDirectory" +) + +// PossibleEntityProvidersValues returns the possible values for the EntityProviders const type. +func PossibleEntityProvidersValues() []EntityProviders { + return []EntityProviders{ + EntityProvidersActiveDirectory, + EntityProvidersAzureActiveDirectory, + } +} + +// EntityQueryKind - The kind of the entity query +type EntityQueryKind string + +const ( + EntityQueryKindActivity EntityQueryKind = "Activity" + EntityQueryKindExpansion EntityQueryKind = "Expansion" + EntityQueryKindInsight EntityQueryKind = "Insight" +) + +// PossibleEntityQueryKindValues returns the possible values for the EntityQueryKind const type. +func PossibleEntityQueryKindValues() []EntityQueryKind { + return []EntityQueryKind{ + EntityQueryKindActivity, + EntityQueryKindExpansion, + EntityQueryKindInsight, + } +} + +// EntityQueryTemplateKind - The kind of the entity query template. +type EntityQueryTemplateKind string + +const ( + EntityQueryTemplateKindActivity EntityQueryTemplateKind = "Activity" +) + +// PossibleEntityQueryTemplateKindValues returns the possible values for the EntityQueryTemplateKind const type. +func PossibleEntityQueryTemplateKindValues() []EntityQueryTemplateKind { + return []EntityQueryTemplateKind{ + EntityQueryTemplateKindActivity, + } +} + +// EntityTimelineKind - The entity query kind +type EntityTimelineKind string + +const ( + // EntityTimelineKindActivity - activity + EntityTimelineKindActivity EntityTimelineKind = "Activity" + // EntityTimelineKindAnomaly - anomaly + EntityTimelineKindAnomaly EntityTimelineKind = "Anomaly" + // EntityTimelineKindBookmark - bookmarks + EntityTimelineKindBookmark EntityTimelineKind = "Bookmark" + // EntityTimelineKindSecurityAlert - security alerts + EntityTimelineKindSecurityAlert EntityTimelineKind = "SecurityAlert" +) + +// PossibleEntityTimelineKindValues returns the possible values for the EntityTimelineKind const type. +func PossibleEntityTimelineKindValues() []EntityTimelineKind { + return []EntityTimelineKind{ + EntityTimelineKindActivity, + EntityTimelineKindAnomaly, + EntityTimelineKindBookmark, + EntityTimelineKindSecurityAlert, + } +} + +// EntityType - The type of the entity +type EntityType string + +const ( + // EntityTypeAccount - Entity represents account in the system. + EntityTypeAccount EntityType = "Account" + // EntityTypeAzureResource - Entity represents azure resource in the system. + EntityTypeAzureResource EntityType = "AzureResource" + // EntityTypeCloudApplication - Entity represents cloud application in the system. + EntityTypeCloudApplication EntityType = "CloudApplication" + // EntityTypeDNS - Entity represents dns in the system. + EntityTypeDNS EntityType = "DNS" + // EntityTypeFile - Entity represents file in the system. + EntityTypeFile EntityType = "File" + // EntityTypeFileHash - Entity represents file hash in the system. + EntityTypeFileHash EntityType = "FileHash" + // EntityTypeHost - Entity represents host in the system. + EntityTypeHost EntityType = "Host" + // EntityTypeHuntingBookmark - Entity represents HuntingBookmark in the system. + EntityTypeHuntingBookmark EntityType = "HuntingBookmark" + // EntityTypeIP - Entity represents ip in the system. + EntityTypeIP EntityType = "IP" + // EntityTypeIoTDevice - Entity represents IoT device in the system. + EntityTypeIoTDevice EntityType = "IoTDevice" + // EntityTypeMailCluster - Entity represents mail cluster in the system. + EntityTypeMailCluster EntityType = "MailCluster" + // EntityTypeMailMessage - Entity represents mail message in the system. + EntityTypeMailMessage EntityType = "MailMessage" + // EntityTypeMailbox - Entity represents mailbox in the system. + EntityTypeMailbox EntityType = "Mailbox" + // EntityTypeMalware - Entity represents malware in the system. + EntityTypeMalware EntityType = "Malware" + // EntityTypeNic - Entity represents network interface in the system. + EntityTypeNic EntityType = "Nic" + // EntityTypeProcess - Entity represents process in the system. + EntityTypeProcess EntityType = "Process" + // EntityTypeRegistryKey - Entity represents registry key in the system. + EntityTypeRegistryKey EntityType = "RegistryKey" + // EntityTypeRegistryValue - Entity represents registry value in the system. + EntityTypeRegistryValue EntityType = "RegistryValue" + // EntityTypeSecurityAlert - Entity represents security alert in the system. + EntityTypeSecurityAlert EntityType = "SecurityAlert" + // EntityTypeSecurityGroup - Entity represents security group in the system. + EntityTypeSecurityGroup EntityType = "SecurityGroup" + // EntityTypeSubmissionMail - Entity represents submission mail in the system. + EntityTypeSubmissionMail EntityType = "SubmissionMail" + // EntityTypeURL - Entity represents url in the system. + EntityTypeURL EntityType = "URL" +) + +// PossibleEntityTypeValues returns the possible values for the EntityType const type. +func PossibleEntityTypeValues() []EntityType { + return []EntityType{ + EntityTypeAccount, + EntityTypeAzureResource, + EntityTypeCloudApplication, + EntityTypeDNS, + EntityTypeFile, + EntityTypeFileHash, + EntityTypeHost, + EntityTypeHuntingBookmark, + EntityTypeIP, + EntityTypeIoTDevice, + EntityTypeMailCluster, + EntityTypeMailMessage, + EntityTypeMailbox, + EntityTypeMalware, + EntityTypeNic, + EntityTypeProcess, + EntityTypeRegistryKey, + EntityTypeRegistryValue, + EntityTypeSecurityAlert, + EntityTypeSecurityGroup, + EntityTypeSubmissionMail, + EntityTypeURL, + } +} + +type Enum21 string + +const ( + Enum21Activity Enum21 = "Activity" + Enum21Expansion Enum21 = "Expansion" +) + +// PossibleEnum21Values returns the possible values for the Enum21 const type. +func PossibleEnum21Values() []Enum21 { + return []Enum21{ + Enum21Activity, + Enum21Expansion, + } +} + +type Enum23 string + +const ( + Enum23Activity Enum23 = "Activity" +) + +// PossibleEnum23Values returns the possible values for the Enum23 const type. +func PossibleEnum23Values() []Enum23 { + return []Enum23{ + Enum23Activity, + } +} + // EventGroupingAggregationKind - The event grouping aggregation kinds type EventGroupingAggregationKind string @@ -765,6 +1498,27 @@ func PossibleEventGroupingAggregationKindValues() []EventGroupingAggregationKind } } +// FileFormat - The format of the file +type FileFormat string + +const ( + // FileFormatCSV - A CSV file. + FileFormatCSV FileFormat = "CSV" + // FileFormatJSON - A JSON file. + FileFormatJSON FileFormat = "JSON" + // FileFormatUnspecified - A file of other format. + FileFormatUnspecified FileFormat = "Unspecified" +) + +// PossibleFileFormatValues returns the possible values for the FileFormat const type. +func PossibleFileFormatValues() []FileFormat { + return []FileFormat{ + FileFormatCSV, + FileFormatJSON, + FileFormatUnspecified, + } +} + // FileHashAlgorithm - The hash algorithm type. type FileHashAlgorithm string @@ -792,6 +1546,129 @@ func PossibleFileHashAlgorithmValues() []FileHashAlgorithm { } } +// FileImportContentType - The content type of this file. +type FileImportContentType string + +const ( + // FileImportContentTypeBasicIndicator - File containing records with the core fields of an indicator, plus the observables + // to construct the STIX pattern. + FileImportContentTypeBasicIndicator FileImportContentType = "BasicIndicator" + // FileImportContentTypeStixIndicator - File containing STIX indicators. + FileImportContentTypeStixIndicator FileImportContentType = "StixIndicator" + // FileImportContentTypeUnspecified - File containing other records. + FileImportContentTypeUnspecified FileImportContentType = "Unspecified" +) + +// PossibleFileImportContentTypeValues returns the possible values for the FileImportContentType const type. +func PossibleFileImportContentTypeValues() []FileImportContentType { + return []FileImportContentType{ + FileImportContentTypeBasicIndicator, + FileImportContentTypeStixIndicator, + FileImportContentTypeUnspecified, + } +} + +// FileImportState - The state of the file import. +type FileImportState string + +const ( + // FileImportStateFatalError - A fatal error has occurred while ingesting the file. + FileImportStateFatalError FileImportState = "FatalError" + // FileImportStateInProgress - The file ingestion is in progress. + FileImportStateInProgress FileImportState = "InProgress" + // FileImportStateIngested - The file has been ingested. + FileImportStateIngested FileImportState = "Ingested" + // FileImportStateIngestedWithErrors - The file has been ingested with errors. + FileImportStateIngestedWithErrors FileImportState = "IngestedWithErrors" + // FileImportStateInvalid - The file is invalid. + FileImportStateInvalid FileImportState = "Invalid" + // FileImportStateUnspecified - Unspecified state. + FileImportStateUnspecified FileImportState = "Unspecified" + // FileImportStateWaitingForUpload - Waiting for the file to be uploaded. + FileImportStateWaitingForUpload FileImportState = "WaitingForUpload" +) + +// PossibleFileImportStateValues returns the possible values for the FileImportState const type. +func PossibleFileImportStateValues() []FileImportState { + return []FileImportState{ + FileImportStateFatalError, + FileImportStateInProgress, + FileImportStateIngested, + FileImportStateIngestedWithErrors, + FileImportStateInvalid, + FileImportStateUnspecified, + FileImportStateWaitingForUpload, + } +} + +// Flag - The boolean value the metadata is for. +type Flag string + +const ( + FlagFalse Flag = "false" + FlagTrue Flag = "true" +) + +// PossibleFlagValues returns the possible values for the Flag const type. +func PossibleFlagValues() []Flag { + return []Flag{ + FlagFalse, + FlagTrue, + } +} + +// GetInsightsError - the query kind +type GetInsightsError string + +const ( + GetInsightsErrorInsight GetInsightsError = "Insight" +) + +// PossibleGetInsightsErrorValues returns the possible values for the GetInsightsError const type. +func PossibleGetInsightsErrorValues() []GetInsightsError { + return []GetInsightsError{ + GetInsightsErrorInsight, + } +} + +// HTTPMethodVerb - The HTTP method, default value GET. +type HTTPMethodVerb string + +const ( + HTTPMethodVerbDELETE HTTPMethodVerb = "DELETE" + HTTPMethodVerbGET HTTPMethodVerb = "GET" + HTTPMethodVerbPOST HTTPMethodVerb = "POST" + HTTPMethodVerbPUT HTTPMethodVerb = "PUT" +) + +// PossibleHTTPMethodVerbValues returns the possible values for the HTTPMethodVerb const type. +func PossibleHTTPMethodVerbValues() []HTTPMethodVerb { + return []HTTPMethodVerb{ + HTTPMethodVerbDELETE, + HTTPMethodVerbGET, + HTTPMethodVerbPOST, + HTTPMethodVerbPUT, + } +} + +// HypothesisStatus - The hypothesis status of the hunt. +type HypothesisStatus string + +const ( + HypothesisStatusInvalidated HypothesisStatus = "Invalidated" + HypothesisStatusUnknown HypothesisStatus = "Unknown" + HypothesisStatusValidated HypothesisStatus = "Validated" +) + +// PossibleHypothesisStatusValues returns the possible values for the HypothesisStatus const type. +func PossibleHypothesisStatusValues() []HypothesisStatus { + return []HypothesisStatus{ + HypothesisStatusInvalidated, + HypothesisStatusUnknown, + HypothesisStatusValidated, + } +} + // IncidentClassification - The reason the incident was closed type IncidentClassification string @@ -903,7 +1780,45 @@ func PossibleIncidentStatusValues() []IncidentStatus { } } -// KillChainIntent - Holds the alert intent stage(s) mapping for this alert. +type IncidentTaskStatus string + +const ( + // IncidentTaskStatusCompleted - A completed task + IncidentTaskStatusCompleted IncidentTaskStatus = "Completed" + // IncidentTaskStatusNew - A new task + IncidentTaskStatusNew IncidentTaskStatus = "New" +) + +// PossibleIncidentTaskStatusValues returns the possible values for the IncidentTaskStatus const type. +func PossibleIncidentTaskStatusValues() []IncidentTaskStatus { + return []IncidentTaskStatus{ + IncidentTaskStatusCompleted, + IncidentTaskStatusNew, + } +} + +// IngestionMode - Describes how to ingest the records in the file. +type IngestionMode string + +const ( + // IngestionModeIngestAnyValidRecords - Valid records should still be ingested when invalid records are detected. + IngestionModeIngestAnyValidRecords IngestionMode = "IngestAnyValidRecords" + // IngestionModeIngestOnlyIfAllAreValid - No records should be ingested when invalid records are detected. + IngestionModeIngestOnlyIfAllAreValid IngestionMode = "IngestOnlyIfAllAreValid" + // IngestionModeUnspecified - Unspecified + IngestionModeUnspecified IngestionMode = "Unspecified" +) + +// PossibleIngestionModeValues returns the possible values for the IngestionMode const type. +func PossibleIngestionModeValues() []IngestionMode { + return []IngestionMode{ + IngestionModeIngestAnyValidRecords, + IngestionModeIngestOnlyIfAllAreValid, + IngestionModeUnspecified, + } +} + +// KillChainIntent - The intent of the alert. type KillChainIntent string const ( @@ -925,8 +1840,8 @@ const ( // benefit of subverting a particular defense or mitigation. KillChainIntentDefenseEvasion KillChainIntent = "DefenseEvasion" // KillChainIntentDiscovery - Discovery consists of techniques that allow the adversary to gain knowledge about the system - // and internal network. When adversaries gain access to a new system, they must orient themselves to what they now have control - // of and what benefits operating from that system give to their current objective or overall goals during the intrusion. + // and internal network. When adversaries gain access to a new system, they must navigate themselves to what they now have + // control of and what benefits operating from that system give to their current objective or overall goals during the intrusion. // The operating system provides many native tools that aid in this post-compromise information-gathering phase. KillChainIntentDiscovery KillChainIntent = "Discovery" // KillChainIntentExecution - The execution tactic represents techniques that result in execution of adversary-controlled @@ -991,6 +1906,52 @@ func PossibleKillChainIntentValues() []KillChainIntent { } } +// Kind - The kind of content the metadata is for. +type Kind string + +const ( + KindAnalyticsRule Kind = "AnalyticsRule" + KindAnalyticsRuleTemplate Kind = "AnalyticsRuleTemplate" + KindAutomationRule Kind = "AutomationRule" + KindAzureFunction Kind = "AzureFunction" + KindDataConnector Kind = "DataConnector" + KindDataType Kind = "DataType" + KindHuntingQuery Kind = "HuntingQuery" + KindInvestigationQuery Kind = "InvestigationQuery" + KindLogicAppsCustomConnector Kind = "LogicAppsCustomConnector" + KindParser Kind = "Parser" + KindPlaybook Kind = "Playbook" + KindPlaybookTemplate Kind = "PlaybookTemplate" + KindSolution Kind = "Solution" + KindWatchlist Kind = "Watchlist" + KindWatchlistTemplate Kind = "WatchlistTemplate" + KindWorkbook Kind = "Workbook" + KindWorkbookTemplate Kind = "WorkbookTemplate" +) + +// PossibleKindValues returns the possible values for the Kind const type. +func PossibleKindValues() []Kind { + return []Kind{ + KindAnalyticsRule, + KindAnalyticsRuleTemplate, + KindAutomationRule, + KindAzureFunction, + KindDataConnector, + KindDataType, + KindHuntingQuery, + KindInvestigationQuery, + KindLogicAppsCustomConnector, + KindParser, + KindPlaybook, + KindPlaybookTemplate, + KindSolution, + KindWatchlist, + KindWatchlistTemplate, + KindWorkbook, + KindWorkbookTemplate, + } +} + // MatchingMethod - Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, // groupByCustomDetails must be provided and not empty. type MatchingMethod string @@ -1018,11 +1979,13 @@ func PossibleMatchingMethodValues() []MatchingMethod { type MicrosoftSecurityProductName string const ( - MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection MicrosoftSecurityProductName = "Azure Active Directory Identity Protection" - MicrosoftSecurityProductNameAzureAdvancedThreatProtection MicrosoftSecurityProductName = "Azure Advanced Threat Protection" - MicrosoftSecurityProductNameAzureSecurityCenter MicrosoftSecurityProductName = "Azure Security Center" - MicrosoftSecurityProductNameAzureSecurityCenterForIoT MicrosoftSecurityProductName = "Azure Security Center for IoT" - MicrosoftSecurityProductNameMicrosoftCloudAppSecurity MicrosoftSecurityProductName = "Microsoft Cloud App Security" + MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection MicrosoftSecurityProductName = "Azure Active Directory Identity Protection" + MicrosoftSecurityProductNameAzureAdvancedThreatProtection MicrosoftSecurityProductName = "Azure Advanced Threat Protection" + MicrosoftSecurityProductNameAzureSecurityCenter MicrosoftSecurityProductName = "Azure Security Center" + MicrosoftSecurityProductNameAzureSecurityCenterForIoT MicrosoftSecurityProductName = "Azure Security Center for IoT" + MicrosoftSecurityProductNameMicrosoftCloudAppSecurity MicrosoftSecurityProductName = "Microsoft Cloud App Security" + MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection MicrosoftSecurityProductName = "Microsoft Defender Advanced Threat Protection" + MicrosoftSecurityProductNameOffice365AdvancedThreatProtection MicrosoftSecurityProductName = "Office 365 Advanced Threat Protection" ) // PossibleMicrosoftSecurityProductNameValues returns the possible values for the MicrosoftSecurityProductName const type. @@ -1033,6 +1996,42 @@ func PossibleMicrosoftSecurityProductNameValues() []MicrosoftSecurityProductName MicrosoftSecurityProductNameAzureSecurityCenter, MicrosoftSecurityProductNameAzureSecurityCenterForIoT, MicrosoftSecurityProductNameMicrosoftCloudAppSecurity, + MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection, + MicrosoftSecurityProductNameOffice365AdvancedThreatProtection, + } +} + +// Mode - The current mode of the workspace manager configuration +type Mode string + +const ( + // ModeDisabled - The workspace manager configuration is disabled + ModeDisabled Mode = "Disabled" + // ModeEnabled - The workspace manager configuration is enabled + ModeEnabled Mode = "Enabled" +) + +// PossibleModeValues returns the possible values for the Mode const type. +func PossibleModeValues() []Mode { + return []Mode{ + ModeDisabled, + ModeEnabled, + } +} + +// MtpProvider - The available data providers. +type MtpProvider string + +const ( + MtpProviderMicrosoftDefenderForCloudApps MtpProvider = "microsoftDefenderForCloudApps" + MtpProviderMicrosoftDefenderForIdentity MtpProvider = "microsoftDefenderForIdentity" +) + +// PossibleMtpProviderValues returns the possible values for the MtpProvider const type. +func PossibleMtpProviderValues() []MtpProvider { + return []MtpProvider{ + MtpProviderMicrosoftDefenderForCloudApps, + MtpProviderMicrosoftDefenderForIdentity, } } @@ -1063,15 +2062,99 @@ func PossibleOSFamilyValues() []OSFamily { } } -// OwnerType - The type of the owner the incident is assigned to. +// Operator - Represents an operator in a ConditionClause. +type Operator string + +const ( + OperatorAfterAbsolute Operator = "AfterAbsolute" + OperatorAfterRelative Operator = "AfterRelative" + OperatorArrayContains Operator = "ArrayContains" + OperatorArrayNotContains Operator = "ArrayNotContains" + OperatorBeforeAbsolute Operator = "BeforeAbsolute" + OperatorBeforeRelative Operator = "BeforeRelative" + OperatorEquals Operator = "Equals" + OperatorGreaterThan Operator = "GreaterThan" + OperatorGreaterThanEqual Operator = "GreaterThanEqual" + OperatorIsFalse Operator = "IsFalse" + OperatorIsNull Operator = "IsNull" + OperatorIsTrue Operator = "IsTrue" + OperatorLessThan Operator = "LessThan" + OperatorLessThanEqual Operator = "LessThanEqual" + OperatorNotEquals Operator = "NotEquals" + OperatorOnOrAfterAbsolute Operator = "OnOrAfterAbsolute" + OperatorOnOrAfterRelative Operator = "OnOrAfterRelative" + OperatorOnOrBeforeAbsolute Operator = "OnOrBeforeAbsolute" + OperatorOnOrBeforeRelative Operator = "OnOrBeforeRelative" + OperatorStringContains Operator = "StringContains" + OperatorStringEndsWith Operator = "StringEndsWith" + OperatorStringIsEmpty Operator = "StringIsEmpty" + OperatorStringNotContains Operator = "StringNotContains" + OperatorStringNotEndsWith Operator = "StringNotEndsWith" + OperatorStringNotStartsWith Operator = "StringNotStartsWith" + OperatorStringStartsWith Operator = "StringStartsWith" +) + +// PossibleOperatorValues returns the possible values for the Operator const type. +func PossibleOperatorValues() []Operator { + return []Operator{ + OperatorAfterAbsolute, + OperatorAfterRelative, + OperatorArrayContains, + OperatorArrayNotContains, + OperatorBeforeAbsolute, + OperatorBeforeRelative, + OperatorEquals, + OperatorGreaterThan, + OperatorGreaterThanEqual, + OperatorIsFalse, + OperatorIsNull, + OperatorIsTrue, + OperatorLessThan, + OperatorLessThanEqual, + OperatorNotEquals, + OperatorOnOrAfterAbsolute, + OperatorOnOrAfterRelative, + OperatorOnOrBeforeAbsolute, + OperatorOnOrBeforeRelative, + OperatorStringContains, + OperatorStringEndsWith, + OperatorStringIsEmpty, + OperatorStringNotContains, + OperatorStringNotEndsWith, + OperatorStringNotStartsWith, + OperatorStringStartsWith, + } +} + +// OutputType - Insights Column type. +type OutputType string + +const ( + OutputTypeDate OutputType = "Date" + OutputTypeEntity OutputType = "Entity" + OutputTypeNumber OutputType = "Number" + OutputTypeString OutputType = "String" +) + +// PossibleOutputTypeValues returns the possible values for the OutputType const type. +func PossibleOutputTypeValues() []OutputType { + return []OutputType{ + OutputTypeDate, + OutputTypeEntity, + OutputTypeNumber, + OutputTypeString, + } +} + +// OwnerType - The type of the owner the hunt is assigned to. type OwnerType string const ( - // OwnerTypeGroup - The incident owner type is an AAD group + // OwnerTypeGroup - The hunt owner type is an AAD group OwnerTypeGroup OwnerType = "Group" - // OwnerTypeUnknown - The incident owner type is unknown + // OwnerTypeUnknown - The hunt owner type is unknown OwnerTypeUnknown OwnerType = "Unknown" - // OwnerTypeUser - The incident owner type is an AAD user + // OwnerTypeUser - The hunt owner type is an AAD user OwnerTypeUser OwnerType = "User" ) @@ -1084,6 +2167,125 @@ func PossibleOwnerTypeValues() []OwnerType { } } +// PackageKind - The package kind +type PackageKind string + +const ( + PackageKindSolution PackageKind = "Solution" + PackageKindStandalone PackageKind = "Standalone" +) + +// PossiblePackageKindValues returns the possible values for the PackageKind const type. +func PossiblePackageKindValues() []PackageKind { + return []PackageKind{ + PackageKindSolution, + PackageKindStandalone, + } +} + +// PermissionProviderScope - Permission provider scope +type PermissionProviderScope string + +const ( + PermissionProviderScopeResourceGroup PermissionProviderScope = "ResourceGroup" + PermissionProviderScopeSubscription PermissionProviderScope = "Subscription" + PermissionProviderScopeWorkspace PermissionProviderScope = "Workspace" +) + +// PossiblePermissionProviderScopeValues returns the possible values for the PermissionProviderScope const type. +func PossiblePermissionProviderScopeValues() []PermissionProviderScope { + return []PermissionProviderScope{ + PermissionProviderScopeResourceGroup, + PermissionProviderScopeSubscription, + PermissionProviderScopeWorkspace, + } +} + +// PollingFrequency - The polling frequency for the TAXII server. +type PollingFrequency string + +const ( + // PollingFrequencyOnceADay - Once a day + PollingFrequencyOnceADay PollingFrequency = "OnceADay" + // PollingFrequencyOnceAMinute - Once a minute + PollingFrequencyOnceAMinute PollingFrequency = "OnceAMinute" + // PollingFrequencyOnceAnHour - Once an hour + PollingFrequencyOnceAnHour PollingFrequency = "OnceAnHour" +) + +// PossiblePollingFrequencyValues returns the possible values for the PollingFrequency const type. +func PossiblePollingFrequencyValues() []PollingFrequency { + return []PollingFrequency{ + PollingFrequencyOnceADay, + PollingFrequencyOnceAMinute, + PollingFrequencyOnceAnHour, + } +} + +// ProviderName - Provider name +type ProviderName string + +const ( + ProviderNameMicrosoftAadiamDiagnosticSettings ProviderName = "microsoft.aadiam/diagnosticSettings" + ProviderNameMicrosoftAuthorizationPolicyAssignments ProviderName = "Microsoft.Authorization/policyAssignments" + ProviderNameMicrosoftOperationalInsightsSolutions ProviderName = "Microsoft.OperationalInsights/solutions" + ProviderNameMicrosoftOperationalInsightsWorkspaces ProviderName = "Microsoft.OperationalInsights/workspaces" + ProviderNameMicrosoftOperationalInsightsWorkspacesDatasources ProviderName = "Microsoft.OperationalInsights/workspaces/datasources" + ProviderNameMicrosoftOperationalInsightsWorkspacesSharedKeys ProviderName = "Microsoft.OperationalInsights/workspaces/sharedKeys" +) + +// PossibleProviderNameValues returns the possible values for the ProviderName const type. +func PossibleProviderNameValues() []ProviderName { + return []ProviderName{ + ProviderNameMicrosoftAadiamDiagnosticSettings, + ProviderNameMicrosoftAuthorizationPolicyAssignments, + ProviderNameMicrosoftOperationalInsightsSolutions, + ProviderNameMicrosoftOperationalInsightsWorkspaces, + ProviderNameMicrosoftOperationalInsightsWorkspacesDatasources, + ProviderNameMicrosoftOperationalInsightsWorkspacesSharedKeys, + } +} + +// ProviderPermissionsScope - The scope on which the user should have permissions, in order to be able to create connections. +type ProviderPermissionsScope string + +const ( + ProviderPermissionsScopeResourceGroup ProviderPermissionsScope = "ResourceGroup" + ProviderPermissionsScopeSubscription ProviderPermissionsScope = "Subscription" + ProviderPermissionsScopeWorkspace ProviderPermissionsScope = "Workspace" +) + +// PossibleProviderPermissionsScopeValues returns the possible values for the ProviderPermissionsScope const type. +func PossibleProviderPermissionsScopeValues() []ProviderPermissionsScope { + return []ProviderPermissionsScope{ + ProviderPermissionsScopeResourceGroup, + ProviderPermissionsScopeSubscription, + ProviderPermissionsScopeWorkspace, + } +} + +// ProvisioningState - The triggered analytics rule run provisioning state +type ProvisioningState string + +const ( + ProvisioningStateAccepted ProvisioningState = "Accepted" + ProvisioningStateCanceled ProvisioningState = "Canceled" + ProvisioningStateFailed ProvisioningState = "Failed" + ProvisioningStateInProgress ProvisioningState = "InProgress" + ProvisioningStateSucceeded ProvisioningState = "Succeeded" +) + +// PossibleProvisioningStateValues returns the possible values for the ProvisioningState const type. +func PossibleProvisioningStateValues() []ProvisioningState { + return []ProvisioningState{ + ProvisioningStateAccepted, + ProvisioningStateCanceled, + ProvisioningStateFailed, + ProvisioningStateInProgress, + ProvisioningStateSucceeded, + } +} + // RegistryHive - the hive that holds the registry key. type RegistryHive string @@ -1163,19 +2365,287 @@ func PossibleRegistryValueKindValues() []RegistryValueKind { } } -// Source - The source of the watchlist -type Source string +// RepoType - The type of repository. +type RepoType string + +const ( + RepoTypeAzureDevOps RepoType = "AzureDevOps" + RepoTypeGithub RepoType = "Github" +) + +// PossibleRepoTypeValues returns the possible values for the RepoType const type. +func PossibleRepoTypeValues() []RepoType { + return []RepoType{ + RepoTypeAzureDevOps, + RepoTypeGithub, + } +} + +// RepositoryAccessKind - The kind of repository access credentials +type RepositoryAccessKind string + +const ( + RepositoryAccessKindApp RepositoryAccessKind = "App" + RepositoryAccessKindOAuth RepositoryAccessKind = "OAuth" + RepositoryAccessKindPAT RepositoryAccessKind = "PAT" +) + +// PossibleRepositoryAccessKindValues returns the possible values for the RepositoryAccessKind const type. +func PossibleRepositoryAccessKindValues() []RepositoryAccessKind { + return []RepositoryAccessKind{ + RepositoryAccessKindApp, + RepositoryAccessKindOAuth, + RepositoryAccessKindPAT, + } +} + +// RestAPIPollerRequestPagingKind - Type of paging +type RestAPIPollerRequestPagingKind string const ( - SourceLocalFile Source = "Local file" - SourceRemoteStorage Source = "Remote storage" + RestAPIPollerRequestPagingKindCountBasedPaging RestAPIPollerRequestPagingKind = "CountBasedPaging" + RestAPIPollerRequestPagingKindLinkHeader RestAPIPollerRequestPagingKind = "LinkHeader" + RestAPIPollerRequestPagingKindNextPageToken RestAPIPollerRequestPagingKind = "NextPageToken" + RestAPIPollerRequestPagingKindNextPageURL RestAPIPollerRequestPagingKind = "NextPageUrl" + RestAPIPollerRequestPagingKindOffset RestAPIPollerRequestPagingKind = "Offset" + RestAPIPollerRequestPagingKindPersistentLinkHeader RestAPIPollerRequestPagingKind = "PersistentLinkHeader" + RestAPIPollerRequestPagingKindPersistentToken RestAPIPollerRequestPagingKind = "PersistentToken" ) -// PossibleSourceValues returns the possible values for the Source const type. -func PossibleSourceValues() []Source { - return []Source{ - SourceLocalFile, - SourceRemoteStorage, +// PossibleRestAPIPollerRequestPagingKindValues returns the possible values for the RestAPIPollerRequestPagingKind const type. +func PossibleRestAPIPollerRequestPagingKindValues() []RestAPIPollerRequestPagingKind { + return []RestAPIPollerRequestPagingKind{ + RestAPIPollerRequestPagingKindCountBasedPaging, + RestAPIPollerRequestPagingKindLinkHeader, + RestAPIPollerRequestPagingKindNextPageToken, + RestAPIPollerRequestPagingKindNextPageURL, + RestAPIPollerRequestPagingKindOffset, + RestAPIPollerRequestPagingKindPersistentLinkHeader, + RestAPIPollerRequestPagingKindPersistentToken, + } +} + +// SecurityMLAnalyticsSettingsKind - The kind of security ML analytics settings +type SecurityMLAnalyticsSettingsKind string + +const ( + SecurityMLAnalyticsSettingsKindAnomaly SecurityMLAnalyticsSettingsKind = "Anomaly" +) + +// PossibleSecurityMLAnalyticsSettingsKindValues returns the possible values for the SecurityMLAnalyticsSettingsKind const type. +func PossibleSecurityMLAnalyticsSettingsKindValues() []SecurityMLAnalyticsSettingsKind { + return []SecurityMLAnalyticsSettingsKind{ + SecurityMLAnalyticsSettingsKindAnomaly, + } +} + +// SettingKind - The kind of the setting +type SettingKind string + +const ( + SettingKindAnomalies SettingKind = "Anomalies" + SettingKindEntityAnalytics SettingKind = "EntityAnalytics" + SettingKindEyesOn SettingKind = "EyesOn" + SettingKindUeba SettingKind = "Ueba" +) + +// PossibleSettingKindValues returns the possible values for the SettingKind const type. +func PossibleSettingKindValues() []SettingKind { + return []SettingKind{ + SettingKindAnomalies, + SettingKindEntityAnalytics, + SettingKindEyesOn, + SettingKindUeba, + } +} + +// SettingType - The kind of the setting +type SettingType string + +const ( + SettingTypeCopyableLabel SettingType = "CopyableLabel" + SettingTypeInfoMessage SettingType = "InfoMessage" + SettingTypeInstructionStepsGroup SettingType = "InstructionStepsGroup" +) + +// PossibleSettingTypeValues returns the possible values for the SettingType const type. +func PossibleSettingTypeValues() []SettingType { + return []SettingType{ + SettingTypeCopyableLabel, + SettingTypeInfoMessage, + SettingTypeInstructionStepsGroup, + } +} + +// SettingsStatus - The anomaly SecurityMLAnalyticsSettings status +type SettingsStatus string + +const ( + // SettingsStatusFlighting - Anomaly settings status in Flighting mode + SettingsStatusFlighting SettingsStatus = "Flighting" + // SettingsStatusProduction - Anomaly settings status in Production mode + SettingsStatusProduction SettingsStatus = "Production" +) + +// PossibleSettingsStatusValues returns the possible values for the SettingsStatus const type. +func PossibleSettingsStatusValues() []SettingsStatus { + return []SettingsStatus{ + SettingsStatusFlighting, + SettingsStatusProduction, + } +} + +// SortingDirection - The direction to sort the results by. +type SortingDirection string + +const ( + // SortingDirectionASC - Indicates that the query should be sorted from lowest-to-highest value. + SortingDirectionASC SortingDirection = "ASC" + // SortingDirectionDESC - Indicates that the query should be sorted from lowest-to-highest value. + SortingDirectionDESC SortingDirection = "DESC" +) + +// PossibleSortingDirectionValues returns the possible values for the SortingDirection const type. +func PossibleSortingDirectionValues() []SortingDirection { + return []SortingDirection{ + SortingDirectionASC, + SortingDirectionDESC, + } +} + +// SourceKind - Source type of the content +type SourceKind string + +const ( + SourceKindCommunity SourceKind = "Community" + SourceKindLocalWorkspace SourceKind = "LocalWorkspace" + SourceKindSolution SourceKind = "Solution" + SourceKindSourceRepository SourceKind = "SourceRepository" +) + +// PossibleSourceKindValues returns the possible values for the SourceKind const type. +func PossibleSourceKindValues() []SourceKind { + return []SourceKind{ + SourceKindCommunity, + SourceKindLocalWorkspace, + SourceKindSolution, + SourceKindSourceRepository, + } +} + +// SourceType - The sourceType of the watchlist +type SourceType string + +const ( + SourceTypeLocalFile SourceType = "Local file" + SourceTypeRemoteStorage SourceType = "Remote storage" +) + +// PossibleSourceTypeValues returns the possible values for the SourceType const type. +func PossibleSourceTypeValues() []SourceType { + return []SourceType{ + SourceTypeLocalFile, + SourceTypeRemoteStorage, + } +} + +// State - State of recommendation. +type State string + +const ( + // StateActive - Recommendation is active. + StateActive State = "Active" + // StateCompletedBySystem - Recommendation has been completed by the system. + StateCompletedBySystem State = "CompletedBySystem" + // StateCompletedByUser - Recommendation has been completed by user. + StateCompletedByUser State = "CompletedByUser" + // StateDismissed - Recommendation has been dismissed. + StateDismissed State = "Dismissed" + // StateInProgress - Recommendation is in progress. + StateInProgress State = "InProgress" +) + +// PossibleStateValues returns the possible values for the State const type. +func PossibleStateValues() []State { + return []State{ + StateActive, + StateCompletedBySystem, + StateCompletedByUser, + StateDismissed, + StateInProgress, + } +} + +// Status - The status of the hunt. +type Status string + +const ( + StatusActive Status = "Active" + StatusApproved Status = "Approved" + StatusBacklog Status = "Backlog" + StatusClosed Status = "Closed" + StatusFailed Status = "Failed" + StatusInProgress Status = "InProgress" + StatusNew Status = "New" + StatusSucceeded Status = "Succeeded" +) + +// PossibleStatusValues returns the possible values for the Status const type. +func PossibleStatusValues() []Status { + return []Status{ + StatusActive, + StatusApproved, + StatusBacklog, + StatusClosed, + StatusFailed, + StatusInProgress, + StatusNew, + StatusSucceeded, + } +} + +// SupportTier - Type of support for content item +type SupportTier string + +const ( + SupportTierCommunity SupportTier = "Community" + SupportTierMicrosoft SupportTier = "Microsoft" + SupportTierPartner SupportTier = "Partner" +) + +// PossibleSupportTierValues returns the possible values for the SupportTier const type. +func PossibleSupportTierValues() []SupportTier { + return []SupportTier{ + SupportTierCommunity, + SupportTierMicrosoft, + SupportTierPartner, + } +} + +// TIObjectKind - The kind of the TI object +type TIObjectKind string + +const ( + // TIObjectKindAttackPattern - A TI object that represents an attack pattern. + TIObjectKindAttackPattern TIObjectKind = "AttackPattern" + // TIObjectKindIdentity - A TI object that represents an identity. + TIObjectKindIdentity TIObjectKind = "Identity" + // TIObjectKindIndicator - A TI object that represents an indicator. + TIObjectKindIndicator TIObjectKind = "Indicator" + // TIObjectKindRelationship - A TI object that represents a relationship between two TI objects. + TIObjectKindRelationship TIObjectKind = "Relationship" + // TIObjectKindThreatActor - A TI object that represents a threat actor. + TIObjectKindThreatActor TIObjectKind = "ThreatActor" +) + +// PossibleTIObjectKindValues returns the possible values for the TIObjectKind const type. +func PossibleTIObjectKindValues() []TIObjectKind { + return []TIObjectKind{ + TIObjectKindAttackPattern, + TIObjectKindIdentity, + TIObjectKindIndicator, + TIObjectKindRelationship, + TIObjectKindThreatActor, } } @@ -1233,6 +2703,19 @@ func PossibleThreatIntelligenceSortingOrderValues() []ThreatIntelligenceSortingO } } +type TiType string + +const ( + TiTypeMain TiType = "main" +) + +// PossibleTiTypeValues returns the possible values for the TiType const type. +func PossibleTiTypeValues() []TiType { + return []TiType{ + TiTypeMain, + } +} + // TriggerOperator - The operation against the threshold that triggers alert rule. type TriggerOperator string @@ -1256,6 +2739,8 @@ func PossibleTriggerOperatorValues() []TriggerOperator { type TriggersOn string const ( + // TriggersOnAlerts - Trigger on Alerts + TriggersOnAlerts TriggersOn = "Alerts" // TriggersOnIncidents - Trigger on Incidents TriggersOnIncidents TriggersOn = "Incidents" ) @@ -1263,6 +2748,7 @@ const ( // PossibleTriggersOnValues returns the possible values for the TriggersOn const type. func PossibleTriggersOnValues() []TriggersOn { return []TriggersOn{ + TriggersOnAlerts, TriggersOnIncidents, } } @@ -1272,11 +2758,72 @@ type TriggersWhen string const ( // TriggersWhenCreated - Trigger on created objects TriggersWhenCreated TriggersWhen = "Created" + // TriggersWhenUpdated - Trigger on updated objects + TriggersWhenUpdated TriggersWhen = "Updated" ) // PossibleTriggersWhenValues returns the possible values for the TriggersWhen const type. func PossibleTriggersWhenValues() []TriggersWhen { return []TriggersWhen{ TriggersWhenCreated, + TriggersWhenUpdated, + } +} + +// UebaDataSources - The data source that enriched by ueba. +type UebaDataSources string + +const ( + UebaDataSourcesAuditLogs UebaDataSources = "AuditLogs" + UebaDataSourcesAzureActivity UebaDataSources = "AzureActivity" + UebaDataSourcesSecurityEvent UebaDataSources = "SecurityEvent" + UebaDataSourcesSigninLogs UebaDataSources = "SigninLogs" +) + +// PossibleUebaDataSourcesValues returns the possible values for the UebaDataSources const type. +func PossibleUebaDataSourcesValues() []UebaDataSources { + return []UebaDataSources{ + UebaDataSourcesAuditLogs, + UebaDataSourcesAzureActivity, + UebaDataSourcesSecurityEvent, + UebaDataSourcesSigninLogs, + } +} + +// Version - The version of the source control. +type Version string + +const ( + VersionV1 Version = "V1" + VersionV2 Version = "V2" +) + +// PossibleVersionValues returns the possible values for the Version const type. +func PossibleVersionValues() []Version { + return []Version{ + VersionV1, + VersionV2, + } +} + +// WarningCode - The type of repository. +type WarningCode string + +const ( + WarningCodeSourceControlDeletedWithWarnings WarningCode = "SourceControl_DeletedWithWarnings" + WarningCodeSourceControlWarningDeletePipelineFromAzureDevOps WarningCode = "SourceControlWarning_DeletePipelineFromAzureDevOps" + WarningCodeSourceControlWarningDeleteRoleAssignment WarningCode = "SourceControlWarning_DeleteRoleAssignment" + WarningCodeSourceControlWarningDeleteServicePrincipal WarningCode = "SourceControlWarning_DeleteServicePrincipal" + WarningCodeSourceControlWarningDeleteWorkflowAndSecretFromGitHub WarningCode = "SourceControlWarning_DeleteWorkflowAndSecretFromGitHub" +) + +// PossibleWarningCodeValues returns the possible values for the WarningCode const type. +func PossibleWarningCodeValues() []WarningCode { + return []WarningCode{ + WarningCodeSourceControlDeletedWithWarnings, + WarningCodeSourceControlWarningDeletePipelineFromAzureDevOps, + WarningCodeSourceControlWarningDeleteRoleAssignment, + WarningCodeSourceControlWarningDeleteServicePrincipal, + WarningCodeSourceControlWarningDeleteWorkflowAndSecretFromGitHub, } } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackage_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackage_client.go new file mode 100644 index 000000000000..8256dddb4846 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackage_client.go @@ -0,0 +1,177 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ContentPackageClient contains the methods for the ContentPackage group. +// Don't use this type directly, use NewContentPackageClient() instead. +type ContentPackageClient struct { + internal *arm.Client + subscriptionID string +} + +// NewContentPackageClient creates a new instance of ContentPackageClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewContentPackageClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ContentPackageClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ContentPackageClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Install - Install a package to the workspace. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - packageID - package Id +// - packageInstallationProperties - Package installation properties +// - options - ContentPackageClientInstallOptions contains the optional parameters for the ContentPackageClient.Install method. +func (client *ContentPackageClient) Install(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, packageInstallationProperties PackageModel, options *ContentPackageClientInstallOptions) (ContentPackageClientInstallResponse, error) { + var err error + const operationName = "ContentPackageClient.Install" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.installCreateRequest(ctx, resourceGroupName, workspaceName, packageID, packageInstallationProperties, options) + if err != nil { + return ContentPackageClientInstallResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentPackageClientInstallResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return ContentPackageClientInstallResponse{}, err + } + resp, err := client.installHandleResponse(httpResp) + return resp, err +} + +// installCreateRequest creates the Install request. +func (client *ContentPackageClient) installCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, packageInstallationProperties PackageModel, options *ContentPackageClientInstallOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if packageID == "" { + return nil, errors.New("parameter packageID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{packageId}", url.PathEscape(packageID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, packageInstallationProperties); err != nil { + return nil, err + } + return req, nil +} + +// installHandleResponse handles the Install response. +func (client *ContentPackageClient) installHandleResponse(resp *http.Response) (ContentPackageClientInstallResponse, error) { + result := ContentPackageClientInstallResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.PackageModel); err != nil { + return ContentPackageClientInstallResponse{}, err + } + return result, nil +} + +// Uninstall - Uninstall a package from the workspace. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - packageID - package Id +// - options - ContentPackageClientUninstallOptions contains the optional parameters for the ContentPackageClient.Uninstall +// method. +func (client *ContentPackageClient) Uninstall(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *ContentPackageClientUninstallOptions) (ContentPackageClientUninstallResponse, error) { + var err error + const operationName = "ContentPackageClient.Uninstall" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.uninstallCreateRequest(ctx, resourceGroupName, workspaceName, packageID, options) + if err != nil { + return ContentPackageClientUninstallResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentPackageClientUninstallResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ContentPackageClientUninstallResponse{}, err + } + return ContentPackageClientUninstallResponse{}, nil +} + +// uninstallCreateRequest creates the Uninstall request. +func (client *ContentPackageClient) uninstallCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *ContentPackageClientUninstallOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if packageID == "" { + return nil, errors.New("parameter packageID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{packageId}", url.PathEscape(packageID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackages_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackages_client.go new file mode 100644 index 000000000000..11f405de86ee --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/contentpackages_client.go @@ -0,0 +1,200 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// ContentPackagesClient contains the methods for the ContentPackages group. +// Don't use this type directly, use NewContentPackagesClient() instead. +type ContentPackagesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewContentPackagesClient creates a new instance of ContentPackagesClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewContentPackagesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ContentPackagesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ContentPackagesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Gets an installed packages by its id. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - packageID - package Id +// - options - ContentPackagesClientGetOptions contains the optional parameters for the ContentPackagesClient.Get method. +func (client *ContentPackagesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *ContentPackagesClientGetOptions) (ContentPackagesClientGetResponse, error) { + var err error + const operationName = "ContentPackagesClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, packageID, options) + if err != nil { + return ContentPackagesClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentPackagesClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ContentPackagesClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *ContentPackagesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *ContentPackagesClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if packageID == "" { + return nil, errors.New("parameter packageID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{packageId}", url.PathEscape(packageID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *ContentPackagesClient) getHandleResponse(resp *http.Response) (ContentPackagesClientGetResponse, error) { + result := ContentPackagesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.PackageModel); err != nil { + return ContentPackagesClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all installed packages. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - ContentPackagesClientListOptions contains the optional parameters for the ContentPackagesClient.NewListPager +// method. +func (client *ContentPackagesClient) NewListPager(resourceGroupName string, workspaceName string, options *ContentPackagesClientListOptions) *runtime.Pager[ContentPackagesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ContentPackagesClientListResponse]{ + More: func(page ContentPackagesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ContentPackagesClientListResponse) (ContentPackagesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ContentPackagesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return ContentPackagesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ContentPackagesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ContentPackagesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Count != nil { + reqQP.Set("$count", strconv.FormatBool(*options.Count)) + } + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.Search != nil { + reqQP.Set("$search", *options.Search) + } + if options != nil && options.Skip != nil { + reqQP.Set("$skip", strconv.FormatInt(int64(*options.Skip), 10)) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ContentPackagesClient) listHandleResponse(resp *http.Response) (ContentPackagesClientListResponse, error) { + result := ContentPackagesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.PackageList); err != nil { + return ContentPackagesClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplate_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplate_client.go new file mode 100644 index 000000000000..27c7aa2d218b --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplate_client.go @@ -0,0 +1,247 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ContentTemplateClient contains the methods for the ContentTemplate group. +// Don't use this type directly, use NewContentTemplateClient() instead. +type ContentTemplateClient struct { + internal *arm.Client + subscriptionID string +} + +// NewContentTemplateClient creates a new instance of ContentTemplateClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewContentTemplateClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ContentTemplateClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ContentTemplateClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Delete - Delete an installed template. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - templateID - template Id +// - options - ContentTemplateClientDeleteOptions contains the optional parameters for the ContentTemplateClient.Delete method. +func (client *ContentTemplateClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *ContentTemplateClientDeleteOptions) (ContentTemplateClientDeleteResponse, error) { + var err error + const operationName = "ContentTemplateClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, templateID, options) + if err != nil { + return ContentTemplateClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentTemplateClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ContentTemplateClientDeleteResponse{}, err + } + return ContentTemplateClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *ContentTemplateClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *ContentTemplateClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if templateID == "" { + return nil, errors.New("parameter templateID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{templateId}", url.PathEscape(templateID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a template byt its identifier. Expandable properties: +// * properties/mainTemplate +// * properties/dependantTemplates +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - templateID - template Id +// - options - ContentTemplateClientGetOptions contains the optional parameters for the ContentTemplateClient.Get method. +func (client *ContentTemplateClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *ContentTemplateClientGetOptions) (ContentTemplateClientGetResponse, error) { + var err error + const operationName = "ContentTemplateClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, templateID, options) + if err != nil { + return ContentTemplateClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentTemplateClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ContentTemplateClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *ContentTemplateClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *ContentTemplateClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if templateID == "" { + return nil, errors.New("parameter templateID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{templateId}", url.PathEscape(templateID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *ContentTemplateClient) getHandleResponse(resp *http.Response) (ContentTemplateClientGetResponse, error) { + result := ContentTemplateClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TemplateModel); err != nil { + return ContentTemplateClientGetResponse{}, err + } + return result, nil +} + +// Install - Install a template. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - templateID - template Id +// - templateInstallationProperties - Template installation properties +// - options - ContentTemplateClientInstallOptions contains the optional parameters for the ContentTemplateClient.Install method. +func (client *ContentTemplateClient) Install(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, templateInstallationProperties TemplateModel, options *ContentTemplateClientInstallOptions) (ContentTemplateClientInstallResponse, error) { + var err error + const operationName = "ContentTemplateClient.Install" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.installCreateRequest(ctx, resourceGroupName, workspaceName, templateID, templateInstallationProperties, options) + if err != nil { + return ContentTemplateClientInstallResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ContentTemplateClientInstallResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return ContentTemplateClientInstallResponse{}, err + } + resp, err := client.installHandleResponse(httpResp) + return resp, err +} + +// installCreateRequest creates the Install request. +func (client *ContentTemplateClient) installCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, templateInstallationProperties TemplateModel, options *ContentTemplateClientInstallOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if templateID == "" { + return nil, errors.New("parameter templateID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{templateId}", url.PathEscape(templateID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, templateInstallationProperties); err != nil { + return nil, err + } + return req, nil +} + +// installHandleResponse handles the Install response. +func (client *ContentTemplateClient) installHandleResponse(resp *http.Response) (ContentTemplateClientInstallResponse, error) { + result := ContentTemplateClientInstallResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TemplateModel); err != nil { + return ContentTemplateClientInstallResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplates_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplates_client.go new file mode 100644 index 000000000000..43b0ee50f0ad --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/contenttemplates_client.go @@ -0,0 +1,136 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// ContentTemplatesClient contains the methods for the ContentTemplates group. +// Don't use this type directly, use NewContentTemplatesClient() instead. +type ContentTemplatesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewContentTemplatesClient creates a new instance of ContentTemplatesClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewContentTemplatesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ContentTemplatesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ContentTemplatesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets all installed templates. Expandable properties: +// * properties/mainTemplate +// * properties/dependantTemplates +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - ContentTemplatesClientListOptions contains the optional parameters for the ContentTemplatesClient.NewListPager +// method. +func (client *ContentTemplatesClient) NewListPager(resourceGroupName string, workspaceName string, options *ContentTemplatesClientListOptions) *runtime.Pager[ContentTemplatesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ContentTemplatesClientListResponse]{ + More: func(page ContentTemplatesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ContentTemplatesClientListResponse) (ContentTemplatesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ContentTemplatesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return ContentTemplatesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ContentTemplatesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ContentTemplatesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Count != nil { + reqQP.Set("$count", strconv.FormatBool(*options.Count)) + } + if options != nil && options.Expand != nil { + reqQP.Set("$expand", *options.Expand) + } + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.Search != nil { + reqQP.Set("$search", *options.Search) + } + if options != nil && options.Skip != nil { + reqQP.Set("$skip", strconv.FormatInt(int64(*options.Skip), 10)) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ContentTemplatesClient) listHandleResponse(resp *http.Response) (ContentTemplatesClientListResponse, error) { + result := ContentTemplatesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TemplateList); err != nil { + return ContentTemplatesClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectordefinitions_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectordefinitions_client.go new file mode 100644 index 000000000000..dd805d1fca1a --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectordefinitions_client.go @@ -0,0 +1,313 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// DataConnectorDefinitionsClient contains the methods for the DataConnectorDefinitions group. +// Don't use this type directly, use NewDataConnectorDefinitionsClient() instead. +type DataConnectorDefinitionsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewDataConnectorDefinitionsClient creates a new instance of DataConnectorDefinitionsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewDataConnectorDefinitionsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*DataConnectorDefinitionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &DataConnectorDefinitionsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates the data connector definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - dataConnectorDefinitionName - The data connector definition name. +// - connectorDefinitionInput - The data connector definition +// - options - DataConnectorDefinitionsClientCreateOrUpdateOptions contains the optional parameters for the DataConnectorDefinitionsClient.CreateOrUpdate +// method. +func (client *DataConnectorDefinitionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, connectorDefinitionInput DataConnectorDefinitionClassification, options *DataConnectorDefinitionsClientCreateOrUpdateOptions) (DataConnectorDefinitionsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "DataConnectorDefinitionsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, dataConnectorDefinitionName, connectorDefinitionInput, options) + if err != nil { + return DataConnectorDefinitionsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DataConnectorDefinitionsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return DataConnectorDefinitionsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *DataConnectorDefinitionsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, connectorDefinitionInput DataConnectorDefinitionClassification, options *DataConnectorDefinitionsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorDefinitions/{dataConnectorDefinitionName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if dataConnectorDefinitionName == "" { + return nil, errors.New("parameter dataConnectorDefinitionName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{dataConnectorDefinitionName}", url.PathEscape(dataConnectorDefinitionName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, connectorDefinitionInput); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *DataConnectorDefinitionsClient) createOrUpdateHandleResponse(resp *http.Response) (DataConnectorDefinitionsClientCreateOrUpdateResponse, error) { + result := DataConnectorDefinitionsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return DataConnectorDefinitionsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete the data connector definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - dataConnectorDefinitionName - The data connector definition name. +// - options - DataConnectorDefinitionsClientDeleteOptions contains the optional parameters for the DataConnectorDefinitionsClient.Delete +// method. +func (client *DataConnectorDefinitionsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, options *DataConnectorDefinitionsClientDeleteOptions) (DataConnectorDefinitionsClientDeleteResponse, error) { + var err error + const operationName = "DataConnectorDefinitionsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, dataConnectorDefinitionName, options) + if err != nil { + return DataConnectorDefinitionsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DataConnectorDefinitionsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return DataConnectorDefinitionsClientDeleteResponse{}, err + } + return DataConnectorDefinitionsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *DataConnectorDefinitionsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, options *DataConnectorDefinitionsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorDefinitions/{dataConnectorDefinitionName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if dataConnectorDefinitionName == "" { + return nil, errors.New("parameter dataConnectorDefinitionName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{dataConnectorDefinitionName}", url.PathEscape(dataConnectorDefinitionName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a data connector definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - dataConnectorDefinitionName - The data connector definition name. +// - options - DataConnectorDefinitionsClientGetOptions contains the optional parameters for the DataConnectorDefinitionsClient.Get +// method. +func (client *DataConnectorDefinitionsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, options *DataConnectorDefinitionsClientGetOptions) (DataConnectorDefinitionsClientGetResponse, error) { + var err error + const operationName = "DataConnectorDefinitionsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, dataConnectorDefinitionName, options) + if err != nil { + return DataConnectorDefinitionsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DataConnectorDefinitionsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return DataConnectorDefinitionsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *DataConnectorDefinitionsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, options *DataConnectorDefinitionsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorDefinitions/{dataConnectorDefinitionName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if dataConnectorDefinitionName == "" { + return nil, errors.New("parameter dataConnectorDefinitionName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{dataConnectorDefinitionName}", url.PathEscape(dataConnectorDefinitionName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *DataConnectorDefinitionsClient) getHandleResponse(resp *http.Response) (DataConnectorDefinitionsClientGetResponse, error) { + result := DataConnectorDefinitionsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return DataConnectorDefinitionsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all data connector definitions. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - DataConnectorDefinitionsClientListOptions contains the optional parameters for the DataConnectorDefinitionsClient.NewListPager +// method. +func (client *DataConnectorDefinitionsClient) NewListPager(resourceGroupName string, workspaceName string, options *DataConnectorDefinitionsClientListOptions) *runtime.Pager[DataConnectorDefinitionsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[DataConnectorDefinitionsClientListResponse]{ + More: func(page DataConnectorDefinitionsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *DataConnectorDefinitionsClientListResponse) (DataConnectorDefinitionsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "DataConnectorDefinitionsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return DataConnectorDefinitionsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *DataConnectorDefinitionsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *DataConnectorDefinitionsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorDefinitions" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *DataConnectorDefinitionsClient) listHandleResponse(resp *http.Response) (DataConnectorDefinitionsClientListResponse, error) { + result := DataConnectorDefinitionsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.DataConnectorDefinitionArmCollectionWrapper); err != nil { + return DataConnectorDefinitionsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client.go index a346f9156604..65a0bc42b971 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client.go @@ -43,10 +43,73 @@ func NewDataConnectorsClient(subscriptionID string, credential azcore.TokenCrede return client, nil } +// Connect - Connects a data connector. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - dataConnectorID - Connector ID +// - connectBody - The data connector +// - options - DataConnectorsClientConnectOptions contains the optional parameters for the DataConnectorsClient.Connect method. +func (client *DataConnectorsClient) Connect(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, connectBody DataConnectorConnectBody, options *DataConnectorsClientConnectOptions) (DataConnectorsClientConnectResponse, error) { + var err error + const operationName = "DataConnectorsClient.Connect" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.connectCreateRequest(ctx, resourceGroupName, workspaceName, dataConnectorID, connectBody, options) + if err != nil { + return DataConnectorsClientConnectResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DataConnectorsClientConnectResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return DataConnectorsClientConnectResponse{}, err + } + return DataConnectorsClientConnectResponse{}, nil +} + +// connectCreateRequest creates the Connect request. +func (client *DataConnectorsClient) connectCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, connectBody DataConnectorConnectBody, options *DataConnectorsClientConnectOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}/connect" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if dataConnectorID == "" { + return nil, errors.New("parameter dataConnectorID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{dataConnectorId}", url.PathEscape(dataConnectorID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, connectBody); err != nil { + return nil, err + } + return req, nil +} + // CreateOrUpdate - Creates or updates the data connector. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - dataConnectorID - Connector ID @@ -99,7 +162,7 @@ func (client *DataConnectorsClient) createOrUpdateCreateRequest(ctx context.Cont return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, dataConnector); err != nil { @@ -120,7 +183,7 @@ func (client *DataConnectorsClient) createOrUpdateHandleResponse(resp *http.Resp // Delete - Delete the data connector. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - dataConnectorID - Connector ID @@ -170,7 +233,67 @@ func (client *DataConnectorsClient) deleteCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Disconnect - Disconnect a data connector. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - dataConnectorID - Connector ID +// - options - DataConnectorsClientDisconnectOptions contains the optional parameters for the DataConnectorsClient.Disconnect +// method. +func (client *DataConnectorsClient) Disconnect(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, options *DataConnectorsClientDisconnectOptions) (DataConnectorsClientDisconnectResponse, error) { + var err error + const operationName = "DataConnectorsClient.Disconnect" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.disconnectCreateRequest(ctx, resourceGroupName, workspaceName, dataConnectorID, options) + if err != nil { + return DataConnectorsClientDisconnectResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DataConnectorsClientDisconnectResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return DataConnectorsClientDisconnectResponse{}, err + } + return DataConnectorsClientDisconnectResponse{}, nil +} + +// disconnectCreateRequest creates the Disconnect request. +func (client *DataConnectorsClient) disconnectCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, options *DataConnectorsClientDisconnectOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}/disconnect" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if dataConnectorID == "" { + return nil, errors.New("parameter dataConnectorID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{dataConnectorId}", url.PathEscape(dataConnectorID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -179,7 +302,7 @@ func (client *DataConnectorsClient) deleteCreateRequest(ctx context.Context, res // Get - Gets a data connector. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - dataConnectorID - Connector ID @@ -230,7 +353,7 @@ func (client *DataConnectorsClient) getCreateRequest(ctx context.Context, resour return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -247,7 +370,7 @@ func (client *DataConnectorsClient) getHandleResponse(resp *http.Response) (Data // NewListPager - Gets all data connectors. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - DataConnectorsClientListOptions contains the optional parameters for the DataConnectorsClient.NewListPager method. @@ -294,7 +417,7 @@ func (client *DataConnectorsClient) listCreateRequest(ctx context.Context, resou return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client_example_test.go deleted file mode 100644 index 18e18193beca..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectors_client_example_test.go +++ /dev/null @@ -1,607 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/GetDataConnectors.json -func ExampleDataConnectorsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewDataConnectorsClient().NewListPager("myRg", "myWorkspace", nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.DataConnectorList = armsecurityinsights.DataConnectorList{ - // Value: []armsecurityinsights.DataConnectorClassification{ - // &armsecurityinsights.ASCDataConnector{ - // Name: to.Ptr("763f9fa1-c2d3-4fa2-93e9-bccd4899aa12"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/763f9fa1-c2d3-4fa2-93e9-bccd4899aa12"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureSecurityCenter), - // Properties: &armsecurityinsights.ASCDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // SubscriptionID: to.Ptr("d0cfe6b2-9ac0-4464-9919-dccaee2e48c0"), - // }, - // }, - // &armsecurityinsights.TIDataConnector{ - // Name: to.Ptr("c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligence), - // Properties: &armsecurityinsights.TIDataConnectorProperties{ - // DataTypes: &armsecurityinsights.TIDataConnectorDataTypes{ - // Indicators: &armsecurityinsights.TIDataConnectorDataTypesIndicators{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // &armsecurityinsights.AADDataConnector{ - // Name: to.Ptr("f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureActiveDirectory), - // Properties: &armsecurityinsights.AADDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // &armsecurityinsights.OfficeDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365), - // Properties: &armsecurityinsights.OfficeDataConnectorProperties{ - // DataTypes: &armsecurityinsights.OfficeDataConnectorDataTypes{ - // Exchange: &armsecurityinsights.OfficeDataConnectorDataTypesExchange{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // SharePoint: &armsecurityinsights.OfficeDataConnectorDataTypesSharePoint{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // &armsecurityinsights.MCASDataConnector{ - // Name: to.Ptr("b96d014d-b5c2-4a01-9aba-a8058f629d42"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/b96d014d-b5c2-4a01-9aba-a8058f629d42"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftCloudAppSecurity), - // Properties: &armsecurityinsights.MCASDataConnectorProperties{ - // DataTypes: &armsecurityinsights.MCASDataConnectorDataTypes{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // DiscoveryLogs: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // &armsecurityinsights.AATPDataConnector{ - // Name: to.Ptr("07e42cb3-e658-4e90-801c-efa0f29d3d44"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/07e42cb3-e658-4e90-801c-efa0f29d3d44"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureAdvancedThreatProtection), - // Properties: &armsecurityinsights.AATPDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // &armsecurityinsights.AwsCloudTrailDataConnector{ - // Name: to.Ptr("c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAmazonWebServicesCloudTrail), - // Properties: &armsecurityinsights.AwsCloudTrailDataConnectorProperties{ - // AwsRoleArn: to.Ptr("myAwsRoleArn"), - // DataTypes: &armsecurityinsights.AwsCloudTrailDataConnectorDataTypes{ - // Logs: &armsecurityinsights.AwsCloudTrailDataConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // &armsecurityinsights.MDATPDataConnector{ - // Name: to.Ptr("06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftDefenderAdvancedThreatProtection), - // Properties: &armsecurityinsights.MDATPDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/GetAzureSecurityCenterById.json -func ExampleDataConnectorsClient_Get_getAAscDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "763f9fa1-c2d3-4fa2-93e9-bccd4899aa12", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.ASCDataConnector{ - // Name: to.Ptr("763f9fa1-c2d3-4fa2-93e9-bccd4899aa12"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/763f9fa1-c2d3-4fa2-93e9-bccd4899aa12"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureSecurityCenter), - // Properties: &armsecurityinsights.ASCDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // SubscriptionID: to.Ptr("c0688291-89d7-4bed-87a2-a7b1bff43f4c"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/GetMicrosoftCloudAppSecurityById.json -func ExampleDataConnectorsClient_Get_getAMcasDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "b96d014d-b5c2-4a01-9aba-a8058f629d42", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.MCASDataConnector{ - // Name: to.Ptr("b96d014d-b5c2-4a01-9aba-a8058f629d42"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/b96d014d-b5c2-4a01-9aba-a8058f629d42"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftCloudAppSecurity), - // Properties: &armsecurityinsights.MCASDataConnectorProperties{ - // DataTypes: &armsecurityinsights.MCASDataConnectorDataTypes{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // DiscoveryLogs: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/GetMicrosoftDefenderAdvancedThreatProtectionById.json -func ExampleDataConnectorsClient_Get_getAMdatpDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "06b3ccb8-1384-4bcc-aec7-852f6d57161b", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.MDATPDataConnector{ - // Name: to.Ptr("06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindMicrosoftDefenderAdvancedThreatProtection), - // Properties: &armsecurityinsights.MDATPDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/GetThreatIntelligenceById.json -func ExampleDataConnectorsClient_Get_getATiDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.TIDataConnector{ - // Name: to.Ptr("c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligence), - // Properties: &armsecurityinsights.TIDataConnectorProperties{ - // DataTypes: &armsecurityinsights.TIDataConnectorDataTypes{ - // Indicators: &armsecurityinsights.TIDataConnectorDataTypesIndicators{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // TipLookbackPeriod: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-01-01T13:00:30.123Z"); return t}()), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/GetAzureActiveDirectoryById.json -func ExampleDataConnectorsClient_Get_getAnAadDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.AADDataConnector{ - // Name: to.Ptr("f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureActiveDirectory), - // Properties: &armsecurityinsights.AADDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/GetAzureAdvancedThreatProtectionById.json -func ExampleDataConnectorsClient_Get_getAnAatpDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "07e42cb3-e658-4e90-801c-efa0f29d3d44", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.AATPDataConnector{ - // Name: to.Ptr("07e42cb3-e658-4e90-801c-efa0f29d3d44"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/07e42cb3-e658-4e90-801c-efa0f29d3d44"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAzureAdvancedThreatProtection), - // Properties: &armsecurityinsights.AATPDataConnectorProperties{ - // DataTypes: &armsecurityinsights.AlertsDataTypeOfDataConnector{ - // Alerts: &armsecurityinsights.DataConnectorDataTypeCommon{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/GetAmazonWebServicesCloudTrailById.json -func ExampleDataConnectorsClient_Get_getAnAwsCloudTrailDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.AwsCloudTrailDataConnector{ - // Name: to.Ptr("c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/c345bf40-8509-4ed2-b947-50cb773aaf04"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindAmazonWebServicesCloudTrail), - // Properties: &armsecurityinsights.AwsCloudTrailDataConnectorProperties{ - // AwsRoleArn: to.Ptr("myAwsRoleArn"), - // DataTypes: &armsecurityinsights.AwsCloudTrailDataConnectorDataTypes{ - // Logs: &armsecurityinsights.AwsCloudTrailDataConnectorDataTypesLogs{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/GetOfficeDataConnetorById.json -func ExampleDataConnectorsClient_Get_getAnOffice365DataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientGetResponse{ - // DataConnectorClassification: &armsecurityinsights.OfficeDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365), - // Properties: &armsecurityinsights.OfficeDataConnectorProperties{ - // DataTypes: &armsecurityinsights.OfficeDataConnectorDataTypes{ - // Exchange: &armsecurityinsights.OfficeDataConnectorDataTypesExchange{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // SharePoint: &armsecurityinsights.OfficeDataConnectorDataTypesSharePoint{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // Teams: &armsecurityinsights.OfficeDataConnectorDataTypesTeams{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/CreateOfficeDataConnetor.json -func ExampleDataConnectorsClient_CreateOrUpdate_createsOrUpdatesAnOffice365DataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.OfficeDataConnector{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365), - Properties: &armsecurityinsights.OfficeDataConnectorProperties{ - DataTypes: &armsecurityinsights.OfficeDataConnectorDataTypes{ - Exchange: &armsecurityinsights.OfficeDataConnectorDataTypesExchange{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - SharePoint: &armsecurityinsights.OfficeDataConnectorDataTypesSharePoint{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - Teams: &armsecurityinsights.OfficeDataConnectorDataTypesTeams{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - }, - TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse{ - // DataConnectorClassification: &armsecurityinsights.OfficeDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindOffice365), - // Properties: &armsecurityinsights.OfficeDataConnectorProperties{ - // DataTypes: &armsecurityinsights.OfficeDataConnectorDataTypes{ - // Exchange: &armsecurityinsights.OfficeDataConnectorDataTypesExchange{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // SharePoint: &armsecurityinsights.OfficeDataConnectorDataTypesSharePoint{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // Teams: &armsecurityinsights.OfficeDataConnectorDataTypesTeams{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/CreateThreatIntelligenceDataConnector.json -func ExampleDataConnectorsClient_CreateOrUpdate_createsOrUpdatesAnThreatIntelligencePlatformDataConnector() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewDataConnectorsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.TIDataConnector{ - Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligence), - Properties: &armsecurityinsights.TIDataConnectorProperties{ - DataTypes: &armsecurityinsights.TIDataConnectorDataTypes{ - Indicators: &armsecurityinsights.TIDataConnectorDataTypesIndicators{ - State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - }, - }, - TenantID: to.Ptr("06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - TipLookbackPeriod: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-01-01T13:00:30.123Z"); return t }()), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse{ - // DataConnectorClassification: &armsecurityinsights.TIDataConnector{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/dataConnectors"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/dataConnectors/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Kind: to.Ptr(armsecurityinsights.DataConnectorKindThreatIntelligence), - // Properties: &armsecurityinsights.TIDataConnectorProperties{ - // DataTypes: &armsecurityinsights.TIDataConnectorDataTypes{ - // Indicators: &armsecurityinsights.TIDataConnectorDataTypesIndicators{ - // State: to.Ptr(armsecurityinsights.DataTypeStateEnabled), - // }, - // }, - // TenantID: to.Ptr("06b3ccb8-1384-4bcc-aec7-852f6d57161b"), - // TipLookbackPeriod: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-01-01T13:00:30.123Z"); return t}()), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/dataConnectors/DeleteOfficeDataConnetor.json -func ExampleDataConnectorsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewDataConnectorsClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client.go new file mode 100644 index 000000000000..baab24b18d59 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/dataconnectorscheckrequirements_client.go @@ -0,0 +1,113 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// DataConnectorsCheckRequirementsClient contains the methods for the DataConnectorsCheckRequirements group. +// Don't use this type directly, use NewDataConnectorsCheckRequirementsClient() instead. +type DataConnectorsCheckRequirementsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewDataConnectorsCheckRequirementsClient creates a new instance of DataConnectorsCheckRequirementsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewDataConnectorsCheckRequirementsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*DataConnectorsCheckRequirementsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &DataConnectorsCheckRequirementsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Post - Get requirements state for a data connector type. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - dataConnectorsCheckRequirements - The parameters for requirements check message +// - options - DataConnectorsCheckRequirementsClientPostOptions contains the optional parameters for the DataConnectorsCheckRequirementsClient.Post +// method. +func (client *DataConnectorsCheckRequirementsClient) Post(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorsCheckRequirements DataConnectorsCheckRequirementsClassification, options *DataConnectorsCheckRequirementsClientPostOptions) (DataConnectorsCheckRequirementsClientPostResponse, error) { + var err error + const operationName = "DataConnectorsCheckRequirementsClient.Post" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.postCreateRequest(ctx, resourceGroupName, workspaceName, dataConnectorsCheckRequirements, options) + if err != nil { + return DataConnectorsCheckRequirementsClientPostResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DataConnectorsCheckRequirementsClientPostResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return DataConnectorsCheckRequirementsClientPostResponse{}, err + } + resp, err := client.postHandleResponse(httpResp) + return resp, err +} + +// postCreateRequest creates the Post request. +func (client *DataConnectorsCheckRequirementsClient) postCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorsCheckRequirements DataConnectorsCheckRequirementsClassification, options *DataConnectorsCheckRequirementsClientPostOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorsCheckRequirements" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, dataConnectorsCheckRequirements); err != nil { + return nil, err + } + return req, nil +} + +// postHandleResponse handles the Post response. +func (client *DataConnectorsCheckRequirementsClient) postHandleResponse(resp *http.Response) (DataConnectorsCheckRequirementsClientPostResponse, error) { + result := DataConnectorsCheckRequirementsClientPostResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.DataConnectorRequirementsState); err != nil { + return DataConnectorsCheckRequirementsClientPostResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/date_type.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/date_type.go new file mode 100644 index 000000000000..6040de1564ac --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/date_type.go @@ -0,0 +1,58 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "encoding/json" + "fmt" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "reflect" + "time" +) + +const ( + fullDateJSON = `"2006-01-02"` + jsonFormat = `"%04d-%02d-%02d"` +) + +type dateType time.Time + +func (t dateType) MarshalJSON() ([]byte, error) { + return []byte(fmt.Sprintf(jsonFormat, time.Time(t).Year(), time.Time(t).Month(), time.Time(t).Day())), nil +} + +func (d *dateType) UnmarshalJSON(data []byte) (err error) { + t, err := time.Parse(fullDateJSON, string(data)) + *d = (dateType)(t) + return err +} + +func populateDateType(m map[string]any, k string, t *time.Time) { + if t == nil { + return + } else if azcore.IsNullValue(t) { + m[k] = nil + return + } else if reflect.ValueOf(t).IsNil() { + return + } + m[k] = (*dateType)(t) +} + +func unpopulateDateType(data json.RawMessage, fn string, t **time.Time) error { + if data == nil || string(data) == "null" { + return nil + } + var aux dateType + if err := json.Unmarshal(data, &aux); err != nil { + return fmt.Errorf("struct field %s: %v", fn, err) + } + *t = (*time.Time)(&aux) + return nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/domainwhois_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/domainwhois_client.go new file mode 100644 index 000000000000..9b1b3c38fec9 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/domainwhois_client.go @@ -0,0 +1,105 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// DomainWhoisClient contains the methods for the DomainWhois group. +// Don't use this type directly, use NewDomainWhoisClient() instead. +type DomainWhoisClient struct { + internal *arm.Client + subscriptionID string +} + +// NewDomainWhoisClient creates a new instance of DomainWhoisClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewDomainWhoisClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*DomainWhoisClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &DomainWhoisClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Get whois information for a single domain name +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - domain - Domain name to be enriched +// - options - DomainWhoisClientGetOptions contains the optional parameters for the DomainWhoisClient.Get method. +func (client *DomainWhoisClient) Get(ctx context.Context, resourceGroupName string, domain string, options *DomainWhoisClientGetOptions) (DomainWhoisClientGetResponse, error) { + var err error + const operationName = "DomainWhoisClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, domain, options) + if err != nil { + return DomainWhoisClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DomainWhoisClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return DomainWhoisClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *DomainWhoisClient) getCreateRequest(ctx context.Context, resourceGroupName string, domain string, options *DomainWhoisClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/domain/whois/" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + reqQP.Set("domain", domain) + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *DomainWhoisClient) getHandleResponse(resp *http.Response) (DomainWhoisClientGetResponse, error) { + result := DomainWhoisClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EnrichmentDomainWhois); err != nil { + return DomainWhoisClientGetResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client.go new file mode 100644 index 000000000000..f8df083ae8dd --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entities_client.go @@ -0,0 +1,459 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// EntitiesClient contains the methods for the Entities group. +// Don't use this type directly, use NewEntitiesClient() instead. +type EntitiesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewEntitiesClient creates a new instance of EntitiesClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewEntitiesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntitiesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &EntitiesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Expand - Expands an entity. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityID - entity ID +// - parameters - The parameters required to execute an expand operation on the given entity. +// - options - EntitiesClientExpandOptions contains the optional parameters for the EntitiesClient.Expand method. +func (client *EntitiesClient) Expand(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityExpandParameters, options *EntitiesClientExpandOptions) (EntitiesClientExpandResponse, error) { + var err error + const operationName = "EntitiesClient.Expand" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.expandCreateRequest(ctx, resourceGroupName, workspaceName, entityID, parameters, options) + if err != nil { + return EntitiesClientExpandResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntitiesClientExpandResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return EntitiesClientExpandResponse{}, err + } + resp, err := client.expandHandleResponse(httpResp) + return resp, err +} + +// expandCreateRequest creates the Expand request. +func (client *EntitiesClient) expandCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityExpandParameters, options *EntitiesClientExpandOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/expand" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityID == "" { + return nil, errors.New("parameter entityID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityId}", url.PathEscape(entityID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// expandHandleResponse handles the Expand response. +func (client *EntitiesClient) expandHandleResponse(resp *http.Response) (EntitiesClientExpandResponse, error) { + result := EntitiesClientExpandResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EntityExpandResponse); err != nil { + return EntitiesClientExpandResponse{}, err + } + return result, nil +} + +// Get - Gets an entity. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityID - entity ID +// - options - EntitiesClientGetOptions contains the optional parameters for the EntitiesClient.Get method. +func (client *EntitiesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, options *EntitiesClientGetOptions) (EntitiesClientGetResponse, error) { + var err error + const operationName = "EntitiesClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, entityID, options) + if err != nil { + return EntitiesClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntitiesClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return EntitiesClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *EntitiesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, options *EntitiesClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityID == "" { + return nil, errors.New("parameter entityID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityId}", url.PathEscape(entityID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *EntitiesClient) getHandleResponse(resp *http.Response) (EntitiesClientGetResponse, error) { + result := EntitiesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return EntitiesClientGetResponse{}, err + } + return result, nil +} + +// GetInsights - Execute Insights for an entity. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityID - entity ID +// - parameters - The parameters required to execute insights on the given entity. +// - options - EntitiesClientGetInsightsOptions contains the optional parameters for the EntitiesClient.GetInsights method. +func (client *EntitiesClient) GetInsights(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityGetInsightsParameters, options *EntitiesClientGetInsightsOptions) (EntitiesClientGetInsightsResponse, error) { + var err error + const operationName = "EntitiesClient.GetInsights" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getInsightsCreateRequest(ctx, resourceGroupName, workspaceName, entityID, parameters, options) + if err != nil { + return EntitiesClientGetInsightsResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntitiesClientGetInsightsResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return EntitiesClientGetInsightsResponse{}, err + } + resp, err := client.getInsightsHandleResponse(httpResp) + return resp, err +} + +// getInsightsCreateRequest creates the GetInsights request. +func (client *EntitiesClient) getInsightsCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityGetInsightsParameters, options *EntitiesClientGetInsightsOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/getInsights" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityID == "" { + return nil, errors.New("parameter entityID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityId}", url.PathEscape(entityID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// getInsightsHandleResponse handles the GetInsights response. +func (client *EntitiesClient) getInsightsHandleResponse(resp *http.Response) (EntitiesClientGetInsightsResponse, error) { + result := EntitiesClientGetInsightsResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EntityGetInsightsResponse); err != nil { + return EntitiesClientGetInsightsResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all entities. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - EntitiesClientListOptions contains the optional parameters for the EntitiesClient.NewListPager method. +func (client *EntitiesClient) NewListPager(resourceGroupName string, workspaceName string, options *EntitiesClientListOptions) *runtime.Pager[EntitiesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[EntitiesClientListResponse]{ + More: func(page EntitiesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *EntitiesClientListResponse) (EntitiesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "EntitiesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return EntitiesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *EntitiesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *EntitiesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *EntitiesClient) listHandleResponse(resp *http.Response) (EntitiesClientListResponse, error) { + result := EntitiesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EntityList); err != nil { + return EntitiesClientListResponse{}, err + } + return result, nil +} + +// Queries - Get Insights and Activities for an entity. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityID - entity ID +// - kind - The Kind parameter for queries +// - options - EntitiesClientQueriesOptions contains the optional parameters for the EntitiesClient.Queries method. +func (client *EntitiesClient) Queries(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, kind EntityItemQueryKind, options *EntitiesClientQueriesOptions) (EntitiesClientQueriesResponse, error) { + var err error + const operationName = "EntitiesClient.Queries" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.queriesCreateRequest(ctx, resourceGroupName, workspaceName, entityID, kind, options) + if err != nil { + return EntitiesClientQueriesResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntitiesClientQueriesResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return EntitiesClientQueriesResponse{}, err + } + resp, err := client.queriesHandleResponse(httpResp) + return resp, err +} + +// queriesCreateRequest creates the Queries request. +func (client *EntitiesClient) queriesCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, kind EntityItemQueryKind, options *EntitiesClientQueriesOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/queries" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityID == "" { + return nil, errors.New("parameter entityID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityId}", url.PathEscape(entityID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + reqQP.Set("kind", string(kind)) + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// queriesHandleResponse handles the Queries response. +func (client *EntitiesClient) queriesHandleResponse(resp *http.Response) (EntitiesClientQueriesResponse, error) { + result := EntitiesClientQueriesResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.GetQueriesResponse); err != nil { + return EntitiesClientQueriesResponse{}, err + } + return result, nil +} + +// RunPlaybook - Triggers playbook on a specific entity. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityIdentifier - Entity identifier. +// - options - EntitiesClientRunPlaybookOptions contains the optional parameters for the EntitiesClient.RunPlaybook method. +func (client *EntitiesClient) RunPlaybook(ctx context.Context, resourceGroupName string, workspaceName string, entityIdentifier string, options *EntitiesClientRunPlaybookOptions) (EntitiesClientRunPlaybookResponse, error) { + var err error + const operationName = "EntitiesClient.RunPlaybook" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.runPlaybookCreateRequest(ctx, resourceGroupName, workspaceName, entityIdentifier, options) + if err != nil { + return EntitiesClientRunPlaybookResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntitiesClientRunPlaybookResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return EntitiesClientRunPlaybookResponse{}, err + } + return EntitiesClientRunPlaybookResponse{}, nil +} + +// runPlaybookCreateRequest creates the RunPlaybook request. +func (client *EntitiesClient) runPlaybookCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityIdentifier string, options *EntitiesClientRunPlaybookOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityIdentifier}/runPlaybook" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityIdentifier == "" { + return nil, errors.New("parameter entityIdentifier cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityIdentifier}", url.PathEscape(entityIdentifier)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.RequestBody != nil { + if err := runtime.MarshalAsJSON(req, *options.RequestBody); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client.go new file mode 100644 index 000000000000..d28a1c986980 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesgettimeline_client.go @@ -0,0 +1,118 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// EntitiesGetTimelineClient contains the methods for the EntitiesGetTimeline group. +// Don't use this type directly, use NewEntitiesGetTimelineClient() instead. +type EntitiesGetTimelineClient struct { + internal *arm.Client + subscriptionID string +} + +// NewEntitiesGetTimelineClient creates a new instance of EntitiesGetTimelineClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewEntitiesGetTimelineClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntitiesGetTimelineClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &EntitiesGetTimelineClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// List - Timeline for an entity. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityID - entity ID +// - parameters - The parameters required to execute an timeline operation on the given entity. +// - options - EntitiesGetTimelineClientListOptions contains the optional parameters for the EntitiesGetTimelineClient.List +// method. +func (client *EntitiesGetTimelineClient) List(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityTimelineParameters, options *EntitiesGetTimelineClientListOptions) (EntitiesGetTimelineClientListResponse, error) { + var err error + const operationName = "EntitiesGetTimelineClient.List" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.listCreateRequest(ctx, resourceGroupName, workspaceName, entityID, parameters, options) + if err != nil { + return EntitiesGetTimelineClientListResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntitiesGetTimelineClientListResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return EntitiesGetTimelineClientListResponse{}, err + } + resp, err := client.listHandleResponse(httpResp) + return resp, err +} + +// listCreateRequest creates the List request. +func (client *EntitiesGetTimelineClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityTimelineParameters, options *EntitiesGetTimelineClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/getTimeline" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityID == "" { + return nil, errors.New("parameter entityID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityId}", url.PathEscape(entityID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// listHandleResponse handles the List response. +func (client *EntitiesGetTimelineClient) listHandleResponse(resp *http.Response) (EntitiesGetTimelineClientListResponse, error) { + result := EntitiesGetTimelineClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EntityTimelineResponse); err != nil { + return EntitiesGetTimelineClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client.go new file mode 100644 index 000000000000..cdb39573ff70 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entitiesrelations_client.go @@ -0,0 +1,127 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// EntitiesRelationsClient contains the methods for the EntitiesRelations group. +// Don't use this type directly, use NewEntitiesRelationsClient() instead. +type EntitiesRelationsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewEntitiesRelationsClient creates a new instance of EntitiesRelationsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewEntitiesRelationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntitiesRelationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &EntitiesRelationsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets all relations of an entity. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityID - entity ID +// - options - EntitiesRelationsClientListOptions contains the optional parameters for the EntitiesRelationsClient.NewListPager +// method. +func (client *EntitiesRelationsClient) NewListPager(resourceGroupName string, workspaceName string, entityID string, options *EntitiesRelationsClientListOptions) *runtime.Pager[EntitiesRelationsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[EntitiesRelationsClientListResponse]{ + More: func(page EntitiesRelationsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *EntitiesRelationsClientListResponse) (EntitiesRelationsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "EntitiesRelationsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, entityID, options) + }, nil) + if err != nil { + return EntitiesRelationsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *EntitiesRelationsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, options *EntitiesRelationsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityID == "" { + return nil, errors.New("parameter entityID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityId}", url.PathEscape(entityID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *EntitiesRelationsClient) listHandleResponse(resp *http.Response) (EntitiesRelationsClientListResponse, error) { + result := EntitiesRelationsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RelationList); err != nil { + return EntitiesRelationsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client.go new file mode 100644 index 000000000000..5763de2f7c97 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityqueries_client.go @@ -0,0 +1,313 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// EntityQueriesClient contains the methods for the EntityQueries group. +// Don't use this type directly, use NewEntityQueriesClient() instead. +type EntityQueriesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewEntityQueriesClient creates a new instance of EntityQueriesClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewEntityQueriesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntityQueriesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &EntityQueriesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates the entity query. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityQueryID - entity query ID +// - entityQuery - The entity query we want to create or update +// - options - EntityQueriesClientCreateOrUpdateOptions contains the optional parameters for the EntityQueriesClient.CreateOrUpdate +// method. +func (client *EntityQueriesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, entityQuery CustomEntityQueryClassification, options *EntityQueriesClientCreateOrUpdateOptions) (EntityQueriesClientCreateOrUpdateResponse, error) { + var err error + const operationName = "EntityQueriesClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, entityQueryID, entityQuery, options) + if err != nil { + return EntityQueriesClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntityQueriesClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return EntityQueriesClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *EntityQueriesClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, entityQuery CustomEntityQueryClassification, options *EntityQueriesClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityQueryID == "" { + return nil, errors.New("parameter entityQueryID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityQueryId}", url.PathEscape(entityQueryID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, entityQuery); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *EntityQueriesClient) createOrUpdateHandleResponse(resp *http.Response) (EntityQueriesClientCreateOrUpdateResponse, error) { + result := EntityQueriesClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return EntityQueriesClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete the entity query. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityQueryID - entity query ID +// - options - EntityQueriesClientDeleteOptions contains the optional parameters for the EntityQueriesClient.Delete method. +func (client *EntityQueriesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, options *EntityQueriesClientDeleteOptions) (EntityQueriesClientDeleteResponse, error) { + var err error + const operationName = "EntityQueriesClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, entityQueryID, options) + if err != nil { + return EntityQueriesClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntityQueriesClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return EntityQueriesClientDeleteResponse{}, err + } + return EntityQueriesClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *EntityQueriesClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, options *EntityQueriesClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityQueryID == "" { + return nil, errors.New("parameter entityQueryID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityQueryId}", url.PathEscape(entityQueryID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets an entity query. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityQueryID - entity query ID +// - options - EntityQueriesClientGetOptions contains the optional parameters for the EntityQueriesClient.Get method. +func (client *EntityQueriesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, options *EntityQueriesClientGetOptions) (EntityQueriesClientGetResponse, error) { + var err error + const operationName = "EntityQueriesClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, entityQueryID, options) + if err != nil { + return EntityQueriesClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntityQueriesClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return EntityQueriesClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *EntityQueriesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, options *EntityQueriesClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityQueryID == "" { + return nil, errors.New("parameter entityQueryID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityQueryId}", url.PathEscape(entityQueryID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *EntityQueriesClient) getHandleResponse(resp *http.Response) (EntityQueriesClientGetResponse, error) { + result := EntityQueriesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return EntityQueriesClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all entity queries. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - EntityQueriesClientListOptions contains the optional parameters for the EntityQueriesClient.NewListPager method. +func (client *EntityQueriesClient) NewListPager(resourceGroupName string, workspaceName string, options *EntityQueriesClientListOptions) *runtime.Pager[EntityQueriesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[EntityQueriesClientListResponse]{ + More: func(page EntityQueriesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *EntityQueriesClientListResponse) (EntityQueriesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "EntityQueriesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return EntityQueriesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *EntityQueriesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *EntityQueriesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + if options != nil && options.Kind != nil { + reqQP.Set("kind", string(*options.Kind)) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *EntityQueriesClient) listHandleResponse(resp *http.Response) (EntityQueriesClientListResponse, error) { + result := EntityQueriesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EntityQueryList); err != nil { + return EntityQueriesClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client.go new file mode 100644 index 000000000000..a6fc857440b4 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityquerytemplates_client.go @@ -0,0 +1,182 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// EntityQueryTemplatesClient contains the methods for the EntityQueryTemplates group. +// Don't use this type directly, use NewEntityQueryTemplatesClient() instead. +type EntityQueryTemplatesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewEntityQueryTemplatesClient creates a new instance of EntityQueryTemplatesClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewEntityQueryTemplatesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntityQueryTemplatesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &EntityQueryTemplatesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Gets an entity query. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityQueryTemplateID - entity query template ID +// - options - EntityQueryTemplatesClientGetOptions contains the optional parameters for the EntityQueryTemplatesClient.Get +// method. +func (client *EntityQueryTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryTemplateID string, options *EntityQueryTemplatesClientGetOptions) (EntityQueryTemplatesClientGetResponse, error) { + var err error + const operationName = "EntityQueryTemplatesClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, entityQueryTemplateID, options) + if err != nil { + return EntityQueryTemplatesClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntityQueryTemplatesClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return EntityQueryTemplatesClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *EntityQueryTemplatesClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryTemplateID string, options *EntityQueryTemplatesClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueryTemplates/{entityQueryTemplateId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityQueryTemplateID == "" { + return nil, errors.New("parameter entityQueryTemplateID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityQueryTemplateId}", url.PathEscape(entityQueryTemplateID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *EntityQueryTemplatesClient) getHandleResponse(resp *http.Response) (EntityQueryTemplatesClientGetResponse, error) { + result := EntityQueryTemplatesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return EntityQueryTemplatesClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all entity query templates. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - EntityQueryTemplatesClientListOptions contains the optional parameters for the EntityQueryTemplatesClient.NewListPager +// method. +func (client *EntityQueryTemplatesClient) NewListPager(resourceGroupName string, workspaceName string, options *EntityQueryTemplatesClientListOptions) *runtime.Pager[EntityQueryTemplatesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[EntityQueryTemplatesClientListResponse]{ + More: func(page EntityQueryTemplatesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *EntityQueryTemplatesClientListResponse) (EntityQueryTemplatesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "EntityQueryTemplatesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return EntityQueryTemplatesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *EntityQueryTemplatesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *EntityQueryTemplatesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueryTemplates" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + if options != nil && options.Kind != nil { + reqQP.Set("kind", string(*options.Kind)) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *EntityQueryTemplatesClient) listHandleResponse(resp *http.Response) (EntityQueryTemplatesClientListResponse, error) { + result := EntityQueryTemplatesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EntityQueryTemplateList); err != nil { + return EntityQueryTemplatesClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client.go new file mode 100644 index 000000000000..0e4d5dd04c9a --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/entityrelations_client.go @@ -0,0 +1,119 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// EntityRelationsClient contains the methods for the EntityRelations group. +// Don't use this type directly, use NewEntityRelationsClient() instead. +type EntityRelationsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewEntityRelationsClient creates a new instance of EntityRelationsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewEntityRelationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*EntityRelationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &EntityRelationsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// GetRelation - Gets an entity relation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - entityID - entity ID +// - relationName - Relation Name +// - options - EntityRelationsClientGetRelationOptions contains the optional parameters for the EntityRelationsClient.GetRelation +// method. +func (client *EntityRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, relationName string, options *EntityRelationsClientGetRelationOptions) (EntityRelationsClientGetRelationResponse, error) { + var err error + const operationName = "EntityRelationsClient.GetRelation" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getRelationCreateRequest(ctx, resourceGroupName, workspaceName, entityID, relationName, options) + if err != nil { + return EntityRelationsClientGetRelationResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return EntityRelationsClientGetRelationResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return EntityRelationsClientGetRelationResponse{}, err + } + resp, err := client.getRelationHandleResponse(httpResp) + return resp, err +} + +// getRelationCreateRequest creates the GetRelation request. +func (client *EntityRelationsClient) getRelationCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, relationName string, options *EntityRelationsClientGetRelationOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations/{relationName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if entityID == "" { + return nil, errors.New("parameter entityID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{entityId}", url.PathEscape(entityID)) + if relationName == "" { + return nil, errors.New("parameter relationName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{relationName}", url.PathEscape(relationName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getRelationHandleResponse handles the GetRelation response. +func (client *EntityRelationsClient) getRelationHandleResponse(resp *http.Response) (EntityRelationsClientGetRelationResponse, error) { + result := EntityRelationsClientGetRelationResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Relation); err != nil { + return EntityRelationsClientGetRelationResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/actions_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/actions_server.go index 6d5d25e5cf01..309130bc5925 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/actions_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/actions_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrule_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrule_server.go new file mode 100644 index 000000000000..ee09c7b9949b --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrule_server.go @@ -0,0 +1,123 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// AlertRuleServer is a fake server for instances of the armsecurityinsights.AlertRuleClient type. +type AlertRuleServer struct { + // BeginTriggerRuleRun is the fake for method AlertRuleClient.BeginTriggerRuleRun + // HTTP status codes to indicate success: http.StatusAccepted + BeginTriggerRuleRun func(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, analyticsRuleRunTriggerParameter armsecurityinsights.AnalyticsRuleRunTrigger, options *armsecurityinsights.AlertRuleClientBeginTriggerRuleRunOptions) (resp azfake.PollerResponder[armsecurityinsights.AlertRuleClientTriggerRuleRunResponse], errResp azfake.ErrorResponder) +} + +// NewAlertRuleServerTransport creates a new instance of AlertRuleServerTransport with the provided implementation. +// The returned AlertRuleServerTransport instance is connected to an instance of armsecurityinsights.AlertRuleClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewAlertRuleServerTransport(srv *AlertRuleServer) *AlertRuleServerTransport { + return &AlertRuleServerTransport{ + srv: srv, + beginTriggerRuleRun: newTracker[azfake.PollerResponder[armsecurityinsights.AlertRuleClientTriggerRuleRunResponse]](), + } +} + +// AlertRuleServerTransport connects instances of armsecurityinsights.AlertRuleClient to instances of AlertRuleServer. +// Don't use this type directly, use NewAlertRuleServerTransport instead. +type AlertRuleServerTransport struct { + srv *AlertRuleServer + beginTriggerRuleRun *tracker[azfake.PollerResponder[armsecurityinsights.AlertRuleClientTriggerRuleRunResponse]] +} + +// Do implements the policy.Transporter interface for AlertRuleServerTransport. +func (a *AlertRuleServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "AlertRuleClient.BeginTriggerRuleRun": + resp, err = a.dispatchBeginTriggerRuleRun(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (a *AlertRuleServerTransport) dispatchBeginTriggerRuleRun(req *http.Request) (*http.Response, error) { + if a.srv.BeginTriggerRuleRun == nil { + return nil, &nonRetriableError{errors.New("fake for method BeginTriggerRuleRun not implemented")} + } + beginTriggerRuleRun := a.beginTriggerRuleRun.get(req) + if beginTriggerRuleRun == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/alertRules/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/triggerRuleRun` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.AnalyticsRuleRunTrigger](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + ruleIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("ruleId")]) + if err != nil { + return nil, err + } + respr, errRespr := a.srv.BeginTriggerRuleRun(req.Context(), resourceGroupNameParam, workspaceNameParam, ruleIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + beginTriggerRuleRun = &respr + a.beginTriggerRuleRun.add(req, beginTriggerRuleRun) + } + + resp, err := server.PollerResponderNext(beginTriggerRuleRun, req) + if err != nil { + return nil, err + } + + if !contains([]int{http.StatusAccepted}, resp.StatusCode) { + a.beginTriggerRuleRun.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusAccepted", resp.StatusCode)} + } + if !server.PollerResponderMore(beginTriggerRuleRun) { + a.beginTriggerRuleRun.remove(req) + } + + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrules_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrules_server.go index 29aaa2ca2d9c..de09abccc636 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrules_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertrules_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertruletemplates_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertruletemplates_server.go index 805a9c10348c..833aae678dff 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertruletemplates_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/alertruletemplates_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/automationrules_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/automationrules_server.go index c8dd8ff03b8e..6782e390b727 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/automationrules_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/automationrules_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "reflect" diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/billingstatistics_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/billingstatistics_server.go new file mode 100644 index 000000000000..15fd814c6cbe --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/billingstatistics_server.go @@ -0,0 +1,156 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// BillingStatisticsServer is a fake server for instances of the armsecurityinsights.BillingStatisticsClient type. +type BillingStatisticsServer struct { + // Get is the fake for method BillingStatisticsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, billingStatisticName string, options *armsecurityinsights.BillingStatisticsClientGetOptions) (resp azfake.Responder[armsecurityinsights.BillingStatisticsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method BillingStatisticsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.BillingStatisticsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.BillingStatisticsClientListResponse]) +} + +// NewBillingStatisticsServerTransport creates a new instance of BillingStatisticsServerTransport with the provided implementation. +// The returned BillingStatisticsServerTransport instance is connected to an instance of armsecurityinsights.BillingStatisticsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewBillingStatisticsServerTransport(srv *BillingStatisticsServer) *BillingStatisticsServerTransport { + return &BillingStatisticsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.BillingStatisticsClientListResponse]](), + } +} + +// BillingStatisticsServerTransport connects instances of armsecurityinsights.BillingStatisticsClient to instances of BillingStatisticsServer. +// Don't use this type directly, use NewBillingStatisticsServerTransport instead. +type BillingStatisticsServerTransport struct { + srv *BillingStatisticsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.BillingStatisticsClientListResponse]] +} + +// Do implements the policy.Transporter interface for BillingStatisticsServerTransport. +func (b *BillingStatisticsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "BillingStatisticsClient.Get": + resp, err = b.dispatchGet(req) + case "BillingStatisticsClient.NewListPager": + resp, err = b.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (b *BillingStatisticsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if b.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/billingStatistics/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + billingStatisticNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("billingStatisticName")]) + if err != nil { + return nil, err + } + respr, errRespr := b.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, billingStatisticNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).BillingStatisticClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (b *BillingStatisticsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if b.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := b.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/billingStatistics` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := b.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + b.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.BillingStatisticsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + b.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + b.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmark_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmark_server.go new file mode 100644 index 000000000000..e005536c606a --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmark_server.go @@ -0,0 +1,108 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// BookmarkServer is a fake server for instances of the armsecurityinsights.BookmarkClient type. +type BookmarkServer struct { + // Expand is the fake for method BookmarkClient.Expand + // HTTP status codes to indicate success: http.StatusOK + Expand func(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, parameters armsecurityinsights.BookmarkExpandParameters, options *armsecurityinsights.BookmarkClientExpandOptions) (resp azfake.Responder[armsecurityinsights.BookmarkClientExpandResponse], errResp azfake.ErrorResponder) +} + +// NewBookmarkServerTransport creates a new instance of BookmarkServerTransport with the provided implementation. +// The returned BookmarkServerTransport instance is connected to an instance of armsecurityinsights.BookmarkClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewBookmarkServerTransport(srv *BookmarkServer) *BookmarkServerTransport { + return &BookmarkServerTransport{srv: srv} +} + +// BookmarkServerTransport connects instances of armsecurityinsights.BookmarkClient to instances of BookmarkServer. +// Don't use this type directly, use NewBookmarkServerTransport instead. +type BookmarkServerTransport struct { + srv *BookmarkServer +} + +// Do implements the policy.Transporter interface for BookmarkServerTransport. +func (b *BookmarkServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "BookmarkClient.Expand": + resp, err = b.dispatchExpand(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (b *BookmarkServerTransport) dispatchExpand(req *http.Request) (*http.Response, error) { + if b.srv.Expand == nil { + return nil, &nonRetriableError{errors.New("fake for method Expand not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/bookmarks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/expand` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.BookmarkExpandParameters](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + bookmarkIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("bookmarkId")]) + if err != nil { + return nil, err + } + respr, errRespr := b.srv.Expand(req.Context(), resourceGroupNameParam, workspaceNameParam, bookmarkIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).BookmarkExpandResponse, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarkrelations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarkrelations_server.go new file mode 100644 index 000000000000..e97bb37915f4 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarkrelations_server.go @@ -0,0 +1,302 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// BookmarkRelationsServer is a fake server for instances of the armsecurityinsights.BookmarkRelationsClient type. +type BookmarkRelationsServer struct { + // CreateOrUpdate is the fake for method BookmarkRelationsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, relation armsecurityinsights.Relation, options *armsecurityinsights.BookmarkRelationsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.BookmarkRelationsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method BookmarkRelationsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, options *armsecurityinsights.BookmarkRelationsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.BookmarkRelationsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method BookmarkRelationsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, options *armsecurityinsights.BookmarkRelationsClientGetOptions) (resp azfake.Responder[armsecurityinsights.BookmarkRelationsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method BookmarkRelationsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, bookmarkID string, options *armsecurityinsights.BookmarkRelationsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.BookmarkRelationsClientListResponse]) +} + +// NewBookmarkRelationsServerTransport creates a new instance of BookmarkRelationsServerTransport with the provided implementation. +// The returned BookmarkRelationsServerTransport instance is connected to an instance of armsecurityinsights.BookmarkRelationsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewBookmarkRelationsServerTransport(srv *BookmarkRelationsServer) *BookmarkRelationsServerTransport { + return &BookmarkRelationsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.BookmarkRelationsClientListResponse]](), + } +} + +// BookmarkRelationsServerTransport connects instances of armsecurityinsights.BookmarkRelationsClient to instances of BookmarkRelationsServer. +// Don't use this type directly, use NewBookmarkRelationsServerTransport instead. +type BookmarkRelationsServerTransport struct { + srv *BookmarkRelationsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.BookmarkRelationsClientListResponse]] +} + +// Do implements the policy.Transporter interface for BookmarkRelationsServerTransport. +func (b *BookmarkRelationsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "BookmarkRelationsClient.CreateOrUpdate": + resp, err = b.dispatchCreateOrUpdate(req) + case "BookmarkRelationsClient.Delete": + resp, err = b.dispatchDelete(req) + case "BookmarkRelationsClient.Get": + resp, err = b.dispatchGet(req) + case "BookmarkRelationsClient.NewListPager": + resp, err = b.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (b *BookmarkRelationsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if b.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/bookmarks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.Relation](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + bookmarkIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("bookmarkId")]) + if err != nil { + return nil, err + } + relationNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("relationName")]) + if err != nil { + return nil, err + } + respr, errRespr := b.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, bookmarkIDParam, relationNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Relation, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (b *BookmarkRelationsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if b.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/bookmarks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + bookmarkIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("bookmarkId")]) + if err != nil { + return nil, err + } + relationNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("relationName")]) + if err != nil { + return nil, err + } + respr, errRespr := b.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, bookmarkIDParam, relationNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (b *BookmarkRelationsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if b.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/bookmarks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + bookmarkIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("bookmarkId")]) + if err != nil { + return nil, err + } + relationNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("relationName")]) + if err != nil { + return nil, err + } + respr, errRespr := b.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, bookmarkIDParam, relationNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Relation, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (b *BookmarkRelationsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if b.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := b.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/bookmarks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + bookmarkIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("bookmarkId")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.BookmarkRelationsClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.BookmarkRelationsClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := b.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, bookmarkIDParam, options) + newListPager = &resp + b.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.BookmarkRelationsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + b.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + b.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarks_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarks_server.go index 0b17baeecfe4..49c724fbd577 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarks_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/bookmarks_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackage_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackage_server.go new file mode 100644 index 000000000000..fc9ee084fa16 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackage_server.go @@ -0,0 +1,151 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ContentPackageServer is a fake server for instances of the armsecurityinsights.ContentPackageClient type. +type ContentPackageServer struct { + // Install is the fake for method ContentPackageClient.Install + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + Install func(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, packageInstallationProperties armsecurityinsights.PackageModel, options *armsecurityinsights.ContentPackageClientInstallOptions) (resp azfake.Responder[armsecurityinsights.ContentPackageClientInstallResponse], errResp azfake.ErrorResponder) + + // Uninstall is the fake for method ContentPackageClient.Uninstall + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Uninstall func(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *armsecurityinsights.ContentPackageClientUninstallOptions) (resp azfake.Responder[armsecurityinsights.ContentPackageClientUninstallResponse], errResp azfake.ErrorResponder) +} + +// NewContentPackageServerTransport creates a new instance of ContentPackageServerTransport with the provided implementation. +// The returned ContentPackageServerTransport instance is connected to an instance of armsecurityinsights.ContentPackageClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewContentPackageServerTransport(srv *ContentPackageServer) *ContentPackageServerTransport { + return &ContentPackageServerTransport{srv: srv} +} + +// ContentPackageServerTransport connects instances of armsecurityinsights.ContentPackageClient to instances of ContentPackageServer. +// Don't use this type directly, use NewContentPackageServerTransport instead. +type ContentPackageServerTransport struct { + srv *ContentPackageServer +} + +// Do implements the policy.Transporter interface for ContentPackageServerTransport. +func (c *ContentPackageServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ContentPackageClient.Install": + resp, err = c.dispatchInstall(req) + case "ContentPackageClient.Uninstall": + resp, err = c.dispatchUninstall(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (c *ContentPackageServerTransport) dispatchInstall(req *http.Request) (*http.Response, error) { + if c.srv.Install == nil { + return nil, &nonRetriableError{errors.New("fake for method Install not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentPackages/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.PackageModel](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + packageIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("packageId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Install(req.Context(), resourceGroupNameParam, workspaceNameParam, packageIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).PackageModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (c *ContentPackageServerTransport) dispatchUninstall(req *http.Request) (*http.Response, error) { + if c.srv.Uninstall == nil { + return nil, &nonRetriableError{errors.New("fake for method Uninstall not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentPackages/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + packageIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("packageId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Uninstall(req.Context(), resourceGroupNameParam, workspaceNameParam, packageIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackages_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackages_server.go new file mode 100644 index 000000000000..87450b812f70 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contentpackages_server.go @@ -0,0 +1,226 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// ContentPackagesServer is a fake server for instances of the armsecurityinsights.ContentPackagesClient type. +type ContentPackagesServer struct { + // Get is the fake for method ContentPackagesClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *armsecurityinsights.ContentPackagesClientGetOptions) (resp azfake.Responder[armsecurityinsights.ContentPackagesClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method ContentPackagesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.ContentPackagesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.ContentPackagesClientListResponse]) +} + +// NewContentPackagesServerTransport creates a new instance of ContentPackagesServerTransport with the provided implementation. +// The returned ContentPackagesServerTransport instance is connected to an instance of armsecurityinsights.ContentPackagesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewContentPackagesServerTransport(srv *ContentPackagesServer) *ContentPackagesServerTransport { + return &ContentPackagesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.ContentPackagesClientListResponse]](), + } +} + +// ContentPackagesServerTransport connects instances of armsecurityinsights.ContentPackagesClient to instances of ContentPackagesServer. +// Don't use this type directly, use NewContentPackagesServerTransport instead. +type ContentPackagesServerTransport struct { + srv *ContentPackagesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.ContentPackagesClientListResponse]] +} + +// Do implements the policy.Transporter interface for ContentPackagesServerTransport. +func (c *ContentPackagesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ContentPackagesClient.Get": + resp, err = c.dispatchGet(req) + case "ContentPackagesClient.NewListPager": + resp, err = c.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (c *ContentPackagesServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if c.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentPackages/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + packageIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("packageId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, packageIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).PackageModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (c *ContentPackagesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if c.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := c.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentPackages` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + searchUnescaped, err := url.QueryUnescape(qp.Get("$search")) + if err != nil { + return nil, err + } + searchParam := getOptional(searchUnescaped) + countUnescaped, err := url.QueryUnescape(qp.Get("$count")) + if err != nil { + return nil, err + } + countParam, err := parseOptional(countUnescaped, strconv.ParseBool) + if err != nil { + return nil, err + } + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipUnescaped, err := url.QueryUnescape(qp.Get("$skip")) + if err != nil { + return nil, err + } + skipParam, err := parseOptional(skipUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.ContentPackagesClientListOptions + if filterParam != nil || orderbyParam != nil || searchParam != nil || countParam != nil || topParam != nil || skipParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.ContentPackagesClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Search: searchParam, + Count: countParam, + Top: topParam, + Skip: skipParam, + SkipToken: skipTokenParam, + } + } + resp := c.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + c.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.ContentPackagesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + c.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + c.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplate_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplate_server.go new file mode 100644 index 000000000000..3a5814b5bc1f --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplate_server.go @@ -0,0 +1,194 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ContentTemplateServer is a fake server for instances of the armsecurityinsights.ContentTemplateClient type. +type ContentTemplateServer struct { + // Delete is the fake for method ContentTemplateClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *armsecurityinsights.ContentTemplateClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.ContentTemplateClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method ContentTemplateClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *armsecurityinsights.ContentTemplateClientGetOptions) (resp azfake.Responder[armsecurityinsights.ContentTemplateClientGetResponse], errResp azfake.ErrorResponder) + + // Install is the fake for method ContentTemplateClient.Install + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + Install func(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, templateInstallationProperties armsecurityinsights.TemplateModel, options *armsecurityinsights.ContentTemplateClientInstallOptions) (resp azfake.Responder[armsecurityinsights.ContentTemplateClientInstallResponse], errResp azfake.ErrorResponder) +} + +// NewContentTemplateServerTransport creates a new instance of ContentTemplateServerTransport with the provided implementation. +// The returned ContentTemplateServerTransport instance is connected to an instance of armsecurityinsights.ContentTemplateClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewContentTemplateServerTransport(srv *ContentTemplateServer) *ContentTemplateServerTransport { + return &ContentTemplateServerTransport{srv: srv} +} + +// ContentTemplateServerTransport connects instances of armsecurityinsights.ContentTemplateClient to instances of ContentTemplateServer. +// Don't use this type directly, use NewContentTemplateServerTransport instead. +type ContentTemplateServerTransport struct { + srv *ContentTemplateServer +} + +// Do implements the policy.Transporter interface for ContentTemplateServerTransport. +func (c *ContentTemplateServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ContentTemplateClient.Delete": + resp, err = c.dispatchDelete(req) + case "ContentTemplateClient.Get": + resp, err = c.dispatchGet(req) + case "ContentTemplateClient.Install": + resp, err = c.dispatchInstall(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (c *ContentTemplateServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if c.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentTemplates/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + templateIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("templateId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, templateIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (c *ContentTemplateServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if c.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentTemplates/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + templateIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("templateId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, templateIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).TemplateModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (c *ContentTemplateServerTransport) dispatchInstall(req *http.Request) (*http.Response, error) { + if c.srv.Install == nil { + return nil, &nonRetriableError{errors.New("fake for method Install not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentTemplates/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.TemplateModel](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + templateIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("templateId")]) + if err != nil { + return nil, err + } + respr, errRespr := c.srv.Install(req.Context(), resourceGroupNameParam, workspaceNameParam, templateIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).TemplateModel, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplates_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplates_server.go new file mode 100644 index 000000000000..14effa38e018 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/contenttemplates_server.go @@ -0,0 +1,188 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// ContentTemplatesServer is a fake server for instances of the armsecurityinsights.ContentTemplatesClient type. +type ContentTemplatesServer struct { + // NewListPager is the fake for method ContentTemplatesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.ContentTemplatesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.ContentTemplatesClientListResponse]) +} + +// NewContentTemplatesServerTransport creates a new instance of ContentTemplatesServerTransport with the provided implementation. +// The returned ContentTemplatesServerTransport instance is connected to an instance of armsecurityinsights.ContentTemplatesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewContentTemplatesServerTransport(srv *ContentTemplatesServer) *ContentTemplatesServerTransport { + return &ContentTemplatesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.ContentTemplatesClientListResponse]](), + } +} + +// ContentTemplatesServerTransport connects instances of armsecurityinsights.ContentTemplatesClient to instances of ContentTemplatesServer. +// Don't use this type directly, use NewContentTemplatesServerTransport instead. +type ContentTemplatesServerTransport struct { + srv *ContentTemplatesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.ContentTemplatesClientListResponse]] +} + +// Do implements the policy.Transporter interface for ContentTemplatesServerTransport. +func (c *ContentTemplatesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ContentTemplatesClient.NewListPager": + resp, err = c.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (c *ContentTemplatesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if c.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := c.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentTemplates` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + expandUnescaped, err := url.QueryUnescape(qp.Get("$expand")) + if err != nil { + return nil, err + } + expandParam := getOptional(expandUnescaped) + searchUnescaped, err := url.QueryUnescape(qp.Get("$search")) + if err != nil { + return nil, err + } + searchParam := getOptional(searchUnescaped) + countUnescaped, err := url.QueryUnescape(qp.Get("$count")) + if err != nil { + return nil, err + } + countParam, err := parseOptional(countUnescaped, strconv.ParseBool) + if err != nil { + return nil, err + } + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipUnescaped, err := url.QueryUnescape(qp.Get("$skip")) + if err != nil { + return nil, err + } + skipParam, err := parseOptional(skipUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.ContentTemplatesClientListOptions + if filterParam != nil || orderbyParam != nil || expandParam != nil || searchParam != nil || countParam != nil || topParam != nil || skipParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.ContentTemplatesClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Expand: expandParam, + Search: searchParam, + Count: countParam, + Top: topParam, + Skip: skipParam, + SkipToken: skipTokenParam, + } + } + resp := c.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + c.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.ContentTemplatesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + c.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + c.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectordefinitions_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectordefinitions_server.go new file mode 100644 index 000000000000..ae645ae365a7 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectordefinitions_server.go @@ -0,0 +1,250 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// DataConnectorDefinitionsServer is a fake server for instances of the armsecurityinsights.DataConnectorDefinitionsClient type. +type DataConnectorDefinitionsServer struct { + // CreateOrUpdate is the fake for method DataConnectorDefinitionsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, connectorDefinitionInput armsecurityinsights.DataConnectorDefinitionClassification, options *armsecurityinsights.DataConnectorDefinitionsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorDefinitionsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method DataConnectorDefinitionsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, options *armsecurityinsights.DataConnectorDefinitionsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorDefinitionsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method DataConnectorDefinitionsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorDefinitionName string, options *armsecurityinsights.DataConnectorDefinitionsClientGetOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorDefinitionsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method DataConnectorDefinitionsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.DataConnectorDefinitionsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.DataConnectorDefinitionsClientListResponse]) +} + +// NewDataConnectorDefinitionsServerTransport creates a new instance of DataConnectorDefinitionsServerTransport with the provided implementation. +// The returned DataConnectorDefinitionsServerTransport instance is connected to an instance of armsecurityinsights.DataConnectorDefinitionsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewDataConnectorDefinitionsServerTransport(srv *DataConnectorDefinitionsServer) *DataConnectorDefinitionsServerTransport { + return &DataConnectorDefinitionsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.DataConnectorDefinitionsClientListResponse]](), + } +} + +// DataConnectorDefinitionsServerTransport connects instances of armsecurityinsights.DataConnectorDefinitionsClient to instances of DataConnectorDefinitionsServer. +// Don't use this type directly, use NewDataConnectorDefinitionsServerTransport instead. +type DataConnectorDefinitionsServerTransport struct { + srv *DataConnectorDefinitionsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.DataConnectorDefinitionsClientListResponse]] +} + +// Do implements the policy.Transporter interface for DataConnectorDefinitionsServerTransport. +func (d *DataConnectorDefinitionsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "DataConnectorDefinitionsClient.CreateOrUpdate": + resp, err = d.dispatchCreateOrUpdate(req) + case "DataConnectorDefinitionsClient.Delete": + resp, err = d.dispatchDelete(req) + case "DataConnectorDefinitionsClient.Get": + resp, err = d.dispatchGet(req) + case "DataConnectorDefinitionsClient.NewListPager": + resp, err = d.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (d *DataConnectorDefinitionsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if d.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectorDefinitions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + raw, err := readRequestBody(req) + if err != nil { + return nil, err + } + body, err := unmarshalDataConnectorDefinitionClassification(raw) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + dataConnectorDefinitionNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("dataConnectorDefinitionName")]) + if err != nil { + return nil, err + } + respr, errRespr := d.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, dataConnectorDefinitionNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).DataConnectorDefinitionClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (d *DataConnectorDefinitionsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if d.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectorDefinitions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + dataConnectorDefinitionNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("dataConnectorDefinitionName")]) + if err != nil { + return nil, err + } + respr, errRespr := d.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, dataConnectorDefinitionNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (d *DataConnectorDefinitionsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if d.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectorDefinitions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + dataConnectorDefinitionNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("dataConnectorDefinitionName")]) + if err != nil { + return nil, err + } + respr, errRespr := d.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, dataConnectorDefinitionNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).DataConnectorDefinitionClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (d *DataConnectorDefinitionsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if d.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := d.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectorDefinitions` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := d.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + d.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.DataConnectorDefinitionsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + d.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + d.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectors_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectors_server.go index e6be4641b53b..920432830b0c 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectors_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectors_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" @@ -24,6 +24,10 @@ import ( // DataConnectorsServer is a fake server for instances of the armsecurityinsights.DataConnectorsClient type. type DataConnectorsServer struct { + // Connect is the fake for method DataConnectorsClient.Connect + // HTTP status codes to indicate success: http.StatusOK + Connect func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, connectBody armsecurityinsights.DataConnectorConnectBody, options *armsecurityinsights.DataConnectorsClientConnectOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorsClientConnectResponse], errResp azfake.ErrorResponder) + // CreateOrUpdate is the fake for method DataConnectorsClient.CreateOrUpdate // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector armsecurityinsights.DataConnectorClassification, options *armsecurityinsights.DataConnectorsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) @@ -32,6 +36,10 @@ type DataConnectorsServer struct { // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent Delete func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, options *armsecurityinsights.DataConnectorsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorsClientDeleteResponse], errResp azfake.ErrorResponder) + // Disconnect is the fake for method DataConnectorsClient.Disconnect + // HTTP status codes to indicate success: http.StatusOK + Disconnect func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, options *armsecurityinsights.DataConnectorsClientDisconnectOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorsClientDisconnectResponse], errResp azfake.ErrorResponder) + // Get is the fake for method DataConnectorsClient.Get // HTTP status codes to indicate success: http.StatusOK Get func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, options *armsecurityinsights.DataConnectorsClientGetOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorsClientGetResponse], errResp azfake.ErrorResponder) @@ -70,10 +78,14 @@ func (d *DataConnectorsServerTransport) Do(req *http.Request) (*http.Response, e var err error switch method { + case "DataConnectorsClient.Connect": + resp, err = d.dispatchConnect(req) case "DataConnectorsClient.CreateOrUpdate": resp, err = d.dispatchCreateOrUpdate(req) case "DataConnectorsClient.Delete": resp, err = d.dispatchDelete(req) + case "DataConnectorsClient.Disconnect": + resp, err = d.dispatchDisconnect(req) case "DataConnectorsClient.Get": resp, err = d.dispatchGet(req) case "DataConnectorsClient.NewListPager": @@ -89,6 +101,47 @@ func (d *DataConnectorsServerTransport) Do(req *http.Request) (*http.Response, e return resp, nil } +func (d *DataConnectorsServerTransport) dispatchConnect(req *http.Request) (*http.Response, error) { + if d.srv.Connect == nil { + return nil, &nonRetriableError{errors.New("fake for method Connect not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectors/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/connect` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.DataConnectorConnectBody](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + dataConnectorIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("dataConnectorId")]) + if err != nil { + return nil, err + } + respr, errRespr := d.srv.Connect(req.Context(), resourceGroupNameParam, workspaceNameParam, dataConnectorIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + func (d *DataConnectorsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { if d.srv.CreateOrUpdate == nil { return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} @@ -171,6 +224,43 @@ func (d *DataConnectorsServerTransport) dispatchDelete(req *http.Request) (*http return resp, nil } +func (d *DataConnectorsServerTransport) dispatchDisconnect(req *http.Request) (*http.Response, error) { + if d.srv.Disconnect == nil { + return nil, &nonRetriableError{errors.New("fake for method Disconnect not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectors/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/disconnect` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + dataConnectorIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("dataConnectorId")]) + if err != nil { + return nil, err + } + respr, errRespr := d.srv.Disconnect(req.Context(), resourceGroupNameParam, workspaceNameParam, dataConnectorIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + func (d *DataConnectorsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { if d.srv.Get == nil { return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectorscheckrequirements_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectorscheckrequirements_server.go new file mode 100644 index 000000000000..1874731e603f --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/dataconnectorscheckrequirements_server.go @@ -0,0 +1,108 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// DataConnectorsCheckRequirementsServer is a fake server for instances of the armsecurityinsights.DataConnectorsCheckRequirementsClient type. +type DataConnectorsCheckRequirementsServer struct { + // Post is the fake for method DataConnectorsCheckRequirementsClient.Post + // HTTP status codes to indicate success: http.StatusOK + Post func(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorsCheckRequirements armsecurityinsights.DataConnectorsCheckRequirementsClassification, options *armsecurityinsights.DataConnectorsCheckRequirementsClientPostOptions) (resp azfake.Responder[armsecurityinsights.DataConnectorsCheckRequirementsClientPostResponse], errResp azfake.ErrorResponder) +} + +// NewDataConnectorsCheckRequirementsServerTransport creates a new instance of DataConnectorsCheckRequirementsServerTransport with the provided implementation. +// The returned DataConnectorsCheckRequirementsServerTransport instance is connected to an instance of armsecurityinsights.DataConnectorsCheckRequirementsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewDataConnectorsCheckRequirementsServerTransport(srv *DataConnectorsCheckRequirementsServer) *DataConnectorsCheckRequirementsServerTransport { + return &DataConnectorsCheckRequirementsServerTransport{srv: srv} +} + +// DataConnectorsCheckRequirementsServerTransport connects instances of armsecurityinsights.DataConnectorsCheckRequirementsClient to instances of DataConnectorsCheckRequirementsServer. +// Don't use this type directly, use NewDataConnectorsCheckRequirementsServerTransport instead. +type DataConnectorsCheckRequirementsServerTransport struct { + srv *DataConnectorsCheckRequirementsServer +} + +// Do implements the policy.Transporter interface for DataConnectorsCheckRequirementsServerTransport. +func (d *DataConnectorsCheckRequirementsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "DataConnectorsCheckRequirementsClient.Post": + resp, err = d.dispatchPost(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (d *DataConnectorsCheckRequirementsServerTransport) dispatchPost(req *http.Request) (*http.Response, error) { + if d.srv.Post == nil { + return nil, &nonRetriableError{errors.New("fake for method Post not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/dataConnectorsCheckRequirements` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + raw, err := readRequestBody(req) + if err != nil { + return nil, err + } + body, err := unmarshalDataConnectorsCheckRequirementsClassification(raw) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + respr, errRespr := d.srv.Post(req.Context(), resourceGroupNameParam, workspaceNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).DataConnectorRequirementsState, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/date_type.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/date_type.go new file mode 100644 index 000000000000..6a8d61c6788c --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/date_type.go @@ -0,0 +1,58 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "encoding/json" + "fmt" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "reflect" + "time" +) + +const ( + fullDateJSON = `"2006-01-02"` + jsonFormat = `"%04d-%02d-%02d"` +) + +type dateType time.Time + +func (t dateType) MarshalJSON() ([]byte, error) { + return []byte(fmt.Sprintf(jsonFormat, time.Time(t).Year(), time.Time(t).Month(), time.Time(t).Day())), nil +} + +func (d *dateType) UnmarshalJSON(data []byte) (err error) { + t, err := time.Parse(fullDateJSON, string(data)) + *d = (dateType)(t) + return err +} + +func populateDateType(m map[string]any, k string, t *time.Time) { + if t == nil { + return + } else if azcore.IsNullValue(t) { + m[k] = nil + return + } else if reflect.ValueOf(t).IsNil() { + return + } + m[k] = (*dateType)(t) +} + +func unpopulateDateType(data json.RawMessage, fn string, t **time.Time) error { + if data == nil || string(data) == "null" { + return nil + } + var aux dateType + if err := json.Unmarshal(data, &aux); err != nil { + return fmt.Errorf("struct field %s: %v", fn, err) + } + *t = (*time.Time)(&aux) + return nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/domainwhois_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/domainwhois_server.go new file mode 100644 index 000000000000..eadbede0efd2 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/domainwhois_server.go @@ -0,0 +1,101 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// DomainWhoisServer is a fake server for instances of the armsecurityinsights.DomainWhoisClient type. +type DomainWhoisServer struct { + // Get is the fake for method DomainWhoisClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, domain string, options *armsecurityinsights.DomainWhoisClientGetOptions) (resp azfake.Responder[armsecurityinsights.DomainWhoisClientGetResponse], errResp azfake.ErrorResponder) +} + +// NewDomainWhoisServerTransport creates a new instance of DomainWhoisServerTransport with the provided implementation. +// The returned DomainWhoisServerTransport instance is connected to an instance of armsecurityinsights.DomainWhoisClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewDomainWhoisServerTransport(srv *DomainWhoisServer) *DomainWhoisServerTransport { + return &DomainWhoisServerTransport{srv: srv} +} + +// DomainWhoisServerTransport connects instances of armsecurityinsights.DomainWhoisClient to instances of DomainWhoisServer. +// Don't use this type directly, use NewDomainWhoisServerTransport instead. +type DomainWhoisServerTransport struct { + srv *DomainWhoisServer +} + +// Do implements the policy.Transporter interface for DomainWhoisServerTransport. +func (d *DomainWhoisServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "DomainWhoisClient.Get": + resp, err = d.dispatchGet(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (d *DomainWhoisServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if d.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/enrichment/domain/whois/` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 2 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + domainParam, err := url.QueryUnescape(qp.Get("domain")) + if err != nil { + return nil, err + } + respr, errRespr := d.srv.Get(req.Context(), resourceGroupNameParam, domainParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EnrichmentDomainWhois, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entities_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entities_server.go new file mode 100644 index 000000000000..c8d3f61cfc26 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entities_server.go @@ -0,0 +1,358 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "reflect" + "regexp" +) + +// EntitiesServer is a fake server for instances of the armsecurityinsights.EntitiesClient type. +type EntitiesServer struct { + // Expand is the fake for method EntitiesClient.Expand + // HTTP status codes to indicate success: http.StatusOK + Expand func(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters armsecurityinsights.EntityExpandParameters, options *armsecurityinsights.EntitiesClientExpandOptions) (resp azfake.Responder[armsecurityinsights.EntitiesClientExpandResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method EntitiesClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, options *armsecurityinsights.EntitiesClientGetOptions) (resp azfake.Responder[armsecurityinsights.EntitiesClientGetResponse], errResp azfake.ErrorResponder) + + // GetInsights is the fake for method EntitiesClient.GetInsights + // HTTP status codes to indicate success: http.StatusOK + GetInsights func(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters armsecurityinsights.EntityGetInsightsParameters, options *armsecurityinsights.EntitiesClientGetInsightsOptions) (resp azfake.Responder[armsecurityinsights.EntitiesClientGetInsightsResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method EntitiesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.EntitiesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.EntitiesClientListResponse]) + + // Queries is the fake for method EntitiesClient.Queries + // HTTP status codes to indicate success: http.StatusOK + Queries func(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, kind armsecurityinsights.EntityItemQueryKind, options *armsecurityinsights.EntitiesClientQueriesOptions) (resp azfake.Responder[armsecurityinsights.EntitiesClientQueriesResponse], errResp azfake.ErrorResponder) + + // RunPlaybook is the fake for method EntitiesClient.RunPlaybook + // HTTP status codes to indicate success: http.StatusNoContent + RunPlaybook func(ctx context.Context, resourceGroupName string, workspaceName string, entityIdentifier string, options *armsecurityinsights.EntitiesClientRunPlaybookOptions) (resp azfake.Responder[armsecurityinsights.EntitiesClientRunPlaybookResponse], errResp azfake.ErrorResponder) +} + +// NewEntitiesServerTransport creates a new instance of EntitiesServerTransport with the provided implementation. +// The returned EntitiesServerTransport instance is connected to an instance of armsecurityinsights.EntitiesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewEntitiesServerTransport(srv *EntitiesServer) *EntitiesServerTransport { + return &EntitiesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.EntitiesClientListResponse]](), + } +} + +// EntitiesServerTransport connects instances of armsecurityinsights.EntitiesClient to instances of EntitiesServer. +// Don't use this type directly, use NewEntitiesServerTransport instead. +type EntitiesServerTransport struct { + srv *EntitiesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.EntitiesClientListResponse]] +} + +// Do implements the policy.Transporter interface for EntitiesServerTransport. +func (e *EntitiesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "EntitiesClient.Expand": + resp, err = e.dispatchExpand(req) + case "EntitiesClient.Get": + resp, err = e.dispatchGet(req) + case "EntitiesClient.GetInsights": + resp, err = e.dispatchGetInsights(req) + case "EntitiesClient.NewListPager": + resp, err = e.dispatchNewListPager(req) + case "EntitiesClient.Queries": + resp, err = e.dispatchQueries(req) + case "EntitiesClient.RunPlaybook": + resp, err = e.dispatchRunPlaybook(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (e *EntitiesServerTransport) dispatchExpand(req *http.Request) (*http.Response, error) { + if e.srv.Expand == nil { + return nil, &nonRetriableError{errors.New("fake for method Expand not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/expand` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.EntityExpandParameters](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityId")]) + if err != nil { + return nil, err + } + respr, errRespr := e.srv.Expand(req.Context(), resourceGroupNameParam, workspaceNameParam, entityIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EntityExpandResponse, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (e *EntitiesServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if e.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityId")]) + if err != nil { + return nil, err + } + respr, errRespr := e.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, entityIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EntityClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (e *EntitiesServerTransport) dispatchGetInsights(req *http.Request) (*http.Response, error) { + if e.srv.GetInsights == nil { + return nil, &nonRetriableError{errors.New("fake for method GetInsights not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/getInsights` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.EntityGetInsightsParameters](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityId")]) + if err != nil { + return nil, err + } + respr, errRespr := e.srv.GetInsights(req.Context(), resourceGroupNameParam, workspaceNameParam, entityIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EntityGetInsightsResponse, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (e *EntitiesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if e.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := e.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := e.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + e.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.EntitiesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + e.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + e.newListPager.remove(req) + } + return resp, nil +} + +func (e *EntitiesServerTransport) dispatchQueries(req *http.Request) (*http.Response, error) { + if e.srv.Queries == nil { + return nil, &nonRetriableError{errors.New("fake for method Queries not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/queries` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityId")]) + if err != nil { + return nil, err + } + kindParam, err := parseWithCast(qp.Get("kind"), func(v string) (armsecurityinsights.EntityItemQueryKind, error) { + p, unescapeErr := url.QueryUnescape(v) + if unescapeErr != nil { + return "", unescapeErr + } + return armsecurityinsights.EntityItemQueryKind(p), nil + }) + if err != nil { + return nil, err + } + respr, errRespr := e.srv.Queries(req.Context(), resourceGroupNameParam, workspaceNameParam, entityIDParam, kindParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).GetQueriesResponse, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (e *EntitiesServerTransport) dispatchRunPlaybook(req *http.Request) (*http.Response, error) { + if e.srv.RunPlaybook == nil { + return nil, &nonRetriableError{errors.New("fake for method RunPlaybook not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/runPlaybook` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.EntityManualTriggerRequestBody](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityIdentifierParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityIdentifier")]) + if err != nil { + return nil, err + } + var options *armsecurityinsights.EntitiesClientRunPlaybookOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.EntitiesClientRunPlaybookOptions{ + RequestBody: &body, + } + } + respr, errRespr := e.srv.RunPlaybook(req.Context(), resourceGroupNameParam, workspaceNameParam, entityIdentifierParam, options) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesgettimeline_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesgettimeline_server.go new file mode 100644 index 000000000000..8a1ebde044b4 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesgettimeline_server.go @@ -0,0 +1,108 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// EntitiesGetTimelineServer is a fake server for instances of the armsecurityinsights.EntitiesGetTimelineClient type. +type EntitiesGetTimelineServer struct { + // List is the fake for method EntitiesGetTimelineClient.List + // HTTP status codes to indicate success: http.StatusOK + List func(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters armsecurityinsights.EntityTimelineParameters, options *armsecurityinsights.EntitiesGetTimelineClientListOptions) (resp azfake.Responder[armsecurityinsights.EntitiesGetTimelineClientListResponse], errResp azfake.ErrorResponder) +} + +// NewEntitiesGetTimelineServerTransport creates a new instance of EntitiesGetTimelineServerTransport with the provided implementation. +// The returned EntitiesGetTimelineServerTransport instance is connected to an instance of armsecurityinsights.EntitiesGetTimelineClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewEntitiesGetTimelineServerTransport(srv *EntitiesGetTimelineServer) *EntitiesGetTimelineServerTransport { + return &EntitiesGetTimelineServerTransport{srv: srv} +} + +// EntitiesGetTimelineServerTransport connects instances of armsecurityinsights.EntitiesGetTimelineClient to instances of EntitiesGetTimelineServer. +// Don't use this type directly, use NewEntitiesGetTimelineServerTransport instead. +type EntitiesGetTimelineServerTransport struct { + srv *EntitiesGetTimelineServer +} + +// Do implements the policy.Transporter interface for EntitiesGetTimelineServerTransport. +func (e *EntitiesGetTimelineServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "EntitiesGetTimelineClient.List": + resp, err = e.dispatchList(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (e *EntitiesGetTimelineServerTransport) dispatchList(req *http.Request) (*http.Response, error) { + if e.srv.List == nil { + return nil, &nonRetriableError{errors.New("fake for method List not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/getTimeline` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.EntityTimelineParameters](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityId")]) + if err != nil { + return nil, err + } + respr, errRespr := e.srv.List(req.Context(), resourceGroupNameParam, workspaceNameParam, entityIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EntityTimelineResponse, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesrelations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesrelations_server.go new file mode 100644 index 000000000000..ee3b5d06a027 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entitiesrelations_server.go @@ -0,0 +1,156 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// EntitiesRelationsServer is a fake server for instances of the armsecurityinsights.EntitiesRelationsClient type. +type EntitiesRelationsServer struct { + // NewListPager is the fake for method EntitiesRelationsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, entityID string, options *armsecurityinsights.EntitiesRelationsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.EntitiesRelationsClientListResponse]) +} + +// NewEntitiesRelationsServerTransport creates a new instance of EntitiesRelationsServerTransport with the provided implementation. +// The returned EntitiesRelationsServerTransport instance is connected to an instance of armsecurityinsights.EntitiesRelationsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewEntitiesRelationsServerTransport(srv *EntitiesRelationsServer) *EntitiesRelationsServerTransport { + return &EntitiesRelationsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.EntitiesRelationsClientListResponse]](), + } +} + +// EntitiesRelationsServerTransport connects instances of armsecurityinsights.EntitiesRelationsClient to instances of EntitiesRelationsServer. +// Don't use this type directly, use NewEntitiesRelationsServerTransport instead. +type EntitiesRelationsServerTransport struct { + srv *EntitiesRelationsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.EntitiesRelationsClientListResponse]] +} + +// Do implements the policy.Transporter interface for EntitiesRelationsServerTransport. +func (e *EntitiesRelationsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "EntitiesRelationsClient.NewListPager": + resp, err = e.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (e *EntitiesRelationsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if e.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := e.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityId")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.EntitiesRelationsClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.EntitiesRelationsClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := e.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, entityIDParam, options) + newListPager = &resp + e.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.EntitiesRelationsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + e.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + e.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityqueries_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityqueries_server.go new file mode 100644 index 000000000000..e18c4d28dcf2 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityqueries_server.go @@ -0,0 +1,262 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// EntityQueriesServer is a fake server for instances of the armsecurityinsights.EntityQueriesClient type. +type EntityQueriesServer struct { + // CreateOrUpdate is the fake for method EntityQueriesClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, entityQuery armsecurityinsights.CustomEntityQueryClassification, options *armsecurityinsights.EntityQueriesClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.EntityQueriesClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method EntityQueriesClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, options *armsecurityinsights.EntityQueriesClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.EntityQueriesClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method EntityQueriesClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, options *armsecurityinsights.EntityQueriesClientGetOptions) (resp azfake.Responder[armsecurityinsights.EntityQueriesClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method EntityQueriesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.EntityQueriesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.EntityQueriesClientListResponse]) +} + +// NewEntityQueriesServerTransport creates a new instance of EntityQueriesServerTransport with the provided implementation. +// The returned EntityQueriesServerTransport instance is connected to an instance of armsecurityinsights.EntityQueriesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewEntityQueriesServerTransport(srv *EntityQueriesServer) *EntityQueriesServerTransport { + return &EntityQueriesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.EntityQueriesClientListResponse]](), + } +} + +// EntityQueriesServerTransport connects instances of armsecurityinsights.EntityQueriesClient to instances of EntityQueriesServer. +// Don't use this type directly, use NewEntityQueriesServerTransport instead. +type EntityQueriesServerTransport struct { + srv *EntityQueriesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.EntityQueriesClientListResponse]] +} + +// Do implements the policy.Transporter interface for EntityQueriesServerTransport. +func (e *EntityQueriesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "EntityQueriesClient.CreateOrUpdate": + resp, err = e.dispatchCreateOrUpdate(req) + case "EntityQueriesClient.Delete": + resp, err = e.dispatchDelete(req) + case "EntityQueriesClient.Get": + resp, err = e.dispatchGet(req) + case "EntityQueriesClient.NewListPager": + resp, err = e.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (e *EntityQueriesServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if e.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entityQueries/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + raw, err := readRequestBody(req) + if err != nil { + return nil, err + } + body, err := unmarshalCustomEntityQueryClassification(raw) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityQueryIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityQueryId")]) + if err != nil { + return nil, err + } + respr, errRespr := e.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, entityQueryIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EntityQueryClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (e *EntityQueriesServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if e.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entityQueries/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityQueryIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityQueryId")]) + if err != nil { + return nil, err + } + respr, errRespr := e.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, entityQueryIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (e *EntityQueriesServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if e.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entityQueries/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityQueryIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityQueryId")]) + if err != nil { + return nil, err + } + respr, errRespr := e.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, entityQueryIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EntityQueryClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (e *EntityQueriesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if e.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := e.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entityQueries` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + kindUnescaped, err := url.QueryUnescape(qp.Get("kind")) + if err != nil { + return nil, err + } + kindParam := getOptional(armsecurityinsights.Enum21(kindUnescaped)) + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + var options *armsecurityinsights.EntityQueriesClientListOptions + if kindParam != nil { + options = &armsecurityinsights.EntityQueriesClientListOptions{ + Kind: kindParam, + } + } + resp := e.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + e.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.EntityQueriesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + e.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + e.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityquerytemplates_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityquerytemplates_server.go new file mode 100644 index 000000000000..2441717a55a3 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityquerytemplates_server.go @@ -0,0 +1,168 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// EntityQueryTemplatesServer is a fake server for instances of the armsecurityinsights.EntityQueryTemplatesClient type. +type EntityQueryTemplatesServer struct { + // Get is the fake for method EntityQueryTemplatesClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryTemplateID string, options *armsecurityinsights.EntityQueryTemplatesClientGetOptions) (resp azfake.Responder[armsecurityinsights.EntityQueryTemplatesClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method EntityQueryTemplatesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.EntityQueryTemplatesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.EntityQueryTemplatesClientListResponse]) +} + +// NewEntityQueryTemplatesServerTransport creates a new instance of EntityQueryTemplatesServerTransport with the provided implementation. +// The returned EntityQueryTemplatesServerTransport instance is connected to an instance of armsecurityinsights.EntityQueryTemplatesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewEntityQueryTemplatesServerTransport(srv *EntityQueryTemplatesServer) *EntityQueryTemplatesServerTransport { + return &EntityQueryTemplatesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.EntityQueryTemplatesClientListResponse]](), + } +} + +// EntityQueryTemplatesServerTransport connects instances of armsecurityinsights.EntityQueryTemplatesClient to instances of EntityQueryTemplatesServer. +// Don't use this type directly, use NewEntityQueryTemplatesServerTransport instead. +type EntityQueryTemplatesServerTransport struct { + srv *EntityQueryTemplatesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.EntityQueryTemplatesClientListResponse]] +} + +// Do implements the policy.Transporter interface for EntityQueryTemplatesServerTransport. +func (e *EntityQueryTemplatesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "EntityQueryTemplatesClient.Get": + resp, err = e.dispatchGet(req) + case "EntityQueryTemplatesClient.NewListPager": + resp, err = e.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (e *EntityQueryTemplatesServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if e.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entityQueryTemplates/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityQueryTemplateIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityQueryTemplateId")]) + if err != nil { + return nil, err + } + respr, errRespr := e.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, entityQueryTemplateIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EntityQueryTemplateClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (e *EntityQueryTemplatesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if e.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := e.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entityQueryTemplates` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + kindUnescaped, err := url.QueryUnescape(qp.Get("kind")) + if err != nil { + return nil, err + } + kindParam := getOptional(armsecurityinsights.Enum23(kindUnescaped)) + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + var options *armsecurityinsights.EntityQueryTemplatesClientListOptions + if kindParam != nil { + options = &armsecurityinsights.EntityQueryTemplatesClientListOptions{ + Kind: kindParam, + } + } + resp := e.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + e.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.EntityQueryTemplatesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + e.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + e.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityrelations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityrelations_server.go new file mode 100644 index 000000000000..07f5d3c8c8a6 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/entityrelations_server.go @@ -0,0 +1,108 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// EntityRelationsServer is a fake server for instances of the armsecurityinsights.EntityRelationsClient type. +type EntityRelationsServer struct { + // GetRelation is the fake for method EntityRelationsClient.GetRelation + // HTTP status codes to indicate success: http.StatusOK + GetRelation func(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, relationName string, options *armsecurityinsights.EntityRelationsClientGetRelationOptions) (resp azfake.Responder[armsecurityinsights.EntityRelationsClientGetRelationResponse], errResp azfake.ErrorResponder) +} + +// NewEntityRelationsServerTransport creates a new instance of EntityRelationsServerTransport with the provided implementation. +// The returned EntityRelationsServerTransport instance is connected to an instance of armsecurityinsights.EntityRelationsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewEntityRelationsServerTransport(srv *EntityRelationsServer) *EntityRelationsServerTransport { + return &EntityRelationsServerTransport{srv: srv} +} + +// EntityRelationsServerTransport connects instances of armsecurityinsights.EntityRelationsClient to instances of EntityRelationsServer. +// Don't use this type directly, use NewEntityRelationsServerTransport instead. +type EntityRelationsServerTransport struct { + srv *EntityRelationsServer +} + +// Do implements the policy.Transporter interface for EntityRelationsServerTransport. +func (e *EntityRelationsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "EntityRelationsClient.GetRelation": + resp, err = e.dispatchGetRelation(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (e *EntityRelationsServerTransport) dispatchGetRelation(req *http.Request) (*http.Response, error) { + if e.srv.GetRelation == nil { + return nil, &nonRetriableError{errors.New("fake for method GetRelation not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/entities/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + entityIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("entityId")]) + if err != nil { + return nil, err + } + relationNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("relationName")]) + if err != nil { + return nil, err + } + respr, errRespr := e.srv.GetRelation(req.Context(), resourceGroupNameParam, workspaceNameParam, entityIDParam, relationNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Relation, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/fileimports_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/fileimports_server.go new file mode 100644 index 000000000000..e60d2229974d --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/fileimports_server.go @@ -0,0 +1,299 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// FileImportsServer is a fake server for instances of the armsecurityinsights.FileImportsClient type. +type FileImportsServer struct { + // Create is the fake for method FileImportsClient.Create + // HTTP status codes to indicate success: http.StatusCreated + Create func(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, fileImport armsecurityinsights.FileImport, options *armsecurityinsights.FileImportsClientCreateOptions) (resp azfake.Responder[armsecurityinsights.FileImportsClientCreateResponse], errResp azfake.ErrorResponder) + + // BeginDelete is the fake for method FileImportsClient.BeginDelete + // HTTP status codes to indicate success: http.StatusAccepted, http.StatusNoContent + BeginDelete func(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *armsecurityinsights.FileImportsClientBeginDeleteOptions) (resp azfake.PollerResponder[armsecurityinsights.FileImportsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method FileImportsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *armsecurityinsights.FileImportsClientGetOptions) (resp azfake.Responder[armsecurityinsights.FileImportsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method FileImportsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.FileImportsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.FileImportsClientListResponse]) +} + +// NewFileImportsServerTransport creates a new instance of FileImportsServerTransport with the provided implementation. +// The returned FileImportsServerTransport instance is connected to an instance of armsecurityinsights.FileImportsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewFileImportsServerTransport(srv *FileImportsServer) *FileImportsServerTransport { + return &FileImportsServerTransport{ + srv: srv, + beginDelete: newTracker[azfake.PollerResponder[armsecurityinsights.FileImportsClientDeleteResponse]](), + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.FileImportsClientListResponse]](), + } +} + +// FileImportsServerTransport connects instances of armsecurityinsights.FileImportsClient to instances of FileImportsServer. +// Don't use this type directly, use NewFileImportsServerTransport instead. +type FileImportsServerTransport struct { + srv *FileImportsServer + beginDelete *tracker[azfake.PollerResponder[armsecurityinsights.FileImportsClientDeleteResponse]] + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.FileImportsClientListResponse]] +} + +// Do implements the policy.Transporter interface for FileImportsServerTransport. +func (f *FileImportsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "FileImportsClient.Create": + resp, err = f.dispatchCreate(req) + case "FileImportsClient.BeginDelete": + resp, err = f.dispatchBeginDelete(req) + case "FileImportsClient.Get": + resp, err = f.dispatchGet(req) + case "FileImportsClient.NewListPager": + resp, err = f.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (f *FileImportsServerTransport) dispatchCreate(req *http.Request) (*http.Response, error) { + if f.srv.Create == nil { + return nil, &nonRetriableError{errors.New("fake for method Create not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/fileImports/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.FileImport](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + fileImportIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("fileImportId")]) + if err != nil { + return nil, err + } + respr, errRespr := f.srv.Create(req.Context(), resourceGroupNameParam, workspaceNameParam, fileImportIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).FileImport, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (f *FileImportsServerTransport) dispatchBeginDelete(req *http.Request) (*http.Response, error) { + if f.srv.BeginDelete == nil { + return nil, &nonRetriableError{errors.New("fake for method BeginDelete not implemented")} + } + beginDelete := f.beginDelete.get(req) + if beginDelete == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/fileImports/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + fileImportIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("fileImportId")]) + if err != nil { + return nil, err + } + respr, errRespr := f.srv.BeginDelete(req.Context(), resourceGroupNameParam, workspaceNameParam, fileImportIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + beginDelete = &respr + f.beginDelete.add(req, beginDelete) + } + + resp, err := server.PollerResponderNext(beginDelete, req) + if err != nil { + return nil, err + } + + if !contains([]int{http.StatusAccepted, http.StatusNoContent}, resp.StatusCode) { + f.beginDelete.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusAccepted, http.StatusNoContent", resp.StatusCode)} + } + if !server.PollerResponderMore(beginDelete) { + f.beginDelete.remove(req) + } + + return resp, nil +} + +func (f *FileImportsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if f.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/fileImports/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + fileImportIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("fileImportId")]) + if err != nil { + return nil, err + } + respr, errRespr := f.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, fileImportIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).FileImport, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (f *FileImportsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if f.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := f.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/fileImports` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.FileImportsClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.FileImportsClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := f.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + f.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.FileImportsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + f.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + f.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/get_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/get_server.go new file mode 100644 index 000000000000..db6fb83b65f7 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/get_server.go @@ -0,0 +1,104 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// GetServer is a fake server for instances of the armsecurityinsights.GetClient type. +type GetServer struct { + // SingleRecommendation is the fake for method GetClient.SingleRecommendation + // HTTP status codes to indicate success: http.StatusOK + SingleRecommendation func(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, options *armsecurityinsights.GetClientSingleRecommendationOptions) (resp azfake.Responder[armsecurityinsights.GetClientSingleRecommendationResponse], errResp azfake.ErrorResponder) +} + +// NewGetServerTransport creates a new instance of GetServerTransport with the provided implementation. +// The returned GetServerTransport instance is connected to an instance of armsecurityinsights.GetClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewGetServerTransport(srv *GetServer) *GetServerTransport { + return &GetServerTransport{srv: srv} +} + +// GetServerTransport connects instances of armsecurityinsights.GetClient to instances of GetServer. +// Don't use this type directly, use NewGetServerTransport instead. +type GetServerTransport struct { + srv *GetServer +} + +// Do implements the policy.Transporter interface for GetServerTransport. +func (g *GetServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "GetClient.SingleRecommendation": + resp, err = g.dispatchSingleRecommendation(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (g *GetServerTransport) dispatchSingleRecommendation(req *http.Request) (*http.Response, error) { + if g.srv.SingleRecommendation == nil { + return nil, &nonRetriableError{errors.New("fake for method SingleRecommendation not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/recommendations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + recommendationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("recommendationId")]) + if err != nil { + return nil, err + } + respr, errRespr := g.srv.SingleRecommendation(req.Context(), resourceGroupNameParam, workspaceNameParam, recommendationIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Recommendation, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/getrecommendations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/getrecommendations_server.go new file mode 100644 index 000000000000..0f84b4127448 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/getrecommendations_server.go @@ -0,0 +1,100 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// GetRecommendationsServer is a fake server for instances of the armsecurityinsights.GetRecommendationsClient type. +type GetRecommendationsServer struct { + // List is the fake for method GetRecommendationsClient.List + // HTTP status codes to indicate success: http.StatusOK + List func(ctx context.Context, resourceGroupName string, workspaceName string, options *armsecurityinsights.GetRecommendationsClientListOptions) (resp azfake.Responder[armsecurityinsights.GetRecommendationsClientListResponse], errResp azfake.ErrorResponder) +} + +// NewGetRecommendationsServerTransport creates a new instance of GetRecommendationsServerTransport with the provided implementation. +// The returned GetRecommendationsServerTransport instance is connected to an instance of armsecurityinsights.GetRecommendationsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewGetRecommendationsServerTransport(srv *GetRecommendationsServer) *GetRecommendationsServerTransport { + return &GetRecommendationsServerTransport{srv: srv} +} + +// GetRecommendationsServerTransport connects instances of armsecurityinsights.GetRecommendationsClient to instances of GetRecommendationsServer. +// Don't use this type directly, use NewGetRecommendationsServerTransport instead. +type GetRecommendationsServerTransport struct { + srv *GetRecommendationsServer +} + +// Do implements the policy.Transporter interface for GetRecommendationsServerTransport. +func (g *GetRecommendationsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "GetRecommendationsClient.List": + resp, err = g.dispatchList(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (g *GetRecommendationsServerTransport) dispatchList(req *http.Request) (*http.Response, error) { + if g.srv.List == nil { + return nil, &nonRetriableError{errors.New("fake for method List not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/recommendations` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + respr, errRespr := g.srv.List(req.Context(), resourceGroupNameParam, workspaceNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).RecommendationList, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/gettriggeredanalyticsruleruns_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/gettriggeredanalyticsruleruns_server.go new file mode 100644 index 000000000000..121d6f61b62e --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/gettriggeredanalyticsruleruns_server.go @@ -0,0 +1,112 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// GetTriggeredAnalyticsRuleRunsServer is a fake server for instances of the armsecurityinsights.GetTriggeredAnalyticsRuleRunsClient type. +type GetTriggeredAnalyticsRuleRunsServer struct { + // NewListPager is the fake for method GetTriggeredAnalyticsRuleRunsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.GetTriggeredAnalyticsRuleRunsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.GetTriggeredAnalyticsRuleRunsClientListResponse]) +} + +// NewGetTriggeredAnalyticsRuleRunsServerTransport creates a new instance of GetTriggeredAnalyticsRuleRunsServerTransport with the provided implementation. +// The returned GetTriggeredAnalyticsRuleRunsServerTransport instance is connected to an instance of armsecurityinsights.GetTriggeredAnalyticsRuleRunsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewGetTriggeredAnalyticsRuleRunsServerTransport(srv *GetTriggeredAnalyticsRuleRunsServer) *GetTriggeredAnalyticsRuleRunsServerTransport { + return &GetTriggeredAnalyticsRuleRunsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.GetTriggeredAnalyticsRuleRunsClientListResponse]](), + } +} + +// GetTriggeredAnalyticsRuleRunsServerTransport connects instances of armsecurityinsights.GetTriggeredAnalyticsRuleRunsClient to instances of GetTriggeredAnalyticsRuleRunsServer. +// Don't use this type directly, use NewGetTriggeredAnalyticsRuleRunsServerTransport instead. +type GetTriggeredAnalyticsRuleRunsServerTransport struct { + srv *GetTriggeredAnalyticsRuleRunsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.GetTriggeredAnalyticsRuleRunsClientListResponse]] +} + +// Do implements the policy.Transporter interface for GetTriggeredAnalyticsRuleRunsServerTransport. +func (g *GetTriggeredAnalyticsRuleRunsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "GetTriggeredAnalyticsRuleRunsClient.NewListPager": + resp, err = g.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (g *GetTriggeredAnalyticsRuleRunsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if g.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := g.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/triggeredAnalyticsRuleRuns` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := g.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + g.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.GetTriggeredAnalyticsRuleRunsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + g.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + g.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntcomments_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntcomments_server.go new file mode 100644 index 000000000000..37fee1f57944 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntcomments_server.go @@ -0,0 +1,302 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// HuntCommentsServer is a fake server for instances of the armsecurityinsights.HuntCommentsClient type. +type HuntCommentsServer struct { + // CreateOrUpdate is the fake for method HuntCommentsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, huntComment armsecurityinsights.HuntComment, options *armsecurityinsights.HuntCommentsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.HuntCommentsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method HuntCommentsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, options *armsecurityinsights.HuntCommentsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.HuntCommentsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method HuntCommentsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, options *armsecurityinsights.HuntCommentsClientGetOptions) (resp azfake.Responder[armsecurityinsights.HuntCommentsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method HuntCommentsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, huntID string, options *armsecurityinsights.HuntCommentsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.HuntCommentsClientListResponse]) +} + +// NewHuntCommentsServerTransport creates a new instance of HuntCommentsServerTransport with the provided implementation. +// The returned HuntCommentsServerTransport instance is connected to an instance of armsecurityinsights.HuntCommentsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewHuntCommentsServerTransport(srv *HuntCommentsServer) *HuntCommentsServerTransport { + return &HuntCommentsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.HuntCommentsClientListResponse]](), + } +} + +// HuntCommentsServerTransport connects instances of armsecurityinsights.HuntCommentsClient to instances of HuntCommentsServer. +// Don't use this type directly, use NewHuntCommentsServerTransport instead. +type HuntCommentsServerTransport struct { + srv *HuntCommentsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.HuntCommentsClientListResponse]] +} + +// Do implements the policy.Transporter interface for HuntCommentsServerTransport. +func (h *HuntCommentsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "HuntCommentsClient.CreateOrUpdate": + resp, err = h.dispatchCreateOrUpdate(req) + case "HuntCommentsClient.Delete": + resp, err = h.dispatchDelete(req) + case "HuntCommentsClient.Get": + resp, err = h.dispatchGet(req) + case "HuntCommentsClient.NewListPager": + resp, err = h.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (h *HuntCommentsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if h.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/comments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.HuntComment](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntCommentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntCommentId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntCommentIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).HuntComment, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntCommentsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if h.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/comments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntCommentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntCommentId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntCommentIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntCommentsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if h.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/comments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntCommentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntCommentId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntCommentIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).HuntComment, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntCommentsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if h.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := h.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/comments` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.HuntCommentsClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.HuntCommentsClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := h.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, huntIDParam, options) + newListPager = &resp + h.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.HuntCommentsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + h.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + h.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntrelations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntrelations_server.go new file mode 100644 index 000000000000..4635024a504d --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/huntrelations_server.go @@ -0,0 +1,302 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// HuntRelationsServer is a fake server for instances of the armsecurityinsights.HuntRelationsClient type. +type HuntRelationsServer struct { + // CreateOrUpdate is the fake for method HuntRelationsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, huntRelation armsecurityinsights.HuntRelation, options *armsecurityinsights.HuntRelationsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.HuntRelationsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method HuntRelationsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, options *armsecurityinsights.HuntRelationsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.HuntRelationsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method HuntRelationsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, options *armsecurityinsights.HuntRelationsClientGetOptions) (resp azfake.Responder[armsecurityinsights.HuntRelationsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method HuntRelationsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, huntID string, options *armsecurityinsights.HuntRelationsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.HuntRelationsClientListResponse]) +} + +// NewHuntRelationsServerTransport creates a new instance of HuntRelationsServerTransport with the provided implementation. +// The returned HuntRelationsServerTransport instance is connected to an instance of armsecurityinsights.HuntRelationsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewHuntRelationsServerTransport(srv *HuntRelationsServer) *HuntRelationsServerTransport { + return &HuntRelationsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.HuntRelationsClientListResponse]](), + } +} + +// HuntRelationsServerTransport connects instances of armsecurityinsights.HuntRelationsClient to instances of HuntRelationsServer. +// Don't use this type directly, use NewHuntRelationsServerTransport instead. +type HuntRelationsServerTransport struct { + srv *HuntRelationsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.HuntRelationsClientListResponse]] +} + +// Do implements the policy.Transporter interface for HuntRelationsServerTransport. +func (h *HuntRelationsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "HuntRelationsClient.CreateOrUpdate": + resp, err = h.dispatchCreateOrUpdate(req) + case "HuntRelationsClient.Delete": + resp, err = h.dispatchDelete(req) + case "HuntRelationsClient.Get": + resp, err = h.dispatchGet(req) + case "HuntRelationsClient.NewListPager": + resp, err = h.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (h *HuntRelationsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if h.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.HuntRelation](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntRelationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntRelationId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntRelationIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).HuntRelation, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntRelationsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if h.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntRelationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntRelationId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntRelationIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntRelationsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if h.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + huntRelationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntRelationId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, huntRelationIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).HuntRelation, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntRelationsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if h.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := h.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/relations` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.HuntRelationsClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.HuntRelationsClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := h.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, huntIDParam, options) + newListPager = &resp + h.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.HuntRelationsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + h.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + h.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/hunts_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/hunts_server.go new file mode 100644 index 000000000000..cc1ca5940009 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/hunts_server.go @@ -0,0 +1,286 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// HuntsServer is a fake server for instances of the armsecurityinsights.HuntsClient type. +type HuntsServer struct { + // CreateOrUpdate is the fake for method HuntsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, hunt armsecurityinsights.Hunt, options *armsecurityinsights.HuntsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.HuntsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method HuntsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *armsecurityinsights.HuntsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.HuntsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method HuntsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *armsecurityinsights.HuntsClientGetOptions) (resp azfake.Responder[armsecurityinsights.HuntsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method HuntsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.HuntsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.HuntsClientListResponse]) +} + +// NewHuntsServerTransport creates a new instance of HuntsServerTransport with the provided implementation. +// The returned HuntsServerTransport instance is connected to an instance of armsecurityinsights.HuntsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewHuntsServerTransport(srv *HuntsServer) *HuntsServerTransport { + return &HuntsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.HuntsClientListResponse]](), + } +} + +// HuntsServerTransport connects instances of armsecurityinsights.HuntsClient to instances of HuntsServer. +// Don't use this type directly, use NewHuntsServerTransport instead. +type HuntsServerTransport struct { + srv *HuntsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.HuntsClientListResponse]] +} + +// Do implements the policy.Transporter interface for HuntsServerTransport. +func (h *HuntsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "HuntsClient.CreateOrUpdate": + resp, err = h.dispatchCreateOrUpdate(req) + case "HuntsClient.Delete": + resp, err = h.dispatchDelete(req) + case "HuntsClient.Get": + resp, err = h.dispatchGet(req) + case "HuntsClient.NewListPager": + resp, err = h.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (h *HuntsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if h.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.Hunt](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Hunt, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if h.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if h.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + huntIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("huntId")]) + if err != nil { + return nil, err + } + respr, errRespr := h.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, huntIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Hunt, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (h *HuntsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if h.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := h.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/hunts` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.HuntsClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.HuntsClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := h.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + h.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.HuntsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + h.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + h.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentcomments_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentcomments_server.go index ce768082e44f..c934acb05cc6 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentcomments_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentcomments_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentrelations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentrelations_server.go index 9a7fd160ff94..5e86e0aac780 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentrelations_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidentrelations_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidents_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidents_server.go index 259232e00d19..1ff2fdc115ca 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidents_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidents_server.go @@ -16,9 +16,10 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" + "reflect" "regexp" "strconv" ) @@ -29,6 +30,10 @@ type IncidentsServer struct { // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incident armsecurityinsights.Incident, options *armsecurityinsights.IncidentsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.IncidentsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + // CreateTeam is the fake for method IncidentsClient.CreateTeam + // HTTP status codes to indicate success: http.StatusOK + CreateTeam func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, teamProperties armsecurityinsights.TeamInformation, options *armsecurityinsights.IncidentsClientCreateTeamOptions) (resp azfake.Responder[armsecurityinsights.IncidentsClientCreateTeamResponse], errResp azfake.ErrorResponder) + // Delete is the fake for method IncidentsClient.Delete // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent Delete func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, options *armsecurityinsights.IncidentsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.IncidentsClientDeleteResponse], errResp azfake.ErrorResponder) @@ -52,6 +57,10 @@ type IncidentsServer struct { // ListEntities is the fake for method IncidentsClient.ListEntities // HTTP status codes to indicate success: http.StatusOK ListEntities func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, options *armsecurityinsights.IncidentsClientListEntitiesOptions) (resp azfake.Responder[armsecurityinsights.IncidentsClientListEntitiesResponse], errResp azfake.ErrorResponder) + + // RunPlaybook is the fake for method IncidentsClient.RunPlaybook + // HTTP status codes to indicate success: http.StatusNoContent + RunPlaybook func(ctx context.Context, resourceGroupName string, workspaceName string, incidentIdentifier string, options *armsecurityinsights.IncidentsClientRunPlaybookOptions) (resp azfake.Responder[armsecurityinsights.IncidentsClientRunPlaybookResponse], errResp azfake.ErrorResponder) } // NewIncidentsServerTransport creates a new instance of IncidentsServerTransport with the provided implementation. @@ -85,6 +94,8 @@ func (i *IncidentsServerTransport) Do(req *http.Request) (*http.Response, error) switch method { case "IncidentsClient.CreateOrUpdate": resp, err = i.dispatchCreateOrUpdate(req) + case "IncidentsClient.CreateTeam": + resp, err = i.dispatchCreateTeam(req) case "IncidentsClient.Delete": resp, err = i.dispatchDelete(req) case "IncidentsClient.Get": @@ -97,6 +108,8 @@ func (i *IncidentsServerTransport) Do(req *http.Request) (*http.Response, error) resp, err = i.dispatchListBookmarks(req) case "IncidentsClient.ListEntities": resp, err = i.dispatchListEntities(req) + case "IncidentsClient.RunPlaybook": + resp, err = i.dispatchRunPlaybook(req) default: err = fmt.Errorf("unhandled API %s", method) } @@ -149,6 +162,47 @@ func (i *IncidentsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*h return resp, nil } +func (i *IncidentsServerTransport) dispatchCreateTeam(req *http.Request) (*http.Response, error) { + if i.srv.CreateTeam == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateTeam not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/createTeam` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.TeamInformation](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + incidentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentId")]) + if err != nil { + return nil, err + } + respr, errRespr := i.srv.CreateTeam(req.Context(), resourceGroupNameParam, workspaceNameParam, incidentIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).TeamInformation, req) + if err != nil { + return nil, err + } + return resp, nil +} + func (i *IncidentsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { if i.srv.Delete == nil { return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} @@ -413,3 +467,50 @@ func (i *IncidentsServerTransport) dispatchListEntities(req *http.Request) (*htt } return resp, nil } + +func (i *IncidentsServerTransport) dispatchRunPlaybook(req *http.Request) (*http.Response, error) { + if i.srv.RunPlaybook == nil { + return nil, &nonRetriableError{errors.New("fake for method RunPlaybook not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/runPlaybook` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.ManualTriggerRequestBody](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + incidentIdentifierParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentIdentifier")]) + if err != nil { + return nil, err + } + var options *armsecurityinsights.IncidentsClientRunPlaybookOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.IncidentsClientRunPlaybookOptions{ + RequestBody: &body, + } + } + respr, errRespr := i.srv.RunPlaybook(req.Context(), resourceGroupNameParam, workspaceNameParam, incidentIdentifierParam, options) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Interface, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidenttasks_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidenttasks_server.go new file mode 100644 index 000000000000..470daf6c9eac --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/incidenttasks_server.go @@ -0,0 +1,262 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// IncidentTasksServer is a fake server for instances of the armsecurityinsights.IncidentTasksClient type. +type IncidentTasksServer struct { + // CreateOrUpdate is the fake for method IncidentTasksClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, incidentTask armsecurityinsights.IncidentTask, options *armsecurityinsights.IncidentTasksClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.IncidentTasksClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method IncidentTasksClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, options *armsecurityinsights.IncidentTasksClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.IncidentTasksClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method IncidentTasksClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, options *armsecurityinsights.IncidentTasksClientGetOptions) (resp azfake.Responder[armsecurityinsights.IncidentTasksClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method IncidentTasksClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, incidentID string, options *armsecurityinsights.IncidentTasksClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.IncidentTasksClientListResponse]) +} + +// NewIncidentTasksServerTransport creates a new instance of IncidentTasksServerTransport with the provided implementation. +// The returned IncidentTasksServerTransport instance is connected to an instance of armsecurityinsights.IncidentTasksClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewIncidentTasksServerTransport(srv *IncidentTasksServer) *IncidentTasksServerTransport { + return &IncidentTasksServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.IncidentTasksClientListResponse]](), + } +} + +// IncidentTasksServerTransport connects instances of armsecurityinsights.IncidentTasksClient to instances of IncidentTasksServer. +// Don't use this type directly, use NewIncidentTasksServerTransport instead. +type IncidentTasksServerTransport struct { + srv *IncidentTasksServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.IncidentTasksClientListResponse]] +} + +// Do implements the policy.Transporter interface for IncidentTasksServerTransport. +func (i *IncidentTasksServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "IncidentTasksClient.CreateOrUpdate": + resp, err = i.dispatchCreateOrUpdate(req) + case "IncidentTasksClient.Delete": + resp, err = i.dispatchDelete(req) + case "IncidentTasksClient.Get": + resp, err = i.dispatchGet(req) + case "IncidentTasksClient.NewListPager": + resp, err = i.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (i *IncidentTasksServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if i.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/tasks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.IncidentTask](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + incidentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentId")]) + if err != nil { + return nil, err + } + incidentTaskIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentTaskId")]) + if err != nil { + return nil, err + } + respr, errRespr := i.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, incidentIDParam, incidentTaskIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).IncidentTask, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (i *IncidentTasksServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if i.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/tasks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + incidentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentId")]) + if err != nil { + return nil, err + } + incidentTaskIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentTaskId")]) + if err != nil { + return nil, err + } + respr, errRespr := i.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, incidentIDParam, incidentTaskIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (i *IncidentTasksServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if i.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/tasks/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + incidentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentId")]) + if err != nil { + return nil, err + } + incidentTaskIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentTaskId")]) + if err != nil { + return nil, err + } + respr, errRespr := i.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, incidentIDParam, incidentTaskIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).IncidentTask, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (i *IncidentTasksServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if i.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := i.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/incidents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/tasks` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + incidentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("incidentId")]) + if err != nil { + return nil, err + } + resp := i.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, incidentIDParam, nil) + newListPager = &resp + i.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.IncidentTasksClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + i.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + i.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/internal.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/internal.go index 689bea93e1ec..40041750dbe9 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/internal.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/internal.go @@ -51,6 +51,14 @@ func parseOptional[T any](v string, parse func(v string) (T, error)) (*T, error) return &t, err } +func parseWithCast[T any](v string, parse func(v string) (T, error)) (T, error) { + t, err := parse(v) + if err != nil { + return *new(T), err + } + return t, err +} + func readRequestBody(req *http.Request) ([]byte, error) { if req.Body == nil { return nil, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/ipgeodata_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/ipgeodata_server.go new file mode 100644 index 000000000000..5061bb3e244c --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/ipgeodata_server.go @@ -0,0 +1,101 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// IPGeodataServer is a fake server for instances of the armsecurityinsights.IPGeodataClient type. +type IPGeodataServer struct { + // Get is the fake for method IPGeodataClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, ipAddress string, options *armsecurityinsights.IPGeodataClientGetOptions) (resp azfake.Responder[armsecurityinsights.IPGeodataClientGetResponse], errResp azfake.ErrorResponder) +} + +// NewIPGeodataServerTransport creates a new instance of IPGeodataServerTransport with the provided implementation. +// The returned IPGeodataServerTransport instance is connected to an instance of armsecurityinsights.IPGeodataClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewIPGeodataServerTransport(srv *IPGeodataServer) *IPGeodataServerTransport { + return &IPGeodataServerTransport{srv: srv} +} + +// IPGeodataServerTransport connects instances of armsecurityinsights.IPGeodataClient to instances of IPGeodataServer. +// Don't use this type directly, use NewIPGeodataServerTransport instead. +type IPGeodataServerTransport struct { + srv *IPGeodataServer +} + +// Do implements the policy.Transporter interface for IPGeodataServerTransport. +func (i *IPGeodataServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "IPGeodataClient.Get": + resp, err = i.dispatchGet(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (i *IPGeodataServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if i.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/enrichment/ip/geodata/` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 2 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + ipAddressParam, err := url.QueryUnescape(qp.Get("ipAddress")) + if err != nil { + return nil, err + } + respr, errRespr := i.srv.Get(req.Context(), resourceGroupNameParam, ipAddressParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EnrichmentIPGeodata, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/metadata_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/metadata_server.go new file mode 100644 index 000000000000..83b2e9bd0153 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/metadata_server.go @@ -0,0 +1,342 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// MetadataServer is a fake server for instances of the armsecurityinsights.MetadataClient type. +type MetadataServer struct { + // Create is the fake for method MetadataClient.Create + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + Create func(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadata armsecurityinsights.MetadataModel, options *armsecurityinsights.MetadataClientCreateOptions) (resp azfake.Responder[armsecurityinsights.MetadataClientCreateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method MetadataClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, options *armsecurityinsights.MetadataClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.MetadataClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method MetadataClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, options *armsecurityinsights.MetadataClientGetOptions) (resp azfake.Responder[armsecurityinsights.MetadataClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method MetadataClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.MetadataClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.MetadataClientListResponse]) + + // Update is the fake for method MetadataClient.Update + // HTTP status codes to indicate success: http.StatusOK + Update func(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadataPatch armsecurityinsights.MetadataPatch, options *armsecurityinsights.MetadataClientUpdateOptions) (resp azfake.Responder[armsecurityinsights.MetadataClientUpdateResponse], errResp azfake.ErrorResponder) +} + +// NewMetadataServerTransport creates a new instance of MetadataServerTransport with the provided implementation. +// The returned MetadataServerTransport instance is connected to an instance of armsecurityinsights.MetadataClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewMetadataServerTransport(srv *MetadataServer) *MetadataServerTransport { + return &MetadataServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.MetadataClientListResponse]](), + } +} + +// MetadataServerTransport connects instances of armsecurityinsights.MetadataClient to instances of MetadataServer. +// Don't use this type directly, use NewMetadataServerTransport instead. +type MetadataServerTransport struct { + srv *MetadataServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.MetadataClientListResponse]] +} + +// Do implements the policy.Transporter interface for MetadataServerTransport. +func (m *MetadataServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "MetadataClient.Create": + resp, err = m.dispatchCreate(req) + case "MetadataClient.Delete": + resp, err = m.dispatchDelete(req) + case "MetadataClient.Get": + resp, err = m.dispatchGet(req) + case "MetadataClient.NewListPager": + resp, err = m.dispatchNewListPager(req) + case "MetadataClient.Update": + resp, err = m.dispatchUpdate(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (m *MetadataServerTransport) dispatchCreate(req *http.Request) (*http.Response, error) { + if m.srv.Create == nil { + return nil, &nonRetriableError{errors.New("fake for method Create not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/metadata/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.MetadataModel](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + metadataNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("metadataName")]) + if err != nil { + return nil, err + } + respr, errRespr := m.srv.Create(req.Context(), resourceGroupNameParam, workspaceNameParam, metadataNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).MetadataModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (m *MetadataServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if m.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/metadata/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + metadataNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("metadataName")]) + if err != nil { + return nil, err + } + respr, errRespr := m.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, metadataNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (m *MetadataServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if m.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/metadata/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + metadataNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("metadataName")]) + if err != nil { + return nil, err + } + respr, errRespr := m.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, metadataNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).MetadataModel, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (m *MetadataServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if m.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := m.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/metadata` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipUnescaped, err := url.QueryUnescape(qp.Get("$skip")) + if err != nil { + return nil, err + } + skipParam, err := parseOptional(skipUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + var options *armsecurityinsights.MetadataClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipParam != nil { + options = &armsecurityinsights.MetadataClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + Skip: skipParam, + } + } + resp := m.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + m.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.MetadataClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + m.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + m.newListPager.remove(req) + } + return resp, nil +} + +func (m *MetadataServerTransport) dispatchUpdate(req *http.Request) (*http.Response, error) { + if m.srv.Update == nil { + return nil, &nonRetriableError{errors.New("fake for method Update not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/metadata/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.MetadataPatch](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + metadataNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("metadataName")]) + if err != nil { + return nil, err + } + respr, errRespr := m.srv.Update(req.Context(), resourceGroupNameParam, workspaceNameParam, metadataNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).MetadataModel, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/officeconsents_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/officeconsents_server.go new file mode 100644 index 000000000000..819c595f3d81 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/officeconsents_server.go @@ -0,0 +1,199 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// OfficeConsentsServer is a fake server for instances of the armsecurityinsights.OfficeConsentsClient type. +type OfficeConsentsServer struct { + // Delete is the fake for method OfficeConsentsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, consentID string, options *armsecurityinsights.OfficeConsentsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.OfficeConsentsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method OfficeConsentsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, consentID string, options *armsecurityinsights.OfficeConsentsClientGetOptions) (resp azfake.Responder[armsecurityinsights.OfficeConsentsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method OfficeConsentsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.OfficeConsentsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.OfficeConsentsClientListResponse]) +} + +// NewOfficeConsentsServerTransport creates a new instance of OfficeConsentsServerTransport with the provided implementation. +// The returned OfficeConsentsServerTransport instance is connected to an instance of armsecurityinsights.OfficeConsentsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewOfficeConsentsServerTransport(srv *OfficeConsentsServer) *OfficeConsentsServerTransport { + return &OfficeConsentsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.OfficeConsentsClientListResponse]](), + } +} + +// OfficeConsentsServerTransport connects instances of armsecurityinsights.OfficeConsentsClient to instances of OfficeConsentsServer. +// Don't use this type directly, use NewOfficeConsentsServerTransport instead. +type OfficeConsentsServerTransport struct { + srv *OfficeConsentsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.OfficeConsentsClientListResponse]] +} + +// Do implements the policy.Transporter interface for OfficeConsentsServerTransport. +func (o *OfficeConsentsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "OfficeConsentsClient.Delete": + resp, err = o.dispatchDelete(req) + case "OfficeConsentsClient.Get": + resp, err = o.dispatchGet(req) + case "OfficeConsentsClient.NewListPager": + resp, err = o.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (o *OfficeConsentsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if o.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/officeConsents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + consentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("consentId")]) + if err != nil { + return nil, err + } + respr, errRespr := o.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, consentIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (o *OfficeConsentsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if o.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/officeConsents/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + consentIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("consentId")]) + if err != nil { + return nil, err + } + respr, errRespr := o.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, consentIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).OfficeConsent, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (o *OfficeConsentsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if o.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := o.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/officeConsents` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := o.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + o.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.OfficeConsentsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + o.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + o.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/operations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/operations_server.go index f5a53049b152..ed1be8860513 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/operations_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/operations_server.go @@ -15,7 +15,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" ) diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/polymorphic_helpers.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/polymorphic_helpers.go index d78cf7f89712..098adf9d85b3 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/polymorphic_helpers.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/polymorphic_helpers.go @@ -10,11 +10,11 @@ package fake import ( "encoding/json" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" ) func unmarshalAlertRuleClassification(rawMsg json.RawMessage) (armsecurityinsights.AlertRuleClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var m map[string]any @@ -25,10 +25,16 @@ func unmarshalAlertRuleClassification(rawMsg json.RawMessage) (armsecurityinsigh switch m["kind"] { case string(armsecurityinsights.AlertRuleKindFusion): b = &armsecurityinsights.FusionAlertRule{} + case string(armsecurityinsights.AlertRuleKindMLBehaviorAnalytics): + b = &armsecurityinsights.MLBehaviorAnalyticsAlertRule{} case string(armsecurityinsights.AlertRuleKindMicrosoftSecurityIncidentCreation): b = &armsecurityinsights.MicrosoftSecurityIncidentCreationAlertRule{} + case string(armsecurityinsights.AlertRuleKindNRT): + b = &armsecurityinsights.NrtAlertRule{} case string(armsecurityinsights.AlertRuleKindScheduled): b = &armsecurityinsights.ScheduledAlertRule{} + case string(armsecurityinsights.AlertRuleKindThreatIntelligence): + b = &armsecurityinsights.ThreatIntelligenceAlertRule{} default: b = &armsecurityinsights.AlertRule{} } @@ -38,8 +44,29 @@ func unmarshalAlertRuleClassification(rawMsg json.RawMessage) (armsecurityinsigh return b, nil } +func unmarshalCustomEntityQueryClassification(rawMsg json.RawMessage) (armsecurityinsights.CustomEntityQueryClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b armsecurityinsights.CustomEntityQueryClassification + switch m["kind"] { + case string(armsecurityinsights.CustomEntityQueryKindActivity): + b = &armsecurityinsights.ActivityCustomEntityQuery{} + default: + b = &armsecurityinsights.CustomEntityQuery{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (armsecurityinsights.DataConnectorClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var m map[string]any @@ -48,22 +75,52 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (armsecurityin } var b armsecurityinsights.DataConnectorClassification switch m["kind"] { + case string(armsecurityinsights.DataConnectorKindAPIPolling): + b = &armsecurityinsights.CodelessAPIPollingDataConnector{} case string(armsecurityinsights.DataConnectorKindAmazonWebServicesCloudTrail): b = &armsecurityinsights.AwsCloudTrailDataConnector{} + case string(armsecurityinsights.DataConnectorKindAmazonWebServicesS3): + b = &armsecurityinsights.AwsS3DataConnector{} case string(armsecurityinsights.DataConnectorKindAzureActiveDirectory): b = &armsecurityinsights.AADDataConnector{} case string(armsecurityinsights.DataConnectorKindAzureAdvancedThreatProtection): b = &armsecurityinsights.AATPDataConnector{} case string(armsecurityinsights.DataConnectorKindAzureSecurityCenter): b = &armsecurityinsights.ASCDataConnector{} + case string(armsecurityinsights.DataConnectorKindDynamics365): + b = &armsecurityinsights.Dynamics365DataConnector{} + case string(armsecurityinsights.DataConnectorKindGCP): + b = &armsecurityinsights.GCPDataConnector{} + case string(armsecurityinsights.DataConnectorKindGenericUI): + b = &armsecurityinsights.CodelessUIDataConnector{} + case string(armsecurityinsights.DataConnectorKindIOT): + b = &armsecurityinsights.IoTDataConnector{} case string(armsecurityinsights.DataConnectorKindMicrosoftCloudAppSecurity): b = &armsecurityinsights.MCASDataConnector{} case string(armsecurityinsights.DataConnectorKindMicrosoftDefenderAdvancedThreatProtection): b = &armsecurityinsights.MDATPDataConnector{} + case string(armsecurityinsights.DataConnectorKindMicrosoftPurviewInformationProtection): + b = &armsecurityinsights.MicrosoftPurviewInformationProtectionDataConnector{} + case string(armsecurityinsights.DataConnectorKindMicrosoftThreatIntelligence): + b = &armsecurityinsights.MSTIDataConnector{} + case string(armsecurityinsights.DataConnectorKindMicrosoftThreatProtection): + b = &armsecurityinsights.MTPDataConnector{} case string(armsecurityinsights.DataConnectorKindOffice365): b = &armsecurityinsights.OfficeDataConnector{} + case string(armsecurityinsights.DataConnectorKindOffice365Project): + b = &armsecurityinsights.Office365ProjectDataConnector{} + case string(armsecurityinsights.DataConnectorKindOfficeATP): + b = &armsecurityinsights.OfficeATPDataConnector{} + case string(armsecurityinsights.DataConnectorKindOfficeIRM): + b = &armsecurityinsights.OfficeIRMDataConnector{} + case string(armsecurityinsights.DataConnectorKindOfficePowerBI): + b = &armsecurityinsights.OfficePowerBIDataConnector{} + case string(armsecurityinsights.DataConnectorKindRestAPIPoller): + b = &armsecurityinsights.RestAPIPollerDataConnector{} case string(armsecurityinsights.DataConnectorKindThreatIntelligence): b = &armsecurityinsights.TIDataConnector{} + case string(armsecurityinsights.DataConnectorKindThreatIntelligenceTaxii): + b = &armsecurityinsights.TiTaxiiDataConnector{} default: b = &armsecurityinsights.DataConnector{} } @@ -72,3 +129,127 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (armsecurityin } return b, nil } + +func unmarshalDataConnectorDefinitionClassification(rawMsg json.RawMessage) (armsecurityinsights.DataConnectorDefinitionClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b armsecurityinsights.DataConnectorDefinitionClassification + switch m["kind"] { + case string(armsecurityinsights.DataConnectorDefinitionKindCustomizable): + b = &armsecurityinsights.CustomizableConnectorDefinition{} + default: + b = &armsecurityinsights.DataConnectorDefinition{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalDataConnectorsCheckRequirementsClassification(rawMsg json.RawMessage) (armsecurityinsights.DataConnectorsCheckRequirementsClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b armsecurityinsights.DataConnectorsCheckRequirementsClassification + switch m["kind"] { + case string(armsecurityinsights.DataConnectorKindAmazonWebServicesCloudTrail): + b = &armsecurityinsights.AwsCloudTrailCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindAmazonWebServicesS3): + b = &armsecurityinsights.AwsS3CheckRequirements{} + case string(armsecurityinsights.DataConnectorKindAzureActiveDirectory): + b = &armsecurityinsights.AADCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindAzureAdvancedThreatProtection): + b = &armsecurityinsights.AATPCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindAzureSecurityCenter): + b = &armsecurityinsights.ASCCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindDynamics365): + b = &armsecurityinsights.Dynamics365CheckRequirements{} + case string(armsecurityinsights.DataConnectorKindIOT): + b = &armsecurityinsights.IoTCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindMicrosoftCloudAppSecurity): + b = &armsecurityinsights.MCASCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindMicrosoftDefenderAdvancedThreatProtection): + b = &armsecurityinsights.MDATPCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindMicrosoftPurviewInformationProtection): + b = &armsecurityinsights.MicrosoftPurviewInformationProtectionCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindMicrosoftThreatIntelligence): + b = &armsecurityinsights.MSTICheckRequirements{} + case string(armsecurityinsights.DataConnectorKindMicrosoftThreatProtection): + b = &armsecurityinsights.MtpCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindOffice365Project): + b = &armsecurityinsights.Office365ProjectCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindOfficeATP): + b = &armsecurityinsights.OfficeATPCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindOfficeIRM): + b = &armsecurityinsights.OfficeIRMCheckRequirements{} + case string(armsecurityinsights.DataConnectorKindOfficePowerBI): + b = &armsecurityinsights.OfficePowerBICheckRequirements{} + case string(armsecurityinsights.DataConnectorKindThreatIntelligence): + b = &armsecurityinsights.TICheckRequirements{} + case string(armsecurityinsights.DataConnectorKindThreatIntelligenceTaxii): + b = &armsecurityinsights.TiTaxiiCheckRequirements{} + default: + b = &armsecurityinsights.DataConnectorsCheckRequirements{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalSecurityMLAnalyticsSettingClassification(rawMsg json.RawMessage) (armsecurityinsights.SecurityMLAnalyticsSettingClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b armsecurityinsights.SecurityMLAnalyticsSettingClassification + switch m["kind"] { + case string(armsecurityinsights.SecurityMLAnalyticsSettingsKindAnomaly): + b = &armsecurityinsights.AnomalySecurityMLAnalyticsSettings{} + default: + b = &armsecurityinsights.SecurityMLAnalyticsSetting{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalSettingsClassification(rawMsg json.RawMessage) (armsecurityinsights.SettingsClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b armsecurityinsights.SettingsClassification + switch m["kind"] { + case string(armsecurityinsights.SettingKindAnomalies): + b = &armsecurityinsights.Anomalies{} + case string(armsecurityinsights.SettingKindEntityAnalytics): + b = &armsecurityinsights.EntityAnalytics{} + case string(armsecurityinsights.SettingKindEyesOn): + b = &armsecurityinsights.EyesOn{} + case string(armsecurityinsights.SettingKindUeba): + b = &armsecurityinsights.Ueba{} + default: + b = &armsecurityinsights.Settings{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackage_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackage_server.go new file mode 100644 index 000000000000..721713b19d8c --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackage_server.go @@ -0,0 +1,104 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ProductPackageServer is a fake server for instances of the armsecurityinsights.ProductPackageClient type. +type ProductPackageServer struct { + // Get is the fake for method ProductPackageClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *armsecurityinsights.ProductPackageClientGetOptions) (resp azfake.Responder[armsecurityinsights.ProductPackageClientGetResponse], errResp azfake.ErrorResponder) +} + +// NewProductPackageServerTransport creates a new instance of ProductPackageServerTransport with the provided implementation. +// The returned ProductPackageServerTransport instance is connected to an instance of armsecurityinsights.ProductPackageClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewProductPackageServerTransport(srv *ProductPackageServer) *ProductPackageServerTransport { + return &ProductPackageServerTransport{srv: srv} +} + +// ProductPackageServerTransport connects instances of armsecurityinsights.ProductPackageClient to instances of ProductPackageServer. +// Don't use this type directly, use NewProductPackageServerTransport instead. +type ProductPackageServerTransport struct { + srv *ProductPackageServer +} + +// Do implements the policy.Transporter interface for ProductPackageServerTransport. +func (p *ProductPackageServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ProductPackageClient.Get": + resp, err = p.dispatchGet(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (p *ProductPackageServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if p.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentProductPackages/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + packageIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("packageId")]) + if err != nil { + return nil, err + } + respr, errRespr := p.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, packageIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).ProductPackageModel, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackages_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackages_server.go new file mode 100644 index 000000000000..b517ef6cb3d4 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productpackages_server.go @@ -0,0 +1,152 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// ProductPackagesServer is a fake server for instances of the armsecurityinsights.ProductPackagesClient type. +type ProductPackagesServer struct { + // NewListPager is the fake for method ProductPackagesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.ProductPackagesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.ProductPackagesClientListResponse]) +} + +// NewProductPackagesServerTransport creates a new instance of ProductPackagesServerTransport with the provided implementation. +// The returned ProductPackagesServerTransport instance is connected to an instance of armsecurityinsights.ProductPackagesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewProductPackagesServerTransport(srv *ProductPackagesServer) *ProductPackagesServerTransport { + return &ProductPackagesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.ProductPackagesClientListResponse]](), + } +} + +// ProductPackagesServerTransport connects instances of armsecurityinsights.ProductPackagesClient to instances of ProductPackagesServer. +// Don't use this type directly, use NewProductPackagesServerTransport instead. +type ProductPackagesServerTransport struct { + srv *ProductPackagesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.ProductPackagesClientListResponse]] +} + +// Do implements the policy.Transporter interface for ProductPackagesServerTransport. +func (p *ProductPackagesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ProductPackagesClient.NewListPager": + resp, err = p.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (p *ProductPackagesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if p.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := p.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentProductPackages` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.ProductPackagesClientListOptions + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.ProductPackagesClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := p.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + p.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.ProductPackagesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + p.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + p.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productsettings_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productsettings_server.go new file mode 100644 index 000000000000..7f79620a1305 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/productsettings_server.go @@ -0,0 +1,237 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ProductSettingsServer is a fake server for instances of the armsecurityinsights.ProductSettingsClient type. +type ProductSettingsServer struct { + // Delete is the fake for method ProductSettingsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, options *armsecurityinsights.ProductSettingsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.ProductSettingsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method ProductSettingsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, options *armsecurityinsights.ProductSettingsClientGetOptions) (resp azfake.Responder[armsecurityinsights.ProductSettingsClientGetResponse], errResp azfake.ErrorResponder) + + // List is the fake for method ProductSettingsClient.List + // HTTP status codes to indicate success: http.StatusOK + List func(ctx context.Context, resourceGroupName string, workspaceName string, options *armsecurityinsights.ProductSettingsClientListOptions) (resp azfake.Responder[armsecurityinsights.ProductSettingsClientListResponse], errResp azfake.ErrorResponder) + + // Update is the fake for method ProductSettingsClient.Update + // HTTP status codes to indicate success: http.StatusOK + Update func(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, settings armsecurityinsights.SettingsClassification, options *armsecurityinsights.ProductSettingsClientUpdateOptions) (resp azfake.Responder[armsecurityinsights.ProductSettingsClientUpdateResponse], errResp azfake.ErrorResponder) +} + +// NewProductSettingsServerTransport creates a new instance of ProductSettingsServerTransport with the provided implementation. +// The returned ProductSettingsServerTransport instance is connected to an instance of armsecurityinsights.ProductSettingsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewProductSettingsServerTransport(srv *ProductSettingsServer) *ProductSettingsServerTransport { + return &ProductSettingsServerTransport{srv: srv} +} + +// ProductSettingsServerTransport connects instances of armsecurityinsights.ProductSettingsClient to instances of ProductSettingsServer. +// Don't use this type directly, use NewProductSettingsServerTransport instead. +type ProductSettingsServerTransport struct { + srv *ProductSettingsServer +} + +// Do implements the policy.Transporter interface for ProductSettingsServerTransport. +func (p *ProductSettingsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ProductSettingsClient.Delete": + resp, err = p.dispatchDelete(req) + case "ProductSettingsClient.Get": + resp, err = p.dispatchGet(req) + case "ProductSettingsClient.List": + resp, err = p.dispatchList(req) + case "ProductSettingsClient.Update": + resp, err = p.dispatchUpdate(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (p *ProductSettingsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if p.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/settings/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + settingsNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("settingsName")]) + if err != nil { + return nil, err + } + respr, errRespr := p.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, settingsNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (p *ProductSettingsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if p.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/settings/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + settingsNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("settingsName")]) + if err != nil { + return nil, err + } + respr, errRespr := p.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, settingsNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SettingsClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (p *ProductSettingsServerTransport) dispatchList(req *http.Request) (*http.Response, error) { + if p.srv.List == nil { + return nil, &nonRetriableError{errors.New("fake for method List not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/settings` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + respr, errRespr := p.srv.List(req.Context(), resourceGroupNameParam, workspaceNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SettingList, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (p *ProductSettingsServerTransport) dispatchUpdate(req *http.Request) (*http.Response, error) { + if p.srv.Update == nil { + return nil, &nonRetriableError{errors.New("fake for method Update not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/settings/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + raw, err := readRequestBody(req) + if err != nil { + return nil, err + } + body, err := unmarshalSettingsClassification(raw) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + settingsNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("settingsName")]) + if err != nil { + return nil, err + } + respr, errRespr := p.srv.Update(req.Context(), resourceGroupNameParam, workspaceNameParam, settingsNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SettingsClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplate_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplate_server.go new file mode 100644 index 000000000000..e25b4e877256 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplate_server.go @@ -0,0 +1,104 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ProductTemplateServer is a fake server for instances of the armsecurityinsights.ProductTemplateClient type. +type ProductTemplateServer struct { + // Get is the fake for method ProductTemplateClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *armsecurityinsights.ProductTemplateClientGetOptions) (resp azfake.Responder[armsecurityinsights.ProductTemplateClientGetResponse], errResp azfake.ErrorResponder) +} + +// NewProductTemplateServerTransport creates a new instance of ProductTemplateServerTransport with the provided implementation. +// The returned ProductTemplateServerTransport instance is connected to an instance of armsecurityinsights.ProductTemplateClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewProductTemplateServerTransport(srv *ProductTemplateServer) *ProductTemplateServerTransport { + return &ProductTemplateServerTransport{srv: srv} +} + +// ProductTemplateServerTransport connects instances of armsecurityinsights.ProductTemplateClient to instances of ProductTemplateServer. +// Don't use this type directly, use NewProductTemplateServerTransport instead. +type ProductTemplateServerTransport struct { + srv *ProductTemplateServer +} + +// Do implements the policy.Transporter interface for ProductTemplateServerTransport. +func (p *ProductTemplateServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ProductTemplateClient.Get": + resp, err = p.dispatchGet(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (p *ProductTemplateServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if p.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentproducttemplates/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + templateIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("templateId")]) + if err != nil { + return nil, err + } + respr, errRespr := p.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, templateIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).ProductTemplateModel, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplates_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplates_server.go new file mode 100644 index 000000000000..05823ced6a8f --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/producttemplates_server.go @@ -0,0 +1,182 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// ProductTemplatesServer is a fake server for instances of the armsecurityinsights.ProductTemplatesClient type. +type ProductTemplatesServer struct { + // NewListPager is the fake for method ProductTemplatesClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.ProductTemplatesClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.ProductTemplatesClientListResponse]) +} + +// NewProductTemplatesServerTransport creates a new instance of ProductTemplatesServerTransport with the provided implementation. +// The returned ProductTemplatesServerTransport instance is connected to an instance of armsecurityinsights.ProductTemplatesClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewProductTemplatesServerTransport(srv *ProductTemplatesServer) *ProductTemplatesServerTransport { + return &ProductTemplatesServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.ProductTemplatesClientListResponse]](), + } +} + +// ProductTemplatesServerTransport connects instances of armsecurityinsights.ProductTemplatesClient to instances of ProductTemplatesServer. +// Don't use this type directly, use NewProductTemplatesServerTransport instead. +type ProductTemplatesServerTransport struct { + srv *ProductTemplatesServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.ProductTemplatesClientListResponse]] +} + +// Do implements the policy.Transporter interface for ProductTemplatesServerTransport. +func (p *ProductTemplatesServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ProductTemplatesClient.NewListPager": + resp, err = p.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (p *ProductTemplatesServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if p.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := p.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/contentProductTemplates` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + filterUnescaped, err := url.QueryUnescape(qp.Get("$filter")) + if err != nil { + return nil, err + } + filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + searchUnescaped, err := url.QueryUnescape(qp.Get("$search")) + if err != nil { + return nil, err + } + searchParam := getOptional(searchUnescaped) + countUnescaped, err := url.QueryUnescape(qp.Get("$count")) + if err != nil { + return nil, err + } + countParam, err := parseOptional(countUnescaped, strconv.ParseBool) + if err != nil { + return nil, err + } + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipUnescaped, err := url.QueryUnescape(qp.Get("$skip")) + if err != nil { + return nil, err + } + skipParam, err := parseOptional(skipUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.ProductTemplatesClientListOptions + if filterParam != nil || orderbyParam != nil || searchParam != nil || countParam != nil || topParam != nil || skipParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.ProductTemplatesClientListOptions{ + Filter: filterParam, + Orderby: orderbyParam, + Search: searchParam, + Count: countParam, + Top: topParam, + Skip: skipParam, + SkipToken: skipTokenParam, + } + } + resp := p.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + p.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.ProductTemplatesClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + p.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + p.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/reevaluate_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/reevaluate_server.go new file mode 100644 index 000000000000..945434f0e6a0 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/reevaluate_server.go @@ -0,0 +1,104 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// ReevaluateServer is a fake server for instances of the armsecurityinsights.ReevaluateClient type. +type ReevaluateServer struct { + // Recommendation is the fake for method ReevaluateClient.Recommendation + // HTTP status codes to indicate success: http.StatusOK + Recommendation func(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, options *armsecurityinsights.ReevaluateClientRecommendationOptions) (resp azfake.Responder[armsecurityinsights.ReevaluateClientRecommendationResponse], errResp azfake.ErrorResponder) +} + +// NewReevaluateServerTransport creates a new instance of ReevaluateServerTransport with the provided implementation. +// The returned ReevaluateServerTransport instance is connected to an instance of armsecurityinsights.ReevaluateClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewReevaluateServerTransport(srv *ReevaluateServer) *ReevaluateServerTransport { + return &ReevaluateServerTransport{srv: srv} +} + +// ReevaluateServerTransport connects instances of armsecurityinsights.ReevaluateClient to instances of ReevaluateServer. +// Don't use this type directly, use NewReevaluateServerTransport instead. +type ReevaluateServerTransport struct { + srv *ReevaluateServer +} + +// Do implements the policy.Transporter interface for ReevaluateServerTransport. +func (r *ReevaluateServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ReevaluateClient.Recommendation": + resp, err = r.dispatchRecommendation(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (r *ReevaluateServerTransport) dispatchRecommendation(req *http.Request) (*http.Response, error) { + if r.srv.Recommendation == nil { + return nil, &nonRetriableError{errors.New("fake for method Recommendation not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/recommendations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/triggerEvaluation` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + recommendationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("recommendationId")]) + if err != nil { + return nil, err + } + respr, errRespr := r.srv.Recommendation(req.Context(), resourceGroupNameParam, workspaceNameParam, recommendationIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).ReevaluateResponse, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/securitymlanalyticssettings_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/securitymlanalyticssettings_server.go new file mode 100644 index 000000000000..678668451045 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/securitymlanalyticssettings_server.go @@ -0,0 +1,250 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// SecurityMLAnalyticsSettingsServer is a fake server for instances of the armsecurityinsights.SecurityMLAnalyticsSettingsClient type. +type SecurityMLAnalyticsSettingsServer struct { + // CreateOrUpdate is the fake for method SecurityMLAnalyticsSettingsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, securityMLAnalyticsSetting armsecurityinsights.SecurityMLAnalyticsSettingClassification, options *armsecurityinsights.SecurityMLAnalyticsSettingsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method SecurityMLAnalyticsSettingsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, options *armsecurityinsights.SecurityMLAnalyticsSettingsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.SecurityMLAnalyticsSettingsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method SecurityMLAnalyticsSettingsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, options *armsecurityinsights.SecurityMLAnalyticsSettingsClientGetOptions) (resp azfake.Responder[armsecurityinsights.SecurityMLAnalyticsSettingsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method SecurityMLAnalyticsSettingsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.SecurityMLAnalyticsSettingsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.SecurityMLAnalyticsSettingsClientListResponse]) +} + +// NewSecurityMLAnalyticsSettingsServerTransport creates a new instance of SecurityMLAnalyticsSettingsServerTransport with the provided implementation. +// The returned SecurityMLAnalyticsSettingsServerTransport instance is connected to an instance of armsecurityinsights.SecurityMLAnalyticsSettingsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewSecurityMLAnalyticsSettingsServerTransport(srv *SecurityMLAnalyticsSettingsServer) *SecurityMLAnalyticsSettingsServerTransport { + return &SecurityMLAnalyticsSettingsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.SecurityMLAnalyticsSettingsClientListResponse]](), + } +} + +// SecurityMLAnalyticsSettingsServerTransport connects instances of armsecurityinsights.SecurityMLAnalyticsSettingsClient to instances of SecurityMLAnalyticsSettingsServer. +// Don't use this type directly, use NewSecurityMLAnalyticsSettingsServerTransport instead. +type SecurityMLAnalyticsSettingsServerTransport struct { + srv *SecurityMLAnalyticsSettingsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.SecurityMLAnalyticsSettingsClientListResponse]] +} + +// Do implements the policy.Transporter interface for SecurityMLAnalyticsSettingsServerTransport. +func (s *SecurityMLAnalyticsSettingsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "SecurityMLAnalyticsSettingsClient.CreateOrUpdate": + resp, err = s.dispatchCreateOrUpdate(req) + case "SecurityMLAnalyticsSettingsClient.Delete": + resp, err = s.dispatchDelete(req) + case "SecurityMLAnalyticsSettingsClient.Get": + resp, err = s.dispatchGet(req) + case "SecurityMLAnalyticsSettingsClient.NewListPager": + resp, err = s.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (s *SecurityMLAnalyticsSettingsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if s.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/securityMLAnalyticsSettings/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + raw, err := readRequestBody(req) + if err != nil { + return nil, err + } + body, err := unmarshalSecurityMLAnalyticsSettingClassification(raw) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + settingsResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("settingsResourceName")]) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, settingsResourceNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SecurityMLAnalyticsSettingClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *SecurityMLAnalyticsSettingsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if s.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/securityMLAnalyticsSettings/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + settingsResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("settingsResourceName")]) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, settingsResourceNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *SecurityMLAnalyticsSettingsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if s.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/securityMLAnalyticsSettings/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + settingsResourceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("settingsResourceName")]) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, settingsResourceNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SecurityMLAnalyticsSettingClassification, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *SecurityMLAnalyticsSettingsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if s.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := s.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/securityMLAnalyticsSettings` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := s.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + s.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.SecurityMLAnalyticsSettingsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + s.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + s.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sentinelonboardingstates_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sentinelonboardingstates_server.go index 062285fb1f6a..70d308f2fdef 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sentinelonboardingstates_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sentinelonboardingstates_server.go @@ -15,7 +15,7 @@ import ( azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "reflect" diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server.go new file mode 100644 index 000000000000..ce8c6b2c8960 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server.go @@ -0,0 +1,167 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// Server is a fake server for instances of the armsecurityinsights.Client type. +type Server struct { + // ListGeodataByIP is the fake for method Client.ListGeodataByIP + // HTTP status codes to indicate success: http.StatusOK + ListGeodataByIP func(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType armsecurityinsights.EnrichmentType, ipAddressBody armsecurityinsights.EnrichmentIPAddressBody, options *armsecurityinsights.ClientListGeodataByIPOptions) (resp azfake.Responder[armsecurityinsights.ClientListGeodataByIPResponse], errResp azfake.ErrorResponder) + + // ListWhoisByDomain is the fake for method Client.ListWhoisByDomain + // HTTP status codes to indicate success: http.StatusOK + ListWhoisByDomain func(ctx context.Context, resourceGroupName string, workspaceName string, enrichmentType armsecurityinsights.EnrichmentType, domainBody armsecurityinsights.EnrichmentDomainBody, options *armsecurityinsights.ClientListWhoisByDomainOptions) (resp azfake.Responder[armsecurityinsights.ClientListWhoisByDomainResponse], errResp azfake.ErrorResponder) +} + +// NewServerTransport creates a new instance of ServerTransport with the provided implementation. +// The returned ServerTransport instance is connected to an instance of armsecurityinsights.Client via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewServerTransport(srv *Server) *ServerTransport { + return &ServerTransport{srv: srv} +} + +// ServerTransport connects instances of armsecurityinsights.Client to instances of Server. +// Don't use this type directly, use NewServerTransport instead. +type ServerTransport struct { + srv *Server +} + +// Do implements the policy.Transporter interface for ServerTransport. +func (s *ServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "Client.ListGeodataByIP": + resp, err = s.dispatchListGeodataByIP(req) + case "Client.ListWhoisByDomain": + resp, err = s.dispatchListWhoisByDomain(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (s *ServerTransport) dispatchListGeodataByIP(req *http.Request) (*http.Response, error) { + if s.srv.ListGeodataByIP == nil { + return nil, &nonRetriableError{errors.New("fake for method ListGeodataByIP not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/enrichment/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/listGeodataByIp` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.EnrichmentIPAddressBody](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + enrichmentTypeParam, err := parseWithCast(matches[regex.SubexpIndex("enrichmentType")], func(v string) (armsecurityinsights.EnrichmentType, error) { + p, unescapeErr := url.PathUnescape(v) + if unescapeErr != nil { + return "", unescapeErr + } + return armsecurityinsights.EnrichmentType(p), nil + }) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.ListGeodataByIP(req.Context(), resourceGroupNameParam, workspaceNameParam, enrichmentTypeParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EnrichmentIPGeodataAutoGenerated, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *ServerTransport) dispatchListWhoisByDomain(req *http.Request) (*http.Response, error) { + if s.srv.ListWhoisByDomain == nil { + return nil, &nonRetriableError{errors.New("fake for method ListWhoisByDomain not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/enrichment/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/listWhoisByDomain` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.EnrichmentDomainBody](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + enrichmentTypeParam, err := parseWithCast(matches[regex.SubexpIndex("enrichmentType")], func(v string) (armsecurityinsights.EnrichmentType, error) { + p, unescapeErr := url.PathUnescape(v) + if unescapeErr != nil { + return "", unescapeErr + } + return armsecurityinsights.EnrichmentType(p), nil + }) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.ListWhoisByDomain(req.Context(), resourceGroupNameParam, workspaceNameParam, enrichmentTypeParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).EnrichmentDomainWhois, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server_factory.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server_factory.go index 22c1c2f5ddea..cb3ee33bca5d 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server_factory.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/server_factory.go @@ -20,21 +20,67 @@ import ( // ServerFactory is a fake server for instances of the armsecurityinsights.ClientFactory type. type ServerFactory struct { ActionsServer ActionsServer + AlertRuleServer AlertRuleServer AlertRuleTemplatesServer AlertRuleTemplatesServer AlertRulesServer AlertRulesServer AutomationRulesServer AutomationRulesServer + BillingStatisticsServer BillingStatisticsServer + BookmarkServer BookmarkServer + BookmarkRelationsServer BookmarkRelationsServer BookmarksServer BookmarksServer + Server Server + ContentPackageServer ContentPackageServer + ContentPackagesServer ContentPackagesServer + ContentTemplateServer ContentTemplateServer + ContentTemplatesServer ContentTemplatesServer + DataConnectorDefinitionsServer DataConnectorDefinitionsServer + DataConnectorsCheckRequirementsServer DataConnectorsCheckRequirementsServer DataConnectorsServer DataConnectorsServer + DomainWhoisServer DomainWhoisServer + EntitiesServer EntitiesServer + EntitiesGetTimelineServer EntitiesGetTimelineServer + EntitiesRelationsServer EntitiesRelationsServer + EntityQueriesServer EntityQueriesServer + EntityQueryTemplatesServer EntityQueryTemplatesServer + EntityRelationsServer EntityRelationsServer + FileImportsServer FileImportsServer + GetServer GetServer + GetRecommendationsServer GetRecommendationsServer + GetTriggeredAnalyticsRuleRunsServer GetTriggeredAnalyticsRuleRunsServer + HuntCommentsServer HuntCommentsServer + HuntRelationsServer HuntRelationsServer + HuntsServer HuntsServer + IPGeodataServer IPGeodataServer IncidentCommentsServer IncidentCommentsServer IncidentRelationsServer IncidentRelationsServer + IncidentTasksServer IncidentTasksServer IncidentsServer IncidentsServer + MetadataServer MetadataServer + OfficeConsentsServer OfficeConsentsServer OperationsServer OperationsServer + ProductPackageServer ProductPackageServer + ProductPackagesServer ProductPackagesServer + ProductSettingsServer ProductSettingsServer + ProductTemplateServer ProductTemplateServer + ProductTemplatesServer ProductTemplatesServer + ReevaluateServer ReevaluateServer + SecurityMLAnalyticsSettingsServer SecurityMLAnalyticsSettingsServer SentinelOnboardingStatesServer SentinelOnboardingStatesServer + SourceControlServer SourceControlServer + SourceControlsServer SourceControlsServer + ThreatIntelligenceServer ThreatIntelligenceServer ThreatIntelligenceIndicatorServer ThreatIntelligenceIndicatorServer ThreatIntelligenceIndicatorMetricsServer ThreatIntelligenceIndicatorMetricsServer ThreatIntelligenceIndicatorsServer ThreatIntelligenceIndicatorsServer + TriggeredAnalyticsRuleRunServer TriggeredAnalyticsRuleRunServer + UpdateServer UpdateServer WatchlistItemsServer WatchlistItemsServer WatchlistsServer WatchlistsServer + WorkspaceManagerAssignmentJobsServer WorkspaceManagerAssignmentJobsServer + WorkspaceManagerAssignmentsServer WorkspaceManagerAssignmentsServer + WorkspaceManagerConfigurationsServer WorkspaceManagerConfigurationsServer + WorkspaceManagerGroupsServer WorkspaceManagerGroupsServer + WorkspaceManagerMembersServer WorkspaceManagerMembersServer } // NewServerFactoryTransport creates a new instance of ServerFactoryTransport with the provided implementation. @@ -52,21 +98,67 @@ type ServerFactoryTransport struct { srv *ServerFactory trMu sync.Mutex trActionsServer *ActionsServerTransport + trAlertRuleServer *AlertRuleServerTransport trAlertRuleTemplatesServer *AlertRuleTemplatesServerTransport trAlertRulesServer *AlertRulesServerTransport trAutomationRulesServer *AutomationRulesServerTransport + trBillingStatisticsServer *BillingStatisticsServerTransport + trBookmarkServer *BookmarkServerTransport + trBookmarkRelationsServer *BookmarkRelationsServerTransport trBookmarksServer *BookmarksServerTransport + trServer *ServerTransport + trContentPackageServer *ContentPackageServerTransport + trContentPackagesServer *ContentPackagesServerTransport + trContentTemplateServer *ContentTemplateServerTransport + trContentTemplatesServer *ContentTemplatesServerTransport + trDataConnectorDefinitionsServer *DataConnectorDefinitionsServerTransport + trDataConnectorsCheckRequirementsServer *DataConnectorsCheckRequirementsServerTransport trDataConnectorsServer *DataConnectorsServerTransport + trDomainWhoisServer *DomainWhoisServerTransport + trEntitiesServer *EntitiesServerTransport + trEntitiesGetTimelineServer *EntitiesGetTimelineServerTransport + trEntitiesRelationsServer *EntitiesRelationsServerTransport + trEntityQueriesServer *EntityQueriesServerTransport + trEntityQueryTemplatesServer *EntityQueryTemplatesServerTransport + trEntityRelationsServer *EntityRelationsServerTransport + trFileImportsServer *FileImportsServerTransport + trGetServer *GetServerTransport + trGetRecommendationsServer *GetRecommendationsServerTransport + trGetTriggeredAnalyticsRuleRunsServer *GetTriggeredAnalyticsRuleRunsServerTransport + trHuntCommentsServer *HuntCommentsServerTransport + trHuntRelationsServer *HuntRelationsServerTransport + trHuntsServer *HuntsServerTransport + trIPGeodataServer *IPGeodataServerTransport trIncidentCommentsServer *IncidentCommentsServerTransport trIncidentRelationsServer *IncidentRelationsServerTransport + trIncidentTasksServer *IncidentTasksServerTransport trIncidentsServer *IncidentsServerTransport + trMetadataServer *MetadataServerTransport + trOfficeConsentsServer *OfficeConsentsServerTransport trOperationsServer *OperationsServerTransport + trProductPackageServer *ProductPackageServerTransport + trProductPackagesServer *ProductPackagesServerTransport + trProductSettingsServer *ProductSettingsServerTransport + trProductTemplateServer *ProductTemplateServerTransport + trProductTemplatesServer *ProductTemplatesServerTransport + trReevaluateServer *ReevaluateServerTransport + trSecurityMLAnalyticsSettingsServer *SecurityMLAnalyticsSettingsServerTransport trSentinelOnboardingStatesServer *SentinelOnboardingStatesServerTransport + trSourceControlServer *SourceControlServerTransport + trSourceControlsServer *SourceControlsServerTransport + trThreatIntelligenceServer *ThreatIntelligenceServerTransport trThreatIntelligenceIndicatorServer *ThreatIntelligenceIndicatorServerTransport trThreatIntelligenceIndicatorMetricsServer *ThreatIntelligenceIndicatorMetricsServerTransport trThreatIntelligenceIndicatorsServer *ThreatIntelligenceIndicatorsServerTransport + trTriggeredAnalyticsRuleRunServer *TriggeredAnalyticsRuleRunServerTransport + trUpdateServer *UpdateServerTransport trWatchlistItemsServer *WatchlistItemsServerTransport trWatchlistsServer *WatchlistsServerTransport + trWorkspaceManagerAssignmentJobsServer *WorkspaceManagerAssignmentJobsServerTransport + trWorkspaceManagerAssignmentsServer *WorkspaceManagerAssignmentsServerTransport + trWorkspaceManagerConfigurationsServer *WorkspaceManagerConfigurationsServerTransport + trWorkspaceManagerGroupsServer *WorkspaceManagerGroupsServerTransport + trWorkspaceManagerMembersServer *WorkspaceManagerMembersServerTransport } // Do implements the policy.Transporter interface for ServerFactoryTransport. @@ -85,6 +177,9 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { case "ActionsClient": initServer(s, &s.trActionsServer, func() *ActionsServerTransport { return NewActionsServerTransport(&s.srv.ActionsServer) }) resp, err = s.trActionsServer.Do(req) + case "AlertRuleClient": + initServer(s, &s.trAlertRuleServer, func() *AlertRuleServerTransport { return NewAlertRuleServerTransport(&s.srv.AlertRuleServer) }) + resp, err = s.trAlertRuleServer.Do(req) case "AlertRuleTemplatesClient": initServer(s, &s.trAlertRuleTemplatesServer, func() *AlertRuleTemplatesServerTransport { return NewAlertRuleTemplatesServerTransport(&s.srv.AlertRuleTemplatesServer) @@ -98,14 +193,121 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { return NewAutomationRulesServerTransport(&s.srv.AutomationRulesServer) }) resp, err = s.trAutomationRulesServer.Do(req) + case "BillingStatisticsClient": + initServer(s, &s.trBillingStatisticsServer, func() *BillingStatisticsServerTransport { + return NewBillingStatisticsServerTransport(&s.srv.BillingStatisticsServer) + }) + resp, err = s.trBillingStatisticsServer.Do(req) + case "BookmarkClient": + initServer(s, &s.trBookmarkServer, func() *BookmarkServerTransport { return NewBookmarkServerTransport(&s.srv.BookmarkServer) }) + resp, err = s.trBookmarkServer.Do(req) + case "BookmarkRelationsClient": + initServer(s, &s.trBookmarkRelationsServer, func() *BookmarkRelationsServerTransport { + return NewBookmarkRelationsServerTransport(&s.srv.BookmarkRelationsServer) + }) + resp, err = s.trBookmarkRelationsServer.Do(req) case "BookmarksClient": initServer(s, &s.trBookmarksServer, func() *BookmarksServerTransport { return NewBookmarksServerTransport(&s.srv.BookmarksServer) }) resp, err = s.trBookmarksServer.Do(req) + case "Client": + initServer(s, &s.trServer, func() *ServerTransport { return NewServerTransport(&s.srv.Server) }) + resp, err = s.trServer.Do(req) + case "ContentPackageClient": + initServer(s, &s.trContentPackageServer, func() *ContentPackageServerTransport { + return NewContentPackageServerTransport(&s.srv.ContentPackageServer) + }) + resp, err = s.trContentPackageServer.Do(req) + case "ContentPackagesClient": + initServer(s, &s.trContentPackagesServer, func() *ContentPackagesServerTransport { + return NewContentPackagesServerTransport(&s.srv.ContentPackagesServer) + }) + resp, err = s.trContentPackagesServer.Do(req) + case "ContentTemplateClient": + initServer(s, &s.trContentTemplateServer, func() *ContentTemplateServerTransport { + return NewContentTemplateServerTransport(&s.srv.ContentTemplateServer) + }) + resp, err = s.trContentTemplateServer.Do(req) + case "ContentTemplatesClient": + initServer(s, &s.trContentTemplatesServer, func() *ContentTemplatesServerTransport { + return NewContentTemplatesServerTransport(&s.srv.ContentTemplatesServer) + }) + resp, err = s.trContentTemplatesServer.Do(req) + case "DataConnectorDefinitionsClient": + initServer(s, &s.trDataConnectorDefinitionsServer, func() *DataConnectorDefinitionsServerTransport { + return NewDataConnectorDefinitionsServerTransport(&s.srv.DataConnectorDefinitionsServer) + }) + resp, err = s.trDataConnectorDefinitionsServer.Do(req) + case "DataConnectorsCheckRequirementsClient": + initServer(s, &s.trDataConnectorsCheckRequirementsServer, func() *DataConnectorsCheckRequirementsServerTransport { + return NewDataConnectorsCheckRequirementsServerTransport(&s.srv.DataConnectorsCheckRequirementsServer) + }) + resp, err = s.trDataConnectorsCheckRequirementsServer.Do(req) case "DataConnectorsClient": initServer(s, &s.trDataConnectorsServer, func() *DataConnectorsServerTransport { return NewDataConnectorsServerTransport(&s.srv.DataConnectorsServer) }) resp, err = s.trDataConnectorsServer.Do(req) + case "DomainWhoisClient": + initServer(s, &s.trDomainWhoisServer, func() *DomainWhoisServerTransport { return NewDomainWhoisServerTransport(&s.srv.DomainWhoisServer) }) + resp, err = s.trDomainWhoisServer.Do(req) + case "EntitiesClient": + initServer(s, &s.trEntitiesServer, func() *EntitiesServerTransport { return NewEntitiesServerTransport(&s.srv.EntitiesServer) }) + resp, err = s.trEntitiesServer.Do(req) + case "EntitiesGetTimelineClient": + initServer(s, &s.trEntitiesGetTimelineServer, func() *EntitiesGetTimelineServerTransport { + return NewEntitiesGetTimelineServerTransport(&s.srv.EntitiesGetTimelineServer) + }) + resp, err = s.trEntitiesGetTimelineServer.Do(req) + case "EntitiesRelationsClient": + initServer(s, &s.trEntitiesRelationsServer, func() *EntitiesRelationsServerTransport { + return NewEntitiesRelationsServerTransport(&s.srv.EntitiesRelationsServer) + }) + resp, err = s.trEntitiesRelationsServer.Do(req) + case "EntityQueriesClient": + initServer(s, &s.trEntityQueriesServer, func() *EntityQueriesServerTransport { + return NewEntityQueriesServerTransport(&s.srv.EntityQueriesServer) + }) + resp, err = s.trEntityQueriesServer.Do(req) + case "EntityQueryTemplatesClient": + initServer(s, &s.trEntityQueryTemplatesServer, func() *EntityQueryTemplatesServerTransport { + return NewEntityQueryTemplatesServerTransport(&s.srv.EntityQueryTemplatesServer) + }) + resp, err = s.trEntityQueryTemplatesServer.Do(req) + case "EntityRelationsClient": + initServer(s, &s.trEntityRelationsServer, func() *EntityRelationsServerTransport { + return NewEntityRelationsServerTransport(&s.srv.EntityRelationsServer) + }) + resp, err = s.trEntityRelationsServer.Do(req) + case "FileImportsClient": + initServer(s, &s.trFileImportsServer, func() *FileImportsServerTransport { return NewFileImportsServerTransport(&s.srv.FileImportsServer) }) + resp, err = s.trFileImportsServer.Do(req) + case "GetClient": + initServer(s, &s.trGetServer, func() *GetServerTransport { return NewGetServerTransport(&s.srv.GetServer) }) + resp, err = s.trGetServer.Do(req) + case "GetRecommendationsClient": + initServer(s, &s.trGetRecommendationsServer, func() *GetRecommendationsServerTransport { + return NewGetRecommendationsServerTransport(&s.srv.GetRecommendationsServer) + }) + resp, err = s.trGetRecommendationsServer.Do(req) + case "GetTriggeredAnalyticsRuleRunsClient": + initServer(s, &s.trGetTriggeredAnalyticsRuleRunsServer, func() *GetTriggeredAnalyticsRuleRunsServerTransport { + return NewGetTriggeredAnalyticsRuleRunsServerTransport(&s.srv.GetTriggeredAnalyticsRuleRunsServer) + }) + resp, err = s.trGetTriggeredAnalyticsRuleRunsServer.Do(req) + case "HuntCommentsClient": + initServer(s, &s.trHuntCommentsServer, func() *HuntCommentsServerTransport { return NewHuntCommentsServerTransport(&s.srv.HuntCommentsServer) }) + resp, err = s.trHuntCommentsServer.Do(req) + case "HuntRelationsClient": + initServer(s, &s.trHuntRelationsServer, func() *HuntRelationsServerTransport { + return NewHuntRelationsServerTransport(&s.srv.HuntRelationsServer) + }) + resp, err = s.trHuntRelationsServer.Do(req) + case "HuntsClient": + initServer(s, &s.trHuntsServer, func() *HuntsServerTransport { return NewHuntsServerTransport(&s.srv.HuntsServer) }) + resp, err = s.trHuntsServer.Do(req) + case "IPGeodataClient": + initServer(s, &s.trIPGeodataServer, func() *IPGeodataServerTransport { return NewIPGeodataServerTransport(&s.srv.IPGeodataServer) }) + resp, err = s.trIPGeodataServer.Do(req) case "IncidentCommentsClient": initServer(s, &s.trIncidentCommentsServer, func() *IncidentCommentsServerTransport { return NewIncidentCommentsServerTransport(&s.srv.IncidentCommentsServer) @@ -116,17 +318,78 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { return NewIncidentRelationsServerTransport(&s.srv.IncidentRelationsServer) }) resp, err = s.trIncidentRelationsServer.Do(req) + case "IncidentTasksClient": + initServer(s, &s.trIncidentTasksServer, func() *IncidentTasksServerTransport { + return NewIncidentTasksServerTransport(&s.srv.IncidentTasksServer) + }) + resp, err = s.trIncidentTasksServer.Do(req) case "IncidentsClient": initServer(s, &s.trIncidentsServer, func() *IncidentsServerTransport { return NewIncidentsServerTransport(&s.srv.IncidentsServer) }) resp, err = s.trIncidentsServer.Do(req) + case "MetadataClient": + initServer(s, &s.trMetadataServer, func() *MetadataServerTransport { return NewMetadataServerTransport(&s.srv.MetadataServer) }) + resp, err = s.trMetadataServer.Do(req) + case "OfficeConsentsClient": + initServer(s, &s.trOfficeConsentsServer, func() *OfficeConsentsServerTransport { + return NewOfficeConsentsServerTransport(&s.srv.OfficeConsentsServer) + }) + resp, err = s.trOfficeConsentsServer.Do(req) case "OperationsClient": initServer(s, &s.trOperationsServer, func() *OperationsServerTransport { return NewOperationsServerTransport(&s.srv.OperationsServer) }) resp, err = s.trOperationsServer.Do(req) + case "ProductPackageClient": + initServer(s, &s.trProductPackageServer, func() *ProductPackageServerTransport { + return NewProductPackageServerTransport(&s.srv.ProductPackageServer) + }) + resp, err = s.trProductPackageServer.Do(req) + case "ProductPackagesClient": + initServer(s, &s.trProductPackagesServer, func() *ProductPackagesServerTransport { + return NewProductPackagesServerTransport(&s.srv.ProductPackagesServer) + }) + resp, err = s.trProductPackagesServer.Do(req) + case "ProductSettingsClient": + initServer(s, &s.trProductSettingsServer, func() *ProductSettingsServerTransport { + return NewProductSettingsServerTransport(&s.srv.ProductSettingsServer) + }) + resp, err = s.trProductSettingsServer.Do(req) + case "ProductTemplateClient": + initServer(s, &s.trProductTemplateServer, func() *ProductTemplateServerTransport { + return NewProductTemplateServerTransport(&s.srv.ProductTemplateServer) + }) + resp, err = s.trProductTemplateServer.Do(req) + case "ProductTemplatesClient": + initServer(s, &s.trProductTemplatesServer, func() *ProductTemplatesServerTransport { + return NewProductTemplatesServerTransport(&s.srv.ProductTemplatesServer) + }) + resp, err = s.trProductTemplatesServer.Do(req) + case "ReevaluateClient": + initServer(s, &s.trReevaluateServer, func() *ReevaluateServerTransport { return NewReevaluateServerTransport(&s.srv.ReevaluateServer) }) + resp, err = s.trReevaluateServer.Do(req) + case "SecurityMLAnalyticsSettingsClient": + initServer(s, &s.trSecurityMLAnalyticsSettingsServer, func() *SecurityMLAnalyticsSettingsServerTransport { + return NewSecurityMLAnalyticsSettingsServerTransport(&s.srv.SecurityMLAnalyticsSettingsServer) + }) + resp, err = s.trSecurityMLAnalyticsSettingsServer.Do(req) case "SentinelOnboardingStatesClient": initServer(s, &s.trSentinelOnboardingStatesServer, func() *SentinelOnboardingStatesServerTransport { return NewSentinelOnboardingStatesServerTransport(&s.srv.SentinelOnboardingStatesServer) }) resp, err = s.trSentinelOnboardingStatesServer.Do(req) + case "SourceControlClient": + initServer(s, &s.trSourceControlServer, func() *SourceControlServerTransport { + return NewSourceControlServerTransport(&s.srv.SourceControlServer) + }) + resp, err = s.trSourceControlServer.Do(req) + case "SourceControlsClient": + initServer(s, &s.trSourceControlsServer, func() *SourceControlsServerTransport { + return NewSourceControlsServerTransport(&s.srv.SourceControlsServer) + }) + resp, err = s.trSourceControlsServer.Do(req) + case "ThreatIntelligenceClient": + initServer(s, &s.trThreatIntelligenceServer, func() *ThreatIntelligenceServerTransport { + return NewThreatIntelligenceServerTransport(&s.srv.ThreatIntelligenceServer) + }) + resp, err = s.trThreatIntelligenceServer.Do(req) case "ThreatIntelligenceIndicatorClient": initServer(s, &s.trThreatIntelligenceIndicatorServer, func() *ThreatIntelligenceIndicatorServerTransport { return NewThreatIntelligenceIndicatorServerTransport(&s.srv.ThreatIntelligenceIndicatorServer) @@ -142,6 +405,14 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { return NewThreatIntelligenceIndicatorsServerTransport(&s.srv.ThreatIntelligenceIndicatorsServer) }) resp, err = s.trThreatIntelligenceIndicatorsServer.Do(req) + case "TriggeredAnalyticsRuleRunClient": + initServer(s, &s.trTriggeredAnalyticsRuleRunServer, func() *TriggeredAnalyticsRuleRunServerTransport { + return NewTriggeredAnalyticsRuleRunServerTransport(&s.srv.TriggeredAnalyticsRuleRunServer) + }) + resp, err = s.trTriggeredAnalyticsRuleRunServer.Do(req) + case "UpdateClient": + initServer(s, &s.trUpdateServer, func() *UpdateServerTransport { return NewUpdateServerTransport(&s.srv.UpdateServer) }) + resp, err = s.trUpdateServer.Do(req) case "WatchlistItemsClient": initServer(s, &s.trWatchlistItemsServer, func() *WatchlistItemsServerTransport { return NewWatchlistItemsServerTransport(&s.srv.WatchlistItemsServer) @@ -150,6 +421,31 @@ func (s *ServerFactoryTransport) Do(req *http.Request) (*http.Response, error) { case "WatchlistsClient": initServer(s, &s.trWatchlistsServer, func() *WatchlistsServerTransport { return NewWatchlistsServerTransport(&s.srv.WatchlistsServer) }) resp, err = s.trWatchlistsServer.Do(req) + case "WorkspaceManagerAssignmentJobsClient": + initServer(s, &s.trWorkspaceManagerAssignmentJobsServer, func() *WorkspaceManagerAssignmentJobsServerTransport { + return NewWorkspaceManagerAssignmentJobsServerTransport(&s.srv.WorkspaceManagerAssignmentJobsServer) + }) + resp, err = s.trWorkspaceManagerAssignmentJobsServer.Do(req) + case "WorkspaceManagerAssignmentsClient": + initServer(s, &s.trWorkspaceManagerAssignmentsServer, func() *WorkspaceManagerAssignmentsServerTransport { + return NewWorkspaceManagerAssignmentsServerTransport(&s.srv.WorkspaceManagerAssignmentsServer) + }) + resp, err = s.trWorkspaceManagerAssignmentsServer.Do(req) + case "WorkspaceManagerConfigurationsClient": + initServer(s, &s.trWorkspaceManagerConfigurationsServer, func() *WorkspaceManagerConfigurationsServerTransport { + return NewWorkspaceManagerConfigurationsServerTransport(&s.srv.WorkspaceManagerConfigurationsServer) + }) + resp, err = s.trWorkspaceManagerConfigurationsServer.Do(req) + case "WorkspaceManagerGroupsClient": + initServer(s, &s.trWorkspaceManagerGroupsServer, func() *WorkspaceManagerGroupsServerTransport { + return NewWorkspaceManagerGroupsServerTransport(&s.srv.WorkspaceManagerGroupsServer) + }) + resp, err = s.trWorkspaceManagerGroupsServer.Do(req) + case "WorkspaceManagerMembersClient": + initServer(s, &s.trWorkspaceManagerMembersServer, func() *WorkspaceManagerMembersServerTransport { + return NewWorkspaceManagerMembersServerTransport(&s.srv.WorkspaceManagerMembersServer) + }) + resp, err = s.trWorkspaceManagerMembersServer.Do(req) default: err = fmt.Errorf("unhandled client %s", client) } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrol_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrol_server.go new file mode 100644 index 000000000000..77c6d098c754 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrol_server.go @@ -0,0 +1,116 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// SourceControlServer is a fake server for instances of the armsecurityinsights.SourceControlClient type. +type SourceControlServer struct { + // NewListRepositoriesPager is the fake for method SourceControlClient.NewListRepositoriesPager + // HTTP status codes to indicate success: http.StatusOK + NewListRepositoriesPager func(resourceGroupName string, workspaceName string, repositoryAccess armsecurityinsights.RepositoryAccessProperties, options *armsecurityinsights.SourceControlClientListRepositoriesOptions) (resp azfake.PagerResponder[armsecurityinsights.SourceControlClientListRepositoriesResponse]) +} + +// NewSourceControlServerTransport creates a new instance of SourceControlServerTransport with the provided implementation. +// The returned SourceControlServerTransport instance is connected to an instance of armsecurityinsights.SourceControlClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewSourceControlServerTransport(srv *SourceControlServer) *SourceControlServerTransport { + return &SourceControlServerTransport{ + srv: srv, + newListRepositoriesPager: newTracker[azfake.PagerResponder[armsecurityinsights.SourceControlClientListRepositoriesResponse]](), + } +} + +// SourceControlServerTransport connects instances of armsecurityinsights.SourceControlClient to instances of SourceControlServer. +// Don't use this type directly, use NewSourceControlServerTransport instead. +type SourceControlServerTransport struct { + srv *SourceControlServer + newListRepositoriesPager *tracker[azfake.PagerResponder[armsecurityinsights.SourceControlClientListRepositoriesResponse]] +} + +// Do implements the policy.Transporter interface for SourceControlServerTransport. +func (s *SourceControlServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "SourceControlClient.NewListRepositoriesPager": + resp, err = s.dispatchNewListRepositoriesPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (s *SourceControlServerTransport) dispatchNewListRepositoriesPager(req *http.Request) (*http.Response, error) { + if s.srv.NewListRepositoriesPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListRepositoriesPager not implemented")} + } + newListRepositoriesPager := s.newListRepositoriesPager.get(req) + if newListRepositoriesPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/listRepositories` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.RepositoryAccessProperties](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := s.srv.NewListRepositoriesPager(resourceGroupNameParam, workspaceNameParam, body, nil) + newListRepositoriesPager = &resp + s.newListRepositoriesPager.add(req, newListRepositoriesPager) + server.PagerResponderInjectNextLinks(newListRepositoriesPager, req, func(page *armsecurityinsights.SourceControlClientListRepositoriesResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListRepositoriesPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + s.newListRepositoriesPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListRepositoriesPager) { + s.newListRepositoriesPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrols_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrols_server.go new file mode 100644 index 000000000000..2200979250f5 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/sourcecontrols_server.go @@ -0,0 +1,250 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// SourceControlsServer is a fake server for instances of the armsecurityinsights.SourceControlsClient type. +type SourceControlsServer struct { + // Create is the fake for method SourceControlsClient.Create + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + Create func(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, sourceControl armsecurityinsights.SourceControl, options *armsecurityinsights.SourceControlsClientCreateOptions) (resp azfake.Responder[armsecurityinsights.SourceControlsClientCreateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method SourceControlsClient.Delete + // HTTP status codes to indicate success: http.StatusOK + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, repositoryAccess armsecurityinsights.RepositoryAccessProperties, options *armsecurityinsights.SourceControlsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.SourceControlsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method SourceControlsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, options *armsecurityinsights.SourceControlsClientGetOptions) (resp azfake.Responder[armsecurityinsights.SourceControlsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method SourceControlsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.SourceControlsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.SourceControlsClientListResponse]) +} + +// NewSourceControlsServerTransport creates a new instance of SourceControlsServerTransport with the provided implementation. +// The returned SourceControlsServerTransport instance is connected to an instance of armsecurityinsights.SourceControlsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewSourceControlsServerTransport(srv *SourceControlsServer) *SourceControlsServerTransport { + return &SourceControlsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.SourceControlsClientListResponse]](), + } +} + +// SourceControlsServerTransport connects instances of armsecurityinsights.SourceControlsClient to instances of SourceControlsServer. +// Don't use this type directly, use NewSourceControlsServerTransport instead. +type SourceControlsServerTransport struct { + srv *SourceControlsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.SourceControlsClientListResponse]] +} + +// Do implements the policy.Transporter interface for SourceControlsServerTransport. +func (s *SourceControlsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "SourceControlsClient.Create": + resp, err = s.dispatchCreate(req) + case "SourceControlsClient.Delete": + resp, err = s.dispatchDelete(req) + case "SourceControlsClient.Get": + resp, err = s.dispatchGet(req) + case "SourceControlsClient.NewListPager": + resp, err = s.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (s *SourceControlsServerTransport) dispatchCreate(req *http.Request) (*http.Response, error) { + if s.srv.Create == nil { + return nil, &nonRetriableError{errors.New("fake for method Create not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/sourcecontrols/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.SourceControl](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + sourceControlIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("sourceControlId")]) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.Create(req.Context(), resourceGroupNameParam, workspaceNameParam, sourceControlIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SourceControl, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *SourceControlsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if s.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/sourcecontrols/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/delete` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.RepositoryAccessProperties](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + sourceControlIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("sourceControlId")]) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, sourceControlIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Warning, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *SourceControlsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if s.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/sourcecontrols/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + sourceControlIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("sourceControlId")]) + if err != nil { + return nil, err + } + respr, errRespr := s.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, sourceControlIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).SourceControl, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (s *SourceControlsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if s.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := s.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/sourcecontrols` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + resp := s.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, nil) + newListPager = &resp + s.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.SourceControlsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + s.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + s.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligence_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligence_server.go new file mode 100644 index 000000000000..3a34099519bb --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligence_server.go @@ -0,0 +1,193 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "reflect" + "regexp" +) + +// ThreatIntelligenceServer is a fake server for instances of the armsecurityinsights.ThreatIntelligenceClient type. +type ThreatIntelligenceServer struct { + // Count is the fake for method ThreatIntelligenceClient.Count + // HTTP status codes to indicate success: http.StatusOK + Count func(ctx context.Context, resourceGroupName string, workspaceName string, tiType armsecurityinsights.TiType, options *armsecurityinsights.ThreatIntelligenceClientCountOptions) (resp azfake.Responder[armsecurityinsights.ThreatIntelligenceClientCountResponse], errResp azfake.ErrorResponder) + + // NewQueryPager is the fake for method ThreatIntelligenceClient.NewQueryPager + // HTTP status codes to indicate success: http.StatusOK + NewQueryPager func(resourceGroupName string, workspaceName string, tiType armsecurityinsights.TiType, options *armsecurityinsights.ThreatIntelligenceClientQueryOptions) (resp azfake.PagerResponder[armsecurityinsights.ThreatIntelligenceClientQueryResponse]) +} + +// NewThreatIntelligenceServerTransport creates a new instance of ThreatIntelligenceServerTransport with the provided implementation. +// The returned ThreatIntelligenceServerTransport instance is connected to an instance of armsecurityinsights.ThreatIntelligenceClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewThreatIntelligenceServerTransport(srv *ThreatIntelligenceServer) *ThreatIntelligenceServerTransport { + return &ThreatIntelligenceServerTransport{ + srv: srv, + newQueryPager: newTracker[azfake.PagerResponder[armsecurityinsights.ThreatIntelligenceClientQueryResponse]](), + } +} + +// ThreatIntelligenceServerTransport connects instances of armsecurityinsights.ThreatIntelligenceClient to instances of ThreatIntelligenceServer. +// Don't use this type directly, use NewThreatIntelligenceServerTransport instead. +type ThreatIntelligenceServerTransport struct { + srv *ThreatIntelligenceServer + newQueryPager *tracker[azfake.PagerResponder[armsecurityinsights.ThreatIntelligenceClientQueryResponse]] +} + +// Do implements the policy.Transporter interface for ThreatIntelligenceServerTransport. +func (t *ThreatIntelligenceServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "ThreatIntelligenceClient.Count": + resp, err = t.dispatchCount(req) + case "ThreatIntelligenceClient.NewQueryPager": + resp, err = t.dispatchNewQueryPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (t *ThreatIntelligenceServerTransport) dispatchCount(req *http.Request) (*http.Response, error) { + if t.srv.Count == nil { + return nil, &nonRetriableError{errors.New("fake for method Count not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/threatIntelligence/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/count` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.Query](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + tiTypeParam, err := parseWithCast(matches[regex.SubexpIndex("tiType")], func(v string) (armsecurityinsights.TiType, error) { + p, unescapeErr := url.PathUnescape(v) + if unescapeErr != nil { + return "", unescapeErr + } + return armsecurityinsights.TiType(p), nil + }) + if err != nil { + return nil, err + } + var options *armsecurityinsights.ThreatIntelligenceClientCountOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.ThreatIntelligenceClientCountOptions{ + Query: &body, + } + } + respr, errRespr := t.srv.Count(req.Context(), resourceGroupNameParam, workspaceNameParam, tiTypeParam, options) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).ThreatIntelligenceCount, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (t *ThreatIntelligenceServerTransport) dispatchNewQueryPager(req *http.Request) (*http.Response, error) { + if t.srv.NewQueryPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewQueryPager not implemented")} + } + newQueryPager := t.newQueryPager.get(req) + if newQueryPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/threatIntelligence/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/query` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.QueryAutoGenerated](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + tiTypeParam, err := parseWithCast(matches[regex.SubexpIndex("tiType")], func(v string) (armsecurityinsights.TiType, error) { + p, unescapeErr := url.PathUnescape(v) + if unescapeErr != nil { + return "", unescapeErr + } + return armsecurityinsights.TiType(p), nil + }) + if err != nil { + return nil, err + } + var options *armsecurityinsights.ThreatIntelligenceClientQueryOptions + if !reflect.ValueOf(body).IsZero() { + options = &armsecurityinsights.ThreatIntelligenceClientQueryOptions{ + Query: &body, + } + } + resp := t.srv.NewQueryPager(resourceGroupNameParam, workspaceNameParam, tiTypeParam, options) + newQueryPager = &resp + t.newQueryPager.add(req, newQueryPager) + server.PagerResponderInjectNextLinks(newQueryPager, req, func(page *armsecurityinsights.ThreatIntelligenceClientQueryResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newQueryPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + t.newQueryPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newQueryPager) { + t.newQueryPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicator_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicator_server.go index d0f66dc74ae5..8aea153a5f09 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicator_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicator_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicatormetrics_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicatormetrics_server.go index 8a9b08de8cc3..c00038ab36df 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicatormetrics_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicatormetrics_server.go @@ -15,7 +15,7 @@ import ( azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicators_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicators_server.go index 780dae918704..f7c7bffdbd79 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicators_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/threatintelligenceindicators_server.go @@ -15,7 +15,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" @@ -97,6 +97,11 @@ func (t *ThreatIntelligenceIndicatorsServerTransport) dispatchNewListPager(req * return nil, err } filterParam := getOptional(filterUnescaped) + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) topUnescaped, err := url.QueryUnescape(qp.Get("$top")) if err != nil { return nil, err @@ -116,18 +121,13 @@ func (t *ThreatIntelligenceIndicatorsServerTransport) dispatchNewListPager(req * return nil, err } skipTokenParam := getOptional(skipTokenUnescaped) - orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) - if err != nil { - return nil, err - } - orderbyParam := getOptional(orderbyUnescaped) var options *armsecurityinsights.ThreatIntelligenceIndicatorsClientListOptions - if filterParam != nil || topParam != nil || skipTokenParam != nil || orderbyParam != nil { + if filterParam != nil || orderbyParam != nil || topParam != nil || skipTokenParam != nil { options = &armsecurityinsights.ThreatIntelligenceIndicatorsClientListOptions{ Filter: filterParam, + Orderby: orderbyParam, Top: topParam, SkipToken: skipTokenParam, - Orderby: orderbyParam, } } resp := t.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/time_rfc3339.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/time_rfc3339.go index b0535a7b63e6..81f308b0d343 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/time_rfc3339.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/time_rfc3339.go @@ -19,12 +19,16 @@ import ( ) // Azure reports time in UTC but it doesn't include the 'Z' time zone suffix in some cases. -var tzOffsetRegex = regexp.MustCompile(`(Z|z|\+|-)(\d+:\d+)*"*$`) +var tzOffsetRegex = regexp.MustCompile(`(?:Z|z|\+|-)(?:\d+:\d+)*"*$`) const ( - utcDateTimeJSON = `"2006-01-02T15:04:05.999999999"` - utcDateTime = "2006-01-02T15:04:05.999999999" - dateTimeJSON = `"` + time.RFC3339Nano + `"` + utcDateTime = "2006-01-02T15:04:05.999999999" + utcDateTimeJSON = `"` + utcDateTime + `"` + utcDateTimeNoT = "2006-01-02 15:04:05.999999999" + utcDateTimeJSONNoT = `"` + utcDateTimeNoT + `"` + dateTimeNoT = `2006-01-02 15:04:05.999999999Z07:00` + dateTimeJSON = `"` + time.RFC3339Nano + `"` + dateTimeJSONNoT = `"` + dateTimeNoT + `"` ) type dateTimeRFC3339 time.Time @@ -40,17 +44,33 @@ func (t dateTimeRFC3339) MarshalText() ([]byte, error) { } func (t *dateTimeRFC3339) UnmarshalJSON(data []byte) error { - layout := utcDateTimeJSON - if tzOffsetRegex.Match(data) { + tzOffset := tzOffsetRegex.Match(data) + hasT := strings.Contains(string(data), "T") || strings.Contains(string(data), "t") + var layout string + if tzOffset && hasT { layout = dateTimeJSON + } else if tzOffset { + layout = dateTimeJSONNoT + } else if hasT { + layout = utcDateTimeJSON + } else { + layout = utcDateTimeJSONNoT } return t.Parse(layout, string(data)) } func (t *dateTimeRFC3339) UnmarshalText(data []byte) error { - layout := utcDateTime - if tzOffsetRegex.Match(data) { + tzOffset := tzOffsetRegex.Match(data) + hasT := strings.Contains(string(data), "T") || strings.Contains(string(data), "t") + var layout string + if tzOffset && hasT { layout = time.RFC3339Nano + } else if tzOffset { + layout = dateTimeNoT + } else if hasT { + layout = utcDateTime + } else { + layout = utcDateTimeNoT } return t.Parse(layout, string(data)) } @@ -61,6 +81,10 @@ func (t *dateTimeRFC3339) Parse(layout, value string) error { return err } +func (t dateTimeRFC3339) String() string { + return time.Time(t).Format(time.RFC3339Nano) +} + func populateDateTimeRFC3339(m map[string]any, k string, t *time.Time) { if t == nil { return @@ -74,7 +98,7 @@ func populateDateTimeRFC3339(m map[string]any, k string, t *time.Time) { } func unpopulateDateTimeRFC3339(data json.RawMessage, fn string, t **time.Time) error { - if data == nil || strings.EqualFold(string(data), "null") { + if data == nil || string(data) == "null" { return nil } var aux dateTimeRFC3339 diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/triggeredanalyticsrulerun_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/triggeredanalyticsrulerun_server.go new file mode 100644 index 000000000000..ec1ec6ea8ca8 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/triggeredanalyticsrulerun_server.go @@ -0,0 +1,104 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// TriggeredAnalyticsRuleRunServer is a fake server for instances of the armsecurityinsights.TriggeredAnalyticsRuleRunClient type. +type TriggeredAnalyticsRuleRunServer struct { + // Get is the fake for method TriggeredAnalyticsRuleRunClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, ruleRunID string, options *armsecurityinsights.TriggeredAnalyticsRuleRunClientGetOptions) (resp azfake.Responder[armsecurityinsights.TriggeredAnalyticsRuleRunClientGetResponse], errResp azfake.ErrorResponder) +} + +// NewTriggeredAnalyticsRuleRunServerTransport creates a new instance of TriggeredAnalyticsRuleRunServerTransport with the provided implementation. +// The returned TriggeredAnalyticsRuleRunServerTransport instance is connected to an instance of armsecurityinsights.TriggeredAnalyticsRuleRunClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewTriggeredAnalyticsRuleRunServerTransport(srv *TriggeredAnalyticsRuleRunServer) *TriggeredAnalyticsRuleRunServerTransport { + return &TriggeredAnalyticsRuleRunServerTransport{srv: srv} +} + +// TriggeredAnalyticsRuleRunServerTransport connects instances of armsecurityinsights.TriggeredAnalyticsRuleRunClient to instances of TriggeredAnalyticsRuleRunServer. +// Don't use this type directly, use NewTriggeredAnalyticsRuleRunServerTransport instead. +type TriggeredAnalyticsRuleRunServerTransport struct { + srv *TriggeredAnalyticsRuleRunServer +} + +// Do implements the policy.Transporter interface for TriggeredAnalyticsRuleRunServerTransport. +func (t *TriggeredAnalyticsRuleRunServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "TriggeredAnalyticsRuleRunClient.Get": + resp, err = t.dispatchGet(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (t *TriggeredAnalyticsRuleRunServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if t.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/triggeredAnalyticsRuleRuns/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + ruleRunIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("ruleRunId")]) + if err != nil { + return nil, err + } + respr, errRespr := t.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, ruleRunIDParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).TriggeredAnalyticsRuleRun, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/update_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/update_server.go new file mode 100644 index 000000000000..79ee10a58510 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/update_server.go @@ -0,0 +1,108 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" +) + +// UpdateServer is a fake server for instances of the armsecurityinsights.UpdateClient type. +type UpdateServer struct { + // Recommendation is the fake for method UpdateClient.Recommendation + // HTTP status codes to indicate success: http.StatusOK + Recommendation func(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, recommendationPatch armsecurityinsights.RecommendationPatch, options *armsecurityinsights.UpdateClientRecommendationOptions) (resp azfake.Responder[armsecurityinsights.UpdateClientRecommendationResponse], errResp azfake.ErrorResponder) +} + +// NewUpdateServerTransport creates a new instance of UpdateServerTransport with the provided implementation. +// The returned UpdateServerTransport instance is connected to an instance of armsecurityinsights.UpdateClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewUpdateServerTransport(srv *UpdateServer) *UpdateServerTransport { + return &UpdateServerTransport{srv: srv} +} + +// UpdateServerTransport connects instances of armsecurityinsights.UpdateClient to instances of UpdateServer. +// Don't use this type directly, use NewUpdateServerTransport instead. +type UpdateServerTransport struct { + srv *UpdateServer +} + +// Do implements the policy.Transporter interface for UpdateServerTransport. +func (u *UpdateServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "UpdateClient.Recommendation": + resp, err = u.dispatchRecommendation(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (u *UpdateServerTransport) dispatchRecommendation(req *http.Request) (*http.Response, error) { + if u.srv.Recommendation == nil { + return nil, &nonRetriableError{errors.New("fake for method Recommendation not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/recommendations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.RecommendationPatch](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + recommendationIDParam, err := url.PathUnescape(matches[regex.SubexpIndex("recommendationId")]) + if err != nil { + return nil, err + } + respr, errRespr := u.srv.Recommendation(req.Context(), resourceGroupNameParam, workspaceNameParam, recommendationIDParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Recommendation, req) + if err != nil { + return nil, err + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlistitems_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlistitems_server.go index f061d383be3c..232fb7d36c9f 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlistitems_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlistitems_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" @@ -237,15 +237,15 @@ func (w *WatchlistItemsServerTransport) dispatchNewListPager(req *http.Request) if err != nil { return nil, err } - watchlistAliasParam, err := url.PathUnescape(matches[regex.SubexpIndex("watchlistAlias")]) + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) if err != nil { return nil, err } - skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + skipTokenParam := getOptional(skipTokenUnescaped) + watchlistAliasParam, err := url.PathUnescape(matches[regex.SubexpIndex("watchlistAlias")]) if err != nil { return nil, err } - skipTokenParam := getOptional(skipTokenUnescaped) var options *armsecurityinsights.WatchlistItemsClientListOptions if skipTokenParam != nil { options = &armsecurityinsights.WatchlistItemsClientListOptions{ diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlists_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlists_server.go index 0a4f0248a9a8..5be204935ce8 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlists_server.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/watchlists_server.go @@ -16,7 +16,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" "net/http" "net/url" "regexp" @@ -127,6 +127,9 @@ func (w *WatchlistsServerTransport) dispatchCreateOrUpdate(req *http.Request) (* if err != nil { return nil, err } + if val := server.GetResponse(respr).AzureAsyncOperation; val != nil { + resp.Header.Set("Azure-AsyncOperation", *val) + } return resp, nil } @@ -164,6 +167,9 @@ func (w *WatchlistsServerTransport) dispatchDelete(req *http.Request) (*http.Res if err != nil { return nil, err } + if val := server.GetResponse(respr).AzureAsyncOperation; val != nil { + resp.Header.Set("Azure-AsyncOperation", *val) + } return resp, nil } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignmentjobs_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignmentjobs_server.go new file mode 100644 index 000000000000..5f20ba26a394 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignmentjobs_server.go @@ -0,0 +1,288 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// WorkspaceManagerAssignmentJobsServer is a fake server for instances of the armsecurityinsights.WorkspaceManagerAssignmentJobsClient type. +type WorkspaceManagerAssignmentJobsServer struct { + // Create is the fake for method WorkspaceManagerAssignmentJobsClient.Create + // HTTP status codes to indicate success: http.StatusOK + Create func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *armsecurityinsights.WorkspaceManagerAssignmentJobsClientCreateOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientCreateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method WorkspaceManagerAssignmentJobsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, options *armsecurityinsights.WorkspaceManagerAssignmentJobsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method WorkspaceManagerAssignmentJobsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, options *armsecurityinsights.WorkspaceManagerAssignmentJobsClientGetOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method WorkspaceManagerAssignmentJobsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *armsecurityinsights.WorkspaceManagerAssignmentJobsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientListResponse]) +} + +// NewWorkspaceManagerAssignmentJobsServerTransport creates a new instance of WorkspaceManagerAssignmentJobsServerTransport with the provided implementation. +// The returned WorkspaceManagerAssignmentJobsServerTransport instance is connected to an instance of armsecurityinsights.WorkspaceManagerAssignmentJobsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewWorkspaceManagerAssignmentJobsServerTransport(srv *WorkspaceManagerAssignmentJobsServer) *WorkspaceManagerAssignmentJobsServerTransport { + return &WorkspaceManagerAssignmentJobsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientListResponse]](), + } +} + +// WorkspaceManagerAssignmentJobsServerTransport connects instances of armsecurityinsights.WorkspaceManagerAssignmentJobsClient to instances of WorkspaceManagerAssignmentJobsServer. +// Don't use this type directly, use NewWorkspaceManagerAssignmentJobsServerTransport instead. +type WorkspaceManagerAssignmentJobsServerTransport struct { + srv *WorkspaceManagerAssignmentJobsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentJobsClientListResponse]] +} + +// Do implements the policy.Transporter interface for WorkspaceManagerAssignmentJobsServerTransport. +func (w *WorkspaceManagerAssignmentJobsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "WorkspaceManagerAssignmentJobsClient.Create": + resp, err = w.dispatchCreate(req) + case "WorkspaceManagerAssignmentJobsClient.Delete": + resp, err = w.dispatchDelete(req) + case "WorkspaceManagerAssignmentJobsClient.Get": + resp, err = w.dispatchGet(req) + case "WorkspaceManagerAssignmentJobsClient.NewListPager": + resp, err = w.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (w *WorkspaceManagerAssignmentJobsServerTransport) dispatchCreate(req *http.Request) (*http.Response, error) { + if w.srv.Create == nil { + return nil, &nonRetriableError{errors.New("fake for method Create not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/jobs` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Create(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Job, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentJobsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if w.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/jobs/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + jobNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("jobName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, jobNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentJobsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if w.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/jobs/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 5 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + jobNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("jobName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, jobNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).Job, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentJobsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if w.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := w.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/jobs` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.WorkspaceManagerAssignmentJobsClientListOptions + if orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.WorkspaceManagerAssignmentJobsClientListOptions{ + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := w.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, options) + newListPager = &resp + w.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.WorkspaceManagerAssignmentJobsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + w.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + w.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignments_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignments_server.go new file mode 100644 index 000000000000..f225acd5aef5 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerassignments_server.go @@ -0,0 +1,280 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// WorkspaceManagerAssignmentsServer is a fake server for instances of the armsecurityinsights.WorkspaceManagerAssignmentsClient type. +type WorkspaceManagerAssignmentsServer struct { + // CreateOrUpdate is the fake for method WorkspaceManagerAssignmentsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, workspaceManagerAssignment armsecurityinsights.WorkspaceManagerAssignment, options *armsecurityinsights.WorkspaceManagerAssignmentsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method WorkspaceManagerAssignmentsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *armsecurityinsights.WorkspaceManagerAssignmentsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method WorkspaceManagerAssignmentsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *armsecurityinsights.WorkspaceManagerAssignmentsClientGetOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerAssignmentsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method WorkspaceManagerAssignmentsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.WorkspaceManagerAssignmentsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentsClientListResponse]) +} + +// NewWorkspaceManagerAssignmentsServerTransport creates a new instance of WorkspaceManagerAssignmentsServerTransport with the provided implementation. +// The returned WorkspaceManagerAssignmentsServerTransport instance is connected to an instance of armsecurityinsights.WorkspaceManagerAssignmentsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewWorkspaceManagerAssignmentsServerTransport(srv *WorkspaceManagerAssignmentsServer) *WorkspaceManagerAssignmentsServerTransport { + return &WorkspaceManagerAssignmentsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentsClientListResponse]](), + } +} + +// WorkspaceManagerAssignmentsServerTransport connects instances of armsecurityinsights.WorkspaceManagerAssignmentsClient to instances of WorkspaceManagerAssignmentsServer. +// Don't use this type directly, use NewWorkspaceManagerAssignmentsServerTransport instead. +type WorkspaceManagerAssignmentsServerTransport struct { + srv *WorkspaceManagerAssignmentsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerAssignmentsClientListResponse]] +} + +// Do implements the policy.Transporter interface for WorkspaceManagerAssignmentsServerTransport. +func (w *WorkspaceManagerAssignmentsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "WorkspaceManagerAssignmentsClient.CreateOrUpdate": + resp, err = w.dispatchCreateOrUpdate(req) + case "WorkspaceManagerAssignmentsClient.Delete": + resp, err = w.dispatchDelete(req) + case "WorkspaceManagerAssignmentsClient.Get": + resp, err = w.dispatchGet(req) + case "WorkspaceManagerAssignmentsClient.NewListPager": + resp, err = w.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (w *WorkspaceManagerAssignmentsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if w.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.WorkspaceManagerAssignment](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerAssignment, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if w.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if w.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerAssignmentNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerAssignmentName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerAssignmentNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerAssignment, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerAssignmentsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if w.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := w.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerAssignments` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.WorkspaceManagerAssignmentsClientListOptions + if orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.WorkspaceManagerAssignmentsClientListOptions{ + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := w.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + w.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.WorkspaceManagerAssignmentsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + w.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + w.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerconfigurations_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerconfigurations_server.go new file mode 100644 index 000000000000..84684a4360ef --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagerconfigurations_server.go @@ -0,0 +1,280 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// WorkspaceManagerConfigurationsServer is a fake server for instances of the armsecurityinsights.WorkspaceManagerConfigurationsClient type. +type WorkspaceManagerConfigurationsServer struct { + // CreateOrUpdate is the fake for method WorkspaceManagerConfigurationsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, workspaceManagerConfiguration armsecurityinsights.WorkspaceManagerConfiguration, options *armsecurityinsights.WorkspaceManagerConfigurationsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerConfigurationsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method WorkspaceManagerConfigurationsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, options *armsecurityinsights.WorkspaceManagerConfigurationsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerConfigurationsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method WorkspaceManagerConfigurationsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, options *armsecurityinsights.WorkspaceManagerConfigurationsClientGetOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerConfigurationsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method WorkspaceManagerConfigurationsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.WorkspaceManagerConfigurationsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.WorkspaceManagerConfigurationsClientListResponse]) +} + +// NewWorkspaceManagerConfigurationsServerTransport creates a new instance of WorkspaceManagerConfigurationsServerTransport with the provided implementation. +// The returned WorkspaceManagerConfigurationsServerTransport instance is connected to an instance of armsecurityinsights.WorkspaceManagerConfigurationsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewWorkspaceManagerConfigurationsServerTransport(srv *WorkspaceManagerConfigurationsServer) *WorkspaceManagerConfigurationsServerTransport { + return &WorkspaceManagerConfigurationsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerConfigurationsClientListResponse]](), + } +} + +// WorkspaceManagerConfigurationsServerTransport connects instances of armsecurityinsights.WorkspaceManagerConfigurationsClient to instances of WorkspaceManagerConfigurationsServer. +// Don't use this type directly, use NewWorkspaceManagerConfigurationsServerTransport instead. +type WorkspaceManagerConfigurationsServerTransport struct { + srv *WorkspaceManagerConfigurationsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerConfigurationsClientListResponse]] +} + +// Do implements the policy.Transporter interface for WorkspaceManagerConfigurationsServerTransport. +func (w *WorkspaceManagerConfigurationsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "WorkspaceManagerConfigurationsClient.CreateOrUpdate": + resp, err = w.dispatchCreateOrUpdate(req) + case "WorkspaceManagerConfigurationsClient.Delete": + resp, err = w.dispatchDelete(req) + case "WorkspaceManagerConfigurationsClient.Get": + resp, err = w.dispatchGet(req) + case "WorkspaceManagerConfigurationsClient.NewListPager": + resp, err = w.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (w *WorkspaceManagerConfigurationsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if w.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerConfigurations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.WorkspaceManagerConfiguration](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerConfigurationNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerConfigurationName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerConfigurationNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerConfiguration, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerConfigurationsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if w.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerConfigurations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerConfigurationNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerConfigurationName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerConfigurationNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerConfigurationsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if w.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerConfigurations/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerConfigurationNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerConfigurationName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerConfigurationNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerConfiguration, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerConfigurationsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if w.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := w.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerConfigurations` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.WorkspaceManagerConfigurationsClientListOptions + if orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.WorkspaceManagerConfigurationsClientListOptions{ + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := w.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + w.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.WorkspaceManagerConfigurationsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + w.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + w.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagergroups_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagergroups_server.go new file mode 100644 index 000000000000..13e5dc6380d6 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagergroups_server.go @@ -0,0 +1,280 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// WorkspaceManagerGroupsServer is a fake server for instances of the armsecurityinsights.WorkspaceManagerGroupsClient type. +type WorkspaceManagerGroupsServer struct { + // CreateOrUpdate is the fake for method WorkspaceManagerGroupsClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, workspaceManagerGroup armsecurityinsights.WorkspaceManagerGroup, options *armsecurityinsights.WorkspaceManagerGroupsClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerGroupsClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method WorkspaceManagerGroupsClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, options *armsecurityinsights.WorkspaceManagerGroupsClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerGroupsClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method WorkspaceManagerGroupsClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, options *armsecurityinsights.WorkspaceManagerGroupsClientGetOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerGroupsClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method WorkspaceManagerGroupsClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.WorkspaceManagerGroupsClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.WorkspaceManagerGroupsClientListResponse]) +} + +// NewWorkspaceManagerGroupsServerTransport creates a new instance of WorkspaceManagerGroupsServerTransport with the provided implementation. +// The returned WorkspaceManagerGroupsServerTransport instance is connected to an instance of armsecurityinsights.WorkspaceManagerGroupsClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewWorkspaceManagerGroupsServerTransport(srv *WorkspaceManagerGroupsServer) *WorkspaceManagerGroupsServerTransport { + return &WorkspaceManagerGroupsServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerGroupsClientListResponse]](), + } +} + +// WorkspaceManagerGroupsServerTransport connects instances of armsecurityinsights.WorkspaceManagerGroupsClient to instances of WorkspaceManagerGroupsServer. +// Don't use this type directly, use NewWorkspaceManagerGroupsServerTransport instead. +type WorkspaceManagerGroupsServerTransport struct { + srv *WorkspaceManagerGroupsServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerGroupsClientListResponse]] +} + +// Do implements the policy.Transporter interface for WorkspaceManagerGroupsServerTransport. +func (w *WorkspaceManagerGroupsServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "WorkspaceManagerGroupsClient.CreateOrUpdate": + resp, err = w.dispatchCreateOrUpdate(req) + case "WorkspaceManagerGroupsClient.Delete": + resp, err = w.dispatchDelete(req) + case "WorkspaceManagerGroupsClient.Get": + resp, err = w.dispatchGet(req) + case "WorkspaceManagerGroupsClient.NewListPager": + resp, err = w.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (w *WorkspaceManagerGroupsServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if w.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.WorkspaceManagerGroup](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerGroupName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerGroupNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerGroup, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerGroupsServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if w.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerGroupName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerGroupNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerGroupsServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if w.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerGroupName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerGroupNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerGroup, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerGroupsServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if w.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := w.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerGroups` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.WorkspaceManagerGroupsClientListOptions + if orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.WorkspaceManagerGroupsClientListOptions{ + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := w.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + w.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.WorkspaceManagerGroupsClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + w.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + w.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagermembers_server.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagermembers_server.go new file mode 100644 index 000000000000..8c95db8cb0e0 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fake/workspacemanagermembers_server.go @@ -0,0 +1,280 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package fake + +import ( + "context" + "errors" + "fmt" + azfake "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/fake/server" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2" + "net/http" + "net/url" + "regexp" + "strconv" +) + +// WorkspaceManagerMembersServer is a fake server for instances of the armsecurityinsights.WorkspaceManagerMembersClient type. +type WorkspaceManagerMembersServer struct { + // CreateOrUpdate is the fake for method WorkspaceManagerMembersClient.CreateOrUpdate + // HTTP status codes to indicate success: http.StatusOK, http.StatusCreated + CreateOrUpdate func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, workspaceManagerMember armsecurityinsights.WorkspaceManagerMember, options *armsecurityinsights.WorkspaceManagerMembersClientCreateOrUpdateOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerMembersClientCreateOrUpdateResponse], errResp azfake.ErrorResponder) + + // Delete is the fake for method WorkspaceManagerMembersClient.Delete + // HTTP status codes to indicate success: http.StatusOK, http.StatusNoContent + Delete func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, options *armsecurityinsights.WorkspaceManagerMembersClientDeleteOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerMembersClientDeleteResponse], errResp azfake.ErrorResponder) + + // Get is the fake for method WorkspaceManagerMembersClient.Get + // HTTP status codes to indicate success: http.StatusOK + Get func(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, options *armsecurityinsights.WorkspaceManagerMembersClientGetOptions) (resp azfake.Responder[armsecurityinsights.WorkspaceManagerMembersClientGetResponse], errResp azfake.ErrorResponder) + + // NewListPager is the fake for method WorkspaceManagerMembersClient.NewListPager + // HTTP status codes to indicate success: http.StatusOK + NewListPager func(resourceGroupName string, workspaceName string, options *armsecurityinsights.WorkspaceManagerMembersClientListOptions) (resp azfake.PagerResponder[armsecurityinsights.WorkspaceManagerMembersClientListResponse]) +} + +// NewWorkspaceManagerMembersServerTransport creates a new instance of WorkspaceManagerMembersServerTransport with the provided implementation. +// The returned WorkspaceManagerMembersServerTransport instance is connected to an instance of armsecurityinsights.WorkspaceManagerMembersClient via the +// azcore.ClientOptions.Transporter field in the client's constructor parameters. +func NewWorkspaceManagerMembersServerTransport(srv *WorkspaceManagerMembersServer) *WorkspaceManagerMembersServerTransport { + return &WorkspaceManagerMembersServerTransport{ + srv: srv, + newListPager: newTracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerMembersClientListResponse]](), + } +} + +// WorkspaceManagerMembersServerTransport connects instances of armsecurityinsights.WorkspaceManagerMembersClient to instances of WorkspaceManagerMembersServer. +// Don't use this type directly, use NewWorkspaceManagerMembersServerTransport instead. +type WorkspaceManagerMembersServerTransport struct { + srv *WorkspaceManagerMembersServer + newListPager *tracker[azfake.PagerResponder[armsecurityinsights.WorkspaceManagerMembersClientListResponse]] +} + +// Do implements the policy.Transporter interface for WorkspaceManagerMembersServerTransport. +func (w *WorkspaceManagerMembersServerTransport) Do(req *http.Request) (*http.Response, error) { + rawMethod := req.Context().Value(runtime.CtxAPINameKey{}) + method, ok := rawMethod.(string) + if !ok { + return nil, nonRetriableError{errors.New("unable to dispatch request, missing value for CtxAPINameKey")} + } + + var resp *http.Response + var err error + + switch method { + case "WorkspaceManagerMembersClient.CreateOrUpdate": + resp, err = w.dispatchCreateOrUpdate(req) + case "WorkspaceManagerMembersClient.Delete": + resp, err = w.dispatchDelete(req) + case "WorkspaceManagerMembersClient.Get": + resp, err = w.dispatchGet(req) + case "WorkspaceManagerMembersClient.NewListPager": + resp, err = w.dispatchNewListPager(req) + default: + err = fmt.Errorf("unhandled API %s", method) + } + + if err != nil { + return nil, err + } + + return resp, nil +} + +func (w *WorkspaceManagerMembersServerTransport) dispatchCreateOrUpdate(req *http.Request) (*http.Response, error) { + if w.srv.CreateOrUpdate == nil { + return nil, &nonRetriableError{errors.New("fake for method CreateOrUpdate not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerMembers/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + body, err := server.UnmarshalRequestAsJSON[armsecurityinsights.WorkspaceManagerMember](req) + if err != nil { + return nil, err + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerMemberNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerMemberName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.CreateOrUpdate(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerMemberNameParam, body, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusCreated}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusCreated", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerMember, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerMembersServerTransport) dispatchDelete(req *http.Request) (*http.Response, error) { + if w.srv.Delete == nil { + return nil, &nonRetriableError{errors.New("fake for method Delete not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerMembers/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerMemberNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerMemberName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Delete(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerMemberNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK, http.StatusNoContent}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK, http.StatusNoContent", respContent.HTTPStatus)} + } + resp, err := server.NewResponse(respContent, req, nil) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerMembersServerTransport) dispatchGet(req *http.Request) (*http.Response, error) { + if w.srv.Get == nil { + return nil, &nonRetriableError{errors.New("fake for method Get not implemented")} + } + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerMembers/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 4 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + workspaceManagerMemberNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceManagerMemberName")]) + if err != nil { + return nil, err + } + respr, errRespr := w.srv.Get(req.Context(), resourceGroupNameParam, workspaceNameParam, workspaceManagerMemberNameParam, nil) + if respErr := server.GetError(errRespr, req); respErr != nil { + return nil, respErr + } + respContent := server.GetResponseContent(respr) + if !contains([]int{http.StatusOK}, respContent.HTTPStatus) { + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", respContent.HTTPStatus)} + } + resp, err := server.MarshalResponseAsJSON(respContent, server.GetResponse(respr).WorkspaceManagerMember, req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (w *WorkspaceManagerMembersServerTransport) dispatchNewListPager(req *http.Request) (*http.Response, error) { + if w.srv.NewListPager == nil { + return nil, &nonRetriableError{errors.New("fake for method NewListPager not implemented")} + } + newListPager := w.newListPager.get(req) + if newListPager == nil { + const regexStr = `/subscriptions/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/resourceGroups/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.OperationalInsights/workspaces/(?P[!#&$-;=?-\[\]_a-zA-Z0-9~%@]+)/providers/Microsoft\.SecurityInsights/workspaceManagerMembers/` + regex := regexp.MustCompile(regexStr) + matches := regex.FindStringSubmatch(req.URL.EscapedPath()) + if matches == nil || len(matches) < 3 { + return nil, fmt.Errorf("failed to parse path %s", req.URL.Path) + } + qp := req.URL.Query() + resourceGroupNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("resourceGroupName")]) + if err != nil { + return nil, err + } + workspaceNameParam, err := url.PathUnescape(matches[regex.SubexpIndex("workspaceName")]) + if err != nil { + return nil, err + } + orderbyUnescaped, err := url.QueryUnescape(qp.Get("$orderby")) + if err != nil { + return nil, err + } + orderbyParam := getOptional(orderbyUnescaped) + topUnescaped, err := url.QueryUnescape(qp.Get("$top")) + if err != nil { + return nil, err + } + topParam, err := parseOptional(topUnescaped, func(v string) (int32, error) { + p, parseErr := strconv.ParseInt(v, 10, 32) + if parseErr != nil { + return 0, parseErr + } + return int32(p), nil + }) + if err != nil { + return nil, err + } + skipTokenUnescaped, err := url.QueryUnescape(qp.Get("$skipToken")) + if err != nil { + return nil, err + } + skipTokenParam := getOptional(skipTokenUnescaped) + var options *armsecurityinsights.WorkspaceManagerMembersClientListOptions + if orderbyParam != nil || topParam != nil || skipTokenParam != nil { + options = &armsecurityinsights.WorkspaceManagerMembersClientListOptions{ + Orderby: orderbyParam, + Top: topParam, + SkipToken: skipTokenParam, + } + } + resp := w.srv.NewListPager(resourceGroupNameParam, workspaceNameParam, options) + newListPager = &resp + w.newListPager.add(req, newListPager) + server.PagerResponderInjectNextLinks(newListPager, req, func(page *armsecurityinsights.WorkspaceManagerMembersClientListResponse, createLink func() string) { + page.NextLink = to.Ptr(createLink()) + }) + } + resp, err := server.PagerResponderNext(newListPager, req) + if err != nil { + return nil, err + } + if !contains([]int{http.StatusOK}, resp.StatusCode) { + w.newListPager.remove(req) + return nil, &nonRetriableError{fmt.Errorf("unexpected status code %d. acceptable values are http.StatusOK", resp.StatusCode)} + } + if !server.PagerResponderMore(newListPager) { + w.newListPager.remove(req) + } + return resp, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client.go new file mode 100644 index 000000000000..1f74176f9bb0 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/fileimports_client.go @@ -0,0 +1,344 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// FileImportsClient contains the methods for the FileImports group. +// Don't use this type directly, use NewFileImportsClient() instead. +type FileImportsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewFileImportsClient creates a new instance of FileImportsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewFileImportsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*FileImportsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &FileImportsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Create - Creates the file import. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - fileImportID - File import ID +// - fileImport - The file import +// - options - FileImportsClientCreateOptions contains the optional parameters for the FileImportsClient.Create method. +func (client *FileImportsClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, fileImport FileImport, options *FileImportsClientCreateOptions) (FileImportsClientCreateResponse, error) { + var err error + const operationName = "FileImportsClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, resourceGroupName, workspaceName, fileImportID, fileImport, options) + if err != nil { + return FileImportsClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return FileImportsClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return FileImportsClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *FileImportsClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, fileImport FileImport, options *FileImportsClientCreateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/fileImports/{fileImportId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if fileImportID == "" { + return nil, errors.New("parameter fileImportID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{fileImportId}", url.PathEscape(fileImportID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, fileImport); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *FileImportsClient) createHandleResponse(resp *http.Response) (FileImportsClientCreateResponse, error) { + result := FileImportsClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.FileImport); err != nil { + return FileImportsClientCreateResponse{}, err + } + return result, nil +} + +// BeginDelete - Delete the file import. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - fileImportID - File import ID +// - options - FileImportsClientBeginDeleteOptions contains the optional parameters for the FileImportsClient.BeginDelete method. +func (client *FileImportsClient) BeginDelete(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *FileImportsClientBeginDeleteOptions) (*runtime.Poller[FileImportsClientDeleteResponse], error) { + if options == nil || options.ResumeToken == "" { + resp, err := client.deleteOperation(ctx, resourceGroupName, workspaceName, fileImportID, options) + if err != nil { + return nil, err + } + poller, err := runtime.NewPoller(resp, client.internal.Pipeline(), &runtime.NewPollerOptions[FileImportsClientDeleteResponse]{ + FinalStateVia: runtime.FinalStateViaLocation, + Tracer: client.internal.Tracer(), + }) + return poller, err + } else { + return runtime.NewPollerFromResumeToken(options.ResumeToken, client.internal.Pipeline(), &runtime.NewPollerFromResumeTokenOptions[FileImportsClientDeleteResponse]{ + Tracer: client.internal.Tracer(), + }) + } +} + +// Delete - Delete the file import. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +func (client *FileImportsClient) deleteOperation(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *FileImportsClientBeginDeleteOptions) (*http.Response, error) { + var err error + const operationName = "FileImportsClient.BeginDelete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, fileImportID, options) + if err != nil { + return nil, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return nil, err + } + if !runtime.HasStatusCode(httpResp, http.StatusAccepted, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return nil, err + } + return httpResp, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *FileImportsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *FileImportsClientBeginDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/fileImports/{fileImportId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if fileImportID == "" { + return nil, errors.New("parameter fileImportID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{fileImportId}", url.PathEscape(fileImportID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a file import. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - fileImportID - File import ID +// - options - FileImportsClientGetOptions contains the optional parameters for the FileImportsClient.Get method. +func (client *FileImportsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *FileImportsClientGetOptions) (FileImportsClientGetResponse, error) { + var err error + const operationName = "FileImportsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, fileImportID, options) + if err != nil { + return FileImportsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return FileImportsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return FileImportsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *FileImportsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, fileImportID string, options *FileImportsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/fileImports/{fileImportId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if fileImportID == "" { + return nil, errors.New("parameter fileImportID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{fileImportId}", url.PathEscape(fileImportID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *FileImportsClient) getHandleResponse(resp *http.Response) (FileImportsClientGetResponse, error) { + result := FileImportsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.FileImport); err != nil { + return FileImportsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all file imports. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - FileImportsClientListOptions contains the optional parameters for the FileImportsClient.NewListPager method. +func (client *FileImportsClient) NewListPager(resourceGroupName string, workspaceName string, options *FileImportsClientListOptions) *runtime.Pager[FileImportsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[FileImportsClientListResponse]{ + More: func(page FileImportsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *FileImportsClientListResponse) (FileImportsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "FileImportsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return FileImportsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *FileImportsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *FileImportsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/fileImports" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *FileImportsClient) listHandleResponse(resp *http.Response) (FileImportsClientListResponse, error) { + result := FileImportsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.FileImportList); err != nil { + return FileImportsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/get_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/get_client.go new file mode 100644 index 000000000000..5e8258d7d4b0 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/get_client.go @@ -0,0 +1,114 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// GetClient contains the methods for the Get group. +// Don't use this type directly, use NewGetClient() instead. +type GetClient struct { + internal *arm.Client + subscriptionID string +} + +// NewGetClient creates a new instance of GetClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewGetClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*GetClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &GetClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// SingleRecommendation - Gets a recommendation by its id. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - recommendationID - Recommendation Id. +// - options - GetClientSingleRecommendationOptions contains the optional parameters for the GetClient.SingleRecommendation +// method. +func (client *GetClient) SingleRecommendation(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, options *GetClientSingleRecommendationOptions) (GetClientSingleRecommendationResponse, error) { + var err error + const operationName = "GetClient.SingleRecommendation" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.singleRecommendationCreateRequest(ctx, resourceGroupName, workspaceName, recommendationID, options) + if err != nil { + return GetClientSingleRecommendationResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return GetClientSingleRecommendationResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return GetClientSingleRecommendationResponse{}, err + } + resp, err := client.singleRecommendationHandleResponse(httpResp) + return resp, err +} + +// singleRecommendationCreateRequest creates the SingleRecommendation request. +func (client *GetClient) singleRecommendationCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, options *GetClientSingleRecommendationOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if recommendationID == "" { + return nil, errors.New("parameter recommendationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{recommendationId}", url.PathEscape(recommendationID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// singleRecommendationHandleResponse handles the SingleRecommendation response. +func (client *GetClient) singleRecommendationHandleResponse(resp *http.Response) (GetClientSingleRecommendationResponse, error) { + result := GetClientSingleRecommendationResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Recommendation); err != nil { + return GetClientSingleRecommendationResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/getrecommendations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/getrecommendations_client.go new file mode 100644 index 000000000000..aaa41c6596c4 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/getrecommendations_client.go @@ -0,0 +1,108 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// GetRecommendationsClient contains the methods for the GetRecommendations group. +// Don't use this type directly, use NewGetRecommendationsClient() instead. +type GetRecommendationsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewGetRecommendationsClient creates a new instance of GetRecommendationsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewGetRecommendationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*GetRecommendationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &GetRecommendationsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// List - Gets a list of all recommendations. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - GetRecommendationsClientListOptions contains the optional parameters for the GetRecommendationsClient.List method. +func (client *GetRecommendationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, options *GetRecommendationsClientListOptions) (GetRecommendationsClientListResponse, error) { + var err error + const operationName = "GetRecommendationsClient.List" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + if err != nil { + return GetRecommendationsClientListResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return GetRecommendationsClientListResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return GetRecommendationsClientListResponse{}, err + } + resp, err := client.listHandleResponse(httpResp) + return resp, err +} + +// listCreateRequest creates the List request. +func (client *GetRecommendationsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *GetRecommendationsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *GetRecommendationsClient) listHandleResponse(resp *http.Response) (GetRecommendationsClientListResponse, error) { + result := GetRecommendationsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RecommendationList); err != nil { + return GetRecommendationsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/gettriggeredanalyticsruleruns_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/gettriggeredanalyticsruleruns_client.go new file mode 100644 index 000000000000..0adce2d7909c --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/gettriggeredanalyticsruleruns_client.go @@ -0,0 +1,109 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// GetTriggeredAnalyticsRuleRunsClient contains the methods for the GetTriggeredAnalyticsRuleRuns group. +// Don't use this type directly, use NewGetTriggeredAnalyticsRuleRunsClient() instead. +type GetTriggeredAnalyticsRuleRunsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewGetTriggeredAnalyticsRuleRunsClient creates a new instance of GetTriggeredAnalyticsRuleRunsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewGetTriggeredAnalyticsRuleRunsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*GetTriggeredAnalyticsRuleRunsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &GetTriggeredAnalyticsRuleRunsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets the triggered analytics rule runs. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - GetTriggeredAnalyticsRuleRunsClientListOptions contains the optional parameters for the GetTriggeredAnalyticsRuleRunsClient.NewListPager +// method. +func (client *GetTriggeredAnalyticsRuleRunsClient) NewListPager(resourceGroupName string, workspaceName string, options *GetTriggeredAnalyticsRuleRunsClientListOptions) *runtime.Pager[GetTriggeredAnalyticsRuleRunsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[GetTriggeredAnalyticsRuleRunsClientListResponse]{ + More: func(page GetTriggeredAnalyticsRuleRunsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *GetTriggeredAnalyticsRuleRunsClientListResponse) (GetTriggeredAnalyticsRuleRunsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "GetTriggeredAnalyticsRuleRunsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return GetTriggeredAnalyticsRuleRunsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *GetTriggeredAnalyticsRuleRunsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *GetTriggeredAnalyticsRuleRunsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *GetTriggeredAnalyticsRuleRunsClient) listHandleResponse(resp *http.Response) (GetTriggeredAnalyticsRuleRunsClientListResponse, error) { + result := GetTriggeredAnalyticsRuleRunsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TriggeredAnalyticsRuleRuns); err != nil { + return GetTriggeredAnalyticsRuleRunsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/go.mod b/sdk/resourcemanager/securityinsights/armsecurityinsights/go.mod index 8b262bfa0fe7..cc111f8ec667 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/go.mod +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/go.mod @@ -1,21 +1,11 @@ -module github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights +module github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights/v2 go 1.18 -require ( - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.2 - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 -) +require github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.2 require ( github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect - github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 // indirect - github.com/golang-jwt/jwt/v5 v5.0.0 // indirect - github.com/google/uuid v1.3.1 // indirect - github.com/kylelemons/godebug v1.1.0 // indirect - github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect - golang.org/x/crypto v0.19.0 // indirect golang.org/x/net v0.21.0 // indirect - golang.org/x/sys v0.17.0 // indirect golang.org/x/text v0.14.0 // indirect ) diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/go.sum b/sdk/resourcemanager/securityinsights/armsecurityinsights/go.sum index 0766d184c256..8e1b70aaca5f 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/go.sum +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/go.sum @@ -1,31 +1,12 @@ github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.2 h1:c4k2FIYIh4xtwqrQwV0Ct1v5+ehlNXj5NI/MWVsiTkQ= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.2/go.mod h1:5FDJtLEO/GxwNgUxbwrY3LP0pEoThTQJtk2oysdXHxM= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 h1:BMAjVKJM0U/CYF27gA0ZMmXGkOcvfFtD0oHVZ1TIPRI= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0/go.mod h1:1fXstnBMas5kzG+S3q8UoJcmyU6nUeunJcMDHcRYHhs= github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aMclParm9/5Vgp+TY51uBQ= github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc= -github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 h1:WpB/QDNLpMw72xHJc34BNNykqSOeEJDAWkhf0u12/Jk= -github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= -github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE= -github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= -github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= -github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= -github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= -github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/huntcomments_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/huntcomments_client.go new file mode 100644 index 000000000000..f0e9a6eba1ab --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/huntcomments_client.go @@ -0,0 +1,343 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// HuntCommentsClient contains the methods for the HuntComments group. +// Don't use this type directly, use NewHuntCommentsClient() instead. +type HuntCommentsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewHuntCommentsClient creates a new instance of HuntCommentsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewHuntCommentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*HuntCommentsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &HuntCommentsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a hunt relation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntCommentID - The hunt comment id (GUID) +// - huntComment - The hunt comment +// - options - HuntCommentsClientCreateOrUpdateOptions contains the optional parameters for the HuntCommentsClient.CreateOrUpdate +// method. +func (client *HuntCommentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, huntComment HuntComment, options *HuntCommentsClientCreateOrUpdateOptions) (HuntCommentsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "HuntCommentsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntCommentID, huntComment, options) + if err != nil { + return HuntCommentsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntCommentsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return HuntCommentsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *HuntCommentsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, huntComment HuntComment, options *HuntCommentsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntCommentID == "" { + return nil, errors.New("parameter huntCommentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntCommentId}", url.PathEscape(huntCommentID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, huntComment); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *HuntCommentsClient) createOrUpdateHandleResponse(resp *http.Response) (HuntCommentsClientCreateOrUpdateResponse, error) { + result := HuntCommentsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntComment); err != nil { + return HuntCommentsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete a hunt comment. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntCommentID - The hunt comment id (GUID) +// - options - HuntCommentsClientDeleteOptions contains the optional parameters for the HuntCommentsClient.Delete method. +func (client *HuntCommentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, options *HuntCommentsClientDeleteOptions) (HuntCommentsClientDeleteResponse, error) { + var err error + const operationName = "HuntCommentsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntCommentID, options) + if err != nil { + return HuntCommentsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntCommentsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return HuntCommentsClientDeleteResponse{}, err + } + return HuntCommentsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *HuntCommentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, options *HuntCommentsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntCommentID == "" { + return nil, errors.New("parameter huntCommentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntCommentId}", url.PathEscape(huntCommentID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a hunt comment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntCommentID - The hunt comment id (GUID) +// - options - HuntCommentsClientGetOptions contains the optional parameters for the HuntCommentsClient.Get method. +func (client *HuntCommentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, options *HuntCommentsClientGetOptions) (HuntCommentsClientGetResponse, error) { + var err error + const operationName = "HuntCommentsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntCommentID, options) + if err != nil { + return HuntCommentsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntCommentsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return HuntCommentsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *HuntCommentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntCommentID string, options *HuntCommentsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntCommentID == "" { + return nil, errors.New("parameter huntCommentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntCommentId}", url.PathEscape(huntCommentID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *HuntCommentsClient) getHandleResponse(resp *http.Response) (HuntCommentsClientGetResponse, error) { + result := HuntCommentsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntComment); err != nil { + return HuntCommentsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all hunt comments +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - options - HuntCommentsClientListOptions contains the optional parameters for the HuntCommentsClient.NewListPager method. +func (client *HuntCommentsClient) NewListPager(resourceGroupName string, workspaceName string, huntID string, options *HuntCommentsClientListOptions) *runtime.Pager[HuntCommentsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[HuntCommentsClientListResponse]{ + More: func(page HuntCommentsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *HuntCommentsClientListResponse) (HuntCommentsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "HuntCommentsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, huntID, options) + }, nil) + if err != nil { + return HuntCommentsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *HuntCommentsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *HuntCommentsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *HuntCommentsClient) listHandleResponse(resp *http.Response) (HuntCommentsClientListResponse, error) { + result := HuntCommentsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntCommentList); err != nil { + return HuntCommentsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/huntrelations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/huntrelations_client.go new file mode 100644 index 000000000000..1648e7fd6b6e --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/huntrelations_client.go @@ -0,0 +1,343 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// HuntRelationsClient contains the methods for the HuntRelations group. +// Don't use this type directly, use NewHuntRelationsClient() instead. +type HuntRelationsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewHuntRelationsClient creates a new instance of HuntRelationsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewHuntRelationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*HuntRelationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &HuntRelationsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a hunt relation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntRelationID - The hunt relation id (GUID) +// - huntRelation - The hunt relation +// - options - HuntRelationsClientCreateOrUpdateOptions contains the optional parameters for the HuntRelationsClient.CreateOrUpdate +// method. +func (client *HuntRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, huntRelation HuntRelation, options *HuntRelationsClientCreateOrUpdateOptions) (HuntRelationsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "HuntRelationsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntRelationID, huntRelation, options) + if err != nil { + return HuntRelationsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntRelationsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return HuntRelationsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *HuntRelationsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, huntRelation HuntRelation, options *HuntRelationsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntRelationID == "" { + return nil, errors.New("parameter huntRelationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntRelationId}", url.PathEscape(huntRelationID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, huntRelation); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *HuntRelationsClient) createOrUpdateHandleResponse(resp *http.Response) (HuntRelationsClientCreateOrUpdateResponse, error) { + result := HuntRelationsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntRelation); err != nil { + return HuntRelationsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete a hunt relation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntRelationID - The hunt relation id (GUID) +// - options - HuntRelationsClientDeleteOptions contains the optional parameters for the HuntRelationsClient.Delete method. +func (client *HuntRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, options *HuntRelationsClientDeleteOptions) (HuntRelationsClientDeleteResponse, error) { + var err error + const operationName = "HuntRelationsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntRelationID, options) + if err != nil { + return HuntRelationsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntRelationsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return HuntRelationsClientDeleteResponse{}, err + } + return HuntRelationsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *HuntRelationsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, options *HuntRelationsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntRelationID == "" { + return nil, errors.New("parameter huntRelationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntRelationId}", url.PathEscape(huntRelationID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a hunt relation +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - huntRelationID - The hunt relation id (GUID) +// - options - HuntRelationsClientGetOptions contains the optional parameters for the HuntRelationsClient.Get method. +func (client *HuntRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, options *HuntRelationsClientGetOptions) (HuntRelationsClientGetResponse, error) { + var err error + const operationName = "HuntRelationsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, huntID, huntRelationID, options) + if err != nil { + return HuntRelationsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntRelationsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return HuntRelationsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *HuntRelationsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, huntRelationID string, options *HuntRelationsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + if huntRelationID == "" { + return nil, errors.New("parameter huntRelationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntRelationId}", url.PathEscape(huntRelationID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *HuntRelationsClient) getHandleResponse(resp *http.Response) (HuntRelationsClientGetResponse, error) { + result := HuntRelationsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntRelation); err != nil { + return HuntRelationsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all hunt relations +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - options - HuntRelationsClientListOptions contains the optional parameters for the HuntRelationsClient.NewListPager method. +func (client *HuntRelationsClient) NewListPager(resourceGroupName string, workspaceName string, huntID string, options *HuntRelationsClientListOptions) *runtime.Pager[HuntRelationsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[HuntRelationsClientListResponse]{ + More: func(page HuntRelationsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *HuntRelationsClientListResponse) (HuntRelationsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "HuntRelationsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, huntID, options) + }, nil) + if err != nil { + return HuntRelationsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *HuntRelationsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *HuntRelationsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *HuntRelationsClient) listHandleResponse(resp *http.Response) (HuntRelationsClientListResponse, error) { + result := HuntRelationsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntRelationList); err != nil { + return HuntRelationsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/hunts_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/hunts_client.go new file mode 100644 index 000000000000..412980a46f81 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/hunts_client.go @@ -0,0 +1,322 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// HuntsClient contains the methods for the Hunts group. +// Don't use this type directly, use NewHuntsClient() instead. +type HuntsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewHuntsClient creates a new instance of HuntsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewHuntsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*HuntsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &HuntsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Create or update a hunt +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - hunt - The hunt +// - options - HuntsClientCreateOrUpdateOptions contains the optional parameters for the HuntsClient.CreateOrUpdate method. +func (client *HuntsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, hunt Hunt, options *HuntsClientCreateOrUpdateOptions) (HuntsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "HuntsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, huntID, hunt, options) + if err != nil { + return HuntsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return HuntsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *HuntsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, hunt Hunt, options *HuntsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, hunt); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *HuntsClient) createOrUpdateHandleResponse(resp *http.Response) (HuntsClientCreateOrUpdateResponse, error) { + result := HuntsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Hunt); err != nil { + return HuntsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete a hunt. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - options - HuntsClientDeleteOptions contains the optional parameters for the HuntsClient.Delete method. +func (client *HuntsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *HuntsClientDeleteOptions) (HuntsClientDeleteResponse, error) { + var err error + const operationName = "HuntsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, huntID, options) + if err != nil { + return HuntsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return HuntsClientDeleteResponse{}, err + } + return HuntsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *HuntsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *HuntsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a hunt, without relations and comments. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - huntID - The hunt id (GUID) +// - options - HuntsClientGetOptions contains the optional parameters for the HuntsClient.Get method. +func (client *HuntsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *HuntsClientGetOptions) (HuntsClientGetResponse, error) { + var err error + const operationName = "HuntsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, huntID, options) + if err != nil { + return HuntsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return HuntsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return HuntsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *HuntsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, huntID string, options *HuntsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if huntID == "" { + return nil, errors.New("parameter huntID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{huntId}", url.PathEscape(huntID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *HuntsClient) getHandleResponse(resp *http.Response) (HuntsClientGetResponse, error) { + result := HuntsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Hunt); err != nil { + return HuntsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all hunts, without relations and comments. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - HuntsClientListOptions contains the optional parameters for the HuntsClient.NewListPager method. +func (client *HuntsClient) NewListPager(resourceGroupName string, workspaceName string, options *HuntsClientListOptions) *runtime.Pager[HuntsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[HuntsClientListResponse]{ + More: func(page HuntsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *HuntsClientListResponse) (HuntsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "HuntsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return HuntsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *HuntsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *HuntsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *HuntsClient) listHandleResponse(resp *http.Response) (HuntsClientListResponse, error) { + result := HuntsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.HuntList); err != nil { + return HuntsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client.go index 95152f81f525..3835b0fee219 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client.go @@ -44,10 +44,10 @@ func NewIncidentCommentsClient(subscriptionID string, credential azcore.TokenCre return client, nil } -// CreateOrUpdate - Creates or updates a comment for a given incident. +// CreateOrUpdate - Creates or updates the incident comment. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -105,7 +105,7 @@ func (client *IncidentCommentsClient) createOrUpdateCreateRequest(ctx context.Co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, incidentComment); err != nil { @@ -123,10 +123,10 @@ func (client *IncidentCommentsClient) createOrUpdateHandleResponse(resp *http.Re return result, nil } -// Delete - Deletes a comment for a given incident. +// Delete - Delete the incident comment. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -181,16 +181,16 @@ func (client *IncidentCommentsClient) deleteCreateRequest(ctx context.Context, r return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } -// Get - Gets a comment for a given incident. +// Get - Gets an incident comment. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -246,7 +246,7 @@ func (client *IncidentCommentsClient) getCreateRequest(ctx context.Context, reso return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -261,9 +261,9 @@ func (client *IncidentCommentsClient) getHandleResponse(resp *http.Response) (In return result, nil } -// NewListPager - Gets all comments for a given incident. +// NewListPager - Gets all incident comments. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -316,19 +316,19 @@ func (client *IncidentCommentsClient) listCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") if options != nil && options.Filter != nil { reqQP.Set("$filter", *options.Filter) } if options != nil && options.Orderby != nil { reqQP.Set("$orderby", *options.Orderby) } - if options != nil && options.Top != nil { - reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) - } if options != nil && options.SkipToken != nil { reqQP.Set("$skipToken", *options.SkipToken) } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client_example_test.go deleted file mode 100644 index f3b2872e226a..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentcomments_client_example_test.go +++ /dev/null @@ -1,163 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/comments/GetAllIncidentComments.json -func ExampleIncidentCommentsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewIncidentCommentsClient().NewListPager("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", &armsecurityinsights.IncidentCommentsClientListOptions{Filter: nil, - Orderby: nil, - Top: nil, - SkipToken: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.IncidentCommentList = armsecurityinsights.IncidentCommentList{ - // Value: []*armsecurityinsights.IncidentComment{ - // { - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/comments"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5/comments/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("0300bf09-0000-0000-0000-5c37296e0000"), - // Properties: &armsecurityinsights.IncidentCommentProperties{ - // Author: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Message: to.Ptr("Some message"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/comments/GetIncidentCommentById.json -func ExampleIncidentCommentsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentCommentsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.IncidentComment = armsecurityinsights.IncidentComment{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/comments"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5/comments/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("0300bf09-0000-0000-0000-5c37296e0000"), - // Properties: &armsecurityinsights.IncidentCommentProperties{ - // Author: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Message: to.Ptr("Some message"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/comments/CreateIncidentComment.json -func ExampleIncidentCommentsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentCommentsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", armsecurityinsights.IncidentComment{ - Properties: &armsecurityinsights.IncidentCommentProperties{ - Message: to.Ptr("Some message"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.IncidentComment = armsecurityinsights.IncidentComment{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/comments"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5/comments/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("0300bf09-0000-0000-0000-5c37296e0000"), - // Properties: &armsecurityinsights.IncidentCommentProperties{ - // Author: &armsecurityinsights.ClientInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-04T13:15:30.000Z"); return t}()), - // Message: to.Ptr("Some message"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/comments/DeleteIncidentComment.json -func ExampleIncidentCommentsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewIncidentCommentsClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client.go index 94fb8b9cf53c..d88029a0c58c 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client.go @@ -44,10 +44,10 @@ func NewIncidentRelationsClient(subscriptionID string, credential azcore.TokenCr return client, nil } -// CreateOrUpdate - Creates or updates a relation for a given incident. +// CreateOrUpdate - Creates or updates the incident relation. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -105,7 +105,7 @@ func (client *IncidentRelationsClient) createOrUpdateCreateRequest(ctx context.C return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, relation); err != nil { @@ -123,10 +123,10 @@ func (client *IncidentRelationsClient) createOrUpdateHandleResponse(resp *http.R return result, nil } -// Delete - Deletes a relation for a given incident. +// Delete - Delete the incident relation. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -182,16 +182,16 @@ func (client *IncidentRelationsClient) deleteCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } -// Get - Gets a relation for a given incident. +// Get - Gets an incident relation. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -247,7 +247,7 @@ func (client *IncidentRelationsClient) getCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -262,9 +262,9 @@ func (client *IncidentRelationsClient) getHandleResponse(resp *http.Response) (I return result, nil } -// NewListPager - Gets all relations for a given incident. +// NewListPager - Gets all incident relations. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -317,19 +317,19 @@ func (client *IncidentRelationsClient) listCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") if options != nil && options.Filter != nil { reqQP.Set("$filter", *options.Filter) } if options != nil && options.Orderby != nil { reqQP.Set("$orderby", *options.Orderby) } - if options != nil && options.Top != nil { - reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) - } if options != nil && options.SkipToken != nil { reqQP.Set("$skipToken", *options.SkipToken) } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client_example_test.go deleted file mode 100644 index 3ec39d5cfe8d..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidentrelations_client_example_test.go +++ /dev/null @@ -1,157 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/relations/GetAllIncidentRelations.json -func ExampleIncidentRelationsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewIncidentRelationsClient().NewListPager("myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", &armsecurityinsights.IncidentRelationsClientListOptions{Filter: nil, - Orderby: nil, - Top: nil, - SkipToken: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.RelationList = armsecurityinsights.RelationList{ - // Value: []*armsecurityinsights.Relation{ - // { - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceName: to.Ptr("2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // }, - // }, - // { - // Name: to.Ptr("9673a17d-8bc7-4ca6-88ee-38a4f3efc032"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812/relations/9673a17d-8bc7-4ca6-88ee-38a4f3efc032"), - // Etag: to.Ptr("6f714025-dd7c-46aa-b5d0-b9857488d060"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/entities/1dd267cd-8a1f-4f6f-b92c-da43ac8819af"), - // RelatedResourceKind: to.Ptr("SecurityAlert"), - // RelatedResourceName: to.Ptr("1dd267cd-8a1f-4f6f-b92c-da43ac8819af"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/entities"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/relations/GetIncidentRelationByName.json -func ExampleIncidentRelationsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentRelationsClient().Get(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Relation = armsecurityinsights.Relation{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceName: to.Ptr("2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/relations/CreateIncidentRelation.json -func ExampleIncidentRelationsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentRelationsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", armsecurityinsights.Relation{ - Properties: &armsecurityinsights.RelationProperties{ - RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Relation = armsecurityinsights.Relation{ - // Name: to.Ptr("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents/relations"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/afbd324f-6c48-459c-8710-8d1e1cd03812/relations/4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014"), - // Etag: to.Ptr("190057d0-0000-0d00-0000-5c6f5adb0000"), - // Properties: &armsecurityinsights.RelationProperties{ - // RelatedResourceID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceName: to.Ptr("2216d0e1-91e3-4902-89fd-d2df8c535096"), - // RelatedResourceType: to.Ptr("Microsoft.SecurityInsights/bookmarks"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/relations/DeleteIncidentRelation.json -func ExampleIncidentRelationsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewIncidentRelationsClient().Delete(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client.go index 6dbc3a042263..11ad1890ae71 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client.go @@ -44,10 +44,10 @@ func NewIncidentsClient(subscriptionID string, credential azcore.TokenCredential return client, nil } -// CreateOrUpdate - Creates or updates an incident. +// CreateOrUpdate - Creates or updates the incident. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -100,7 +100,7 @@ func (client *IncidentsClient) createOrUpdateCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, incident); err != nil { @@ -118,10 +118,83 @@ func (client *IncidentsClient) createOrUpdateHandleResponse(resp *http.Response) return result, nil } -// Delete - Deletes a given incident. +// CreateTeam - Creates a Microsoft team to investigate the incident by sharing information and insights between participants. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - incidentID - Incident ID +// - teamProperties - Team properties +// - options - IncidentsClientCreateTeamOptions contains the optional parameters for the IncidentsClient.CreateTeam method. +func (client *IncidentsClient) CreateTeam(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, teamProperties TeamInformation, options *IncidentsClientCreateTeamOptions) (IncidentsClientCreateTeamResponse, error) { + var err error + const operationName = "IncidentsClient.CreateTeam" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createTeamCreateRequest(ctx, resourceGroupName, workspaceName, incidentID, teamProperties, options) + if err != nil { + return IncidentsClientCreateTeamResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return IncidentsClientCreateTeamResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return IncidentsClientCreateTeamResponse{}, err + } + resp, err := client.createTeamHandleResponse(httpResp) + return resp, err +} + +// createTeamCreateRequest creates the CreateTeam request. +func (client *IncidentsClient) createTeamCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, teamProperties TeamInformation, options *IncidentsClientCreateTeamOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/createTeam" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if incidentID == "" { + return nil, errors.New("parameter incidentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentId}", url.PathEscape(incidentID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, teamProperties); err != nil { + return nil, err + } + return req, nil +} + +// createTeamHandleResponse handles the CreateTeam response. +func (client *IncidentsClient) createTeamHandleResponse(resp *http.Response) (IncidentsClientCreateTeamResponse, error) { + result := IncidentsClientCreateTeamResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TeamInformation); err != nil { + return IncidentsClientCreateTeamResponse{}, err + } + return result, nil +} + +// Delete - Delete the incident. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -171,16 +244,16 @@ func (client *IncidentsClient) deleteCreateRequest(ctx context.Context, resource return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } -// Get - Gets a given incident. +// Get - Gets an incident. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -231,7 +304,7 @@ func (client *IncidentsClient) getCreateRequest(ctx context.Context, resourceGro return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -248,7 +321,7 @@ func (client *IncidentsClient) getHandleResponse(resp *http.Response) (Incidents // NewListPager - Gets all incidents. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - IncidentsClientListOptions contains the optional parameters for the IncidentsClient.NewListPager method. @@ -295,19 +368,19 @@ func (client *IncidentsClient) listCreateRequest(ctx context.Context, resourceGr return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") if options != nil && options.Filter != nil { reqQP.Set("$filter", *options.Filter) } if options != nil && options.Orderby != nil { reqQP.Set("$orderby", *options.Orderby) } - if options != nil && options.Top != nil { - reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) - } if options != nil && options.SkipToken != nil { reqQP.Set("$skipToken", *options.SkipToken) } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -322,10 +395,10 @@ func (client *IncidentsClient) listHandleResponse(resp *http.Response) (Incident return result, nil } -// ListAlerts - Gets all alerts for an incident. +// ListAlerts - Gets all incident alerts. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -376,7 +449,7 @@ func (client *IncidentsClient) listAlertsCreateRequest(ctx context.Context, reso return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -391,10 +464,10 @@ func (client *IncidentsClient) listAlertsHandleResponse(resp *http.Response) (In return result, nil } -// ListBookmarks - Gets all bookmarks for an incident. +// ListBookmarks - Gets all incident bookmarks. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -445,7 +518,7 @@ func (client *IncidentsClient) listBookmarksCreateRequest(ctx context.Context, r return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -460,10 +533,10 @@ func (client *IncidentsClient) listBookmarksHandleResponse(resp *http.Response) return result, nil } -// ListEntities - Gets all entities for an incident. +// ListEntities - Gets all incident related entities. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - incidentID - Incident ID @@ -514,7 +587,7 @@ func (client *IncidentsClient) listEntitiesCreateRequest(ctx context.Context, re return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -528,3 +601,77 @@ func (client *IncidentsClient) listEntitiesHandleResponse(resp *http.Response) ( } return result, nil } + +// RunPlaybook - Triggers playbook on a specific incident +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - IncidentsClientRunPlaybookOptions contains the optional parameters for the IncidentsClient.RunPlaybook method. +func (client *IncidentsClient) RunPlaybook(ctx context.Context, resourceGroupName string, workspaceName string, incidentIdentifier string, options *IncidentsClientRunPlaybookOptions) (IncidentsClientRunPlaybookResponse, error) { + var err error + const operationName = "IncidentsClient.RunPlaybook" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.runPlaybookCreateRequest(ctx, resourceGroupName, workspaceName, incidentIdentifier, options) + if err != nil { + return IncidentsClientRunPlaybookResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return IncidentsClientRunPlaybookResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return IncidentsClientRunPlaybookResponse{}, err + } + resp, err := client.runPlaybookHandleResponse(httpResp) + return resp, err +} + +// runPlaybookCreateRequest creates the RunPlaybook request. +func (client *IncidentsClient) runPlaybookCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentIdentifier string, options *IncidentsClientRunPlaybookOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentIdentifier}/runPlaybook" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if incidentIdentifier == "" { + return nil, errors.New("parameter incidentIdentifier cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentIdentifier}", url.PathEscape(incidentIdentifier)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.RequestBody != nil { + if err := runtime.MarshalAsJSON(req, *options.RequestBody); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} + +// runPlaybookHandleResponse handles the RunPlaybook response. +func (client *IncidentsClient) runPlaybookHandleResponse(resp *http.Response) (IncidentsClientRunPlaybookResponse, error) { + result := IncidentsClientRunPlaybookResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Interface); err != nil { + return IncidentsClientRunPlaybookResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client_example_test.go deleted file mode 100644 index 18b73f182846..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidents_client_example_test.go +++ /dev/null @@ -1,428 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/GetIncidents.json -func ExampleIncidentsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewIncidentsClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.IncidentsClientListOptions{Filter: nil, - Orderby: to.Ptr("properties/createdTimeUtc desc"), - Top: to.Ptr[int32](1), - SkipToken: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.IncidentList = armsecurityinsights.IncidentList{ - // Value: []*armsecurityinsights.Incident{ - // { - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.IncidentProperties{ - // Description: to.Ptr("This is a demo incident"), - // AdditionalData: &armsecurityinsights.IncidentAdditionalData{ - // AlertProductNames: []*string{ - // }, - // AlertsCount: to.Ptr[int32](0), - // BookmarksCount: to.Ptr[int32](0), - // CommentsCount: to.Ptr[int32](3), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticPersistence)}, - // }, - // Classification: to.Ptr(armsecurityinsights.IncidentClassificationFalsePositive), - // ClassificationComment: to.Ptr("Not a malicious activity"), - // ClassificationReason: to.Ptr(armsecurityinsights.IncidentClassificationReasonIncorrectAlertLogic), - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // FirstActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // IncidentNumber: to.Ptr[int32](3177), - // IncidentURL: to.Ptr("https://portal.azure.com/#asset/Microsoft_Azure_Security_Insights/Incident/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Labels: []*armsecurityinsights.IncidentLabel{ - // }, - // LastActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:05:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Owner: &armsecurityinsights.IncidentOwnerInfo{ - // AssignedTo: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // RelatedAnalyticRuleIDs: []*string{ - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/fab3d2d4-747f-46a7-8ef0-9c0be8112bf7"), - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/8deb8303-e94d-46ff-96e0-5fd94b33df1a")}, - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - // Status: to.Ptr(armsecurityinsights.IncidentStatusClosed), - // Title: to.Ptr("My incident"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/GetIncidentById.json -func ExampleIncidentsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().Get(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Incident = armsecurityinsights.Incident{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.IncidentProperties{ - // Description: to.Ptr("This is a demo incident"), - // AdditionalData: &armsecurityinsights.IncidentAdditionalData{ - // AlertProductNames: []*string{ - // }, - // AlertsCount: to.Ptr[int32](0), - // BookmarksCount: to.Ptr[int32](0), - // CommentsCount: to.Ptr[int32](3), - // Tactics: []*armsecurityinsights.AttackTactic{ - // to.Ptr(armsecurityinsights.AttackTacticInitialAccess), - // to.Ptr(armsecurityinsights.AttackTacticPersistence)}, - // }, - // Classification: to.Ptr(armsecurityinsights.IncidentClassificationFalsePositive), - // ClassificationComment: to.Ptr("Not a malicious activity"), - // ClassificationReason: to.Ptr(armsecurityinsights.IncidentClassificationReasonInaccurateData), - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // FirstActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // IncidentNumber: to.Ptr[int32](3177), - // IncidentURL: to.Ptr("https://portal.azure.com/#asset/Microsoft_Azure_Security_Insights/Incident/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Labels: []*armsecurityinsights.IncidentLabel{ - // }, - // LastActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:05:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Owner: &armsecurityinsights.IncidentOwnerInfo{ - // AssignedTo: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // RelatedAnalyticRuleIDs: []*string{ - // to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/fab3d2d4-747f-46a7-8ef0-9c0be8112bf7")}, - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - // Status: to.Ptr(armsecurityinsights.IncidentStatusClosed), - // Title: to.Ptr("My incident"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/CreateIncident.json -func ExampleIncidentsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", armsecurityinsights.Incident{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.IncidentProperties{ - Description: to.Ptr("This is a demo incident"), - Classification: to.Ptr(armsecurityinsights.IncidentClassificationFalsePositive), - ClassificationComment: to.Ptr("Not a malicious activity"), - ClassificationReason: to.Ptr(armsecurityinsights.IncidentClassificationReasonIncorrectAlertLogic), - FirstActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t }()), - LastActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:05:30.000Z"); return t }()), - Owner: &armsecurityinsights.IncidentOwnerInfo{ - ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - }, - Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - Status: to.Ptr(armsecurityinsights.IncidentStatusClosed), - Title: to.Ptr("My incident"), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Incident = armsecurityinsights.Incident{ - // Name: to.Ptr("73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Type: to.Ptr("Microsoft.SecurityInsights/incidents"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0001\""), - // Properties: &armsecurityinsights.IncidentProperties{ - // Description: to.Ptr("This is a demo incident"), - // AdditionalData: &armsecurityinsights.IncidentAdditionalData{ - // AlertProductNames: []*string{ - // }, - // AlertsCount: to.Ptr[int32](0), - // BookmarksCount: to.Ptr[int32](0), - // CommentsCount: to.Ptr[int32](3), - // Tactics: []*armsecurityinsights.AttackTactic{ - // }, - // }, - // Classification: to.Ptr(armsecurityinsights.IncidentClassificationFalsePositive), - // ClassificationComment: to.Ptr("Not a malicious activity"), - // ClassificationReason: to.Ptr(armsecurityinsights.IncidentClassificationReasonIncorrectAlertLogic), - // CreatedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // FirstActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:00:30.000Z"); return t}()), - // IncidentNumber: to.Ptr[int32](3177), - // IncidentURL: to.Ptr("https://portal.azure.com/#asset/Microsoft_Azure_Security_Insights/Incident/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/incidents/73e01a99-5cd7-4139-a149-9f2736ff2ab5"), - // Labels: []*armsecurityinsights.IncidentLabel{ - // }, - // LastActivityTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:05:30.000Z"); return t}()), - // LastModifiedTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-01-01T13:15:30.000Z"); return t}()), - // Owner: &armsecurityinsights.IncidentOwnerInfo{ - // AssignedTo: to.Ptr("john doe"), - // Email: to.Ptr("john.doe@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // UserPrincipalName: to.Ptr("john@contoso.com"), - // }, - // RelatedAnalyticRuleIDs: []*string{ - // }, - // Severity: to.Ptr(armsecurityinsights.IncidentSeverityHigh), - // Status: to.Ptr(armsecurityinsights.IncidentStatusClosed), - // Title: to.Ptr("My incident"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/DeleteIncident.json -func ExampleIncidentsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewIncidentsClient().Delete(ctx, "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/GetAllIncidentAlerts.json -func ExampleIncidentsClient_ListAlerts() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().ListAlerts(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.IncidentAlertList = armsecurityinsights.IncidentAlertList{ - // Value: []*armsecurityinsights.SecurityAlert{ - // { - // Name: to.Ptr("baa8a239-6fde-4ab7-a093-d09f7b75c58c"), - // Type: to.Ptr("Microsoft.SecurityInsights/Entities"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRG/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/Entities/baa8a239-6fde-4ab7-a093-d09f7b75c58c"), - // Kind: to.Ptr(armsecurityinsights.EntityKindEnumSecurityAlert), - // Properties: &armsecurityinsights.SecurityAlertProperties{ - // AdditionalData: map[string]any{ - // "AlertMessageEnqueueTime": "2020-07-20T18:21:57.304Z", - // }, - // FriendlyName: to.Ptr("myAlert"), - // AlertDisplayName: to.Ptr("myAlert"), - // AlertType: to.Ptr("myAlert"), - // ConfidenceLevel: to.Ptr(armsecurityinsights.ConfidenceLevelUnknown), - // EndTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-07-20T18:21:53.615Z"); return t}()), - // ProcessingEndTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-07-20T18:21:53.615Z"); return t}()), - // ProductName: to.Ptr("Azure Security Center"), - // ResourceIdentifiers: []any{ - // map[string]any{ - // "type": "LogAnalytics", - // "resourceGroup": "myRG", - // "subscriptionId": "bd794837-4d29-4647-9105-6339bfdb4e6a", - // "workspaceId": "c8c99641-985d-4e4e-8e91-fb3466cd0e5b", - // }}, - // Severity: to.Ptr(armsecurityinsights.AlertSeverityLow), - // StartTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-07-20T18:21:53.615Z"); return t}()), - // Status: to.Ptr(armsecurityinsights.AlertStatusNew), - // SystemAlertID: to.Ptr("baa8a239-6fde-4ab7-a093-d09f7b75c58c"), - // Tactics: []*armsecurityinsights.AttackTactic{ - // }, - // TimeGenerated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-07-20T18:21:53.615Z"); return t}()), - // VendorName: to.Ptr("Microsoft"), - // }, - // }}, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/GetAllIncidentBookmarks.json -func ExampleIncidentsClient_ListBookmarks() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().ListBookmarks(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.IncidentBookmarkList = armsecurityinsights.IncidentBookmarkList{ - // Value: []*armsecurityinsights.HuntingBookmark{ - // { - // Name: to.Ptr("afbd324f-6c48-459c-8710-8d1e1cd03812"), - // Type: to.Ptr("Microsoft.SecurityInsights/Entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/afbd324f-6c48-459c-8710-8d1e1cd03812"), - // Kind: to.Ptr(armsecurityinsights.EntityKindEnumBookmark), - // Properties: &armsecurityinsights.HuntingBookmarkProperties{ - // AdditionalData: map[string]any{ - // "ETag": "\"3b00acab-0000-0d00-0000-5f15e4ed0000\"", - // "EntityId": "afbd324f-6c48-459c-8710-8d1e1cd03812", - // }, - // FriendlyName: to.Ptr("SecurityEvent - 868f40f4698d"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("user"), - // Email: to.Ptr("user@microsoft.com"), - // ObjectID: to.Ptr("b03ca914-5eb6-45e5-9417-fe0797c372fd"), - // }, - // DisplayName: to.Ptr("SecurityEvent - 868f40f4698d"), - // EventTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // Labels: []*string{ - // }, - // Query: to.Ptr("SecurityEvent\r\n| take 1\n"), - // QueryResult: to.Ptr("{\"TimeGenerated\":\"2020-05-24T01:24:25.67Z\",\"Account\":\"\\\\ADMINISTRATOR\",\"AccountType\":\"User\",\"Computer\":\"SecurityEvents\",\"EventSourceName\":\"Microsoft-Windows-Security-Auditing\",\"Channel\":\"Security\",\"Task\":12544,\"Level\":\"16\",\"EventID\":4625,\"Activity\":\"4625 - An account failed to log on.\",\"AuthenticationPackageName\":\"NTLM\",\"FailureReason\":\"%%2313\",\"IpAddress\":\"176.113.115.73\",\"IpPort\":\"0\",\"LmPackageName\":\"-\",\"LogonProcessName\":\"NtLmSsp \",\"LogonType\":3,\"LogonTypeName\":\"3 - Network\",\"Process\":\"-\",\"ProcessId\":\"0x0\",\"__entityMapping\":{\"\\\\ADMINISTRATOR\":\"Account\",\"SecurityEvents\":\"Host\"}}"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("user"), - // Email: to.Ptr("user@microsoft.com"), - // ObjectID: to.Ptr("b03ca914-5eb6-45e5-9417-fe0797c372fd"), - // }, - // }, - // }, - // { - // Name: to.Ptr("bbbd324f-6c48-459c-8710-8d1e1cd03812"), - // Type: to.Ptr("Microsoft.SecurityInsights/Entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/bbbd324f-6c48-459c-8710-8d1e1cd03812"), - // Kind: to.Ptr(armsecurityinsights.EntityKindEnumBookmark), - // Properties: &armsecurityinsights.HuntingBookmarkProperties{ - // AdditionalData: map[string]any{ - // "ETag": "\"3b00acab-0000-0d00-0000-5f15e4ed0000\"", - // "EntityId": "afbd324f-6c48-459c-8710-8d1e1cd03812", - // }, - // FriendlyName: to.Ptr("SecurityEvent - 868f40f4698d"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("user"), - // Email: to.Ptr("user@microsoft.com"), - // ObjectID: to.Ptr("303ca914-5eb6-45e5-9417-fe0797c372fd"), - // }, - // DisplayName: to.Ptr("SecurityEvent - 868f40f4698d"), - // EventTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // Labels: []*string{ - // }, - // Query: to.Ptr("SecurityEvent\r\n| take 1\n"), - // QueryResult: to.Ptr("{\"TimeGenerated\":\"2020-05-24T01:24:25.67Z\",\"Account\":\"\\\\ADMINISTRATOR\",\"AccountType\":\"User\",\"Computer\":\"SecurityEvents\",\"EventSourceName\":\"Microsoft-Windows-Security-Auditing\",\"Channel\":\"Security\",\"Task\":12544,\"Level\":\"16\",\"EventID\":4625,\"Activity\":\"4625 - An account failed to log on.\",\"AuthenticationPackageName\":\"NTLM\",\"FailureReason\":\"%%2313\",\"IpAddress\":\"176.113.115.73\",\"IpPort\":\"0\",\"LmPackageName\":\"-\",\"LogonProcessName\":\"NtLmSsp \",\"LogonType\":3,\"LogonTypeName\":\"3 - Network\",\"Process\":\"-\",\"ProcessId\":\"0x0\",\"__entityMapping\":{\"\\\\ADMINISTRATOR\":\"Account\",\"SecurityEvents\":\"Host\"}}"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.426Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("user"), - // Email: to.Ptr("user@microsoft.com"), - // ObjectID: to.Ptr("b03ca914-5eb6-45e5-9417-fe0797c372fd"), - // }, - // }, - // }}, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/GetAllIncidentEntities.json -func ExampleIncidentsClient_ListEntities() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewIncidentsClient().ListEntities(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.IncidentEntitiesResponse = armsecurityinsights.IncidentEntitiesResponse{ - // Entities: []armsecurityinsights.EntityClassification{ - // &armsecurityinsights.AccountEntity{ - // Name: to.Ptr("e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Type: to.Ptr("Microsoft.SecurityInsights/Entities"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/Entities/e1d3d618-e11f-478b-98e3-bb381539a8e1"), - // Kind: to.Ptr(armsecurityinsights.EntityKindEnumAccount), - // Properties: &armsecurityinsights.AccountEntityProperties{ - // FriendlyName: to.Ptr("administrator"), - // AccountName: to.Ptr("administrator"), - // NtDomain: to.Ptr("domain"), - // }, - // }}, - // MetaData: []*armsecurityinsights.IncidentEntitiesResultsMetadata{ - // { - // Count: to.Ptr[int32](1), - // EntityKind: to.Ptr(armsecurityinsights.EntityKindEnumAccount), - // }}, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/incidenttasks_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidenttasks_client.go new file mode 100644 index 000000000000..5d003ed8cea4 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/incidenttasks_client.go @@ -0,0 +1,330 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// IncidentTasksClient contains the methods for the IncidentTasks group. +// Don't use this type directly, use NewIncidentTasksClient() instead. +type IncidentTasksClient struct { + internal *arm.Client + subscriptionID string +} + +// NewIncidentTasksClient creates a new instance of IncidentTasksClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewIncidentTasksClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*IncidentTasksClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &IncidentTasksClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates the incident task. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - incidentID - Incident ID +// - incidentTaskID - Incident task ID +// - incidentTask - The incident task +// - options - IncidentTasksClientCreateOrUpdateOptions contains the optional parameters for the IncidentTasksClient.CreateOrUpdate +// method. +func (client *IncidentTasksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, incidentTask IncidentTask, options *IncidentTasksClientCreateOrUpdateOptions) (IncidentTasksClientCreateOrUpdateResponse, error) { + var err error + const operationName = "IncidentTasksClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, incidentID, incidentTaskID, incidentTask, options) + if err != nil { + return IncidentTasksClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return IncidentTasksClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return IncidentTasksClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *IncidentTasksClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, incidentTask IncidentTask, options *IncidentTasksClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if incidentID == "" { + return nil, errors.New("parameter incidentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentId}", url.PathEscape(incidentID)) + if incidentTaskID == "" { + return nil, errors.New("parameter incidentTaskID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentTaskId}", url.PathEscape(incidentTaskID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, incidentTask); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *IncidentTasksClient) createOrUpdateHandleResponse(resp *http.Response) (IncidentTasksClientCreateOrUpdateResponse, error) { + result := IncidentTasksClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.IncidentTask); err != nil { + return IncidentTasksClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete the incident task. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - incidentID - Incident ID +// - incidentTaskID - Incident task ID +// - options - IncidentTasksClientDeleteOptions contains the optional parameters for the IncidentTasksClient.Delete method. +func (client *IncidentTasksClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, options *IncidentTasksClientDeleteOptions) (IncidentTasksClientDeleteResponse, error) { + var err error + const operationName = "IncidentTasksClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, incidentID, incidentTaskID, options) + if err != nil { + return IncidentTasksClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return IncidentTasksClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return IncidentTasksClientDeleteResponse{}, err + } + return IncidentTasksClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *IncidentTasksClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, options *IncidentTasksClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if incidentID == "" { + return nil, errors.New("parameter incidentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentId}", url.PathEscape(incidentID)) + if incidentTaskID == "" { + return nil, errors.New("parameter incidentTaskID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentTaskId}", url.PathEscape(incidentTaskID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets an incident task. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - incidentID - Incident ID +// - incidentTaskID - Incident task ID +// - options - IncidentTasksClientGetOptions contains the optional parameters for the IncidentTasksClient.Get method. +func (client *IncidentTasksClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, options *IncidentTasksClientGetOptions) (IncidentTasksClientGetResponse, error) { + var err error + const operationName = "IncidentTasksClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, incidentID, incidentTaskID, options) + if err != nil { + return IncidentTasksClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return IncidentTasksClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return IncidentTasksClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *IncidentTasksClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentTaskID string, options *IncidentTasksClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if incidentID == "" { + return nil, errors.New("parameter incidentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentId}", url.PathEscape(incidentID)) + if incidentTaskID == "" { + return nil, errors.New("parameter incidentTaskID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentTaskId}", url.PathEscape(incidentTaskID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *IncidentTasksClient) getHandleResponse(resp *http.Response) (IncidentTasksClientGetResponse, error) { + result := IncidentTasksClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.IncidentTask); err != nil { + return IncidentTasksClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all incident tasks. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - incidentID - Incident ID +// - options - IncidentTasksClientListOptions contains the optional parameters for the IncidentTasksClient.NewListPager method. +func (client *IncidentTasksClient) NewListPager(resourceGroupName string, workspaceName string, incidentID string, options *IncidentTasksClientListOptions) *runtime.Pager[IncidentTasksClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[IncidentTasksClientListResponse]{ + More: func(page IncidentTasksClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *IncidentTasksClientListResponse) (IncidentTasksClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "IncidentTasksClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, incidentID, options) + }, nil) + if err != nil { + return IncidentTasksClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *IncidentTasksClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, options *IncidentTasksClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if incidentID == "" { + return nil, errors.New("parameter incidentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{incidentId}", url.PathEscape(incidentID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *IncidentTasksClient) listHandleResponse(resp *http.Response) (IncidentTasksClientListResponse, error) { + result := IncidentTasksClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.IncidentTaskList); err != nil { + return IncidentTasksClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/interfaces.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/interfaces.go index 3ca11105e621..89e52d520882 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/interfaces.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/interfaces.go @@ -11,7 +11,8 @@ package armsecurityinsights // AlertRuleClassification provides polymorphic access to related types. // Call the interface's GetAlertRule() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: -// - *AlertRule, *FusionAlertRule, *MicrosoftSecurityIncidentCreationAlertRule, *ScheduledAlertRule +// - *AlertRule, *FusionAlertRule, *MLBehaviorAnalyticsAlertRule, *MicrosoftSecurityIncidentCreationAlertRule, *NrtAlertRule, +// - *ScheduledAlertRule, *ThreatIntelligenceAlertRule type AlertRuleClassification interface { // GetAlertRule returns the AlertRule content of the underlying type. GetAlertRule() *AlertRule @@ -20,7 +21,8 @@ type AlertRuleClassification interface { // AlertRuleTemplateClassification provides polymorphic access to related types. // Call the interface's GetAlertRuleTemplate() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: -// - *AlertRuleTemplate, *FusionAlertRuleTemplate, *MicrosoftSecurityIncidentCreationAlertRuleTemplate, *ScheduledAlertRuleTemplate +// - *AlertRuleTemplate, *FusionAlertRuleTemplate, *MLBehaviorAnalyticsAlertRuleTemplate, *MicrosoftSecurityIncidentCreationAlertRuleTemplate, +// - *NrtAlertRuleTemplate, *ScheduledAlertRuleTemplate, *ThreatIntelligenceAlertRuleTemplate type AlertRuleTemplateClassification interface { // GetAlertRuleTemplate returns the AlertRuleTemplate content of the underlying type. GetAlertRuleTemplate() *AlertRuleTemplate @@ -29,7 +31,7 @@ type AlertRuleTemplateClassification interface { // AutomationRuleActionClassification provides polymorphic access to related types. // Call the interface's GetAutomationRuleAction() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: -// - *AutomationRuleAction, *AutomationRuleModifyPropertiesAction, *AutomationRuleRunPlaybookAction +// - *AutomationRuleAction, *AutomationRuleAddIncidentTaskAction, *AutomationRuleModifyPropertiesAction, *AutomationRuleRunPlaybookAction type AutomationRuleActionClassification interface { // GetAutomationRuleAction returns the AutomationRuleAction content of the underlying type. GetAutomationRuleAction() *AutomationRuleAction @@ -38,34 +40,150 @@ type AutomationRuleActionClassification interface { // AutomationRuleConditionClassification provides polymorphic access to related types. // Call the interface's GetAutomationRuleCondition() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: -// - *AutomationRuleCondition, *PropertyConditionProperties +// - *AutomationRuleCondition, *BooleanConditionProperties, *PropertyArrayChangedConditionProperties, *PropertyArrayConditionProperties, +// - *PropertyChangedConditionProperties, *PropertyConditionProperties type AutomationRuleConditionClassification interface { // GetAutomationRuleCondition returns the AutomationRuleCondition content of the underlying type. GetAutomationRuleCondition() *AutomationRuleCondition } +// BillingStatisticClassification provides polymorphic access to related types. +// Call the interface's GetBillingStatistic() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *BillingStatistic, *SapSolutionUsageStatistic +type BillingStatisticClassification interface { + // GetBillingStatistic returns the BillingStatistic content of the underlying type. + GetBillingStatistic() *BillingStatistic +} + +// CcpAuthConfigClassification provides polymorphic access to related types. +// Call the interface's GetCcpAuthConfig() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *APIKeyAuthModel, *AWSAuthModel, *BasicAuthModel, *CcpAuthConfig, *GCPAuthModel, *GenericBlobSbsAuthModel, *GitHubAuthModel, +// - *JwtAuthModel, *NoneAuthModel, *OAuthModel, *OracleAuthModel, *SessionAuthModel +type CcpAuthConfigClassification interface { + // GetCcpAuthConfig returns the CcpAuthConfig content of the underlying type. + GetCcpAuthConfig() *CcpAuthConfig +} + +// CustomEntityQueryClassification provides polymorphic access to related types. +// Call the interface's GetCustomEntityQuery() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *ActivityCustomEntityQuery, *CustomEntityQuery +type CustomEntityQueryClassification interface { + // GetCustomEntityQuery returns the CustomEntityQuery content of the underlying type. + GetCustomEntityQuery() *CustomEntityQuery +} + // DataConnectorClassification provides polymorphic access to related types. // Call the interface's GetDataConnector() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: -// - *AADDataConnector, *AATPDataConnector, *ASCDataConnector, *AwsCloudTrailDataConnector, *DataConnector, *MCASDataConnector, -// - *MDATPDataConnector, *OfficeDataConnector, *TIDataConnector +// - *AADDataConnector, *AATPDataConnector, *ASCDataConnector, *AwsCloudTrailDataConnector, *AwsS3DataConnector, *CodelessAPIPollingDataConnector, +// - *CodelessUIDataConnector, *DataConnector, *Dynamics365DataConnector, *GCPDataConnector, *IoTDataConnector, *MCASDataConnector, +// - *MDATPDataConnector, *MSTIDataConnector, *MTPDataConnector, *MicrosoftPurviewInformationProtectionDataConnector, *Office365ProjectDataConnector, +// - *OfficeATPDataConnector, *OfficeDataConnector, *OfficeIRMDataConnector, *OfficePowerBIDataConnector, *RestAPIPollerDataConnector, +// - *TIDataConnector, *TiTaxiiDataConnector type DataConnectorClassification interface { // GetDataConnector returns the DataConnector content of the underlying type. GetDataConnector() *DataConnector } +// DataConnectorDefinitionClassification provides polymorphic access to related types. +// Call the interface's GetDataConnectorDefinition() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *CustomizableConnectorDefinition, *DataConnectorDefinition +type DataConnectorDefinitionClassification interface { + // GetDataConnectorDefinition returns the DataConnectorDefinition content of the underlying type. + GetDataConnectorDefinition() *DataConnectorDefinition +} + +// DataConnectorsCheckRequirementsClassification provides polymorphic access to related types. +// Call the interface's GetDataConnectorsCheckRequirements() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *AADCheckRequirements, *AATPCheckRequirements, *ASCCheckRequirements, *AwsCloudTrailCheckRequirements, *AwsS3CheckRequirements, +// - *DataConnectorsCheckRequirements, *Dynamics365CheckRequirements, *IoTCheckRequirements, *MCASCheckRequirements, *MDATPCheckRequirements, +// - *MSTICheckRequirements, *MicrosoftPurviewInformationProtectionCheckRequirements, *MtpCheckRequirements, *Office365ProjectCheckRequirements, +// - *OfficeATPCheckRequirements, *OfficeIRMCheckRequirements, *OfficePowerBICheckRequirements, *TICheckRequirements, *TiTaxiiCheckRequirements +type DataConnectorsCheckRequirementsClassification interface { + // GetDataConnectorsCheckRequirements returns the DataConnectorsCheckRequirements content of the underlying type. + GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements +} + // EntityClassification provides polymorphic access to related types. // Call the interface's GetEntity() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: // - *AccountEntity, *AzureResourceEntity, *CloudApplicationEntity, *DNSEntity, *Entity, *FileEntity, *FileHashEntity, *HostEntity, // - *HuntingBookmark, *IPEntity, *IoTDeviceEntity, *MailClusterEntity, *MailMessageEntity, *MailboxEntity, *MalwareEntity, -// - *ProcessEntity, *RegistryKeyEntity, *RegistryValueEntity, *SecurityAlert, *SecurityGroupEntity, *SubmissionMailEntity, +// - *NicEntity, *ProcessEntity, *RegistryKeyEntity, *RegistryValueEntity, *SecurityAlert, *SecurityGroupEntity, *SubmissionMailEntity, // - *URLEntity type EntityClassification interface { // GetEntity returns the Entity content of the underlying type. GetEntity() *Entity } +// EntityQueryClassification provides polymorphic access to related types. +// Call the interface's GetEntityQuery() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *ActivityEntityQuery, *EntityQuery, *ExpansionEntityQuery +type EntityQueryClassification interface { + // GetEntityQuery returns the EntityQuery content of the underlying type. + GetEntityQuery() *EntityQuery +} + +// EntityQueryItemClassification provides polymorphic access to related types. +// Call the interface's GetEntityQueryItem() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *EntityQueryItem, *InsightQueryItem +type EntityQueryItemClassification interface { + // GetEntityQueryItem returns the EntityQueryItem content of the underlying type. + GetEntityQueryItem() *EntityQueryItem +} + +// EntityQueryTemplateClassification provides polymorphic access to related types. +// Call the interface's GetEntityQueryTemplate() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *ActivityEntityQueryTemplate, *EntityQueryTemplate +type EntityQueryTemplateClassification interface { + // GetEntityQueryTemplate returns the EntityQueryTemplate content of the underlying type. + GetEntityQueryTemplate() *EntityQueryTemplate +} + +// EntityTimelineItemClassification provides polymorphic access to related types. +// Call the interface's GetEntityTimelineItem() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *ActivityTimelineItem, *AnomalyTimelineItem, *BookmarkTimelineItem, *EntityTimelineItem, *SecurityAlertTimelineItem +type EntityTimelineItemClassification interface { + // GetEntityTimelineItem returns the EntityTimelineItem content of the underlying type. + GetEntityTimelineItem() *EntityTimelineItem +} + +// SecurityMLAnalyticsSettingClassification provides polymorphic access to related types. +// Call the interface's GetSecurityMLAnalyticsSetting() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *AnomalySecurityMLAnalyticsSettings, *SecurityMLAnalyticsSetting +type SecurityMLAnalyticsSettingClassification interface { + // GetSecurityMLAnalyticsSetting returns the SecurityMLAnalyticsSetting content of the underlying type. + GetSecurityMLAnalyticsSetting() *SecurityMLAnalyticsSetting +} + +// SettingsClassification provides polymorphic access to related types. +// Call the interface's GetSettings() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *Anomalies, *EntityAnalytics, *EyesOn, *Settings, *Ueba +type SettingsClassification interface { + // GetSettings returns the Settings content of the underlying type. + GetSettings() *Settings +} + +// TIObjectClassification provides polymorphic access to related types. +// Call the interface's GetTIObject() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *AttackPattern, *Identity, *Indicator, *Relationship, *TIObject, *ThreatActor +type TIObjectClassification interface { + // GetTIObject returns the TIObject content of the underlying type. + GetTIObject() *TIObject +} + // ThreatIntelligenceInformationClassification provides polymorphic access to related types. // Call the interface's GetThreatIntelligenceInformation() method to access the common type. // Use a type switch to determine the concrete type. The possible types are: diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/ipgeodata_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/ipgeodata_client.go new file mode 100644 index 000000000000..c0633b181b32 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/ipgeodata_client.go @@ -0,0 +1,105 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// IPGeodataClient contains the methods for the IPGeodata group. +// Don't use this type directly, use NewIPGeodataClient() instead. +type IPGeodataClient struct { + internal *arm.Client + subscriptionID string +} + +// NewIPGeodataClient creates a new instance of IPGeodataClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewIPGeodataClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*IPGeodataClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &IPGeodataClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Get geodata for a single IP address +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - ipAddress - IP address (v4 or v6) to be enriched +// - options - IPGeodataClientGetOptions contains the optional parameters for the IPGeodataClient.Get method. +func (client *IPGeodataClient) Get(ctx context.Context, resourceGroupName string, ipAddress string, options *IPGeodataClientGetOptions) (IPGeodataClientGetResponse, error) { + var err error + const operationName = "IPGeodataClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, ipAddress, options) + if err != nil { + return IPGeodataClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return IPGeodataClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return IPGeodataClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *IPGeodataClient) getCreateRequest(ctx context.Context, resourceGroupName string, ipAddress string, options *IPGeodataClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/ip/geodata/" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + reqQP.Set("ipAddress", ipAddress) + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *IPGeodataClient) getHandleResponse(resp *http.Response) (IPGeodataClientGetResponse, error) { + result := IPGeodataClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EnrichmentIPGeodata); err != nil { + return IPGeodataClientGetResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client.go new file mode 100644 index 000000000000..0590725704d4 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/metadata_client.go @@ -0,0 +1,395 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// MetadataClient contains the methods for the Metadata group. +// Don't use this type directly, use NewMetadataClient() instead. +type MetadataClient struct { + internal *arm.Client + subscriptionID string +} + +// NewMetadataClient creates a new instance of MetadataClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewMetadataClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*MetadataClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &MetadataClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Create - Create a Metadata. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - metadataName - The Metadata name. +// - metadata - Metadata resource. +// - options - MetadataClientCreateOptions contains the optional parameters for the MetadataClient.Create method. +func (client *MetadataClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadata MetadataModel, options *MetadataClientCreateOptions) (MetadataClientCreateResponse, error) { + var err error + const operationName = "MetadataClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, resourceGroupName, workspaceName, metadataName, metadata, options) + if err != nil { + return MetadataClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return MetadataClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return MetadataClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *MetadataClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadata MetadataModel, options *MetadataClientCreateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if metadataName == "" { + return nil, errors.New("parameter metadataName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{metadataName}", url.PathEscape(metadataName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, metadata); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *MetadataClient) createHandleResponse(resp *http.Response) (MetadataClientCreateResponse, error) { + result := MetadataClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.MetadataModel); err != nil { + return MetadataClientCreateResponse{}, err + } + return result, nil +} + +// Delete - Delete a Metadata. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - metadataName - The Metadata name. +// - options - MetadataClientDeleteOptions contains the optional parameters for the MetadataClient.Delete method. +func (client *MetadataClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, options *MetadataClientDeleteOptions) (MetadataClientDeleteResponse, error) { + var err error + const operationName = "MetadataClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, metadataName, options) + if err != nil { + return MetadataClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return MetadataClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return MetadataClientDeleteResponse{}, err + } + return MetadataClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *MetadataClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, options *MetadataClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if metadataName == "" { + return nil, errors.New("parameter metadataName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{metadataName}", url.PathEscape(metadataName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Get a Metadata. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - metadataName - The Metadata name. +// - options - MetadataClientGetOptions contains the optional parameters for the MetadataClient.Get method. +func (client *MetadataClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, options *MetadataClientGetOptions) (MetadataClientGetResponse, error) { + var err error + const operationName = "MetadataClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, metadataName, options) + if err != nil { + return MetadataClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return MetadataClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return MetadataClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *MetadataClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, options *MetadataClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if metadataName == "" { + return nil, errors.New("parameter metadataName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{metadataName}", url.PathEscape(metadataName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *MetadataClient) getHandleResponse(resp *http.Response) (MetadataClientGetResponse, error) { + result := MetadataClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.MetadataModel); err != nil { + return MetadataClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - List of all metadata +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - MetadataClientListOptions contains the optional parameters for the MetadataClient.NewListPager method. +func (client *MetadataClient) NewListPager(resourceGroupName string, workspaceName string, options *MetadataClientListOptions) *runtime.Pager[MetadataClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[MetadataClientListResponse]{ + More: func(page MetadataClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *MetadataClientListResponse) (MetadataClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "MetadataClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return MetadataClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *MetadataClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *MetadataClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.Skip != nil { + reqQP.Set("$skip", strconv.FormatInt(int64(*options.Skip), 10)) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *MetadataClient) listHandleResponse(resp *http.Response) (MetadataClientListResponse, error) { + result := MetadataClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.MetadataList); err != nil { + return MetadataClientListResponse{}, err + } + return result, nil +} + +// Update - Update an existing Metadata. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - metadataName - The Metadata name. +// - metadataPatch - Partial metadata request. +// - options - MetadataClientUpdateOptions contains the optional parameters for the MetadataClient.Update method. +func (client *MetadataClient) Update(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadataPatch MetadataPatch, options *MetadataClientUpdateOptions) (MetadataClientUpdateResponse, error) { + var err error + const operationName = "MetadataClient.Update" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.updateCreateRequest(ctx, resourceGroupName, workspaceName, metadataName, metadataPatch, options) + if err != nil { + return MetadataClientUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return MetadataClientUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return MetadataClientUpdateResponse{}, err + } + resp, err := client.updateHandleResponse(httpResp) + return resp, err +} + +// updateCreateRequest creates the Update request. +func (client *MetadataClient) updateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadataPatch MetadataPatch, options *MetadataClientUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if metadataName == "" { + return nil, errors.New("parameter metadataName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{metadataName}", url.PathEscape(metadataName)) + req, err := runtime.NewRequest(ctx, http.MethodPatch, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, metadataPatch); err != nil { + return nil, err + } + return req, nil +} + +// updateHandleResponse handles the Update response. +func (client *MetadataClient) updateHandleResponse(resp *http.Response) (MetadataClientUpdateResponse, error) { + result := MetadataClientUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.MetadataModel); err != nil { + return MetadataClientUpdateResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/models.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/models.go index b1dacb47442b..7790ffdb22d0 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/models.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/models.go @@ -10,7 +10,29 @@ package armsecurityinsights import "time" -// AADDataConnector - Represents AAD (Azure Active Directory) data connector. +// AADCheckRequirements - Represents AADIP (Azure Active Directory Identity Protection) requirements check request. +type AADCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // AADIP (Azure Active Directory Identity Protection) requirements check properties. + Properties *AADCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type AADCheckRequirements. +func (a *AADCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: a.Kind, + } +} + +// AADCheckRequirementsProperties - AADIP (Azure Active Directory Identity Protection) requirements check properties. +type AADCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// AADDataConnector - Represents AADIP (Azure Active Directory Identity Protection) data connector. type AADDataConnector struct { // REQUIRED; The data connector kind Kind *DataConnectorKind @@ -18,7 +40,7 @@ type AADDataConnector struct { // Etag of the azure resource Etag *string - // AAD (Azure Active Directory) data connector properties. + // AADIP (Azure Active Directory Identity Protection) data connector properties. Properties *AADDataConnectorProperties // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} @@ -46,12 +68,34 @@ func (a *AADDataConnector) GetDataConnector() *DataConnector { } } -// AADDataConnectorProperties - AAD (Azure Active Directory) data connector properties. +// AADDataConnectorProperties - AADIP (Azure Active Directory Identity Protection) data connector properties. type AADDataConnectorProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string + // The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector +} + +// AATPCheckRequirements - Represents AATP (Azure Advanced Threat Protection) requirements check request. +type AATPCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // AATP (Azure Advanced Threat Protection) requirements check properties. + Properties *AATPCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type AATPCheckRequirements. +func (a *AATPCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: a.Kind, + } +} - // The tenant id to connect to, and get the data from. +// AATPCheckRequirementsProperties - AATP (Azure Advanced Threat Protection) requirements check properties. +type AATPCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. TenantID *string } @@ -93,11 +137,69 @@ func (a *AATPDataConnector) GetDataConnector() *DataConnector { // AATPDataConnectorProperties - AATP (Azure Advanced Threat Protection) data connector properties. type AATPDataConnectorProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string + // The available data types for the connector. DataTypes *AlertsDataTypeOfDataConnector +} - // The tenant id to connect to, and get the data from. - TenantID *string +// APIKeyAuthModel - Model for authentication with the API Key. Will result in additional header on the request (default behavior) +// to the remote server: 'ApiKeyName: ApiKeyIdentifier ApiKey'. If 'IsApiKeyInPostPayload' is +// true it will send it in the body of the request and not the header. +type APIKeyAuthModel struct { + // REQUIRED; API Key for the user secret key credential + APIKey *string + + // REQUIRED; API Key name + APIKeyName *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // API Key Identifier + APIKeyIdentifier *string + + // Flag to indicate if API key is set in HTTP POST payload + IsAPIKeyInPostPayload *bool +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type APIKeyAuthModel. +func (a *APIKeyAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: a.Type, + } +} + +// APIPollingParameters - Represents Codeless API Polling data connector +type APIPollingParameters struct { + // Config to describe the instructions blade + ConnectorUIConfig *CodelessUIConnectorConfigProperties + + // Config to describe the polling instructions + PollingConfig *CodelessConnectorPollingConfigProperties +} + +// ASCCheckRequirements - Represents ASC (Azure Security Center) requirements check request. +type ASCCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // ASC (Azure Security Center) requirements check properties. + Properties *ASCCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type ASCCheckRequirements. +func (a *ASCCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: a.Kind, + } +} + +// ASCCheckRequirementsProperties - ASC (Azure Security Center) requirements check properties. +type ASCCheckRequirementsProperties struct { + // The subscription id to connect to, and get the data from. + SubscriptionID *string } // ASCDataConnector - Represents ASC (Azure Security Center) data connector. @@ -145,6 +247,25 @@ type ASCDataConnectorProperties struct { SubscriptionID *string } +// AWSAuthModel - Model for API authentication with AWS. +type AWSAuthModel struct { + // REQUIRED; AWS STS assume role ARN + RoleArn *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // AWS STS assume role external ID. This is used to prevent the confused deputy problem: 'https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html' + ExternalID *string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type AWSAuthModel. +func (a *AWSAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: a.Type, + } +} + // AccountEntity - Represents an account entity. type AccountEntity struct { // REQUIRED; The kind of the entity. @@ -207,7 +328,7 @@ type AccountEntityProperties struct { // READ-ONLY; Determines whether this is a domain account. IsDomainJoined *bool - // READ-ONLY; The NetBIOS domain name as it appears in the alert format - domain\username. Examples: NT AUTHORITY. + // READ-ONLY; The NetBIOS domain name as it appears in the alert format domain/username. Examples: NT AUTHORITY. NtDomain *string // READ-ONLY; The objectGUID attribute is a single-value attribute that is the unique identifier for the object, assigned @@ -256,7 +377,7 @@ type ActionRequestProperties struct { // ActionResponse - Action for alert rule. type ActionResponse struct { - // Etag of the action. + // Etag of the azure resource Etag *string // Action properties for get request @@ -293,6 +414,230 @@ type ActionsList struct { NextLink *string } +// ActivityCustomEntityQuery - Represents Activity entity query. +type ActivityCustomEntityQuery struct { + // REQUIRED; the entity query kind + Kind *CustomEntityQueryKind + + // Etag of the azure resource + Etag *string + + // Activity entity query properties + Properties *ActivityEntityQueriesProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetCustomEntityQuery implements the CustomEntityQueryClassification interface for type ActivityCustomEntityQuery. +func (a *ActivityCustomEntityQuery) GetCustomEntityQuery() *CustomEntityQuery { + return &CustomEntityQuery{ + Etag: a.Etag, + ID: a.ID, + Kind: a.Kind, + Name: a.Name, + SystemData: a.SystemData, + Type: a.Type, + } +} + +// ActivityEntityQueriesProperties - Describes activity entity query properties +type ActivityEntityQueriesProperties struct { + // The entity query content to display in timeline + Content *string + + // The entity query description + Description *string + + // Determines whether this activity is enabled or disabled. + Enabled *bool + + // The query applied only to entities matching to all filters + EntitiesFilter map[string][]*string + + // The type of the query's source entity + InputEntityType *EntityType + + // The Activity query definitions + QueryDefinitions *ActivityEntityQueriesPropertiesQueryDefinitions + + // List of the fields of the source entity that are required to run the query + RequiredInputFieldsSets [][]*string + + // The template id this activity was created from + TemplateName *string + + // The entity query title + Title *string + + // READ-ONLY; The time the activity was created + CreatedTimeUTC *time.Time + + // READ-ONLY; The last time the activity was updated + LastModifiedTimeUTC *time.Time +} + +// ActivityEntityQueriesPropertiesQueryDefinitions - The Activity query definitions +type ActivityEntityQueriesPropertiesQueryDefinitions struct { + // The Activity query to run on a given entity + Query *string +} + +// ActivityEntityQuery - Represents Activity entity query. +type ActivityEntityQuery struct { + // REQUIRED; the entity query kind + Kind *EntityQueryKind + + // Etag of the azure resource + Etag *string + + // Activity entity query properties + Properties *ActivityEntityQueriesProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntityQuery implements the EntityQueryClassification interface for type ActivityEntityQuery. +func (a *ActivityEntityQuery) GetEntityQuery() *EntityQuery { + return &EntityQuery{ + Etag: a.Etag, + ID: a.ID, + Kind: a.Kind, + Name: a.Name, + SystemData: a.SystemData, + Type: a.Type, + } +} + +// ActivityEntityQueryTemplate - Represents Activity entity query. +type ActivityEntityQueryTemplate struct { + // REQUIRED; the entity query template kind + Kind *EntityQueryTemplateKind + + // Activity entity query properties + Properties *ActivityEntityQueryTemplateProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntityQueryTemplate implements the EntityQueryTemplateClassification interface for type ActivityEntityQueryTemplate. +func (a *ActivityEntityQueryTemplate) GetEntityQueryTemplate() *EntityQueryTemplate { + return &EntityQueryTemplate{ + ID: a.ID, + Kind: a.Kind, + Name: a.Name, + SystemData: a.SystemData, + Type: a.Type, + } +} + +// ActivityEntityQueryTemplateProperties - Describes activity entity query properties +type ActivityEntityQueryTemplateProperties struct { + // The entity query content to display in timeline + Content *string + + // List of required data types for the given entity query template + DataTypes []*DataTypeDefinitions + + // The entity query description + Description *string + + // The query applied only to entities matching to all filters + EntitiesFilter map[string][]*string + + // The type of the query's source entity + InputEntityType *EntityType + + // The Activity query definitions + QueryDefinitions *ActivityEntityQueryTemplatePropertiesQueryDefinitions + + // List of the fields of the source entity that are required to run the query + RequiredInputFieldsSets [][]*string + + // The entity query title + Title *string +} + +// ActivityEntityQueryTemplatePropertiesQueryDefinitions - The Activity query definitions +type ActivityEntityQueryTemplatePropertiesQueryDefinitions struct { + // The Activity query to run on a given entity + Query *string + + // The dimensions we want to summarize the timeline results on, this is comma separated list + SummarizeBy *string +} + +// ActivityTimelineItem - Represents Activity timeline item. +type ActivityTimelineItem struct { + // REQUIRED; The grouping bucket end time. + BucketEndTimeUTC *time.Time + + // REQUIRED; The grouping bucket start time. + BucketStartTimeUTC *time.Time + + // REQUIRED; The activity timeline content. + Content *string + + // REQUIRED; The time of the first activity in the grouping bucket. + FirstActivityTimeUTC *time.Time + + // REQUIRED; The entity query kind type. + Kind *EntityTimelineKind + + // REQUIRED; The time of the last activity in the grouping bucket. + LastActivityTimeUTC *time.Time + + // REQUIRED; The activity query id. + QueryID *string + + // REQUIRED; The activity timeline title. + Title *string +} + +// GetEntityTimelineItem implements the EntityTimelineItemClassification interface for type ActivityTimelineItem. +func (a *ActivityTimelineItem) GetEntityTimelineItem() *EntityTimelineItem { + return &EntityTimelineItem{ + Kind: a.Kind, + } +} + +type AddIncidentTaskActionProperties struct { + // REQUIRED; The title of the task. + Title *string + + // The description of the task. + Description *string +} + // AlertDetailsOverride - Settings for how to dynamically override alert static details type AlertDetailsOverride struct { // the format containing columns name(s) to override the alert description @@ -301,6 +646,9 @@ type AlertDetailsOverride struct { // the format containing columns name(s) to override the alert name AlertDisplayNameFormat *string + // List of additional dynamic properties to override + AlertDynamicProperties []*AlertPropertyMapping + // the column name to take the alert severity from AlertSeverityColumnName *string @@ -308,9 +656,18 @@ type AlertDetailsOverride struct { AlertTacticsColumnName *string } +// AlertPropertyMapping - A single alert property mapping to override +type AlertPropertyMapping struct { + // The V3 alert property + AlertProperty *AlertProperty + + // the column name to use to override this property + Value *string +} + // AlertRule - Alert rule. type AlertRule struct { - // REQUIRED; The alert rule kind + // REQUIRED; The kind of the alert rule Kind *AlertRuleKind // Etag of the azure resource @@ -334,7 +691,7 @@ func (a *AlertRule) GetAlertRule() *AlertRule { return a } // AlertRuleTemplate - Alert rule template. type AlertRuleTemplate struct { - // REQUIRED; The alert rule kind + // REQUIRED; The kind of the alert rule Kind *AlertRuleKind // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} @@ -382,17 +739,33 @@ type AlertRulesList struct { // AlertsDataTypeOfDataConnector - Alerts data type for data connectors. type AlertsDataTypeOfDataConnector struct { - // Alerts data type connection. + // REQUIRED; Alerts data type connection. Alerts *DataConnectorDataTypeCommon } -type AutomationRule struct { - // REQUIRED; Automation rule properties - Properties *AutomationRuleProperties +// AnalyticsRuleRunTrigger - Analytics Rule Run Trigger request +type AnalyticsRuleRunTrigger struct { + // REQUIRED; The analytics Rule Run Trigger request + Properties *AnalyticsRuleRunTriggerProperties +} + +// AnalyticsRuleRunTriggerProperties - The Analytics Rule Run Trigger properties +type AnalyticsRuleRunTriggerProperties struct { + // REQUIRED + ExecutionTimeUTC *time.Time +} + +// Anomalies - Settings with single toggle. +type Anomalies struct { + // REQUIRED; The kind of the setting + Kind *SettingKind // Etag of the azure resource Etag *string + // Anomalies properties + Properties *AnomaliesSettingsProperties + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -406,83 +779,329 @@ type AutomationRule struct { Type *string } -// AutomationRuleAction - Describes an automation rule action -type AutomationRuleAction struct { - // REQUIRED; The type of the automation rule action - ActionType *ActionType +// GetSettings implements the SettingsClassification interface for type Anomalies. +func (a *Anomalies) GetSettings() *Settings { + return &Settings{ + Etag: a.Etag, + ID: a.ID, + Kind: a.Kind, + Name: a.Name, + SystemData: a.SystemData, + Type: a.Type, + } +} - // REQUIRED - Order *int32 +// AnomaliesSettingsProperties - Anomalies property bag. +type AnomaliesSettingsProperties struct { + // READ-ONLY; Determines whether the setting is enable or disabled. + IsEnabled *bool } -// GetAutomationRuleAction implements the AutomationRuleActionClassification interface for type AutomationRuleAction. -func (a *AutomationRuleAction) GetAutomationRuleAction() *AutomationRuleAction { return a } +// AnomalySecurityMLAnalyticsSettings - Represents Anomaly Security ML Analytics Settings +type AnomalySecurityMLAnalyticsSettings struct { + // REQUIRED; The kind of security ML Analytics Settings + Kind *SecurityMLAnalyticsSettingsKind -// AutomationRuleCondition - Describes an automation rule condition -type AutomationRuleCondition struct { - // REQUIRED - ConditionType *ConditionType -} + // Etag of the azure resource + Etag *string -// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type AutomationRuleCondition. -func (a *AutomationRuleCondition) GetAutomationRuleCondition() *AutomationRuleCondition { return a } + // Anomaly Security ML Analytics Settings properties + Properties *AnomalySecurityMLAnalyticsSettingsProperties -// AutomationRuleModifyPropertiesAction - Describes an automation rule action to modify an object's properties. -type AutomationRuleModifyPropertiesAction struct { - // REQUIRED; The type of the automation rule action - ActionType *ActionType + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string - // REQUIRED - Order *int32 - ActionConfiguration *IncidentPropertiesAction + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string } -// GetAutomationRuleAction implements the AutomationRuleActionClassification interface for type AutomationRuleModifyPropertiesAction. -func (a *AutomationRuleModifyPropertiesAction) GetAutomationRuleAction() *AutomationRuleAction { - return &AutomationRuleAction{ - ActionType: a.ActionType, - Order: a.Order, +// GetSecurityMLAnalyticsSetting implements the SecurityMLAnalyticsSettingClassification interface for type AnomalySecurityMLAnalyticsSettings. +func (a *AnomalySecurityMLAnalyticsSettings) GetSecurityMLAnalyticsSetting() *SecurityMLAnalyticsSetting { + return &SecurityMLAnalyticsSetting{ + Etag: a.Etag, + ID: a.ID, + Kind: a.Kind, + Name: a.Name, + SystemData: a.SystemData, + Type: a.Type, } } -// AutomationRuleProperties - Automation rule properties -type AutomationRuleProperties struct { - // REQUIRED; The actions to execute when the automation rule is triggered - Actions []AutomationRuleActionClassification +// AnomalySecurityMLAnalyticsSettingsProperties - AnomalySecurityMLAnalytics settings base property bag. +type AnomalySecurityMLAnalyticsSettingsProperties struct { + // REQUIRED; The anomaly version of the AnomalySecurityMLAnalyticsSettings. + AnomalyVersion *string - // REQUIRED; The display name of the automation rule + // REQUIRED; The display name for settings created by this SecurityMLAnalyticsSettings. DisplayName *string - // REQUIRED; The order of execution of the automation rule - Order *int32 + // REQUIRED; Determines whether this settings is enabled or disabled. + Enabled *bool - // REQUIRED; Describes automation rule triggering logic - TriggeringLogic *AutomationRuleTriggeringLogic + // REQUIRED; The frequency that this SecurityMLAnalyticsSettings will be run. + Frequency *string - // READ-ONLY; Information on the client (user or application) that made some action + // REQUIRED; Determines whether this anomaly security ml analytics settings is a default settings + IsDefaultSettings *bool + + // REQUIRED; The anomaly SecurityMLAnalyticsSettings status + SettingsStatus *SettingsStatus + + // The anomaly settings version of the Anomaly security ml analytics settings that dictates whether job version gets updated + // or not. + AnomalySettingsVersion *int32 + + // The customizable observations of the AnomalySecurityMLAnalyticsSettings. + CustomizableObservations any + + // The description of the SecurityMLAnalyticsSettings. + Description *string + + // The required data sources for this SecurityMLAnalyticsSettings + RequiredDataConnectors []*SecurityMLAnalyticsSettingsDataSource + + // The anomaly settings definition Id + SettingsDefinitionID *string + + // The tactics of the SecurityMLAnalyticsSettings + Tactics []*AttackTactic + + // The techniques of the SecurityMLAnalyticsSettings + Techniques []*string + + // READ-ONLY; The last time that this SecurityMLAnalyticsSettings has been modified. + LastModifiedUTC *time.Time +} + +// AnomalyTimelineItem - Represents anomaly timeline item. +type AnomalyTimelineItem struct { + // REQUIRED; The anomaly azure resource id. + AzureResourceID *string + + // REQUIRED; The anomaly name. + DisplayName *string + + // REQUIRED; The anomaly end time. + EndTimeUTC *time.Time + + // REQUIRED; The entity query kind type. + Kind *EntityTimelineKind + + // REQUIRED; The anomaly start time. + StartTimeUTC *time.Time + + // REQUIRED; The anomaly generated time. + TimeGenerated *time.Time + + // The anomaly description. + Description *string + + // The intent of the anomaly. + Intent *string + + // The anomaly product name. + ProductName *string + + // The reasons that cause the anomaly. + Reasons []*string + + // The techniques of the anomaly. + Techniques []*string + + // The name of the anomaly vendor. + Vendor *string +} + +// GetEntityTimelineItem implements the EntityTimelineItemClassification interface for type AnomalyTimelineItem. +func (a *AnomalyTimelineItem) GetEntityTimelineItem() *EntityTimelineItem { + return &EntityTimelineItem{ + Kind: a.Kind, + } +} + +// AssignmentItem - An entity describing a content item. +type AssignmentItem struct { + // The resource id of the content item + ResourceID *string +} + +// AttackPattern - Represents an attack pattern in Azure Security Insights. +type AttackPattern struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type AttackPattern. +func (a *AttackPattern) GetTIObject() *TIObject { + return &TIObject{ + ID: a.ID, + Kind: a.Kind, + Name: a.Name, + Properties: a.Properties, + SystemData: a.SystemData, + Type: a.Type, + } +} + +type AutomationRule struct { + // REQUIRED; Automation rule properties + Properties *AutomationRuleProperties + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// AutomationRuleAction - Describes an automation rule action. +type AutomationRuleAction struct { + // REQUIRED; The type of the automation rule action. + ActionType *ActionType + + // REQUIRED + Order *int32 +} + +// GetAutomationRuleAction implements the AutomationRuleActionClassification interface for type AutomationRuleAction. +func (a *AutomationRuleAction) GetAutomationRuleAction() *AutomationRuleAction { return a } + +// AutomationRuleAddIncidentTaskAction - Describes an automation rule action to add a task to an incident +type AutomationRuleAddIncidentTaskAction struct { + // REQUIRED; The type of the automation rule action. + ActionType *ActionType + + // REQUIRED + Order *int32 + ActionConfiguration *AddIncidentTaskActionProperties +} + +// GetAutomationRuleAction implements the AutomationRuleActionClassification interface for type AutomationRuleAddIncidentTaskAction. +func (a *AutomationRuleAddIncidentTaskAction) GetAutomationRuleAction() *AutomationRuleAction { + return &AutomationRuleAction{ + ActionType: a.ActionType, + Order: a.Order, + } +} + +type AutomationRuleBooleanCondition struct { + InnerConditions []AutomationRuleConditionClassification + Operator *AutomationRuleBooleanConditionSupportedOperator +} + +// AutomationRuleCondition - Describes an automation rule condition. +type AutomationRuleCondition struct { + // REQUIRED + ConditionType *ConditionType +} + +// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type AutomationRuleCondition. +func (a *AutomationRuleCondition) GetAutomationRuleCondition() *AutomationRuleCondition { return a } + +// AutomationRuleModifyPropertiesAction - Describes an automation rule action to modify an object's properties +type AutomationRuleModifyPropertiesAction struct { + // REQUIRED; The type of the automation rule action. + ActionType *ActionType + + // REQUIRED + Order *int32 + ActionConfiguration *IncidentPropertiesAction +} + +// GetAutomationRuleAction implements the AutomationRuleActionClassification interface for type AutomationRuleModifyPropertiesAction. +func (a *AutomationRuleModifyPropertiesAction) GetAutomationRuleAction() *AutomationRuleAction { + return &AutomationRuleAction{ + ActionType: a.ActionType, + Order: a.Order, + } +} + +// AutomationRuleProperties - Automation rule properties +type AutomationRuleProperties struct { + // REQUIRED; The actions to execute when the automation rule is triggered. + Actions []AutomationRuleActionClassification + + // REQUIRED; The display name of the automation rule. + DisplayName *string + + // REQUIRED; The order of execution of the automation rule. + Order *int32 + + // REQUIRED; Describes automation rule triggering logic. + TriggeringLogic *AutomationRuleTriggeringLogic + + // READ-ONLY; Information on the client (user or application) that made some action CreatedBy *ClientInfo - // READ-ONLY; The time the automation rule was created + // READ-ONLY; The time the automation rule was created. CreatedTimeUTC *time.Time // READ-ONLY; Information on the client (user or application) that made some action LastModifiedBy *ClientInfo - // READ-ONLY; The last time the automation rule was updated + // READ-ONLY; The last time the automation rule was updated. LastModifiedTimeUTC *time.Time } +type AutomationRulePropertyArrayChangedValuesCondition struct { + ArrayType *AutomationRulePropertyArrayChangedConditionSupportedArrayType + ChangeType *AutomationRulePropertyArrayChangedConditionSupportedChangeType +} + +type AutomationRulePropertyArrayValuesCondition struct { + ArrayConditionType *AutomationRulePropertyArrayConditionSupportedArrayConditionType + ArrayType *AutomationRulePropertyArrayConditionSupportedArrayType + ItemConditions []AutomationRuleConditionClassification +} + +type AutomationRulePropertyValuesChangedCondition struct { + ChangeType *AutomationRulePropertyChangedConditionSupportedChangedType + Operator *AutomationRulePropertyConditionSupportedOperator + PropertyName *AutomationRulePropertyChangedConditionSupportedPropertyType + PropertyValues []*string +} + type AutomationRulePropertyValuesCondition struct { Operator *AutomationRulePropertyConditionSupportedOperator - // The property to evaluate in an automation rule property condition + // The property to evaluate in an automation rule property condition. PropertyName *AutomationRulePropertyConditionSupportedProperty PropertyValues []*string } // AutomationRuleRunPlaybookAction - Describes an automation rule action to run a playbook type AutomationRuleRunPlaybookAction struct { - // REQUIRED; The type of the automation rule action + // REQUIRED; The type of the automation rule action. ActionType *ActionType // REQUIRED @@ -498,9 +1117,9 @@ func (a *AutomationRuleRunPlaybookAction) GetAutomationRuleAction() *AutomationR } } -// AutomationRuleTriggeringLogic - Describes automation rule triggering logic +// AutomationRuleTriggeringLogic - Describes automation rule triggering logic. type AutomationRuleTriggeringLogic struct { - // REQUIRED; Determines whether the automation rule is enabled or disabled + // REQUIRED; Determines whether the automation rule is enabled or disabled. IsEnabled *bool // REQUIRED @@ -509,7 +1128,7 @@ type AutomationRuleTriggeringLogic struct { // REQUIRED TriggersWhen *TriggersWhen - // The conditions to evaluate to determine if the automation rule should be triggered on a given object + // The conditions to evaluate to determine if the automation rule should be triggered on a given object. Conditions []AutomationRuleConditionClassification // Determines when the automation rule should automatically expire and be disabled. @@ -521,6 +1140,28 @@ type AutomationRulesList struct { Value []*AutomationRule } +// Availability - Connector Availability Status +type Availability struct { + // Set connector as preview + IsPreview *bool + + // The connector Availability Status + Status *int32 +} + +// AwsCloudTrailCheckRequirements - Amazon Web Services CloudTrail requirements check request. +type AwsCloudTrailCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type AwsCloudTrailCheckRequirements. +func (a *AwsCloudTrailCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: a.Kind, + } +} + // AwsCloudTrailDataConnector - Represents Amazon Web Services CloudTrail data connector. type AwsCloudTrailDataConnector struct { // REQUIRED; The data connector kind @@ -559,23 +1200,108 @@ func (a *AwsCloudTrailDataConnector) GetDataConnector() *DataConnector { // AwsCloudTrailDataConnectorDataTypes - The available data types for Amazon Web Services CloudTrail data connector. type AwsCloudTrailDataConnectorDataTypes struct { - // Logs data type. + // REQUIRED; Logs data type. Logs *AwsCloudTrailDataConnectorDataTypesLogs } // AwsCloudTrailDataConnectorDataTypesLogs - Logs data type. type AwsCloudTrailDataConnectorDataTypesLogs struct { - // Describe whether this data type connection is enabled or not. + // REQUIRED; Describe whether this data type connection is enabled or not. State *DataTypeState } // AwsCloudTrailDataConnectorProperties - Amazon Web Services CloudTrail data connector properties. type AwsCloudTrailDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *AwsCloudTrailDataConnectorDataTypes + // The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account. AwsRoleArn *string +} - // The available data types for the connector. - DataTypes *AwsCloudTrailDataConnectorDataTypes +// AwsS3CheckRequirements - Amazon Web Services S3 requirements check request. +type AwsS3CheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type AwsS3CheckRequirements. +func (a *AwsS3CheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: a.Kind, + } +} + +// AwsS3DataConnector - Represents Amazon Web Services S3 data connector. +type AwsS3DataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // Amazon Web Services S3 data connector properties. + Properties *AwsS3DataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type AwsS3DataConnector. +func (a *AwsS3DataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: a.Etag, + ID: a.ID, + Kind: a.Kind, + Name: a.Name, + SystemData: a.SystemData, + Type: a.Type, + } +} + +// AwsS3DataConnectorDataTypes - The available data types for Amazon Web Services S3 data connector. +type AwsS3DataConnectorDataTypes struct { + // REQUIRED; Logs data type. + Logs *AwsS3DataConnectorDataTypesLogs +} + +// AwsS3DataConnectorDataTypesLogs - Logs data type. +type AwsS3DataConnectorDataTypesLogs struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// AwsS3DataConnectorProperties - Amazon Web Services S3 data connector properties. +type AwsS3DataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *AwsS3DataConnectorDataTypes + + // REQUIRED; The logs destination table name in LogAnalytics. + DestinationTable *string + + // REQUIRED; The Aws Role Arn that is used to access the Aws account. + RoleArn *string + + // REQUIRED; The AWS sqs urls for the connector. + SqsUrls []*string +} + +// AzureDevOpsResourceInfo - Resources created in Azure DevOps repository. +type AzureDevOpsResourceInfo struct { + // Id of the pipeline created for the source-control. + PipelineID *string + + // Id of the service-connection created for the source-control. + ServiceConnectionID *string } // AzureResourceEntity - Represents an azure resource entity. @@ -626,6 +1352,58 @@ type AzureResourceEntityProperties struct { SubscriptionID *string } +// BasicAuthModel - Model for API authentication with basic flow - user name + password. +type BasicAuthModel struct { + // REQUIRED; The password + Password *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // REQUIRED; The user name. + UserName *string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type BasicAuthModel. +func (b *BasicAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: b.Type, + } +} + +// BillingStatistic - Billing statistic +type BillingStatistic struct { + // REQUIRED; The kind of the billing statistic + Kind *BillingStatisticKind + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetBillingStatistic implements the BillingStatisticClassification interface for type BillingStatistic. +func (b *BillingStatistic) GetBillingStatistic() *BillingStatistic { return b } + +// BillingStatisticList - List of all Microsoft Sentinel billing statistics. +type BillingStatisticList struct { + // REQUIRED; Array of billing statistics. + Value []BillingStatisticClassification + + // READ-ONLY; URL to fetch the next set of billing statistics. + NextLink *string +} + // Bookmark - Represents a bookmark in Azure Security Insights. type Bookmark struct { // Etag of the azure resource @@ -647,12 +1425,51 @@ type Bookmark struct { Type *string } +// BookmarkEntityMappings - Describes the entity mappings of a single entity +type BookmarkEntityMappings struct { + // The entity type + EntityType *string + + // Array of fields mapping for that entity type + FieldMappings []*EntityFieldMapping +} + +// BookmarkExpandParameters - The parameters required to execute an expand operation on the given bookmark. +type BookmarkExpandParameters struct { + // The end date filter, so the only expansion results returned are before this date. + EndTime *time.Time + + // The Id of the expansion to perform. + ExpansionID *string + + // The start date filter, so the only expansion results returned are after this date. + StartTime *time.Time +} + +// BookmarkExpandResponse - The entity expansion result operation response. +type BookmarkExpandResponse struct { + // The metadata from the expansion operation results. + MetaData *ExpansionResultsMetadata + + // The expansion result values. + Value *BookmarkExpandResponseValue +} + +// BookmarkExpandResponseValue - The expansion result values. +type BookmarkExpandResponseValue struct { + // Array of expansion result connected entities + Edges []*ConnectedEntity + + // Array of the expansion result entities. + Entities []EntityClassification +} + // BookmarkList - List all the bookmarks. type BookmarkList struct { // REQUIRED; Array of bookmarks. Value []*Bookmark - // READ-ONLY; URL to fetch the next set of cases. + // READ-ONLY; URL to fetch the next set of bookmarks. NextLink *string } @@ -670,6 +1487,9 @@ type BookmarkProperties struct { // Describes a user that created the bookmark CreatedBy *UserInfo + // Describes the entity mappings of the bookmark + EntityMappings []*BookmarkEntityMappings + // The bookmark event time EventTime *time.Time @@ -691,6 +1511,12 @@ type BookmarkProperties struct { // The start time for the query QueryStartTime *time.Time + // A list of relevant mitre attacks + Tactics []*AttackTactic + + // A list of relevant mitre techniques + Techniques []*string + // The last time the bookmark was updated Updated *time.Time @@ -698,6 +1524,104 @@ type BookmarkProperties struct { UpdatedBy *UserInfo } +// BookmarkTimelineItem - Represents bookmark timeline item. +type BookmarkTimelineItem struct { + // REQUIRED; The bookmark azure resource id. + AzureResourceID *string + + // REQUIRED; The entity query kind type. + Kind *EntityTimelineKind + + // Describes a user that created the bookmark + CreatedBy *UserInfo + + // The bookmark display name. + DisplayName *string + + // The bookmark end time. + EndTimeUTC *time.Time + + // The bookmark event time. + EventTime *time.Time + + // List of labels relevant to this bookmark + Labels []*string + + // The notes of the bookmark + Notes *string + + // The bookmark start time. + StartTimeUTC *time.Time +} + +// GetEntityTimelineItem implements the EntityTimelineItemClassification interface for type BookmarkTimelineItem. +func (b *BookmarkTimelineItem) GetEntityTimelineItem() *EntityTimelineItem { + return &EntityTimelineItem{ + Kind: b.Kind, + } +} + +// BooleanConditionProperties - Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to conditions +type BooleanConditionProperties struct { + // REQUIRED + ConditionType *ConditionType + ConditionProperties *AutomationRuleBooleanCondition +} + +// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type BooleanConditionProperties. +func (b *BooleanConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { + return &AutomationRuleCondition{ + ConditionType: b.ConditionType, + } +} + +// CcpAuthConfig - Base Model for API authentication. +type CcpAuthConfig struct { + // REQUIRED; The auth type + Type *CcpAuthType +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type CcpAuthConfig. +func (c *CcpAuthConfig) GetCcpAuthConfig() *CcpAuthConfig { return c } + +// CcpResponseConfig - A custom response configuration for a rule. +type CcpResponseConfig struct { + // REQUIRED; The json paths, '$' char is the json root. + EventsJSONPaths []*string + + // The csv delimiter, in case the response format is CSV. + CSVDelimiter *string + + // Th character used to escape characters in CSV. + CSVEscape *string + + // The compression algorithm. + CompressionAlgo *string + + // The a value indicating whether the response isn't an array of events / logs. By setting this flag to true it means the + // remote server will response with an object which each property has as a value an + // array of events / logs. + ConvertChildPropertiesToArray *bool + + // The response format. possible values are json,csv,xml + Format *string + + // The value indicating whether the response has CSV boundary in case the response in CSV format. + HasCSVBoundary *bool + + // The value indicating whether the response has headers in case the response in CSV format. + HasCSVHeader *bool + + // The value indicating whether the remote server support Gzip and we should expect Gzip response. + IsGzipCompressed *bool + + // The value where the status message/code should appear in the response. + SuccessStatusJSONPath *string + + // The the status value. + SuccessStatusValue *string +} + // ClientInfo - Information on the client (user or application) that made some action type ClientInfo struct { // The email of the client. @@ -765,13 +1689,16 @@ type CloudApplicationEntityProperties struct { InstanceName *string } -// DNSEntity - Represents a dns entity. -type DNSEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum +// CodelessAPIPollingDataConnector - Represents Codeless API Polling data connector. +type CodelessAPIPollingDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind - // Dns entity properties - Properties *DNSEntityProperties + // Etag of the azure resource + Etag *string + + // Codeless poling data connector properties + Properties *APIPollingParameters // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -786,235 +1713,264 @@ type DNSEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type DNSEntity. -func (d *DNSEntity) GetEntity() *Entity { - return &Entity{ - ID: d.ID, - Kind: d.Kind, - Name: d.Name, - SystemData: d.SystemData, - Type: d.Type, +// GetDataConnector implements the DataConnectorClassification interface for type CodelessAPIPollingDataConnector. +func (c *CodelessAPIPollingDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: c.Etag, + ID: c.ID, + Kind: c.Kind, + Name: c.Name, + SystemData: c.SystemData, + Type: c.Type, } } -// DNSEntityProperties - Dns entity property bag. -type DNSEntityProperties struct { - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any +// CodelessConnectorPollingAuthProperties - Describe the authentication properties needed to successfully authenticate with +// the server +type CodelessConnectorPollingAuthProperties struct { + // REQUIRED; The authentication type + AuthType *string - // READ-ONLY; An ip entity id for the dns server resolving the request - DNSServerIPEntityID *string + // A prefix send in the header before the actual token + APIKeyIdentifier *string - // READ-ONLY; The name of the dns record associated with the alert - DomainName *string + // The header name which the token is sent with + APIKeyName *string - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string + // The endpoint used to authorize the user, used in Oauth 2.0 flow + AuthorizationEndpoint *string - // READ-ONLY; An ip entity id for the dns request client - HostIPAddressEntityID *string + // The query parameters used in authorization request, used in Oauth 2.0 flow + AuthorizationEndpointQueryParameters any - // READ-ONLY; Ip entity identifiers for the resolved ip address. - IPAddressEntityIDs []*string -} + // Describes the flow name, for example 'AuthCode' for Oauth 2.0 + FlowName *string -// DataConnector - Data connector. -type DataConnector struct { - // REQUIRED; The data connector kind - Kind *DataConnectorKind + // Marks if the key should sent in header + IsAPIKeyInPostPayload *string - // Etag of the azure resource - Etag *string + // Marks if we should send the client secret in header or payload, used in Oauth 2.0 flow + IsClientSecretInHeader *bool - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - ID *string + // The redirect endpoint where we will get the authorization code, used in Oauth 2.0 flow + RedirectionEndpoint *string - // READ-ONLY; The name of the resource - Name *string + // The OAuth token scope + Scope *string - // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. - SystemData *SystemData + // The endpoint used to issue a token, used in Oauth 2.0 flow + TokenEndpoint *string - // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" - Type *string + // The query headers used in token request, used in Oauth 2.0 flow + TokenEndpointHeaders any + + // The query parameters used in token request, used in Oauth 2.0 flow + TokenEndpointQueryParameters any } -// GetDataConnector implements the DataConnectorClassification interface for type DataConnector. -func (d *DataConnector) GetDataConnector() *DataConnector { return d } +// CodelessConnectorPollingConfigProperties - Config to describe the polling config for API poller connector +type CodelessConnectorPollingConfigProperties struct { + // REQUIRED; Describe the authentication type of the poller + Auth *CodelessConnectorPollingAuthProperties -// DataConnectorDataTypeCommon - Common field for data type in data connectors. -type DataConnectorDataTypeCommon struct { - // Describe whether this data type connection is enabled or not. - State *DataTypeState -} + // REQUIRED; Describe the poll request config parameters of the poller + Request *CodelessConnectorPollingRequestProperties -// DataConnectorList - List all the data connectors. -type DataConnectorList struct { - // REQUIRED; Array of data connectors. - Value []DataConnectorClassification + // The poller active status + IsActive *bool - // READ-ONLY; URL to fetch the next set of data connectors. - NextLink *string + // Describe the poll request paging config of the poller + Paging *CodelessConnectorPollingPagingProperties + + // Describe the response config parameters of the poller + Response *CodelessConnectorPollingResponseProperties } -// Entity - Specific entity. -type Entity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum +// CodelessConnectorPollingPagingProperties - Describe the properties needed to make a pagination call +type CodelessConnectorPollingPagingProperties struct { + // REQUIRED; Describes the type. could be 'None', 'PageToken', 'PageCount', 'TimeStamp' + PagingType *string - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - ID *string + // Defines the name of a next page attribute + NextPageParaName *string - // READ-ONLY; The name of the resource - Name *string + // Defines the path to a next page token JSON + NextPageTokenJSONPath *string - // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. - SystemData *SystemData + // Defines the path to a page count attribute + PageCountAttributePath *string - // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" - Type *string -} + // Defines the paging size + PageSize *int32 -// GetEntity implements the EntityClassification interface for type Entity. -func (e *Entity) GetEntity() *Entity { return e } + // Defines the name of the page size parameter + PageSizeParaName *string -// EntityMapping - Single entity mapping for the alert rule -type EntityMapping struct { - // The V3 type of the mapped entity - EntityType *EntityMappingType + // Defines the path to a paging time stamp attribute + PageTimeStampAttributePath *string - // array of field mappings for the given entity mapping - FieldMappings []*FieldMapping -} + // Defines the path to a page total count attribute + PageTotalCountAttributePath *string -// EventGroupingSettings - Event grouping settings property bag. -type EventGroupingSettings struct { - // The event grouping aggregation kinds - AggregationKind *EventGroupingAggregationKind + // Determines whether to search for the latest time stamp in the events list + SearchTheLatestTimeStampFromEventsList *string } -// FieldMapping - A single field mapping of the mapped entity -type FieldMapping struct { - // the column name to be mapped to the identifier - ColumnName *string +// CodelessConnectorPollingRequestProperties - Describe the request properties needed to successfully pull from the server +type CodelessConnectorPollingRequestProperties struct { + // REQUIRED; Describe the endpoint we should pull the data from + APIEndpoint *string - // the V3 identifier of the entity - Identifier *string -} + // REQUIRED; The http method type we will use in the poll request, GET or POST + HTTPMethod *string -// FileEntity - Represents a file entity. -type FileEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum + // REQUIRED; The time format will be used the query events in a specific window + QueryTimeFormat *string - // File entity properties - Properties *FileEntityProperties + // REQUIRED; The window interval we will use the pull the data + QueryWindowInMin *int32 - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - ID *string + // This will be used the query events from the end of the time window + EndTimeAttributeName *string - // READ-ONLY; The name of the resource - Name *string + // Describe the headers sent in the poll request + Headers any - // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. - SystemData *SystemData + // Describe the query parameters sent in the poll request + QueryParameters any - // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" - Type *string + // For advanced scenarios for example user name/password embedded in nested JSON payload + QueryParametersTemplate *string + + // Defines the rate limit QPS + RateLimitQPS *int32 + + // Describe the amount of time we should try and poll the data in case of failure + RetryCount *int32 + + // This will be used the query events from a start of the time window + StartTimeAttributeName *string + + // The number of seconds we will consider as a request timeout + TimeoutInSeconds *int32 } -// GetEntity implements the EntityClassification interface for type FileEntity. -func (f *FileEntity) GetEntity() *Entity { - return &Entity{ - ID: f.ID, - Kind: f.Kind, - Name: f.Name, - SystemData: f.SystemData, - Type: f.Type, - } +// CodelessConnectorPollingResponseProperties - Describes the response from the external server +type CodelessConnectorPollingResponseProperties struct { + // REQUIRED; Describes the path we should extract the data in the response + EventsJSONPaths []*string + + // Describes if the data in the response is Gzip + IsGzipCompressed *bool + + // Describes the path we should extract the status code in the response + SuccessStatusJSONPath *string + + // Describes the path we should extract the status value in the response + SuccessStatusValue *string } -// FileEntityProperties - File entity property bag. -type FileEntityProperties struct { - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any +// CodelessParameters - Represents Codeless UI data connector +type CodelessParameters struct { + // Config to describe the instructions blade + ConnectorUIConfig *CodelessUIConnectorConfigProperties +} - // READ-ONLY; The full path to the file. - Directory *string +// CodelessUIConnectorConfigProperties - Config to describe the instructions blade +type CodelessUIConnectorConfigProperties struct { + // REQUIRED; Connector Availability Status + Availability *Availability - // READ-ONLY; The file hash entity identifiers associated with this file - FileHashEntityIDs []*string + // REQUIRED; Define the way the connector check connectivity + ConnectivityCriteria []*CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem - // READ-ONLY; The file name without path (some alerts might not include path). - FileName *string + // REQUIRED; Data types to check for last data received + DataTypes []*CodelessUIConnectorConfigPropertiesDataTypesItem - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string + // REQUIRED; Connector description + DescriptionMarkdown *string - // READ-ONLY; The Host entity id which the file belongs to - HostEntityID *string + // REQUIRED; The graph query to show the current data status + GraphQueries []*CodelessUIConnectorConfigPropertiesGraphQueriesItem + + // REQUIRED; Name of the table the connector will insert the data to + GraphQueriesTableName *string + + // REQUIRED; Instruction steps to enable the connector + InstructionSteps []*CodelessUIConnectorConfigPropertiesInstructionStepsItem + + // REQUIRED; Permissions required for the connector + Permissions *Permissions + + // REQUIRED; Connector publisher name + Publisher *string + + // REQUIRED; The sample queries for the connector + SampleQueries []*CodelessUIConnectorConfigPropertiesSampleQueriesItem + + // REQUIRED; Connector blade title + Title *string + + // An optional custom image to be used when displaying the connector within Azure Sentinel's connector's gallery + CustomImage *string } -// FileHashEntity - Represents a file hash entity. -type FileHashEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum +type CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem struct { + // type of connectivity + Type *ConnectivityType - // FileHash entity properties - Properties *FileHashEntityProperties + // Queries for checking connectivity + Value []*string +} - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - ID *string +type CodelessUIConnectorConfigPropertiesDataTypesItem struct { + // Query for indicate last data received + LastDataReceivedQuery *string - // READ-ONLY; The name of the resource + // Name of the data type to show in the graph. can be use with {{graphQueriesTableName}} placeholder Name *string +} - // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. - SystemData *SystemData +type CodelessUIConnectorConfigPropertiesGraphQueriesItem struct { + // The base query for the graph + BaseQuery *string - // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" - Type *string -} + // The legend for the graph + Legend *string -// GetEntity implements the EntityClassification interface for type FileHashEntity. -func (f *FileHashEntity) GetEntity() *Entity { - return &Entity{ - ID: f.ID, - Kind: f.Kind, - Name: f.Name, - SystemData: f.SystemData, - Type: f.Type, - } + // the metric that the query is checking + MetricName *string } -// FileHashEntityProperties - FileHash entity property bag. -type FileHashEntityProperties struct { - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any +type CodelessUIConnectorConfigPropertiesInstructionStepsItem struct { + // Instruction step description + Description *string - // READ-ONLY; The hash algorithm type. - Algorithm *FileHashAlgorithm + // Instruction step details + Instructions []*InstructionStepsInstructionsItem - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string + // Instruction step title + Title *string +} - // READ-ONLY; The file hash value. - HashValue *string +type CodelessUIConnectorConfigPropertiesSampleQueriesItem struct { + // The sample query description + Description *string + + // the sample query + Query *string } -// FusionAlertRule - Represents Fusion alert rule. -type FusionAlertRule struct { - // REQUIRED; The alert rule kind - Kind *AlertRuleKind +// CodelessUIDataConnector - Represents Codeless UI data connector. +type CodelessUIDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind // Etag of the azure resource Etag *string - // Fusion alert rule properties - Properties *FusionAlertRuleProperties + // Codeless UI data connector properties + Properties *CodelessParameters // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -1029,49 +1985,127 @@ type FusionAlertRule struct { Type *string } -// GetAlertRule implements the AlertRuleClassification interface for type FusionAlertRule. -func (f *FusionAlertRule) GetAlertRule() *AlertRule { - return &AlertRule{ - Etag: f.Etag, - ID: f.ID, - Kind: f.Kind, - Name: f.Name, - SystemData: f.SystemData, - Type: f.Type, +// GetDataConnector implements the DataConnectorClassification interface for type CodelessUIDataConnector. +func (c *CodelessUIDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: c.Etag, + ID: c.ID, + Kind: c.Kind, + Name: c.Name, + SystemData: c.SystemData, + Type: c.Type, } } -// FusionAlertRuleProperties - Fusion alert rule base property bag. -type FusionAlertRuleProperties struct { - // REQUIRED; The Name of the alert rule template used to create this rule. - AlertRuleTemplateName *string +// ConditionClause - Represents a single clause to be evaluated by a NormalizedCondition. +type ConditionClause struct { + // REQUIRED; The name of the field that is evaluated. + Field *string - // REQUIRED; Determines whether this alert rule is enabled or disabled. - Enabled *bool + // REQUIRED; Represents an operator in a ConditionClause. + Operator *Operator - // READ-ONLY; The description of the alert rule. - Description *string + // REQUIRED; The top level connective operator for this condition. + Values []*string - // READ-ONLY; The display name for alerts created by this alert rule. - DisplayName *string + // The connective used to join all values in this ConditionClause + ClauseConnective *Connective +} - // READ-ONLY; The last time that this alert has been modified. - LastModifiedUTC *time.Time +// ConditionProperties - Represents a condition used to query for TI objects. +type ConditionProperties struct { + // REQUIRED; The list of clauses to be evaluated in disjunction or conjunction base on the specified top level connective + // operator. + Clauses []*ConditionClause - // READ-ONLY; The severity for alerts created by this alert rule. - Severity *AlertSeverity + // The top level connective operator for this condition. + ConditionConnective *Connective - // READ-ONLY; The tactics of the alert rule - Tactics []*AttackTactic + // READ-ONLY; The STIX type for the objects returned by this query. + StixObjectType *string } -// FusionAlertRuleTemplate - Represents Fusion alert rule template. -type FusionAlertRuleTemplate struct { - // REQUIRED; The alert rule kind - Kind *AlertRuleKind +// ConnectedEntity - Expansion result connected entities +type ConnectedEntity struct { + // key-value pairs for a connected entity mapping + AdditionalData any - // Fusion alert rule template properties - Properties *FusionAlertRuleTemplateProperties + // Entity Id of the connected entity + TargetEntityID *string +} + +// ConnectivityCriterion - The criteria by which we determine whether the connector is connected or not. For Example, use +// a KQL query to check if the expected data type is flowing). +type ConnectivityCriterion struct { + // REQUIRED; Gets or sets the type of connectivity. + Type *string + + // Gets or sets the queries for checking connectivity. + Value []*string +} + +// ConnectorDataType - The data type which is created by the connector, including a query indicated when was the last time +// that data type was received in the workspace. +type ConnectorDataType struct { + // REQUIRED; Gets or sets the query to indicate when relevant data was last received in the workspace. + LastDataReceivedQuery *string + + // REQUIRED; Gets or sets the name of the data type to show in the graph. + Name *string +} + +// ConnectorDefinitionsAvailability - The exposure status of the connector to the customers. +type ConnectorDefinitionsAvailability struct { + // Gets or sets a value indicating whether the connector is preview. + IsPreview *bool + + // The exposure status of the connector to the customers. Available values are 0-4 (0=None, 1=Available, 2=FeatureFlag, 3=Internal). + Status *int32 +} + +// ConnectorDefinitionsPermissions - The required Permissions for the connector. +type ConnectorDefinitionsPermissions struct { + // Gets or sets the customs permissions required for the user to create connections. + Customs []*CustomPermissionDetails + + // Gets or sets the required licenses for the user to create connections. + Licenses []*string + + // Gets or sets the resource provider permissions required for the user to create connections. + ResourceProvider []*ConnectorDefinitionsResourceProvider + + // Gets or sets the required tenant permissions for the connector. + Tenant []*string +} + +// ConnectorDefinitionsResourceProvider - The resource provider details include the required permissions for the user to create +// connections. The user should have the required permissions(Read\Write, ..) in the specified scope +// ProviderPermissionsScope against the specified resource provider. +type ConnectorDefinitionsResourceProvider struct { + // REQUIRED; Gets or sets the permissions description text. + PermissionsDisplayText *string + + // REQUIRED; Gets or sets the provider name. + Provider *string + + // REQUIRED; Gets or sets the permissions provider display name. + ProviderDisplayName *string + + // REQUIRED; Required permissions for the connector resource provider that define in ResourceProviders. For more information + // about the permissions see here. + RequiredPermissions *ResourceProviderRequiredPermissions + + // REQUIRED; The scope on which the user should have permissions, in order to be able to create connections. + Scope *ProviderPermissionsScope +} + +// CustomEntityQuery - Specific entity query that supports put requests. +type CustomEntityQuery struct { + // REQUIRED; the entity query kind + Kind *CustomEntityQueryKind + + // Etag of the azure resource + Etag *string // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -1086,109 +2120,138 @@ type FusionAlertRuleTemplate struct { Type *string } -// GetAlertRuleTemplate implements the AlertRuleTemplateClassification interface for type FusionAlertRuleTemplate. -func (f *FusionAlertRuleTemplate) GetAlertRuleTemplate() *AlertRuleTemplate { - return &AlertRuleTemplate{ - ID: f.ID, - Kind: f.Kind, - Name: f.Name, - SystemData: f.SystemData, - Type: f.Type, - } +// GetCustomEntityQuery implements the CustomEntityQueryClassification interface for type CustomEntityQuery. +func (c *CustomEntityQuery) GetCustomEntityQuery() *CustomEntityQuery { return c } + +// CustomPermissionDetails - The Custom permissions required for the connector. +type CustomPermissionDetails struct { + // REQUIRED; Gets or sets the custom permissions description. + Description *string + + // REQUIRED; Gets or sets the custom permissions name. + Name *string } -// FusionAlertRuleTemplateProperties - Represents Fusion alert rule template properties -type FusionAlertRuleTemplateProperties struct { - // the number of alert rules that were created by this template - AlertRulesCreatedByTemplateCount *int32 +// CustomizableConnectionsConfig - The UiConfig for 'Customizable' connector definition kind. +type CustomizableConnectionsConfig struct { + // REQUIRED; Gets or sets the template name. The template includes ARM templates that can be created by the connector, usually + // it will be the dataConnectors ARM templates. + TemplateSpecName *string - // The description of the alert rule template. - Description *string + // REQUIRED; Gets or sets the template version. + TemplateSpecVersion *string +} - // The display name for alert rule template. - DisplayName *string +// CustomizableConnectorDefinition - Connector definition for kind 'Customizable'. +type CustomizableConnectorDefinition struct { + // REQUIRED; The data connector kind + Kind *DataConnectorDefinitionKind - // The required data connectors for this template - RequiredDataConnectors []*AlertRuleTemplateDataSource + // Etag of the azure resource + Etag *string - // The severity for alerts created by this alert rule. - Severity *AlertSeverity + // Customizable properties. + Properties *CustomizableConnectorDefinitionProperties - // The alert rule template status. - Status *TemplateStatus + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string - // The tactics of the alert rule template - Tactics []*AttackTactic + // READ-ONLY; The name of the resource + Name *string - // READ-ONLY; The time that this alert rule template has been added. - CreatedDateUTC *time.Time + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData - // READ-ONLY; The time that this alert rule template was last updated. - LastUpdatedDateUTC *time.Time + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string } -// GeoLocation - The geo-location context attached to the ip entity -type GeoLocation struct { - // READ-ONLY; Autonomous System Number - Asn *int32 +// GetDataConnectorDefinition implements the DataConnectorDefinitionClassification interface for type CustomizableConnectorDefinition. +func (c *CustomizableConnectorDefinition) GetDataConnectorDefinition() *DataConnectorDefinition { + return &DataConnectorDefinition{ + Etag: c.Etag, + ID: c.ID, + Kind: c.Kind, + Name: c.Name, + SystemData: c.SystemData, + Type: c.Type, + } +} - // READ-ONLY; City name - City *string +// CustomizableConnectorDefinitionProperties - The UiConfig for 'Customizable' connector definition kind. +type CustomizableConnectorDefinitionProperties struct { + // REQUIRED; The UiConfig for 'Customizable' connector definition kind. + ConnectorUIConfig *CustomizableConnectorUIConfig - // READ-ONLY; The country code according to ISO 3166 format - CountryCode *string + // The UiConfig for 'Customizable' connector definition kind. + ConnectionsConfig *CustomizableConnectionsConfig - // READ-ONLY; Country name according to ISO 3166 Alpha 2: the lowercase of the English Short Name - CountryName *string + // Gets or sets the connector definition created date in UTC format. + CreatedTimeUTC *time.Time - // READ-ONLY; The longitude of the identified location, expressed as a floating point number with range of -180 to 180, with - // positive numbers representing East and negative numbers representing West. Latitude and - // longitude are derived from the city or postal code. - Latitude *float64 + // Gets or sets the connector definition last modified date in UTC format. + LastModifiedUTC *time.Time +} - // READ-ONLY; The latitude of the identified location, expressed as a floating point number with range of - 90 to 90, with - // positive numbers representing North and negative numbers representing South. Latitude and - // longitude are derived from the city or postal code. - Longitude *float64 +// CustomizableConnectorUIConfig - The UiConfig for 'Customizable' connector definition kind. +type CustomizableConnectorUIConfig struct { + // REQUIRED; Gets or sets the way the connector checks whether the connector is connected. + ConnectivityCriteria []*ConnectivityCriterion - // READ-ONLY; State name - State *string -} + // REQUIRED; Gets or sets the data types to check for last data received. + DataTypes []*ConnectorDataType -// GroupingConfiguration - Grouping configuration property bag. -type GroupingConfiguration struct { - // REQUIRED; Grouping enabled - Enabled *bool + // REQUIRED; Gets or sets the connector description in markdown format. + DescriptionMarkdown *string - // REQUIRED; Limit the group to alerts created within the lookback duration (in ISO 8601 duration format) - LookbackDuration *string + // REQUIRED; Gets or sets the graph queries to show the current data volume over time. + GraphQueries []*GraphQuery - // REQUIRED; Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails - // must be provided and not empty. - MatchingMethod *MatchingMethod + // REQUIRED; Gets or sets the instruction steps to enable the connector. + InstructionSteps []*InstructionStep - // REQUIRED; Re-open closed matching incidents - ReopenClosedIncident *bool + // REQUIRED; The required Permissions for the connector. + Permissions *ConnectorDefinitionsPermissions - // A list of alert details to group by (when matchingMethod is Selected) - GroupByAlertDetails []*AlertDetail + // REQUIRED; Gets or sets the connector publisher name. + Publisher *string - // A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule - // may be used. - GroupByCustomDetails []*string + // REQUIRED; Gets or sets the connector blade title. + Title *string - // A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may - // be used. - GroupByEntities []*EntityMappingType + // The exposure status of the connector to the customers. + Availability *ConnectorDefinitionsAvailability + + // Gets or sets custom connector id. optional field. + ID *string + + // Gets or sets a value indicating whether to use 'OR'(SOME) or 'AND' between ConnectivityCriteria items. + IsConnectivityCriteriasMatchSome *bool + + // Gets or sets the connector logo to be used when displaying the connector within Azure Sentinel's connector's gallery. The + // logo value should be in SVG format. + Logo *string } -// HostEntity - Represents a host entity. -type HostEntity struct { +// DCRConfiguration - The configuration of the destination of the data. +type DCRConfiguration struct { + // REQUIRED; Represents the data collection ingestion endpoint in log analytics. + DataCollectionEndpoint *string + + // REQUIRED; The data collection rule immutable id, the rule defines the transformation and data destination. + DataCollectionRuleImmutableID *string + + // REQUIRED; The stream we are sending the data to. + StreamName *string +} + +// DNSEntity - Represents a dns entity. +type DNSEntity struct { // REQUIRED; The kind of the entity. Kind *EntityKindEnum - // Host entity properties - Properties *HostEntityProperties + // Dns entity properties + Properties *DNSEntityProperties // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -1203,62 +2266,46 @@ type HostEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type HostEntity. -func (h *HostEntity) GetEntity() *Entity { +// GetEntity implements the EntityClassification interface for type DNSEntity. +func (d *DNSEntity) GetEntity() *Entity { return &Entity{ - ID: h.ID, - Kind: h.Kind, - Name: h.Name, - SystemData: h.SystemData, - Type: h.Type, + ID: d.ID, + Kind: d.Kind, + Name: d.Name, + SystemData: d.SystemData, + Type: d.Type, } } -// HostEntityProperties - Host entity property bag. -type HostEntityProperties struct { - // The operating system type. - OSFamily *OSFamily - +// DNSEntityProperties - Dns entity property bag. +type DNSEntityProperties struct { // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]any - // READ-ONLY; The azure resource id of the VM. - AzureID *string + // READ-ONLY; An ip entity id for the dns server resolving the request + DNSServerIPEntityID *string - // READ-ONLY; The DNS domain that this host belongs to. Should contain the compete DNS suffix for the domain - DNSDomain *string + // READ-ONLY; The name of the dns record associated with the alert + DomainName *string // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property // is optional and might be system generated. FriendlyName *string - // READ-ONLY; The hostname without the domain suffix. - HostName *string - - // READ-ONLY; Determines whether this host belongs to a domain. - IsDomainJoined *bool - - // READ-ONLY; The host name (pre-windows2000). - NetBiosName *string - - // READ-ONLY; The NT domain that this host belongs to. - NtDomain *string - - // READ-ONLY; A free text representation of the operating system. This field is meant to hold specific versions the are more - // fine grained than OSFamily or future values not supported by OSFamily enumeration - OSVersion *string + // READ-ONLY; An ip entity id for the dns request client + HostIPAddressEntityID *string - // READ-ONLY; The OMS agent id, if the host has OMS agent installed. - OmsAgentID *string + // READ-ONLY; Ip entity identifiers for the resolved ip address. + IPAddressEntityIDs []*string } -// HuntingBookmark - Represents a Hunting bookmark entity. -type HuntingBookmark struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum +// DataConnector - Data connector +type DataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind - // HuntingBookmark entity properties - Properties *HuntingBookmarkProperties + // Etag of the azure resource + Etag *string // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -1273,67 +2320,58 @@ type HuntingBookmark struct { Type *string } -// GetEntity implements the EntityClassification interface for type HuntingBookmark. -func (h *HuntingBookmark) GetEntity() *Entity { - return &Entity{ - ID: h.ID, - Kind: h.Kind, - Name: h.Name, - SystemData: h.SystemData, - Type: h.Type, - } -} +// GetDataConnector implements the DataConnectorClassification interface for type DataConnector. +func (d *DataConnector) GetDataConnector() *DataConnector { return d } -// HuntingBookmarkProperties - Describes bookmark properties -type HuntingBookmarkProperties struct { - // REQUIRED; The display name of the bookmark - DisplayName *string +// DataConnectorConnectBody - Represents Codeless API Polling data connector. +type DataConnectorConnectBody struct { + // The API key of the audit server. + APIKey *string - // REQUIRED; The query of the bookmark. - Query *string + // The authorization code used in OAuth 2.0 code flow to issue a token. + AuthorizationCode *string - // The time the bookmark was created - Created *time.Time + // The client id of the OAuth 2.0 application. + ClientID *string - // Describes a user that created the bookmark - CreatedBy *UserInfo + // The client secret of the OAuth 2.0 application. + ClientSecret *string - // The time of the event - EventTime *time.Time + // Used in v2 logs connector. Represents the data collection ingestion endpoint in log analytics. + DataCollectionEndpoint *string - // Describes an incident that relates to bookmark - IncidentInfo *IncidentInfo + // Used in v2 logs connector. The data collection rule immutable id, the rule defines the transformation and data destination. + DataCollectionRuleImmutableID *string - // List of labels relevant to this bookmark - Labels []*string + // The authentication kind used to poll the data + Kind *ConnectAuthKind - // The notes of the bookmark - Notes *string - - // The query result of the bookmark. - QueryResult *string + // Used in v2 logs connector. The stream we are sending the data to, this is the name of the streamDeclarations defined in + // the DCR. + OutputStream *string - // The last time the bookmark was updated - Updated *time.Time - - // Describes a user that updated the bookmark - UpdatedBy *UserInfo + // The user password in the audit log server. + Password *string + RequestConfigUserInputValues []any - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any + // The user name in the audit log server. + UserName *string +} - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string +// DataConnectorDataTypeCommon - Common field for data type in data connectors. +type DataConnectorDataTypeCommon struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState } -// IPEntity - Represents an ip entity. -type IPEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum +// DataConnectorDefinition - An Azure resource, which encapsulate the entire info requires to display a data connector page +// in Azure portal, and the info required to define data connections. +type DataConnectorDefinition struct { + // REQUIRED; The data connector kind + Kind *DataConnectorDefinitionKind - // Ip entity properties - Properties *IPEntityProperties + // Etag of the azure resource + Etag *string // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -1348,94 +2386,112 @@ type IPEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type IPEntity. -func (i *IPEntity) GetEntity() *Entity { - return &Entity{ - ID: i.ID, - Kind: i.Kind, - Name: i.Name, - SystemData: i.SystemData, - Type: i.Type, - } +// GetDataConnectorDefinition implements the DataConnectorDefinitionClassification interface for type DataConnectorDefinition. +func (d *DataConnectorDefinition) GetDataConnectorDefinition() *DataConnectorDefinition { return d } + +// DataConnectorDefinitionArmCollectionWrapper - Encapsulate the data connector definition object +type DataConnectorDefinitionArmCollectionWrapper struct { + NextLink *string + Value []DataConnectorDefinitionClassification } -// IPEntityProperties - Ip entity property bag. -type IPEntityProperties struct { - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any +// DataConnectorList - List all the data connectors. +type DataConnectorList struct { + // REQUIRED; Array of data connectors. + Value []DataConnectorClassification - // READ-ONLY; The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or Ipv6) - Address *string + // READ-ONLY; URL to fetch the next set of data connectors. + NextLink *string +} - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string +// DataConnectorRequirementsState - Data connector requirements status. +type DataConnectorRequirementsState struct { + // Authorization state for this connector + AuthorizationState *DataConnectorAuthorizationState - // READ-ONLY; The geo-location context attached to the ip entity - Location *GeoLocation + // License state for this connector + LicenseState *DataConnectorLicenseState +} - // READ-ONLY; A list of TI contexts attached to the ip entity. - ThreatIntelligence []*ThreatIntelligence +// DataConnectorsCheckRequirements - Data connector requirements properties. +type DataConnectorsCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind } -// Incident - Represents an incident in Azure Security Insights. -type Incident struct { - // Etag of the azure resource - Etag *string +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type DataConnectorsCheckRequirements. +func (d *DataConnectorsCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return d +} - // Incident properties - Properties *IncidentProperties +// DataTypeDefinitions - The data type definition +type DataTypeDefinitions struct { + // The data type name + DataType *string +} - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - ID *string +// Deployment - Description about a deployment. +type Deployment struct { + // Deployment identifier. + DeploymentID *string - // READ-ONLY; The name of the resource - Name *string + // Url to access repository action logs. + DeploymentLogsURL *string - // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. - SystemData *SystemData + // The outcome of the deployment. + DeploymentResult *DeploymentResult - // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" - Type *string + // Current status of the deployment. + DeploymentState *DeploymentState + + // The time when the deployment finished. + DeploymentTime *time.Time } -// IncidentAdditionalData - Incident additional data property bag. -type IncidentAdditionalData struct { - // READ-ONLY; List of product names of alerts in the incident - AlertProductNames []*string +// DeploymentInfo - Information regarding a deployment. +type DeploymentInfo struct { + // Deployment information. + Deployment *Deployment - // READ-ONLY; The number of alerts in the incident - AlertsCount *int32 + // Status while fetching the last deployment. + DeploymentFetchStatus *DeploymentFetchStatus - // READ-ONLY; The number of bookmarks in the incident - BookmarksCount *int32 + // Additional details about the deployment that can be shown to the user. + Message *string +} - // READ-ONLY; The number of comments in the incident - CommentsCount *int32 +// Dynamics365CheckRequirements - Represents Dynamics365 requirements check request. +type Dynamics365CheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind - // READ-ONLY; The tactics associated with incident - Tactics []*AttackTactic + // Dynamics365 requirements check properties. + Properties *Dynamics365CheckRequirementsProperties } -// IncidentAlertList - List of incident alerts. -type IncidentAlertList struct { - // REQUIRED; Array of incident alerts. - Value []*SecurityAlert +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type Dynamics365CheckRequirements. +func (d *Dynamics365CheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: d.Kind, + } } -// IncidentBookmarkList - List of incident bookmarks. -type IncidentBookmarkList struct { - // REQUIRED; Array of incident bookmarks. - Value []*HuntingBookmark +// Dynamics365CheckRequirementsProperties - Dynamics365 requirements check properties. +type Dynamics365CheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string } -// IncidentComment - Represents an incident comment -type IncidentComment struct { +// Dynamics365DataConnector - Represents Dynamics365 data connector. +type Dynamics365DataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + // Etag of the azure resource Etag *string - // Incident comment properties - Properties *IncidentCommentProperties + // Dynamics365 data connector properties. + Properties *Dynamics365DataConnectorProperties // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -1450,208 +2506,269 @@ type IncidentComment struct { Type *string } -// IncidentCommentList - List of incident comments. -type IncidentCommentList struct { - // REQUIRED; Array of comments. - Value []*IncidentComment +// GetDataConnector implements the DataConnectorClassification interface for type Dynamics365DataConnector. +func (d *Dynamics365DataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: d.Etag, + ID: d.ID, + Kind: d.Kind, + Name: d.Name, + SystemData: d.SystemData, + Type: d.Type, + } +} - // READ-ONLY; URL to fetch the next set of comments. - NextLink *string +// Dynamics365DataConnectorDataTypes - The available data types for Dynamics365 data connector. +type Dynamics365DataConnectorDataTypes struct { + // REQUIRED; Common Data Service data type connection. + Dynamics365CdsActivities *Dynamics365DataConnectorDataTypesDynamics365CdsActivities } -// IncidentCommentProperties - Incident comment property bag. -type IncidentCommentProperties struct { - // REQUIRED; The comment message - Message *string +// Dynamics365DataConnectorDataTypesDynamics365CdsActivities - Common Data Service data type connection. +type Dynamics365DataConnectorDataTypesDynamics365CdsActivities struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} - // READ-ONLY; Describes the client that created the comment - Author *ClientInfo +// Dynamics365DataConnectorProperties - Dynamics365 data connector properties. +type Dynamics365DataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *Dynamics365DataConnectorDataTypes - // READ-ONLY; The time the comment was created - CreatedTimeUTC *time.Time + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} - // READ-ONLY; The time the comment was updated - LastModifiedTimeUTC *time.Time +// EnrichmentDomainBody - Domain name to be enriched +type EnrichmentDomainBody struct { + // The domain name + Domain *string } -// IncidentConfiguration - Incident Configuration property bag. -type IncidentConfiguration struct { - // REQUIRED; Create incidents from alerts triggered by this analytics rule - CreateIncident *bool +// EnrichmentDomainWhois - Whois information for a given domain and associated metadata +type EnrichmentDomainWhois struct { + // The timestamp at which this record was created + Created *time.Time - // Set how the alerts that are triggered by this analytics rule, are grouped into incidents - GroupingConfiguration *GroupingConfiguration -} + // The domain for this whois record + Domain *string -// IncidentEntitiesResponse - The incident related entities response. -type IncidentEntitiesResponse struct { - // Array of the incident related entities. - Entities []EntityClassification + // The timestamp at which this record will expire + Expires *time.Time - // The metadata from the incident related entities results. - MetaData []*IncidentEntitiesResultsMetadata -} + // The whois record for a given domain + ParsedWhois *EnrichmentDomainWhoisDetails -// IncidentEntitiesResultsMetadata - Information of a specific aggregation in the incident related entities result. -type IncidentEntitiesResultsMetadata struct { - // REQUIRED; Total number of aggregations of the given kind in the incident related entities result. - Count *int32 + // The hostname of this registrar's whois server + Server *string - // REQUIRED; The kind of the aggregated entity. - EntityKind *EntityKindEnum + // The timestamp at which this record was last updated + Updated *time.Time } -// IncidentInfo - Describes related incident information for the bookmark -type IncidentInfo struct { - // Incident Id - IncidentID *string +// EnrichmentDomainWhoisContact - An individual contact associated with this domain +type EnrichmentDomainWhoisContact struct { + // The city for this contact + City *string - // Relation Name - RelationName *string + // The country for this contact + Country *string - // The severity of the incident - Severity *IncidentSeverity + // The email address for this contact + Email *string - // The title of the incident - Title *string -} + // The fax number for this contact + Fax *string -// IncidentLabel - Represents an incident label -type IncidentLabel struct { - // REQUIRED; The name of the label - LabelName *string + // The name of this contact + Name *string - // READ-ONLY; The type of the label - LabelType *IncidentLabelType + // The organization for this contact + Org *string + + // The phone number for this contact + Phone *string + + // The postal code for this contact + Postal *string + + // The state for this contact + State *string + + // A list describing the street address for this contact + Street []*string } -// IncidentList - List all the incidents. -type IncidentList struct { - // REQUIRED; Array of incidents. - Value []*Incident +// EnrichmentDomainWhoisContacts - The set of contacts associated with this domain +type EnrichmentDomainWhoisContacts struct { + // The admin contact for this whois record + Admin *EnrichmentDomainWhoisContact - // READ-ONLY; URL to fetch the next set of incidents. - NextLink *string + // The billing contact for this whois record + Billing *EnrichmentDomainWhoisContact + + // The registrant contact for this whois record + Registrant *EnrichmentDomainWhoisContact + + // The technical contact for this whois record + Tech *EnrichmentDomainWhoisContact } -// IncidentOwnerInfo - Information on the user an incident is assigned to -type IncidentOwnerInfo struct { - // The name of the user the incident is assigned to. - AssignedTo *string +// EnrichmentDomainWhoisDetails - The whois record for a given domain +type EnrichmentDomainWhoisDetails struct { + // The set of contacts associated with this domain + Contacts *EnrichmentDomainWhoisContacts - // The email of the user the incident is assigned to. - Email *string + // A list of name servers associated with this domain + NameServers []*string - // The object id of the user the incident is assigned to. - ObjectID *string + // The registrar associated with this domain + Registrar *EnrichmentDomainWhoisRegistrarDetails - // The user principal name of the user the incident is assigned to. - UserPrincipalName *string + // The set of status flags for this whois record + Statuses []*string } -// IncidentOwnerInfoAutoGenerated - Information on the user an incident is assigned to -type IncidentOwnerInfoAutoGenerated struct { - // The name of the user the incident is assigned to. - AssignedTo *string +// EnrichmentDomainWhoisRegistrarDetails - The registrar associated with this domain +type EnrichmentDomainWhoisRegistrarDetails struct { + // This registrar's abuse contact email + AbuseContactEmail *string - // The email of the user the incident is assigned to. - Email *string + // This registrar's abuse contact phone number + AbuseContactPhone *string - // The object id of the user the incident is assigned to. - ObjectID *string + // This registrar's Internet Assigned Numbers Authority id + IanaID *string - // The type of the owner the incident is assigned to. - OwnerType *OwnerType + // The name of this registrar + Name *string - // The user principal name of the user the incident is assigned to. - UserPrincipalName *string + // This registrar's URL + URL *string + + // The hostname of this registrar's whois server + WhoisServer *string } -// IncidentProperties - Describes incident properties -type IncidentProperties struct { - // REQUIRED; The severity of the incident - Severity *IncidentSeverity +// EnrichmentIPAddressBody - IP address (v4 or v6) to be enriched +type EnrichmentIPAddressBody struct { + // The dotted-decimal or colon-separated string representation of the IP address + IPAddress *string +} - // REQUIRED; The status of the incident - Status *IncidentStatus +// EnrichmentIPGeodata - Geodata information for a given IP address +type EnrichmentIPGeodata struct { + // The autonomous system number associated with this IP address + Asn *string - // REQUIRED; The title of the incident - Title *string + // The name of the carrier for this IP address + Carrier *string - // The reason the incident was closed - Classification *IncidentClassification + // The city this IP address is located in + City *string - // Describes the reason the incident was closed - ClassificationComment *string + // A numeric rating of confidence that the value in the 'city' field is correct, on a scale of 0-100 + CityCf *int32 - // The classification reason the incident was closed with - ClassificationReason *IncidentClassificationReason + // The continent this IP address is located on + Continent *string - // The description of the incident - Description *string + // The county this IP address is located in + Country *string - // The time of the first activity in the incident - FirstActivityTimeUTC *time.Time + // A numeric rating of confidence that the value in the 'country' field is correct on a scale of 0-100 + CountryCf *int32 - // List of labels relevant to this incident - Labels []*IncidentLabel + // The dotted-decimal or colon-separated string representation of the IP address + IPAddr *string - // The time of the last activity in the incident - LastActivityTimeUTC *time.Time + // A description of the connection type of this IP address + IPRoutingType *string - // Describes a user that the incident is assigned to - Owner *IncidentOwnerInfo + // The latitude of this IP address + Latitude *string - // READ-ONLY; Additional data on the incident - AdditionalData *IncidentAdditionalData + // The longitude of this IP address + Longitude *string - // READ-ONLY; The time the incident was created - CreatedTimeUTC *time.Time + // The name of the organization for this IP address + Organization *string - // READ-ONLY; A sequential number - IncidentNumber *int32 + // The type of the organization for this IP address + OrganizationType *string - // READ-ONLY; The deep-link url to the incident in Azure portal - IncidentURL *string + // The geographic region this IP address is located in + Region *string - // READ-ONLY; The last time the incident was updated - LastModifiedTimeUTC *time.Time + // The state this IP address is located in + State *string - // READ-ONLY; List of resource ids of Analytic rules related to the incident - RelatedAnalyticRuleIDs []*string + // A numeric rating of confidence that the value in the 'state' field is correct on a scale of 0-100 + StateCf *int32 + + // The abbreviated name for the state this IP address is located in + StateCode *string } -type IncidentPropertiesAction struct { - // The reason the incident was closed - Classification *IncidentClassification +// EnrichmentIPGeodataAutoGenerated - Geodata information for a given IP address +type EnrichmentIPGeodataAutoGenerated struct { + // The autonomous system number associated with this IP address + Asn *string - // Describes the reason the incident was closed - ClassificationComment *string + // The name of the carrier for this IP address + Carrier *string - // The classification reason the incident was closed with - ClassificationReason *IncidentClassificationReason + // The city this IP address is located in + City *string - // List of labels to add to the incident - Labels []*IncidentLabel + // A numeric rating of confidence that the value in the 'city' field is correct, on a scale of 0-100 + CityConfidenceFactor *int32 - // Information on the user an incident is assigned to - Owner *IncidentOwnerInfoAutoGenerated + // The continent this IP address is located on + Continent *string - // The severity of the incident - Severity *IncidentSeverity + // The county this IP address is located in + Country *string - // The status of the incident - Status *IncidentStatus + // A numeric rating of confidence that the value in the 'country' field is correct on a scale of 0-100 + CountryConfidenceFactor *int32 + + // The dotted-decimal or colon-separated string representation of the IP address + IPAddr *string + + // A description of the connection type of this IP address + IPRoutingType *string + + // The latitude of this IP address + Latitude *string + + // The longitude of this IP address + Longitude *string + + // The name of the organization for this IP address + Organization *string + + // The type of the organization for this IP address + OrganizationType *string + + // The geographic region this IP address is located in + Region *string + + // The state this IP address is located in + State *string + + // The abbreviated name for the state this IP address is located in + StateCode *string + + // A numeric rating of confidence that the value in the 'state' field is correct on a scale of 0-100 + StateConfidenceFactor *int32 } -// IoTDeviceEntity - Represents an IoT device entity. -type IoTDeviceEntity struct { +// Entity - Specific entity. +type Entity struct { // REQUIRED; The kind of the entity. Kind *EntityKindEnum - // IoTDevice entity properties - Properties *IoTDeviceEntityProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -1665,143 +2782,185 @@ type IoTDeviceEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type IoTDeviceEntity. -func (i *IoTDeviceEntity) GetEntity() *Entity { - return &Entity{ - ID: i.ID, - Kind: i.Kind, - Name: i.Name, - SystemData: i.SystemData, - Type: i.Type, - } -} +// GetEntity implements the EntityClassification interface for type Entity. +func (e *Entity) GetEntity() *Entity { return e } -// IoTDeviceEntityProperties - IoTDevice entity property bag. -type IoTDeviceEntityProperties struct { - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any +// EntityAnalytics - Settings with single toggle. +type EntityAnalytics struct { + // REQUIRED; The kind of the setting + Kind *SettingKind - // READ-ONLY; The ID of the IoT Device in the IoT Hub - DeviceID *string + // Etag of the azure resource + Etag *string - // READ-ONLY; The friendly name of the device - DeviceName *string + // EntityAnalytics properties + Properties *EntityAnalyticsProperties - // READ-ONLY; The type of the device - DeviceType *string + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string - // READ-ONLY; The ID of the edge device - EdgeID *string + // READ-ONLY; The name of the resource + Name *string - // READ-ONLY; The firmware version of the device - FirmwareVersion *string + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} - // READ-ONLY; The Host entity id of this device - HostEntityID *string +// GetSettings implements the SettingsClassification interface for type EntityAnalytics. +func (e *EntityAnalytics) GetSettings() *Settings { + return &Settings{ + Etag: e.Etag, + ID: e.ID, + Kind: e.Kind, + Name: e.Name, + SystemData: e.SystemData, + Type: e.Type, + } +} - // READ-ONLY; The IP entity if of this device - IPAddressEntityID *string +// EntityAnalyticsProperties - EntityAnalytics property bag. +type EntityAnalyticsProperties struct { + // The relevant entity providers that are synced + EntityProviders []*EntityProviders +} - // READ-ONLY; The AzureResource entity id of the IoT Hub - IotHubEntityID *string +// EntityEdges - The edge that connects the entity to the other entity. +type EntityEdges struct { + // A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any - // READ-ONLY; The ID of the security agent running on the device - IotSecurityAgentID *string + // The target entity Id. + TargetEntityID *string +} - // READ-ONLY; The MAC address of the device - MacAddress *string +// EntityExpandParameters - The parameters required to execute an expand operation on the given entity. +type EntityExpandParameters struct { + // The end date filter, so the only expansion results returned are before this date. + EndTime *time.Time - // READ-ONLY; The model of the device - Model *string + // The Id of the expansion to perform. + ExpansionID *string - // READ-ONLY; The operating system of the device - OperatingSystem *string + // The start date filter, so the only expansion results returned are after this date. + StartTime *time.Time +} - // READ-ONLY; A list of protocols of the IoTDevice entity. - Protocols []*string +// EntityExpandResponse - The entity expansion result operation response. +type EntityExpandResponse struct { + // The metadata from the expansion operation results. + MetaData *ExpansionResultsMetadata - // READ-ONLY; The serial number of the device - SerialNumber *string + // The expansion result values. + Value *EntityExpandResponseValue +} - // READ-ONLY; The source of the device - Source *string +// EntityExpandResponseValue - The expansion result values. +type EntityExpandResponseValue struct { + // Array of edges that connects the entity to the list of entities. + Edges []*EntityEdges - // READ-ONLY; A list of TI contexts attached to the IoTDevice entity. - ThreatIntelligence []*ThreatIntelligence + // Array of the expansion result entities. + Entities []EntityClassification +} - // READ-ONLY; The vendor of the device - Vendor *string +// EntityFieldMapping - Map identifiers of a single entity +type EntityFieldMapping struct { + // Alert V3 identifier + Identifier *string + + // The value of the identifier + Value *string } -// MCASDataConnector - Represents MCAS (Microsoft Cloud App Security) data connector. -type MCASDataConnector struct { - // REQUIRED; The data connector kind - Kind *DataConnectorKind +// EntityGetInsightsParameters - The parameters required to execute insights operation on the given entity. +type EntityGetInsightsParameters struct { + // REQUIRED; The end timeline date, so the results returned are before this date. + EndTime *time.Time - // Etag of the azure resource - Etag *string + // REQUIRED; The start timeline date, so the results returned are after this date. + StartTime *time.Time - // MCAS (Microsoft Cloud App Security) data connector properties. - Properties *MCASDataConnectorProperties + // Indicates if query time range should be extended with default time range of the query. Default value is false + AddDefaultExtendedTimeRange *bool - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - ID *string + // List of Insights Query Id. If empty, default value is all insights of this entity + InsightQueryIDs []*string +} - // READ-ONLY; The name of the resource - Name *string +// EntityGetInsightsResponse - The Get Insights result operation response. +type EntityGetInsightsResponse struct { + // The metadata from the get insights operation results. + MetaData *GetInsightsResultsMetadata - // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. - SystemData *SystemData + // The insights result values. + Value []*EntityInsightItem +} - // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" - Type *string +// EntityInsightItem - Entity insight Item. +type EntityInsightItem struct { + // Query results for table insights query. + ChartQueryResults []*InsightsTableResult + + // The query id of the insight + QueryID *string + + // The Time interval that the query actually executed on. + QueryTimeInterval *EntityInsightItemQueryTimeInterval + + // Query results for table insights query. + TableQueryResults *InsightsTableResult } -// GetDataConnector implements the DataConnectorClassification interface for type MCASDataConnector. -func (m *MCASDataConnector) GetDataConnector() *DataConnector { - return &DataConnector{ - Etag: m.Etag, - ID: m.ID, - Kind: m.Kind, - Name: m.Name, - SystemData: m.SystemData, - Type: m.Type, - } +// EntityInsightItemQueryTimeInterval - The Time interval that the query actually executed on. +type EntityInsightItemQueryTimeInterval struct { + // Insight query end time + EndTime *time.Time + + // Insight query start time + StartTime *time.Time } -// MCASDataConnectorDataTypes - The available data types for MCAS (Microsoft Cloud App Security) data connector. -type MCASDataConnectorDataTypes struct { - // Alerts data type connection. - Alerts *DataConnectorDataTypeCommon +// EntityList - List of all the entities. +type EntityList struct { + // REQUIRED; Array of entities. + Value []EntityClassification - // Discovery log data type connection. - DiscoveryLogs *DataConnectorDataTypeCommon + // READ-ONLY; URL to fetch the next set of entities. + NextLink *string } -// MCASDataConnectorProperties - MCAS (Microsoft Cloud App Security) data connector properties. -type MCASDataConnectorProperties struct { - // The available data types for the connector. - DataTypes *MCASDataConnectorDataTypes +// EntityManualTriggerRequestBody - Describes the request body for triggering a playbook on an entity. +type EntityManualTriggerRequestBody struct { + // REQUIRED; The resource id of the playbook resource. + LogicAppsResourceID *string - // The tenant id to connect to, and get the data from. + // Incident ARM id. + IncidentArmID *string + + // The tenant id of the playbook resource. TenantID *string } -// MDATPDataConnector - Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. -type MDATPDataConnector struct { - // REQUIRED; The data connector kind - Kind *DataConnectorKind +// EntityMapping - Single entity mapping for the alert rule +type EntityMapping struct { + // The V3 type of the mapped entity + EntityType *EntityMappingType + + // array of field mappings for the given entity mapping + FieldMappings []*FieldMapping +} + +// EntityQuery - Specific entity query. +type EntityQuery struct { + // REQUIRED; the entity query kind + Kind *EntityQueryKind // Etag of the azure resource Etag *string - // MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. - Properties *MDATPDataConnectorProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -1815,34 +2974,45 @@ type MDATPDataConnector struct { Type *string } -// GetDataConnector implements the DataConnectorClassification interface for type MDATPDataConnector. -func (m *MDATPDataConnector) GetDataConnector() *DataConnector { - return &DataConnector{ - Etag: m.Etag, - ID: m.ID, - Kind: m.Kind, - Name: m.Name, - SystemData: m.SystemData, - Type: m.Type, - } +// GetEntityQuery implements the EntityQueryClassification interface for type EntityQuery. +func (e *EntityQuery) GetEntityQuery() *EntityQuery { return e } + +// EntityQueryItem - An abstract Query item for entity +type EntityQueryItem struct { + // REQUIRED; The kind of the entity query + Kind *EntityQueryKind + + // Query Template ARM Name + Name *string + + // ARM Type + Type *string + + // READ-ONLY; Query Template ARM ID + ID *string } -// MDATPDataConnectorProperties - MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. -type MDATPDataConnectorProperties struct { - // The available data types for the connector. - DataTypes *AlertsDataTypeOfDataConnector +// GetEntityQueryItem implements the EntityQueryItemClassification interface for type EntityQueryItem. +func (e *EntityQueryItem) GetEntityQueryItem() *EntityQueryItem { return e } - // The tenant id to connect to, and get the data from. - TenantID *string +type EntityQueryItemPropertiesDataTypesItem struct { + // Data type name + DataType *string } -// MailClusterEntity - Represents a mail cluster entity. -type MailClusterEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum +// EntityQueryList - List of all the entity queries. +type EntityQueryList struct { + // REQUIRED; Array of entity queries. + Value []EntityQueryClassification - // Mail cluster entity properties - Properties *MailClusterEntityProperties + // READ-ONLY; URL to fetch the next set of entity queries. + NextLink *string +} + +// EntityQueryTemplate - Specific entity query template. +type EntityQueryTemplate struct { + // REQUIRED; the entity query template kind + Kind *EntityQueryTemplateKind // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -1857,79 +3027,97 @@ type MailClusterEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type MailClusterEntity. -func (m *MailClusterEntity) GetEntity() *Entity { - return &Entity{ - ID: m.ID, - Kind: m.Kind, - Name: m.Name, - SystemData: m.SystemData, - Type: m.Type, - } +// GetEntityQueryTemplate implements the EntityQueryTemplateClassification interface for type EntityQueryTemplate. +func (e *EntityQueryTemplate) GetEntityQueryTemplate() *EntityQueryTemplate { return e } + +// EntityQueryTemplateList - List of all the entity query templates. +type EntityQueryTemplateList struct { + // REQUIRED; Array of entity query templates. + Value []EntityQueryTemplateClassification + + // READ-ONLY; URL to fetch the next set of entity query templates. + NextLink *string } -// MailClusterEntityProperties - Mail cluster entity property bag. -type MailClusterEntityProperties struct { - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any +// EntityTimelineItem - Entity timeline Item. +type EntityTimelineItem struct { + // REQUIRED; The entity query kind type. + Kind *EntityTimelineKind +} - // READ-ONLY; The cluster group - ClusterGroup *string +// GetEntityTimelineItem implements the EntityTimelineItemClassification interface for type EntityTimelineItem. +func (e *EntityTimelineItem) GetEntityTimelineItem() *EntityTimelineItem { return e } - // READ-ONLY; The cluster query end time - ClusterQueryEndTime *time.Time +// EntityTimelineParameters - The parameters required to execute s timeline operation on the given entity. +type EntityTimelineParameters struct { + // REQUIRED; The end timeline date, so the results returned are before this date. + EndTime *time.Time - // READ-ONLY; The cluster query start time - ClusterQueryStartTime *time.Time + // REQUIRED; The start timeline date, so the results returned are after this date. + StartTime *time.Time - // READ-ONLY; The id of the cluster source - ClusterSourceIdentifier *string + // Array of timeline Item kinds. + Kinds []*EntityTimelineKind - // READ-ONLY; The type of the cluster source - ClusterSourceType *string + // The number of bucket for timeline queries aggregation. + NumberOfBucket *int32 +} - // READ-ONLY; Count of mail messages by DeliveryStatus string representation - CountByDeliveryStatus any +// EntityTimelineResponse - The entity timeline result operation response. +type EntityTimelineResponse struct { + // The metadata from the timeline operation results. + MetaData *TimelineResultsMetadata - // READ-ONLY; Count of mail messages by ProtectionStatus string representation - CountByProtectionStatus any + // The timeline result values. + Value []EntityTimelineItemClassification +} - // READ-ONLY; Count of mail messages by ThreatType string representation - CountByThreatType any +// Error - The error description for why a publication failed +type Error struct { + // REQUIRED; The error message + ErrorMessage *string - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string + // REQUIRED; The member resource name for which the publication error occured + MemberResourceName *string +} - // READ-ONLY; Is this a volume anomaly mail cluster - IsVolumeAnomaly *bool +// EventGroupingSettings - Event grouping settings property bag. +type EventGroupingSettings struct { + // The event grouping aggregation kinds + AggregationKind *EventGroupingAggregationKind +} - // READ-ONLY; The number of mail messages that are part of the mail cluster - MailCount *int32 +// ExpansionEntityQueriesProperties - Describes expansion entity query properties +type ExpansionEntityQueriesProperties struct { + // List of the data sources that are required to run the query + DataSources []*string - // READ-ONLY; The mail message IDs that are part of the mail cluster - NetworkMessageIDs []*string + // The query display name + DisplayName *string - // READ-ONLY; The query that was used to identify the messages of the mail cluster - Query *string + // The type of the query's source entity + InputEntityType *EntityType - // READ-ONLY; The query time - QueryTime *time.Time + // List of the fields of the source entity that are required to run the query + InputFields []*string - // READ-ONLY; The source of the mail cluster (default is 'O365 ATP') - Source *string + // List of the desired output types to be constructed from the result + OutputEntityTypes []*EntityType - // READ-ONLY; The threats of mail messages that are part of the mail cluster - Threats []*string + // The template query string to be parsed and formatted + QueryTemplate *string } -// MailMessageEntity - Represents a mail message entity. -type MailMessageEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum - - // Mail message entity properties - Properties *MailMessageEntityProperties +// ExpansionEntityQuery - Represents Expansion entity query. +type ExpansionEntityQuery struct { + // REQUIRED; the entity query kind + Kind *EntityQueryKind + + // Etag of the azure resource + Etag *string + + // Expansion entity query properties + Properties *ExpansionEntityQueriesProperties // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -1944,110 +3132,97 @@ type MailMessageEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type MailMessageEntity. -func (m *MailMessageEntity) GetEntity() *Entity { - return &Entity{ - ID: m.ID, - Kind: m.Kind, - Name: m.Name, - SystemData: m.SystemData, - Type: m.Type, +// GetEntityQuery implements the EntityQueryClassification interface for type ExpansionEntityQuery. +func (e *ExpansionEntityQuery) GetEntityQuery() *EntityQuery { + return &EntityQuery{ + Etag: e.Etag, + ID: e.ID, + Kind: e.Kind, + Name: e.Name, + SystemData: e.SystemData, + Type: e.Type, } } -// MailMessageEntityProperties - Mail message entity property bag. -type MailMessageEntityProperties struct { - // The directionality of this mail message - AntispamDirection *AntispamMailDirection - - // The bodyFingerprintBin1 - BodyFingerprintBin1 *int32 - - // The bodyFingerprintBin2 - BodyFingerprintBin2 *int32 - - // The bodyFingerprintBin3 - BodyFingerprintBin3 *int32 - - // The bodyFingerprintBin4 - BodyFingerprintBin4 *int32 - - // The bodyFingerprintBin5 - BodyFingerprintBin5 *int32 - - // The delivery action of this mail message like Delivered, Blocked, Replaced etc - DeliveryAction *DeliveryAction - - // The delivery location of this mail message like Inbox, JunkFolder etc - DeliveryLocation *DeliveryLocation - - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any - - // READ-ONLY; The File entity ids of this mail message's attachments - FileEntityIDs []*string - - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string - - // READ-ONLY; The internet message id of this mail message - InternetMessageID *string +// ExpansionResultAggregation - Information of a specific aggregation in the expansion result. +type ExpansionResultAggregation struct { + // REQUIRED; Total number of aggregations of the given kind (and aggregationType if given) in the expansion result. + Count *int32 - // READ-ONLY; The language of this mail message - Language *string + // REQUIRED; The kind of the aggregated entity. + EntityKind *EntityKindEnum - // READ-ONLY; The network message id of this mail message - NetworkMessageID *string + // The common type of the aggregation. (for e.g. entity field name) + AggregationType *string - // READ-ONLY; The p1 sender's email address - P1Sender *string + // The display name of the aggregation by type. + DisplayName *string +} - // READ-ONLY; The p1 sender's display name - P1SenderDisplayName *string +// ExpansionResultsMetadata - Expansion result metadata. +type ExpansionResultsMetadata struct { + // Information of the aggregated nodes in the expansion result. + Aggregations []*ExpansionResultAggregation +} - // READ-ONLY; The p1 sender's domain - P1SenderDomain *string +// EyesOn - Settings with single toggle. +type EyesOn struct { + // REQUIRED; The kind of the setting + Kind *SettingKind - // READ-ONLY; The p2 sender's email address - P2Sender *string + // Etag of the azure resource + Etag *string - // READ-ONLY; The p2 sender's display name - P2SenderDisplayName *string + // EyesOn properties + Properties *EyesOnSettingsProperties - // READ-ONLY; The p2 sender's domain - P2SenderDomain *string + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string - // READ-ONLY; The receive date of this message - ReceiveDate *time.Time + // READ-ONLY; The name of the resource + Name *string - // READ-ONLY; The recipient of this mail message. Note that in case of multiple recipients the mail message is forked and - // each copy has one recipient - Recipient *string + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData - // READ-ONLY; The sender's IP address - SenderIP *string + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} - // READ-ONLY; The subject of this mail message - Subject *string +// GetSettings implements the SettingsClassification interface for type EyesOn. +func (e *EyesOn) GetSettings() *Settings { + return &Settings{ + Etag: e.Etag, + ID: e.ID, + Kind: e.Kind, + Name: e.Name, + SystemData: e.SystemData, + Type: e.Type, + } +} - // READ-ONLY; The threat detection methods - ThreatDetectionMethods []*string +// EyesOnSettingsProperties - EyesOn property bag. +type EyesOnSettingsProperties struct { + // READ-ONLY; Determines whether the setting is enable or disabled. + IsEnabled *bool +} - // READ-ONLY; The threats of this mail message - Threats []*string +// FieldMapping - A single field mapping of the mapped entity +type FieldMapping struct { + // the column name to be mapped to the identifier + ColumnName *string - // READ-ONLY; The Urls contained in this mail message - Urls []*string + // the V3 identifier of the entity + Identifier *string } -// MailboxEntity - Represents a mailbox entity. -type MailboxEntity struct { +// FileEntity - Represents a file entity. +type FileEntity struct { // REQUIRED; The kind of the entity. Kind *EntityKindEnum - // Mailbox entity properties - Properties *MailboxEntityProperties + // File entity properties + Properties *FileEntityProperties // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -2062,47 +3237,46 @@ type MailboxEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type MailboxEntity. -func (m *MailboxEntity) GetEntity() *Entity { +// GetEntity implements the EntityClassification interface for type FileEntity. +func (f *FileEntity) GetEntity() *Entity { return &Entity{ - ID: m.ID, - Kind: m.Kind, - Name: m.Name, - SystemData: m.SystemData, - Type: m.Type, + ID: f.ID, + Kind: f.Kind, + Name: f.Name, + SystemData: f.SystemData, + Type: f.Type, } } -// MailboxEntityProperties - Mailbox entity property bag. -type MailboxEntityProperties struct { +// FileEntityProperties - File entity property bag. +type FileEntityProperties struct { // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]any - // READ-ONLY; The mailbox's display name - DisplayName *string + // READ-ONLY; The full path to the file. + Directory *string - // READ-ONLY; The AzureAD identifier of mailbox. Similar to AadUserId in account entity but this property is specific to mailbox - // object on office side - ExternalDirectoryObjectID *string + // READ-ONLY; The file hash entity identifiers associated with this file + FileHashEntityIDs []*string + + // READ-ONLY; The file name without path (some alerts might not include path). + FileName *string // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property // is optional and might be system generated. FriendlyName *string - // READ-ONLY; The mailbox's primary address - MailboxPrimaryAddress *string - - // READ-ONLY; The mailbox's UPN - Upn *string + // READ-ONLY; The Host entity id which the file belongs to + HostEntityID *string } -// MalwareEntity - Represents a malware entity. -type MalwareEntity struct { +// FileHashEntity - Represents a file hash entity. +type FileHashEntity struct { // REQUIRED; The kind of the entity. Kind *EntityKindEnum - // File entity properties - Properties *MalwareEntityProperties + // FileHash entity properties + Properties *FileHashEntityProperties // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -2117,49 +3291,37 @@ type MalwareEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type MalwareEntity. -func (m *MalwareEntity) GetEntity() *Entity { +// GetEntity implements the EntityClassification interface for type FileHashEntity. +func (f *FileHashEntity) GetEntity() *Entity { return &Entity{ - ID: m.ID, - Kind: m.Kind, - Name: m.Name, - SystemData: m.SystemData, - Type: m.Type, + ID: f.ID, + Kind: f.Kind, + Name: f.Name, + SystemData: f.SystemData, + Type: f.Type, } } -// MalwareEntityProperties - Malware entity property bag. -type MalwareEntityProperties struct { +// FileHashEntityProperties - FileHash entity property bag. +type FileHashEntityProperties struct { // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]any - // READ-ONLY; The malware category by the vendor, e.g. Trojan - Category *string - - // READ-ONLY; List of linked file entity identifiers on which the malware was found - FileEntityIDs []*string + // READ-ONLY; The hash algorithm type. + Algorithm *FileHashAlgorithm // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property // is optional and might be system generated. FriendlyName *string - // READ-ONLY; The malware name by the vendor, e.g. Win32/Toga!rfn - MalwareName *string - - // READ-ONLY; List of linked process entity identifiers on which the malware was found. - ProcessEntityIDs []*string + // READ-ONLY; The file hash value. + HashValue *string } -// MicrosoftSecurityIncidentCreationAlertRule - Represents MicrosoftSecurityIncidentCreation rule. -type MicrosoftSecurityIncidentCreationAlertRule struct { - // REQUIRED; The alert rule kind - Kind *AlertRuleKind - - // Etag of the azure resource - Etag *string - - // MicrosoftSecurityIncidentCreation rule properties - Properties *MicrosoftSecurityIncidentCreationAlertRuleProperties +// FileImport - Represents a file import in Azure Security Insights. +type FileImport struct { + // File import properties + Properties *FileImportProperties // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -2174,126 +3336,154 @@ type MicrosoftSecurityIncidentCreationAlertRule struct { Type *string } -// GetAlertRule implements the AlertRuleClassification interface for type MicrosoftSecurityIncidentCreationAlertRule. -func (m *MicrosoftSecurityIncidentCreationAlertRule) GetAlertRule() *AlertRule { - return &AlertRule{ - Etag: m.Etag, - ID: m.ID, - Kind: m.Kind, - Name: m.Name, - SystemData: m.SystemData, - Type: m.Type, - } +// FileImportList - List all the file imports. +type FileImportList struct { + // REQUIRED; Array of file imports. + Value []*FileImport + + // READ-ONLY; URL to fetch the next set of file imports. + NextLink *string } -// MicrosoftSecurityIncidentCreationAlertRuleProperties - MicrosoftSecurityIncidentCreation rule property bag. -type MicrosoftSecurityIncidentCreationAlertRuleProperties struct { - // REQUIRED; The display name for alerts created by this alert rule. - DisplayName *string +// FileImportProperties - Describes the FileImport's properties +type FileImportProperties struct { + // REQUIRED; The content type of this file. + ContentType *FileImportContentType - // REQUIRED; Determines whether this alert rule is enabled or disabled. - Enabled *bool + // REQUIRED; Represents the imported file. + ImportFile *FileMetadata - // REQUIRED; The alerts' productName on which the cases will be generated - ProductFilter *MicrosoftSecurityProductName + // REQUIRED; Describes how to ingest the records in the file. + IngestionMode *IngestionMode - // The Name of the alert rule template used to create this rule. - AlertRuleTemplateName *string + // REQUIRED; The source for the data in the file. + Source *string - // The description of the alert rule. - Description *string + // READ-ONLY; The time the file was imported. + CreatedTimeUTC *time.Time - // the alerts' displayNames on which the cases will not be generated - DisplayNamesExcludeFilter []*string + // READ-ONLY; Represents the error file (if the import was ingested with errors or failed the validation). + ErrorFile *FileMetadata - // the alerts' displayNames on which the cases will be generated - DisplayNamesFilter []*string + // READ-ONLY; An ordered list of some of the errors that were encountered during validation. + ErrorsPreview []*ValidationError - // the alerts' severities on which the cases will be generated - SeveritiesFilter []*AlertSeverity + // READ-ONLY; The time the files associated with this import are deleted from the storage account. + FilesValidUntilTimeUTC *time.Time - // READ-ONLY; The last time that this alert has been modified. - LastModifiedUTC *time.Time -} + // READ-ONLY; The time the file import record is soft deleted from the database and history. + ImportValidUntilTimeUTC *time.Time -// MicrosoftSecurityIncidentCreationAlertRuleTemplate - Represents MicrosoftSecurityIncidentCreation rule template. -type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct { - // REQUIRED; The alert rule kind - Kind *AlertRuleKind + // READ-ONLY; The number of records that have been successfully ingested. + IngestedRecordCount *int32 - // MicrosoftSecurityIncidentCreation rule template properties - Properties *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties + // READ-ONLY; The state of the file import. + State *FileImportState - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - ID *string + // READ-ONLY; The number of records in the file. + TotalRecordCount *int32 - // READ-ONLY; The name of the resource - Name *string + // READ-ONLY; The number of records that have passed validation. + ValidRecordCount *int32 +} - // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. - SystemData *SystemData +// FileMetadata - Represents a file. +type FileMetadata struct { + // The format of the file + FileFormat *FileFormat - // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" - Type *string + // The name of the file. + FileName *string + + // The size of the file. + FileSize *int32 + + // READ-ONLY; Indicates whether the file was deleted from the storage account. + DeleteStatus *DeleteStatus + + // READ-ONLY; A URI with a valid SAS token to allow uploading / downloading the file. + FileContentURI *string } -// GetAlertRuleTemplate implements the AlertRuleTemplateClassification interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (m *MicrosoftSecurityIncidentCreationAlertRuleTemplate) GetAlertRuleTemplate() *AlertRuleTemplate { - return &AlertRuleTemplate{ - ID: m.ID, - Kind: m.Kind, - Name: m.Name, - SystemData: m.SystemData, - Type: m.Type, +// FusionAlertRule - Represents Fusion alert rule. +type FusionAlertRule struct { + // REQUIRED; The kind of the alert rule + Kind *AlertRuleKind + + // Etag of the azure resource + Etag *string + + // Fusion alert rule properties + Properties *FusionAlertRuleProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetAlertRule implements the AlertRuleClassification interface for type FusionAlertRule. +func (f *FusionAlertRule) GetAlertRule() *AlertRule { + return &AlertRule{ + Etag: f.Etag, + ID: f.ID, + Kind: f.Kind, + Name: f.Name, + SystemData: f.SystemData, + Type: f.Type, } } -// MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - MicrosoftSecurityIncidentCreation rule template properties -type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct { - // REQUIRED; The alerts' productName on which the cases will be generated - ProductFilter *MicrosoftSecurityProductName +// FusionAlertRuleProperties - Fusion alert rule base property bag. +type FusionAlertRuleProperties struct { + // REQUIRED; The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string - // the number of alert rules that were created by this template - AlertRulesCreatedByTemplateCount *int32 + // REQUIRED; Determines whether this alert rule is enabled or disabled. + Enabled *bool - // The description of the alert rule template. - Description *string + // Configuration to exclude scenarios in fusion detection. + ScenarioExclusionPatterns []*FusionScenarioExclusionPattern - // The display name for alert rule template. - DisplayName *string + // Configuration for all supported source signals in fusion detection. + SourceSettings []*FusionSourceSettings - // the alerts' displayNames on which the cases will not be generated - DisplayNamesExcludeFilter []*string + // READ-ONLY; The description of the alert rule. + Description *string - // the alerts' displayNames on which the cases will be generated - DisplayNamesFilter []*string + // READ-ONLY; The display name for alerts created by this alert rule. + DisplayName *string - // The required data connectors for this template - RequiredDataConnectors []*AlertRuleTemplateDataSource + // READ-ONLY; The last time that this alert has been modified. + LastModifiedUTC *time.Time - // the alerts' severities on which the cases will be generated - SeveritiesFilter []*AlertSeverity + // READ-ONLY; The severity for alerts created by this alert rule. + Severity *AlertSeverity - // The alert rule template status. - Status *TemplateStatus + // READ-ONLY; The sub-techniques of the alert rule + SubTechniques []*string - // READ-ONLY; The time that this alert rule template has been added. - CreatedDateUTC *time.Time + // READ-ONLY; The tactics of the alert rule + Tactics []*AttackTactic - // READ-ONLY; The time that this alert rule template was last updated. - LastUpdatedDateUTC *time.Time + // READ-ONLY; The techniques of the alert rule + Techniques []*string } -// OfficeDataConnector - Represents office data connector. -type OfficeDataConnector struct { - // REQUIRED; The data connector kind - Kind *DataConnectorKind - - // Etag of the azure resource - Etag *string +// FusionAlertRuleTemplate - Represents Fusion alert rule template. +type FusionAlertRuleTemplate struct { + // REQUIRED; The kind of the alert rule + Kind *AlertRuleKind - // Office data connector properties. - Properties *OfficeDataConnectorProperties + // Fusion alert rule template properties + Properties *FusionAlertRuleTemplateProperties // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -2308,111 +3498,186 @@ type OfficeDataConnector struct { Type *string } -// GetDataConnector implements the DataConnectorClassification interface for type OfficeDataConnector. -func (o *OfficeDataConnector) GetDataConnector() *DataConnector { - return &DataConnector{ - Etag: o.Etag, - ID: o.ID, - Kind: o.Kind, - Name: o.Name, - SystemData: o.SystemData, - Type: o.Type, +// GetAlertRuleTemplate implements the AlertRuleTemplateClassification interface for type FusionAlertRuleTemplate. +func (f *FusionAlertRuleTemplate) GetAlertRuleTemplate() *AlertRuleTemplate { + return &AlertRuleTemplate{ + ID: f.ID, + Kind: f.Kind, + Name: f.Name, + SystemData: f.SystemData, + Type: f.Type, } } -// OfficeDataConnectorDataTypes - The available data types for office data connector. -type OfficeDataConnectorDataTypes struct { - // Exchange data type connection. - Exchange *OfficeDataConnectorDataTypesExchange +// FusionAlertRuleTemplateProperties - Fusion alert rule template properties +type FusionAlertRuleTemplateProperties struct { + // the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 - // SharePoint data type connection. - SharePoint *OfficeDataConnectorDataTypesSharePoint + // The description of the alert rule template. + Description *string - // Teams data type connection. - Teams *OfficeDataConnectorDataTypesTeams + // The display name for alert rule template. + DisplayName *string + + // The required data connectors for this template + RequiredDataConnectors []*AlertRuleTemplateDataSource + + // The severity for alerts created by this alert rule. + Severity *AlertSeverity + + // All supported source signal configurations consumed in fusion detection. + SourceSettings []*FusionTemplateSourceSetting + + // The alert rule template status. + Status *TemplateStatus + + // The sub-techniques of the alert rule + SubTechniques []*string + + // The tactics of the alert rule template + Tactics []*AttackTactic + + // The techniques of the alert rule + Techniques []*string + + // READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *time.Time + + // READ-ONLY; The time that this alert rule template was last updated. + LastUpdatedDateUTC *time.Time } -// OfficeDataConnectorDataTypesExchange - Exchange data type connection. -type OfficeDataConnectorDataTypesExchange struct { - // Describe whether this data type connection is enabled or not. - State *DataTypeState +// FusionScenarioExclusionPattern - Represents a Fusion scenario exclusion patterns in Fusion detection. +type FusionScenarioExclusionPattern struct { + // REQUIRED; DateTime when scenario exclusion pattern is added in UTC. + DateAddedInUTC *string + + // REQUIRED; Scenario exclusion pattern. + ExclusionPattern *string } -// OfficeDataConnectorDataTypesSharePoint - SharePoint data type connection. -type OfficeDataConnectorDataTypesSharePoint struct { - // Describe whether this data type connection is enabled or not. - State *DataTypeState +// FusionSourceSettings - Represents a supported source signal configuration in Fusion detection. +type FusionSourceSettings struct { + // REQUIRED; Determines whether this source signal is enabled or disabled in Fusion detection. + Enabled *bool + + // REQUIRED; Name of the Fusion source signal. Refer to Fusion alert rule template for supported values. + SourceName *string + + // Configuration for all source subtypes under this source signal consumed in fusion detection. + SourceSubTypes []*FusionSourceSubTypeSetting } -// OfficeDataConnectorDataTypesTeams - Teams data type connection. -type OfficeDataConnectorDataTypesTeams struct { - // Describe whether this data type connection is enabled or not. - State *DataTypeState +// FusionSourceSubTypeSetting - Represents a supported source subtype configuration under a source signal in Fusion detection. +type FusionSourceSubTypeSetting struct { + // REQUIRED; Determines whether this source subtype under source signal is enabled or disabled in Fusion detection. + Enabled *bool + + // REQUIRED; Severity configuration for a source subtype consumed in fusion detection. + SeverityFilters *FusionSubTypeSeverityFilter + + // REQUIRED; The Name of the source subtype under a given source signal in Fusion detection. Refer to Fusion alert rule template + // for supported values. + SourceSubTypeName *string + + // READ-ONLY; The display name of source subtype under a source signal consumed in Fusion detection. + SourceSubTypeDisplayName *string } -// OfficeDataConnectorProperties - Office data connector properties. -type OfficeDataConnectorProperties struct { - // The available data types for the connector. - DataTypes *OfficeDataConnectorDataTypes +// FusionSubTypeSeverityFilter - Represents severity configuration for a source subtype consumed in Fusion detection. +type FusionSubTypeSeverityFilter struct { + // Individual Severity configuration settings for a given source subtype consumed in Fusion detection. + Filters []*FusionSubTypeSeverityFiltersItem - // The tenant id to connect to, and get the data from. - TenantID *string + // READ-ONLY; Determines whether this source subtype supports severity configuration or not. + IsSupported *bool } -// Operation provided by provider -type Operation struct { - // Properties of the operation - Display *OperationDisplay +// FusionSubTypeSeverityFiltersItem - Represents a Severity filter setting for a given source subtype consumed in Fusion detection. +type FusionSubTypeSeverityFiltersItem struct { + // REQUIRED; Determines whether this severity is enabled or disabled for this source subtype consumed in Fusion detection. + Enabled *bool - // Indicates whether the operation is a data action - IsDataAction *bool + // REQUIRED; The Severity for a given source subtype consumed in Fusion detection. + Severity *AlertSeverity +} - // Name of the operation - Name *string +// FusionTemplateSourceSetting - Represents a source signal consumed in Fusion detection. +type FusionTemplateSourceSetting struct { + // REQUIRED; The name of a source signal consumed in Fusion detection. + SourceName *string - // The origin of the operation - Origin *string + // All supported source subtypes under this source signal consumed in fusion detection. + SourceSubTypes []*FusionTemplateSourceSubType } -// OperationDisplay - Properties of the operation -type OperationDisplay struct { - // Description of the operation - Description *string +// FusionTemplateSourceSubType - Represents a source subtype under a source signal consumed in Fusion detection. +type FusionTemplateSourceSubType struct { + // REQUIRED; Severity configuration available for a source subtype consumed in fusion detection. + SeverityFilter *FusionTemplateSubTypeSeverityFilter - // Operation name - Operation *string + // REQUIRED; The name of source subtype under a source signal consumed in Fusion detection. + SourceSubTypeName *string - // Provider name - Provider *string + // READ-ONLY; The display name of source subtype under a source signal consumed in Fusion detection. + SourceSubTypeDisplayName *string +} - // Resource name - Resource *string +// FusionTemplateSubTypeSeverityFilter - Represents severity configurations available for a source subtype consumed in Fusion +// detection. +type FusionTemplateSubTypeSeverityFilter struct { + // REQUIRED; Determines whether severity configuration is supported for this source subtype consumed in Fusion detection. + IsSupported *bool + + // List of all supported severities for this source subtype consumed in Fusion detection. + SeverityFilters []*AlertSeverity } -// OperationsList - Lists the operations available in the SecurityInsights RP. -type OperationsList struct { - // REQUIRED; Array of operations - Value []*Operation +// GCPAuthModel - Model for API authentication for all GCP kind connectors. +type GCPAuthModel struct { + // REQUIRED; GCP Project Number + ProjectNumber *string - // READ-ONLY; URL to fetch the next set of operations. - NextLink *string + // REQUIRED; GCP Service Account Email + ServiceAccountEmail *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // REQUIRED; GCP Workload Identity Provider ID + WorkloadIdentityProviderID *string } -type PlaybookActionProperties struct { - // REQUIRED; The resource id of the playbook resource - LogicAppResourceID *string +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type GCPAuthModel. +func (g *GCPAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: g.Type, + } +} - // The tenant id of the playbook resource - TenantID *string +// GCPAuthProperties - Google Cloud Platform auth section properties. +type GCPAuthProperties struct { + // REQUIRED; The GCP project number. + ProjectNumber *string + + // REQUIRED; The service account that is used to access the GCP project. + ServiceAccountEmail *string + + // REQUIRED; The workload identity provider id that is used to gain access to the GCP project. + WorkloadIdentityProviderID *string } -// ProcessEntity - Represents a process entity. -type ProcessEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum +// GCPDataConnector - Represents Google Cloud Platform data connector. +type GCPDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind - // Process entity properties - Properties *ProcessEntityProperties + // Etag of the azure resource + Etag *string + + // Google Cloud Platform data connector properties. + Properties *GCPDataConnectorProperties // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -2427,52 +3692,3906 @@ type ProcessEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type ProcessEntity. -func (p *ProcessEntity) GetEntity() *Entity { - return &Entity{ - ID: p.ID, - Kind: p.Kind, - Name: p.Name, - SystemData: p.SystemData, - Type: p.Type, +// GetDataConnector implements the DataConnectorClassification interface for type GCPDataConnector. +func (g *GCPDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: g.Etag, + ID: g.ID, + Kind: g.Kind, + Name: g.Name, + SystemData: g.SystemData, + Type: g.Type, } } -// ProcessEntityProperties - Process entity property bag. -type ProcessEntityProperties struct { - // The elevation token associated with the process. - ElevationToken *ElevationToken - - // READ-ONLY; The account entity id running the processes. - AccountEntityID *string - - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any +// GCPDataConnectorProperties - Google Cloud Platform data connector properties. +type GCPDataConnectorProperties struct { + // REQUIRED; The auth section of the connector. + Auth *GCPAuthProperties - // READ-ONLY; The command line used to create the process - CommandLine *string + // REQUIRED; The name of the connector definition that represents the UI config. + ConnectorDefinitionName *string - // READ-ONLY; The time when the process started to run - CreationTimeUTC *time.Time + // REQUIRED; The request section of the connector. + Request *GCPRequestProperties - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string + // The configuration of the destination of the data. + DcrConfig *DCRConfiguration +} - // READ-ONLY; The host entity id on which the process was running - HostEntityID *string +// GCPRequestProperties - Google Cloud Platform request section properties. +type GCPRequestProperties struct { + // REQUIRED; The GCP project id. + ProjectID *string - // READ-ONLY; The session entity id in which the process was running - HostLogonSessionEntityID *string + // REQUIRED; The GCP pub/sub subscription names. + SubscriptionNames []*string +} - // READ-ONLY; Image file entity id - ImageFileEntityID *string +// GenericBlobSbsAuthModel - Model for API authentication for working with service bus or storage account. +type GenericBlobSbsAuthModel struct { + // REQUIRED; The auth type + Type *CcpAuthType - // READ-ONLY; The parent process entity id. - ParentProcessEntityID *string + // Credentials for service bus namespace, keyvault uri for access key + CredentialsConfig map[string]*string - // READ-ONLY; The process ID - ProcessID *string + // Credentials for storage account, keyvault uri for access key + StorageAccountCredentialsConfig map[string]*string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type GenericBlobSbsAuthModel. +func (g *GenericBlobSbsAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: g.Type, + } +} + +// GeoLocation - The geo-location context attached to the ip entity +type GeoLocation struct { + // READ-ONLY; Autonomous System Number + Asn *int32 + + // READ-ONLY; City name + City *string + + // READ-ONLY; The country code according to ISO 3166 format + CountryCode *string + + // READ-ONLY; Country name according to ISO 3166 Alpha 2: the lowercase of the English Short Name + CountryName *string + + // READ-ONLY; The latitude of the identified location, expressed as a floating point number with range of - 90 to 90. Latitude + // and longitude are derived from the city or postal code. + Latitude *float64 + + // READ-ONLY; The longitude of the identified location, expressed as a floating point number with range of -180 to 180. Latitude + // and longitude are derived from the city or postal code. + Longitude *float64 + + // READ-ONLY; State name + State *string +} + +// GetInsightsErrorKind - GetInsights Query Errors. +type GetInsightsErrorKind struct { + // REQUIRED; the error message + ErrorMessage *string + + // REQUIRED; the query kind + Kind *GetInsightsError + + // the query id + QueryID *string +} + +// GetInsightsResultsMetadata - Get Insights result metadata. +type GetInsightsResultsMetadata struct { + // REQUIRED; the total items found for the insights request + TotalCount *int32 + + // information about the failed queries + Errors []*GetInsightsErrorKind +} + +// GetQueriesResponse - Retrieve queries for entity result operation response. +type GetQueriesResponse struct { + // The query result values. + Value []EntityQueryItemClassification +} + +// GitHubAuthModel - Model for API authentication for GitHub. For this authentication first we need to approve the Router +// app (Microsoft Security DevOps) to access the GitHub account, Then we only need the InstallationId +// to get the access token from https://api.github.com/app/installations/{installId}/access_tokens. +type GitHubAuthModel struct { + // REQUIRED; The auth type + Type *CcpAuthType + + // The GitHubApp auth installation id. + InstallationID *string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type GitHubAuthModel. +func (g *GitHubAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: g.Type, + } +} + +// GitHubResourceInfo - Resources created in GitHub repository. +type GitHubResourceInfo struct { + // GitHub application installation id. + AppInstallationID *string +} + +// GraphQuery - The graph query to show the volume of data arriving into the workspace over time. +type GraphQuery struct { + // REQUIRED; Gets or sets the base query for the graph. The base query is wrapped by Sentinel UI infra with a KQL query, that + // measures the volume over time. + BaseQuery *string + + // REQUIRED; Gets or sets the legend for the graph. + Legend *string + + // REQUIRED; Gets or sets the metric name that the query is checking. For example: 'Total data receive'. + MetricName *string +} + +// GroupingConfiguration - Grouping configuration property bag. +type GroupingConfiguration struct { + // REQUIRED; Grouping enabled + Enabled *bool + + // REQUIRED; Limit the group to alerts created within the lookback duration (in ISO 8601 duration format) + LookbackDuration *string + + // REQUIRED; Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails + // must be provided and not empty. + MatchingMethod *MatchingMethod + + // REQUIRED; Re-open closed matching incidents + ReopenClosedIncident *bool + + // A list of alert details to group by (when matchingMethod is Selected) + GroupByAlertDetails []*AlertDetail + + // A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule + // may be used. + GroupByCustomDetails []*string + + // A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may + // be used. + GroupByEntities []*EntityMappingType +} + +// HostEntity - Represents a host entity. +type HostEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // Host entity properties + Properties *HostEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type HostEntity. +func (h *HostEntity) GetEntity() *Entity { + return &Entity{ + ID: h.ID, + Kind: h.Kind, + Name: h.Name, + SystemData: h.SystemData, + Type: h.Type, + } +} + +// HostEntityProperties - Host entity property bag. +type HostEntityProperties struct { + // The operating system type. + OSFamily *OSFamily + + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The azure resource id of the VM. + AzureID *string + + // READ-ONLY; The DNS domain that this host belongs to. Should contain the compete DNS suffix for the domain + DNSDomain *string + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; The hostname without the domain suffix. + HostName *string + + // READ-ONLY; Determines whether this host belongs to a domain. + IsDomainJoined *bool + + // READ-ONLY; The host name (pre-windows2000). + NetBiosName *string + + // READ-ONLY; The NT domain that this host belongs to. + NtDomain *string + + // READ-ONLY; A free text representation of the operating system. This field is meant to hold specific versions the are more + // fine grained than OSFamily or future values not supported by OSFamily enumeration + OSVersion *string + + // READ-ONLY; The OMS agent id, if the host has OMS agent installed. + OmsAgentID *string +} + +// Hunt - Represents a Hunt in Azure Security Insights. +type Hunt struct { + // Etag of the azure resource + Etag *string + + // Hunt properties + Properties *HuntProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// HuntComment - Represents a Hunt Comment in Azure Security Insights +type HuntComment struct { + // Etag of the azure resource + Etag *string + + // Hunt Comment properties + Properties *HuntCommentProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// HuntCommentList - List of all hunt comments +type HuntCommentList struct { + // REQUIRED; Array of hunt comments + Value []*HuntComment + + // READ-ONLY; URL to fetch the next set of hunt comments. + NextLink *string +} + +// HuntCommentProperties - Describes a hunt comment properties +type HuntCommentProperties struct { + // REQUIRED; The message for the comment + Message *string +} + +// HuntList - List all the hunts. +type HuntList struct { + // REQUIRED; Array of hunts. + Value []*Hunt + + // READ-ONLY; URL to fetch the next set of hunts. + NextLink *string +} + +// HuntOwner - Describes a user that the hunt is assigned to +type HuntOwner struct { + // The name of the user the hunt is assigned to. + AssignedTo *string + + // The email of the user the hunt is assigned to. + Email *string + + // The object id of the user the hunt is assigned to. + ObjectID *string + + // The type of the owner the hunt is assigned to. + OwnerType *OwnerType + + // The user principal name of the user the hunt is assigned to. + UserPrincipalName *string +} + +// HuntProperties - Describes hunt properties +type HuntProperties struct { + // REQUIRED; The description of the hunt + Description *string + + // REQUIRED; The display name of the hunt + DisplayName *string + + // A list of mitre attack tactics the hunt is associated with + AttackTactics []*AttackTactic + + // A list of a mitre attack techniques the hunt is associated with + AttackTechniques []*string + + // The hypothesis status of the hunt. + HypothesisStatus *HypothesisStatus + + // List of labels relevant to this hunt + Labels []*string + + // Describes a user that the hunt is assigned to + Owner *HuntOwner + + // The status of the hunt. + Status *Status +} + +// HuntRelation - Represents a Hunt Relation in Azure Security Insights. +type HuntRelation struct { + // Etag of the azure resource + Etag *string + + // Hunt Relation properties + Properties *HuntRelationProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// HuntRelationList - List of all the hunt relations +type HuntRelationList struct { + // REQUIRED; Array of hunt relations + Value []*HuntRelation + + // READ-ONLY; URL to fetch the next set of hunt relations. + NextLink *string +} + +// HuntRelationProperties - Describes hunt relation properties +type HuntRelationProperties struct { + // REQUIRED; The id of the related resource + RelatedResourceID *string + + // List of labels relevant to this hunt + Labels []*string + + // READ-ONLY; The resource that the relation is related to + RelatedResourceKind *string + + // READ-ONLY; The name of the related resource + RelatedResourceName *string + + // READ-ONLY; The type of the hunt relation + RelationType *string +} + +// HuntingBookmark - Represents a Hunting bookmark entity. +type HuntingBookmark struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // HuntingBookmark entity properties + Properties *HuntingBookmarkProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type HuntingBookmark. +func (h *HuntingBookmark) GetEntity() *Entity { + return &Entity{ + ID: h.ID, + Kind: h.Kind, + Name: h.Name, + SystemData: h.SystemData, + Type: h.Type, + } +} + +// HuntingBookmarkProperties - Describes bookmark properties +type HuntingBookmarkProperties struct { + // REQUIRED; The display name of the bookmark + DisplayName *string + + // REQUIRED; The query of the bookmark. + Query *string + + // The time the bookmark was created + Created *time.Time + + // Describes a user that created the bookmark + CreatedBy *UserInfo + + // The time of the event + EventTime *time.Time + + // Describes an incident that relates to bookmark + IncidentInfo *IncidentInfo + + // List of labels relevant to this bookmark + Labels []*string + + // The notes of the bookmark + Notes *string + + // The query result of the bookmark. + QueryResult *string + + // The last time the bookmark was updated + Updated *time.Time + + // Describes a user that updated the bookmark + UpdatedBy *UserInfo + + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string +} + +// IPEntity - Represents an ip entity. +type IPEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // Ip entity properties + Properties *IPEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type IPEntity. +func (i *IPEntity) GetEntity() *Entity { + return &Entity{ + ID: i.ID, + Kind: i.Kind, + Name: i.Name, + SystemData: i.SystemData, + Type: i.Type, + } +} + +// IPEntityProperties - Ip entity property bag. +type IPEntityProperties struct { + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or Ipv6) + Address *string + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; The geo-location context attached to the ip entity + Location *GeoLocation + + // READ-ONLY; A list of TI contexts attached to the ip entity. + ThreatIntelligence []*ThreatIntelligence +} + +// Identity - Represents an identity in Azure Security Insights. +type Identity struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type Identity. +func (i *Identity) GetTIObject() *TIObject { + return &TIObject{ + ID: i.ID, + Kind: i.Kind, + Name: i.Name, + Properties: i.Properties, + SystemData: i.SystemData, + Type: i.Type, + } +} + +type Incident struct { + // Etag of the azure resource + Etag *string + Properties *IncidentProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// IncidentAdditionalData - Incident additional data property bag. +type IncidentAdditionalData struct { + // READ-ONLY; List of product names of alerts in the incident + AlertProductNames []*string + + // READ-ONLY; The number of alerts in the incident + AlertsCount *int32 + + // READ-ONLY; The number of bookmarks in the incident + BookmarksCount *int32 + + // READ-ONLY; The number of comments in the incident + CommentsCount *int32 + + // READ-ONLY; The provider incident url to the incident in Microsoft 365 Defender portal + ProviderIncidentURL *string + + // READ-ONLY; The tactics associated with incident + Tactics []*AttackTactic + + // READ-ONLY; The techniques associated with incident's tactics + Techniques []*string +} + +// IncidentAlertList - List of incident alerts. +type IncidentAlertList struct { + // REQUIRED; Array of incident alerts. + Value []*SecurityAlert +} + +// IncidentBookmarkList - List of incident bookmarks. +type IncidentBookmarkList struct { + // REQUIRED; Array of incident bookmarks. + Value []*HuntingBookmark +} + +// IncidentComment - Represents an incident comment +type IncidentComment struct { + // Etag of the azure resource + Etag *string + + // Incident comment properties + Properties *IncidentCommentProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +type IncidentCommentList struct { + // REQUIRED + Value []*IncidentComment + + // READ-ONLY + NextLink *string +} + +// IncidentCommentProperties - Incident comment property bag. +type IncidentCommentProperties struct { + // REQUIRED; The comment message + Message *string + + // READ-ONLY; Describes the client that created the comment + Author *ClientInfo + + // READ-ONLY; The time the comment was created + CreatedTimeUTC *time.Time + + // READ-ONLY; The time the comment was updated + LastModifiedTimeUTC *time.Time +} + +// IncidentConfiguration - Incident Configuration property bag. +type IncidentConfiguration struct { + // REQUIRED; Create incidents from alerts triggered by this analytics rule + CreateIncident *bool + + // Set how the alerts that are triggered by this analytics rule, are grouped into incidents + GroupingConfiguration *GroupingConfiguration +} + +// IncidentEntitiesResponse - The incident related entities response. +type IncidentEntitiesResponse struct { + // Array of the incident related entities. + Entities []EntityClassification + + // The metadata from the incident related entities results. + MetaData []*IncidentEntitiesResultsMetadata +} + +// IncidentEntitiesResultsMetadata - Information of a specific aggregation in the incident related entities result. +type IncidentEntitiesResultsMetadata struct { + // REQUIRED; Total number of aggregations of the given kind in the incident related entities result. + Count *int32 + + // REQUIRED; The kind of the aggregated entity. + EntityKind *EntityKindEnum +} + +// IncidentInfo - Describes related incident information for the bookmark +type IncidentInfo struct { + // Incident Id + IncidentID *string + + // Relation Name + RelationName *string + + // The severity of the incident + Severity *IncidentSeverity + + // The title of the incident + Title *string +} + +// IncidentLabel - Represents an incident label +type IncidentLabel struct { + // REQUIRED; The name of the label + LabelName *string + + // READ-ONLY; The type of the label + LabelType *IncidentLabelType +} + +// IncidentList - List all the incidents. +type IncidentList struct { + // REQUIRED + Value []*Incident + + // READ-ONLY; URL to fetch the next set of incidents. + NextLink *string +} + +// IncidentOwnerInfo - Information on the user an incident is assigned to +type IncidentOwnerInfo struct { + // The name of the user the incident is assigned to. + AssignedTo *string + + // The email of the user the incident is assigned to. + Email *string + + // The object id of the user the incident is assigned to. + ObjectID *string + + // The type of the owner the incident is assigned to. + OwnerType *OwnerType + + // The user principal name of the user the incident is assigned to. + UserPrincipalName *string +} + +type IncidentProperties struct { + // REQUIRED; The severity of the incident + Severity *IncidentSeverity + + // REQUIRED; The status of the incident + Status *IncidentStatus + + // REQUIRED; The title of the incident + Title *string + + // The reason the incident was closed + Classification *IncidentClassification + + // Describes the reason the incident was closed + ClassificationComment *string + + // The classification reason the incident was closed with + ClassificationReason *IncidentClassificationReason + + // The description of the incident + Description *string + + // The time of the first activity in the incident + FirstActivityTimeUTC *time.Time + + // List of labels relevant to this incident + Labels []*IncidentLabel + + // The time of the last activity in the incident + LastActivityTimeUTC *time.Time + + // Describes a user that the incident is assigned to + Owner *IncidentOwnerInfo + + // Describes a team for the incident + TeamInformation *TeamInformation + + // READ-ONLY; Additional data on the incident + AdditionalData *IncidentAdditionalData + + // READ-ONLY; The time the incident was created + CreatedTimeUTC *time.Time + + // READ-ONLY; A sequential number + IncidentNumber *int32 + + // READ-ONLY; The deep-link url to the incident in Azure portal + IncidentURL *string + + // READ-ONLY; The last time the incident was updated + LastModifiedTimeUTC *time.Time + + // READ-ONLY; The incident ID assigned by the incident provider + ProviderIncidentID *string + + // READ-ONLY; The name of the source provider that generated the incident + ProviderName *string + + // READ-ONLY; List of resource ids of Analytic rules related to the incident + RelatedAnalyticRuleIDs []*string +} + +type IncidentPropertiesAction struct { + // The reason the incident was closed + Classification *IncidentClassification + + // Describes the reason the incident was closed. + ClassificationComment *string + + // The classification reason the incident was closed with + ClassificationReason *IncidentClassificationReason + + // List of labels to add to the incident. + Labels []*IncidentLabel + + // Information on the user an incident is assigned to + Owner *IncidentOwnerInfo + + // The severity of the incident + Severity *IncidentSeverity + + // The status of the incident + Status *IncidentStatus +} + +type IncidentTask struct { + // REQUIRED + Properties *IncidentTaskProperties + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +type IncidentTaskList struct { + NextLink *string + Value []*IncidentTask +} + +type IncidentTaskProperties struct { + // REQUIRED + Status *IncidentTaskStatus + + // REQUIRED; The title of the task + Title *string + + // Information on the client (user or application) that made some action + CreatedBy *ClientInfo + + // The description of the task + Description *string + + // Information on the client (user or application) that made some action + LastModifiedBy *ClientInfo + + // READ-ONLY; The time the task was created + CreatedTimeUTC *time.Time + + // READ-ONLY; The last time the task was updated + LastModifiedTimeUTC *time.Time +} + +// Indicator - Represents an indicator in Azure Security Insights. +type Indicator struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The observables of this indicator + Observables []*IndicatorObservablesItem + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type Indicator. +func (i *Indicator) GetTIObject() *TIObject { + return &TIObject{ + ID: i.ID, + Kind: i.Kind, + Name: i.Name, + Properties: i.Properties, + SystemData: i.SystemData, + Type: i.Type, + } +} + +// IndicatorObservablesItem - An observable of this indicator +type IndicatorObservablesItem struct { + // The type of the observable of this indicator + Type *string + + // The value of the observable of this indicator + Value *string +} + +// InsightQueryItem - Represents Insight Query. +type InsightQueryItem struct { + // REQUIRED; The kind of the entity query + Kind *EntityQueryKind + + // Query Template ARM Name + Name *string + + // Properties bag for InsightQueryItem + Properties *InsightQueryItemProperties + + // ARM Type + Type *string + + // READ-ONLY; Query Template ARM ID + ID *string +} + +// GetEntityQueryItem implements the EntityQueryItemClassification interface for type InsightQueryItem. +func (i *InsightQueryItem) GetEntityQueryItem() *EntityQueryItem { + return &EntityQueryItem{ + ID: i.ID, + Kind: i.Kind, + Name: i.Name, + Type: i.Type, + } +} + +// InsightQueryItemProperties - Represents Insight Query. +type InsightQueryItemProperties struct { + // The activity query definitions. + AdditionalQuery *InsightQueryItemPropertiesAdditionalQuery + + // The base query of the insight. + BaseQuery *string + + // The insight chart query. + ChartQuery any + + // Data types for template + DataTypes []*EntityQueryItemPropertiesDataTypesItem + + // The insight chart query. + DefaultTimeRange *InsightQueryItemPropertiesDefaultTimeRange + + // The insight description. + Description *string + + // The insight display name. + DisplayName *string + + // The query applied only to entities matching to all filters + EntitiesFilter any + + // The type of the entity + InputEntityType *EntityType + + // The insight chart query. + ReferenceTimeRange *InsightQueryItemPropertiesReferenceTimeRange + + // Data types for template + RequiredInputFieldsSets [][]*string + + // The insight table query. + TableQuery *InsightQueryItemPropertiesTableQuery +} + +// InsightQueryItemPropertiesAdditionalQuery - The activity query definitions. +type InsightQueryItemPropertiesAdditionalQuery struct { + // The insight query. + Query *string + + // The insight text. + Text *string +} + +// InsightQueryItemPropertiesDefaultTimeRange - The insight chart query. +type InsightQueryItemPropertiesDefaultTimeRange struct { + // The padding for the end time of the query. + AfterRange *string + + // The padding for the start time of the query. + BeforeRange *string +} + +// InsightQueryItemPropertiesReferenceTimeRange - The insight chart query. +type InsightQueryItemPropertiesReferenceTimeRange struct { + // Additional query time for looking back. + BeforeRange *string +} + +// InsightQueryItemPropertiesTableQuery - The insight table query. +type InsightQueryItemPropertiesTableQuery struct { + // List of insight column definitions. + ColumnsDefinitions []*InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem + + // List of insight queries definitions. + QueriesDefinitions []*InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem +} + +type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem struct { + // Insight column header. + Header *string + + // Insights Column type. + OutputType *OutputType + + // Is query supports deep-link. + SupportDeepLink *bool +} + +type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem struct { + // Insight column header. + Filter *string + + // Insight column header. + LinkColumnsDefinitions []*InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem + + // Insight column header. + Project *string + + // Insight column header. + Summarize *string +} + +type InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem struct { + // Insight Link Definition Projected Name. + ProjectedName *string + + // Insight Link Definition Query. + Query *string +} + +// InsightsTableResult - Query results for table insights query. +type InsightsTableResult struct { + // Columns Metadata of the table + Columns []*InsightsTableResultColumnsItem + + // Rows data of the table + Rows [][]*string +} + +type InsightsTableResultColumnsItem struct { + // the name of the colum + Name *string + + // the type of the colum + Type *string +} + +// InstructionStep - Instruction steps to enable the connector. +type InstructionStep struct { + // Gets or sets the instruction step description. + Description *string + + // Gets or sets the inner instruction steps details. Foe Example: instruction step 1 might contain inner instruction steps: + // [instruction step 1.1, instruction step 1.2]. + InnerSteps []*InstructionStep + + // Gets or sets the instruction step details. + Instructions []*InstructionStepDetails + + // Gets or sets the instruction step title. + Title *string +} + +// InstructionStepDetails - Instruction step details, to be displayed in the Instructions steps section in the connector's +// page in Sentinel Portal. +type InstructionStepDetails struct { + // REQUIRED; Gets or sets the instruction type parameters settings. + Parameters any + + // REQUIRED; Gets or sets the instruction type name. + Type *string +} + +type InstructionStepsInstructionsItem struct { + // REQUIRED; The kind of the setting + Type *SettingType + + // The parameters for the setting + Parameters any +} + +// IoTCheckRequirements - Represents IoT requirements check request. +type IoTCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // IoT requirements check properties. + Properties *IoTCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type IoTCheckRequirements. +func (i *IoTCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: i.Kind, + } +} + +// IoTCheckRequirementsProperties - IoT requirements check properties. +type IoTCheckRequirementsProperties struct { + // The subscription id to connect to, and get the data from. + SubscriptionID *string +} + +// IoTDataConnector - Represents IoT data connector. +type IoTDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // IoT data connector properties. + Properties *IoTDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type IoTDataConnector. +func (i *IoTDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: i.Etag, + ID: i.ID, + Kind: i.Kind, + Name: i.Name, + SystemData: i.SystemData, + Type: i.Type, + } +} + +// IoTDataConnectorProperties - IoT data connector properties. +type IoTDataConnectorProperties struct { + // The available data types for the connector. + DataTypes *AlertsDataTypeOfDataConnector + + // The subscription id to connect to, and get the data from. + SubscriptionID *string +} + +// IoTDeviceEntity - Represents an IoT device entity. +type IoTDeviceEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // IoTDevice entity properties + Properties *IoTDeviceEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type IoTDeviceEntity. +func (i *IoTDeviceEntity) GetEntity() *Entity { + return &Entity{ + ID: i.ID, + Kind: i.Kind, + Name: i.Name, + SystemData: i.SystemData, + Type: i.Type, + } +} + +// IoTDeviceEntityProperties - IoTDevice entity property bag. +type IoTDeviceEntityProperties struct { + // Device importance, determines if the device classified as 'crown jewel' + Importance *DeviceImportance + + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The ID of the IoT Device in the IoT Hub + DeviceID *string + + // READ-ONLY; The friendly name of the device + DeviceName *string + + // READ-ONLY; The subType of the device ('PLC', 'HMI', 'EWS', etc.) + DeviceSubType *string + + // READ-ONLY; The type of the device + DeviceType *string + + // READ-ONLY; The ID of the edge device + EdgeID *string + + // READ-ONLY; The firmware version of the device + FirmwareVersion *string + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; The Host entity id of this device + HostEntityID *string + + // READ-ONLY; The IP entity if of this device + IPAddressEntityID *string + + // READ-ONLY; The AzureResource entity id of the IoT Hub + IotHubEntityID *string + + // READ-ONLY; The ID of the security agent running on the device + IotSecurityAgentID *string + + // READ-ONLY; Determines whether the device classified as authorized device + IsAuthorized *bool + + // READ-ONLY; Determines whether the device classified as programming device + IsProgramming *bool + + // READ-ONLY; Is the device classified as a scanner device + IsScanner *bool + + // READ-ONLY; The MAC address of the device + MacAddress *string + + // READ-ONLY; The model of the device + Model *string + + // READ-ONLY; A list of Nic entity ids of the IoTDevice entity. + NicEntityIDs []*string + + // READ-ONLY; The operating system of the device + OperatingSystem *string + + // READ-ONLY; A list of owners of the IoTDevice entity. + Owners []*string + + // READ-ONLY; A list of protocols of the IoTDevice entity. + Protocols []*string + + // READ-ONLY; The Purdue Layer of the device + PurdueLayer *string + + // READ-ONLY; The sensor the device is monitored by + Sensor *string + + // READ-ONLY; The serial number of the device + SerialNumber *string + + // READ-ONLY; The site of the device + Site *string + + // READ-ONLY; The source of the device + Source *string + + // READ-ONLY; A list of TI contexts attached to the IoTDevice entity. + ThreatIntelligence []*ThreatIntelligence + + // READ-ONLY; The vendor of the device + Vendor *string + + // READ-ONLY; The zone location of the device within a site + Zone *string +} + +// Job - The assignment job +type Job struct { + // Etag of the azure resource + Etag *string + + // The job object + Properties *JobProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// JobItem - An entity describing the publish status of a content item. +type JobItem struct { + // The list of error descriptions if the item publication fails. + Errors []*Error + + // The resource id of the content item + ResourceID *string + + // READ-ONLY; The time the item publishing was completed + ExecutionTime *time.Time + + // READ-ONLY; Status of the item publication + Status *Status +} + +// JobList - List of all the jobs +type JobList struct { + // REQUIRED; Array of jobs. + Value []*Job + + // READ-ONLY; URL to fetch the next set of jobs. + NextLink *string +} + +// JobProperties - The job properties +type JobProperties struct { + // List of items published by the job + Items []*JobItem + + // READ-ONLY; The time the job completed + EndTime *time.Time + + // READ-ONLY; Message to describe error, if an error exists + ErrorMessage *string + + // READ-ONLY; State of the job + ProvisioningState *ProvisioningState + + // READ-ONLY; The time the job started + StartTime *time.Time +} + +// JwtAuthModel - Model for API authentication with JWT. Simple exchange between user name + password to access token. +type JwtAuthModel struct { + // REQUIRED; The password + Password map[string]*string + + // REQUIRED; Token endpoint to request JWT + TokenEndpoint *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // REQUIRED; The user name. If user name and password sent in header request we only need to populate the value property with + // the user name (Same as basic auth). If user name and password sent in body request we + // need to specify the Key and Value. + UserName map[string]*string + + // The custom headers we want to add once we send request to token endpoint. + Headers map[string]*string + + // Flag indicating whether we want to send the user name and password to token endpoint in the headers. + IsCredentialsInHeaders *bool + + // Flag indicating whether the body request is JSON (header Content-Type = application/json), meaning its a Form URL encoded + // request (header Content-Type = application/x-www-form-urlencoded). + IsJSONRequest *bool + + // The custom query parameter we want to add once we send request to token endpoint. + QueryParameters map[string]*string + + // Request timeout in seconds. + RequestTimeoutInSeconds *int32 +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type JwtAuthModel. +func (j *JwtAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: j.Type, + } +} + +// MCASCheckRequirements - Represents MCAS (Microsoft Cloud App Security) requirements check request. +type MCASCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // MCAS (Microsoft Cloud App Security) requirements check properties. + Properties *MCASCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type MCASCheckRequirements. +func (m *MCASCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: m.Kind, + } +} + +// MCASCheckRequirementsProperties - MCAS (Microsoft Cloud App Security) requirements check properties. +type MCASCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// MCASDataConnector - Represents MCAS (Microsoft Cloud App Security) data connector. +type MCASDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // MCAS (Microsoft Cloud App Security) data connector properties. + Properties *MCASDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type MCASDataConnector. +func (m *MCASDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: m.Etag, + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MCASDataConnectorDataTypes - The available data types for MCAS (Microsoft Cloud App Security) data connector. +type MCASDataConnectorDataTypes struct { + // REQUIRED; Alerts data type connection. + Alerts *DataConnectorDataTypeCommon + + // Discovery log data type connection. + DiscoveryLogs *DataConnectorDataTypeCommon +} + +// MCASDataConnectorProperties - MCAS (Microsoft Cloud App Security) data connector properties. +type MCASDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *MCASDataConnectorDataTypes + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// MDATPCheckRequirements - Represents MDATP (Microsoft Defender Advanced Threat Protection) requirements check request. +type MDATPCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties. + Properties *MDATPCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type MDATPCheckRequirements. +func (m *MDATPCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: m.Kind, + } +} + +// MDATPCheckRequirementsProperties - MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties. +type MDATPCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// MDATPDataConnector - Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. +type MDATPDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. + Properties *MDATPDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type MDATPDataConnector. +func (m *MDATPDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: m.Etag, + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MDATPDataConnectorProperties - MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. +type MDATPDataConnectorProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string + + // The available data types for the connector. + DataTypes *AlertsDataTypeOfDataConnector +} + +// MLBehaviorAnalyticsAlertRule - Represents MLBehaviorAnalytics alert rule. +type MLBehaviorAnalyticsAlertRule struct { + // REQUIRED; The kind of the alert rule + Kind *AlertRuleKind + + // Etag of the azure resource + Etag *string + + // MLBehaviorAnalytics alert rule properties + Properties *MLBehaviorAnalyticsAlertRuleProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetAlertRule implements the AlertRuleClassification interface for type MLBehaviorAnalyticsAlertRule. +func (m *MLBehaviorAnalyticsAlertRule) GetAlertRule() *AlertRule { + return &AlertRule{ + Etag: m.Etag, + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MLBehaviorAnalyticsAlertRuleProperties - MLBehaviorAnalytics alert rule base property bag. +type MLBehaviorAnalyticsAlertRuleProperties struct { + // REQUIRED; The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string + + // REQUIRED; Determines whether this alert rule is enabled or disabled. + Enabled *bool + + // READ-ONLY; The description of the alert rule. + Description *string + + // READ-ONLY; The display name for alerts created by this alert rule. + DisplayName *string + + // READ-ONLY; The last time that this alert rule has been modified. + LastModifiedUTC *time.Time + + // READ-ONLY; The severity for alerts created by this alert rule. + Severity *AlertSeverity + + // READ-ONLY; The sub-techniques of the alert rule + SubTechniques []*string + + // READ-ONLY; The tactics of the alert rule + Tactics []*AttackTactic + + // READ-ONLY; The techniques of the alert rule + Techniques []*string +} + +// MLBehaviorAnalyticsAlertRuleTemplate - Represents MLBehaviorAnalytics alert rule template. +type MLBehaviorAnalyticsAlertRuleTemplate struct { + // REQUIRED; The kind of the alert rule + Kind *AlertRuleKind + + // MLBehaviorAnalytics alert rule template properties. + Properties *MLBehaviorAnalyticsAlertRuleTemplateProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetAlertRuleTemplate implements the AlertRuleTemplateClassification interface for type MLBehaviorAnalyticsAlertRuleTemplate. +func (m *MLBehaviorAnalyticsAlertRuleTemplate) GetAlertRuleTemplate() *AlertRuleTemplate { + return &AlertRuleTemplate{ + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MLBehaviorAnalyticsAlertRuleTemplateProperties - MLBehaviorAnalytics alert rule template properties. +type MLBehaviorAnalyticsAlertRuleTemplateProperties struct { + // REQUIRED; The severity for alerts created by this alert rule. + Severity *AlertSeverity + + // the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 + + // The description of the alert rule template. + Description *string + + // The display name for alert rule template. + DisplayName *string + + // The required data sources for this template + RequiredDataConnectors []*AlertRuleTemplateDataSource + + // The alert rule template status. + Status *TemplateStatus + + // The tactics of the alert rule + Tactics []*AttackTactic + + // The techniques of the alert rule + Techniques []*string + + // READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *time.Time + + // READ-ONLY; The last time that this alert rule template has been updated. + LastUpdatedDateUTC *time.Time +} + +// MSTICheckRequirements - Represents Microsoft Threat Intelligence requirements check request. +type MSTICheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // Microsoft Threat Intelligence requirements check properties. + Properties *MSTICheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type MSTICheckRequirements. +func (m *MSTICheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: m.Kind, + } +} + +// MSTICheckRequirementsProperties - Microsoft Threat Intelligence requirements check properties. +type MSTICheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// MSTIDataConnector - Represents Microsoft Threat Intelligence data connector. +type MSTIDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // Microsoft Threat Intelligence data connector properties. + Properties *MSTIDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type MSTIDataConnector. +func (m *MSTIDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: m.Etag, + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MSTIDataConnectorDataTypes - The available data types for Microsoft Threat Intelligence Platforms data connector. +type MSTIDataConnectorDataTypes struct { + // REQUIRED; Data type for Microsoft Threat Intelligence Platforms data connector. + MicrosoftEmergingThreatFeed *MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed +} + +// MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed - Data type for Microsoft Threat Intelligence Platforms data connector. +type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed struct { + // REQUIRED; The lookback period for the feed to be imported. + LookbackPeriod *string + + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// MSTIDataConnectorProperties - Microsoft Threat Intelligence data connector properties. +type MSTIDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *MSTIDataConnectorDataTypes + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// MTPCheckRequirementsProperties - MTP (Microsoft Threat Protection) requirements check properties. +type MTPCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// MTPDataConnector - Represents MTP (Microsoft Threat Protection) data connector. +type MTPDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // MTP (Microsoft Threat Protection) data connector properties. + Properties *MTPDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type MTPDataConnector. +func (m *MTPDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: m.Etag, + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MTPDataConnectorDataTypes - The available data types for Microsoft Threat Protection Platforms data connector. +type MTPDataConnectorDataTypes struct { + // REQUIRED; Incidents data type for Microsoft Threat Protection Platforms data connector. + Incidents *MTPDataConnectorDataTypesIncidents + + // Alerts data type for Microsoft Threat Protection Platforms data connector. + Alerts *MTPDataConnectorDataTypesAlerts +} + +// MTPDataConnectorDataTypesAlerts - Alerts data type for Microsoft Threat Protection Platforms data connector. +type MTPDataConnectorDataTypesAlerts struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// MTPDataConnectorDataTypesIncidents - Incidents data type for Microsoft Threat Protection Platforms data connector. +type MTPDataConnectorDataTypesIncidents struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// MTPDataConnectorProperties - MTP (Microsoft Threat Protection) data connector properties. +type MTPDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *MTPDataConnectorDataTypes + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string + + // The available filtered providers for the connector. + FilteredProviders *MtpFilteredProviders +} + +// MailClusterEntity - Represents a mail cluster entity. +type MailClusterEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // Mail cluster entity properties + Properties *MailClusterEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type MailClusterEntity. +func (m *MailClusterEntity) GetEntity() *Entity { + return &Entity{ + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MailClusterEntityProperties - Mail cluster entity property bag. +type MailClusterEntityProperties struct { + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The cluster group + ClusterGroup *string + + // READ-ONLY; The cluster query end time + ClusterQueryEndTime *time.Time + + // READ-ONLY; The cluster query start time + ClusterQueryStartTime *time.Time + + // READ-ONLY; The id of the cluster source + ClusterSourceIdentifier *string + + // READ-ONLY; The type of the cluster source + ClusterSourceType *string + + // READ-ONLY; Count of mail messages by DeliveryStatus string representation + CountByDeliveryStatus any + + // READ-ONLY; Count of mail messages by ProtectionStatus string representation + CountByProtectionStatus any + + // READ-ONLY; Count of mail messages by ThreatType string representation + CountByThreatType any + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; Is this a volume anomaly mail cluster + IsVolumeAnomaly *bool + + // READ-ONLY; The number of mail messages that are part of the mail cluster + MailCount *int32 + + // READ-ONLY; The mail message IDs that are part of the mail cluster + NetworkMessageIDs []*string + + // READ-ONLY; The query that was used to identify the messages of the mail cluster + Query *string + + // READ-ONLY; The query time + QueryTime *time.Time + + // READ-ONLY; The source of the mail cluster (default is 'O365 ATP') + Source *string + + // READ-ONLY; The threats of mail messages that are part of the mail cluster + Threats []*string +} + +// MailMessageEntity - Represents a mail message entity. +type MailMessageEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // Mail message entity properties + Properties *MailMessageEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type MailMessageEntity. +func (m *MailMessageEntity) GetEntity() *Entity { + return &Entity{ + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MailMessageEntityProperties - Mail message entity property bag. +type MailMessageEntityProperties struct { + // The directionality of this mail message + AntispamDirection *AntispamMailDirection + + // The bodyFingerprintBin1 + BodyFingerprintBin1 *int32 + + // The bodyFingerprintBin2 + BodyFingerprintBin2 *int32 + + // The bodyFingerprintBin3 + BodyFingerprintBin3 *int32 + + // The bodyFingerprintBin4 + BodyFingerprintBin4 *int32 + + // The bodyFingerprintBin5 + BodyFingerprintBin5 *int32 + + // The delivery action of this mail message like Delivered, Blocked, Replaced etc + DeliveryAction *DeliveryAction + + // The delivery location of this mail message like Inbox, JunkFolder etc + DeliveryLocation *DeliveryLocation + + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The File entity ids of this mail message's attachments + FileEntityIDs []*string + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; The internet message id of this mail message + InternetMessageID *string + + // READ-ONLY; The language of this mail message + Language *string + + // READ-ONLY; The network message id of this mail message + NetworkMessageID *string + + // READ-ONLY; The p1 sender's email address + P1Sender *string + + // READ-ONLY; The p1 sender's display name + P1SenderDisplayName *string + + // READ-ONLY; The p1 sender's domain + P1SenderDomain *string + + // READ-ONLY; The p2 sender's email address + P2Sender *string + + // READ-ONLY; The p2 sender's display name + P2SenderDisplayName *string + + // READ-ONLY; The p2 sender's domain + P2SenderDomain *string + + // READ-ONLY; The receive date of this message + ReceiveDate *time.Time + + // READ-ONLY; The recipient of this mail message. Note that in case of multiple recipients the mail message is forked and + // each copy has one recipient + Recipient *string + + // READ-ONLY; The sender's IP address + SenderIP *string + + // READ-ONLY; The subject of this mail message + Subject *string + + // READ-ONLY; The threat detection methods + ThreatDetectionMethods []*string + + // READ-ONLY; The threats of this mail message + Threats []*string + + // READ-ONLY; The Urls contained in this mail message + Urls []*string +} + +// MailboxEntity - Represents a mailbox entity. +type MailboxEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // Mailbox entity properties + Properties *MailboxEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type MailboxEntity. +func (m *MailboxEntity) GetEntity() *Entity { + return &Entity{ + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MailboxEntityProperties - Mailbox entity property bag. +type MailboxEntityProperties struct { + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The mailbox's display name + DisplayName *string + + // READ-ONLY; The AzureAD identifier of mailbox. Similar to AadUserId in account entity but this property is specific to mailbox + // object on office side + ExternalDirectoryObjectID *string + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; The mailbox's primary address + MailboxPrimaryAddress *string + + // READ-ONLY; The mailbox's UPN + Upn *string +} + +// MalwareEntity - Represents a malware entity. +type MalwareEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // File entity properties + Properties *MalwareEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type MalwareEntity. +func (m *MalwareEntity) GetEntity() *Entity { + return &Entity{ + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MalwareEntityProperties - Malware entity property bag. +type MalwareEntityProperties struct { + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The malware category by the vendor, e.g. Trojan + Category *string + + // READ-ONLY; List of linked file entity identifiers on which the malware was found + FileEntityIDs []*string + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; The malware name by the vendor, e.g. Win32/Toga!rfn + MalwareName *string + + // READ-ONLY; List of linked process entity identifiers on which the malware was found. + ProcessEntityIDs []*string +} + +type ManualTriggerRequestBody struct { + // REQUIRED + LogicAppsResourceID *string + TenantID *string +} + +// MetadataAuthor - Publisher or creator of the content item. +type MetadataAuthor struct { + // Email of author contact + Email *string + + // Link for author/vendor page + Link *string + + // Name of the author. Company or person. + Name *string +} + +// MetadataCategories - ies for the solution content item +type MetadataCategories struct { + // domain for the solution content item + Domains []*string + + // Industry verticals for the solution content item + Verticals []*string +} + +// MetadataDependencies - Dependencies for the content item, what other content items it requires to work. Can describe more +// complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version +// can be supplied or operator/criteria for complex dependencies. +type MetadataDependencies struct { + // Id of the content item we depend on + ContentID *string + + // This is the list of dependencies we must fulfill, according to the AND/OR operator + Criteria []*MetadataDependencies + + // Type of the content item we depend on + Kind *Kind + + // Name of the content item + Name *string + + // Operator used for list of dependencies in criteria array. + Operator *Operator + + // Version of the the content item we depend on. Can be blank, * or missing to indicate any version fulfills the dependency. + // If version does not match our defined numeric format then an exact match is + // required. + Version *string +} + +// MetadataList - List of all the metadata. +type MetadataList struct { + // REQUIRED; Array of metadata. + Value []*MetadataModel + + // READ-ONLY; URL to fetch the next page of metadata. + NextLink *string +} + +// MetadataModel - Metadata resource definition. +type MetadataModel struct { + // Etag of the azure resource + Etag *string + + // Metadata properties + Properties *MetadataProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// MetadataPatch - Metadata patch request body. +type MetadataPatch struct { + // Etag of the azure resource + Etag *string + + // Metadata patch request body + Properties *MetadataPropertiesPatch + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// MetadataProperties - Metadata property bag. +type MetadataProperties struct { + // REQUIRED; The kind of content the metadata is for. + Kind *string + + // REQUIRED; Full parent resource ID of the content item the metadata is for. This is the full resource ID including the scope + // (subscription and resource group) + ParentID *string + + // The creator of the content item. + Author *MetadataAuthor + + // Categories for the solution content item + Categories *MetadataCategories + + // Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for + // out of the box content and solutions. Dynamic for user-created. This is the + // resource name + ContentID *string + + // Schema version of the content. Can be used to distinguish between different flow based on the schema version + ContentSchemaVersion *string + + // The custom version of the content. A optional free text + CustomVersion *string + + // Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies + // using a recursive/nested structure. For a single dependency an id/kind/version + // can be supplied or operator/criteria for complex formats. + Dependencies *MetadataDependencies + + // first publish date solution content item + FirstPublishDate *time.Time + + // the icon identifier. this id can later be fetched from the solution template + Icon *string + + // last publish date for the solution content item + LastPublishDate *time.Time + + // preview image file names. These will be taken from the solution artifacts + PreviewImages []*string + + // preview image file names. These will be taken from the solution artifacts. used for dark theme support + PreviewImagesDark []*string + + // Providers for the solution content item + Providers []*string + + // Source of the content. This is where/how it was created. + Source *MetadataSource + + // Support information for the metadata - type, name, contact information + Support *MetadataSupport + + // the tactics the resource covers + ThreatAnalysisTactics []*string + + // the techniques the resource covers, these have to be aligned with the tactics being used + ThreatAnalysisTechniques []*string + + // Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM template + // best practices. Can also be any string, but then we cannot guarantee any version + // checks + Version *string +} + +// MetadataPropertiesPatch - Metadata property bag for patch requests. This is the same as the MetadataProperties, but with +// nothing required +type MetadataPropertiesPatch struct { + // The creator of the content item. + Author *MetadataAuthor + + // Categories for the solution content item + Categories *MetadataCategories + + // Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for + // out of the box content and solutions. Dynamic for user-created. This is the + // resource name + ContentID *string + + // Schema version of the content. Can be used to distinguish between different flow based on the schema version + ContentSchemaVersion *string + + // The custom version of the content. A optional free text + CustomVersion *string + + // Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies + // using a recursive/nested structure. For a single dependency an id/kind/version + // can be supplied or operator/criteria for complex formats. + Dependencies *MetadataDependencies + + // first publish date solution content item + FirstPublishDate *time.Time + + // the icon identifier. this id can later be fetched from the solution template + Icon *string + + // The kind of content the metadata is for. + Kind *string + + // last publish date for the solution content item + LastPublishDate *time.Time + + // Full parent resource ID of the content item the metadata is for. This is the full resource ID including the scope (subscription + // and resource group) + ParentID *string + + // preview image file names. These will be taken from the solution artifacts + PreviewImages []*string + + // preview image file names. These will be taken from the solution artifacts. used for dark theme support + PreviewImagesDark []*string + + // Providers for the solution content item + Providers []*string + + // Source of the content. This is where/how it was created. + Source *MetadataSource + + // Support information for the metadata - type, name, contact information + Support *MetadataSupport + + // the tactics the resource covers + ThreatAnalysisTactics []*string + + // the techniques the resource covers, these have to be aligned with the tactics being used + ThreatAnalysisTechniques []*string + + // Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM template + // best practices. Can also be any string, but then we cannot guarantee any version + // checks + Version *string +} + +// MetadataSource - The original source of the content item, where it comes from. +type MetadataSource struct { + // REQUIRED; Source type of the content + Kind *SourceKind + + // Name of the content source. The repo name, solution name, LA workspace name etc. + Name *string + + // ID of the content source. The solution ID, workspace ID, etc + SourceID *string +} + +// MetadataSupport - Support information for the content item. +type MetadataSupport struct { + // REQUIRED; Type of support for content item + Tier *SupportTier + + // Email of support contact + Email *string + + // Link for support help, like to support page to open a ticket etc. + Link *string + + // Name of the support contact. Company or person. + Name *string +} + +// MicrosoftPurviewInformationProtectionCheckRequirements - Represents MicrosoftPurviewInformationProtection requirements +// check request. +type MicrosoftPurviewInformationProtectionCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // MicrosoftPurviewInformationProtection requirements check properties. + Properties *MicrosoftPurviewInformationProtectionCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type MicrosoftPurviewInformationProtectionCheckRequirements. +func (m *MicrosoftPurviewInformationProtectionCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: m.Kind, + } +} + +// MicrosoftPurviewInformationProtectionCheckRequirementsProperties - MicrosoftPurviewInformationProtection requirements check +// properties. +type MicrosoftPurviewInformationProtectionCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// MicrosoftPurviewInformationProtectionConnectorDataTypes - The available data types for Microsoft Purview Information Protection +// data connector. +type MicrosoftPurviewInformationProtectionConnectorDataTypes struct { + // REQUIRED; Logs data type. + Logs *MicrosoftPurviewInformationProtectionConnectorDataTypesLogs +} + +// MicrosoftPurviewInformationProtectionConnectorDataTypesLogs - Logs data type. +type MicrosoftPurviewInformationProtectionConnectorDataTypesLogs struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// MicrosoftPurviewInformationProtectionDataConnector - Represents Microsoft Purview Information Protection data connector. +type MicrosoftPurviewInformationProtectionDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // Microsoft Purview Information Protection data connector properties. + Properties *MicrosoftPurviewInformationProtectionDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type MicrosoftPurviewInformationProtectionDataConnector. +func (m *MicrosoftPurviewInformationProtectionDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: m.Etag, + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MicrosoftPurviewInformationProtectionDataConnectorProperties - Microsoft Purview Information Protection data connector +// properties. +type MicrosoftPurviewInformationProtectionDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *MicrosoftPurviewInformationProtectionConnectorDataTypes + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// MicrosoftSecurityIncidentCreationAlertRule - Represents MicrosoftSecurityIncidentCreation rule. +type MicrosoftSecurityIncidentCreationAlertRule struct { + // REQUIRED; The kind of the alert rule + Kind *AlertRuleKind + + // Etag of the azure resource + Etag *string + + // MicrosoftSecurityIncidentCreation rule properties + Properties *MicrosoftSecurityIncidentCreationAlertRuleProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetAlertRule implements the AlertRuleClassification interface for type MicrosoftSecurityIncidentCreationAlertRule. +func (m *MicrosoftSecurityIncidentCreationAlertRule) GetAlertRule() *AlertRule { + return &AlertRule{ + Etag: m.Etag, + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MicrosoftSecurityIncidentCreationAlertRuleProperties - MicrosoftSecurityIncidentCreation rule property bag. +type MicrosoftSecurityIncidentCreationAlertRuleProperties struct { + // REQUIRED; The display name for alerts created by this alert rule. + DisplayName *string + + // REQUIRED; Determines whether this alert rule is enabled or disabled. + Enabled *bool + + // REQUIRED; The alerts' productName on which the cases will be generated + ProductFilter *MicrosoftSecurityProductName + + // The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string + + // The description of the alert rule. + Description *string + + // the alerts' displayNames on which the cases will not be generated + DisplayNamesExcludeFilter []*string + + // the alerts' displayNames on which the cases will be generated + DisplayNamesFilter []*string + + // the alerts' severities on which the cases will be generated + SeveritiesFilter []*AlertSeverity + + // READ-ONLY; The last time that this alert has been modified. + LastModifiedUTC *time.Time +} + +// MicrosoftSecurityIncidentCreationAlertRuleTemplate - Represents MicrosoftSecurityIncidentCreation rule template. +type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct { + // REQUIRED; The kind of the alert rule + Kind *AlertRuleKind + + // MicrosoftSecurityIncidentCreation rule template properties + Properties *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetAlertRuleTemplate implements the AlertRuleTemplateClassification interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (m *MicrosoftSecurityIncidentCreationAlertRuleTemplate) GetAlertRuleTemplate() *AlertRuleTemplate { + return &AlertRuleTemplate{ + ID: m.ID, + Kind: m.Kind, + Name: m.Name, + SystemData: m.SystemData, + Type: m.Type, + } +} + +// MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - MicrosoftSecurityIncidentCreation rule template properties +type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct { + // the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 + + // The description of the alert rule template. + Description *string + + // The display name for alert rule template. + DisplayName *string + + // the alerts' displayNames on which the cases will not be generated + DisplayNamesExcludeFilter []*string + + // the alerts' displayNames on which the cases will be generated + DisplayNamesFilter []*string + + // The alerts' productName on which the cases will be generated + ProductFilter *MicrosoftSecurityProductName + + // The required data sources for this template + RequiredDataConnectors []*AlertRuleTemplateDataSource + + // the alerts' severities on which the cases will be generated + SeveritiesFilter []*AlertSeverity + + // The alert rule template status. + Status *TemplateStatus + + // READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *time.Time + + // READ-ONLY; The last time that this alert rule template has been updated. + LastUpdatedDateUTC *time.Time +} + +// MtpCheckRequirements - Represents MTP (Microsoft Threat Protection) requirements check request. +type MtpCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // MTP (Microsoft Threat Protection) requirements check properties. + Properties *MTPCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type MtpCheckRequirements. +func (m *MtpCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: m.Kind, + } +} + +// MtpFilteredProviders - Represents the connector's Filtered providers +type MtpFilteredProviders struct { + // REQUIRED; Alerts filtered providers. When filters are not applied, all alerts will stream through the MTP pipeline, still + // in private preview for all products EXCEPT MDA and MDI, which are in GA state. + Alerts []*MtpProvider +} + +// NicEntity - Represents an network interface entity. +type NicEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // Network interface entity properties + Properties *NicEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type NicEntity. +func (n *NicEntity) GetEntity() *Entity { + return &Entity{ + ID: n.ID, + Kind: n.Kind, + Name: n.Name, + SystemData: n.SystemData, + Type: n.Type, + } +} + +// NicEntityProperties - Nic entity property bag. +type NicEntityProperties struct { + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; The IP entity id of this network interface + IPAddressEntityID *string + + // READ-ONLY; The MAC address of this network interface + MacAddress *string + + // READ-ONLY; A list of VLANs of the network interface entity. + Vlans []*string +} + +// NoneAuthModel - Model for API authentication with no authentication method - public API. +type NoneAuthModel struct { + // REQUIRED; The auth type + Type *CcpAuthType +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type NoneAuthModel. +func (n *NoneAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: n.Type, + } +} + +// NrtAlertRule - Represents NRT alert rule. +type NrtAlertRule struct { + // REQUIRED; The kind of the alert rule + Kind *AlertRuleKind + + // Etag of the azure resource + Etag *string + + // NRT alert rule properties + Properties *NrtAlertRuleProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetAlertRule implements the AlertRuleClassification interface for type NrtAlertRule. +func (n *NrtAlertRule) GetAlertRule() *AlertRule { + return &AlertRule{ + Etag: n.Etag, + ID: n.ID, + Kind: n.Kind, + Name: n.Name, + SystemData: n.SystemData, + Type: n.Type, + } +} + +// NrtAlertRuleProperties - Nrt alert rule base property bag. +type NrtAlertRuleProperties struct { + // REQUIRED; The display name for alerts created by this alert rule. + DisplayName *string + + // REQUIRED; Determines whether this alert rule is enabled or disabled. + Enabled *bool + + // REQUIRED; The query that creates alerts for this rule. + Query *string + + // REQUIRED; The severity for alerts created by this alert rule. + Severity *AlertSeverity + + // REQUIRED; The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. + SuppressionDuration *string + + // REQUIRED; Determines whether the suppression for this alert rule is enabled or disabled. + SuppressionEnabled *bool + + // The alert details override settings + AlertDetailsOverride *AlertDetailsOverride + + // The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string + + // Dictionary of string key-value pairs of columns to be attached to the alert + CustomDetails map[string]*string + + // The description of the alert rule. + Description *string + + // Array of the entity mappings of the alert rule + EntityMappings []*EntityMapping + + // The event grouping settings. + EventGroupingSettings *EventGroupingSettings + + // The settings of the incidents that created from alerts triggered by this analytics rule + IncidentConfiguration *IncidentConfiguration + + // Array of the sentinel entity mappings of the alert rule + SentinelEntitiesMappings []*SentinelEntityMapping + + // The sub-techniques of the alert rule + SubTechniques []*string + + // The tactics of the alert rule + Tactics []*AttackTactic + + // The techniques of the alert rule + Techniques []*string + + // The version of the alert rule template used to create this rule - in format , where all are numbers, for example 0 + TemplateVersion *string + + // READ-ONLY; The last time that this alert rule has been modified. + LastModifiedUTC *time.Time +} + +// NrtAlertRuleTemplate - Represents NRT alert rule template. +type NrtAlertRuleTemplate struct { + // REQUIRED; The kind of the alert rule + Kind *AlertRuleKind + + // NRT alert rule template properties + Properties *NrtAlertRuleTemplateProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetAlertRuleTemplate implements the AlertRuleTemplateClassification interface for type NrtAlertRuleTemplate. +func (n *NrtAlertRuleTemplate) GetAlertRuleTemplate() *AlertRuleTemplate { + return &AlertRuleTemplate{ + ID: n.ID, + Kind: n.Kind, + Name: n.Name, + SystemData: n.SystemData, + Type: n.Type, + } +} + +// NrtAlertRuleTemplateProperties - NRT alert rule template properties +type NrtAlertRuleTemplateProperties struct { + // The alert details override settings + AlertDetailsOverride *AlertDetailsOverride + + // the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 + + // Dictionary of string key-value pairs of columns to be attached to the alert + CustomDetails map[string]*string + + // The description of the alert rule template. + Description *string + + // The display name for alert rule template. + DisplayName *string + + // Array of the entity mappings of the alert rule + EntityMappings []*EntityMapping + + // The event grouping settings. + EventGroupingSettings *EventGroupingSettings + + // The query that creates alerts for this rule. + Query *string + + // The required data sources for this template + RequiredDataConnectors []*AlertRuleTemplateDataSource + + // Array of the sentinel entity mappings of the alert rule + SentinelEntitiesMappings []*SentinelEntityMapping + + // The severity for alerts created by this alert rule. + Severity *AlertSeverity + + // The alert rule template status. + Status *TemplateStatus + + // The tactics of the alert rule + Tactics []*AttackTactic + + // The techniques of the alert rule + Techniques []*string + + // The version of this template - in format , where all are numbers. For example . + Version *string + + // READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *time.Time + + // READ-ONLY; The last time that this alert rule template has been updated. + LastUpdatedDateUTC *time.Time +} + +// OAuthModel - Model for API authentication with OAuth2. +type OAuthModel struct { + // REQUIRED; The Application (client) ID that the OAuth provider assigned to your app. + ClientID *string + + // REQUIRED; The Application (client) secret that the OAuth provider assigned to your app. + ClientSecret *string + + // REQUIRED; The grant type, usually will be 'authorization code'. + GrantType *string + + // REQUIRED; The token endpoint. Defines the OAuth2 refresh token. + TokenEndpoint *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // Access token prepend. Default is 'Bearer'. + AccessTokenPrepend *string + + // The user's authorization code. + AuthorizationCode *string + + // The authorization endpoint. + AuthorizationEndpoint *string + + // The authorization endpoint headers. + AuthorizationEndpointHeaders map[string]*string + + // The authorization endpoint query parameters. + AuthorizationEndpointQueryParameters map[string]*string + + // Indicating whether we want to send the clientId and clientSecret to token endpoint in the headers. + IsCredentialsInHeaders *bool + + // A value indicating whether it's a JWT flow. + IsJwtBearerFlow *bool + + // The Application redirect url that the user config in the OAuth provider. + RedirectURI *string + + // The Application (client) Scope that the OAuth provider assigned to your app. + Scope *string + + // The token endpoint headers. + TokenEndpointHeaders map[string]*string + + // The token endpoint query parameters. + TokenEndpointQueryParameters map[string]*string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type OAuthModel. +func (o *OAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: o.Type, + } +} + +// Office365ProjectCheckRequirements - Represents Office365 Project requirements check request. +type Office365ProjectCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // Office365 Project requirements check properties. + Properties *Office365ProjectCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type Office365ProjectCheckRequirements. +func (o *Office365ProjectCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: o.Kind, + } +} + +// Office365ProjectCheckRequirementsProperties - Office365 Project requirements check properties. +type Office365ProjectCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// Office365ProjectConnectorDataTypes - The available data types for Office Microsoft Project data connector. +type Office365ProjectConnectorDataTypes struct { + // REQUIRED; Logs data type. + Logs *Office365ProjectConnectorDataTypesLogs +} + +// Office365ProjectConnectorDataTypesLogs - Logs data type. +type Office365ProjectConnectorDataTypesLogs struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// Office365ProjectDataConnector - Represents Office Microsoft Project data connector. +type Office365ProjectDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // Office Microsoft Project data connector properties. + Properties *Office365ProjectDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type Office365ProjectDataConnector. +func (o *Office365ProjectDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: o.Etag, + ID: o.ID, + Kind: o.Kind, + Name: o.Name, + SystemData: o.SystemData, + Type: o.Type, + } +} + +// Office365ProjectDataConnectorProperties - Office Microsoft Project data connector properties. +type Office365ProjectDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *Office365ProjectConnectorDataTypes + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// OfficeATPCheckRequirements - Represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request. +type OfficeATPCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. + Properties *OfficeATPCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type OfficeATPCheckRequirements. +func (o *OfficeATPCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: o.Kind, + } +} + +// OfficeATPCheckRequirementsProperties - OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. +type OfficeATPCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// OfficeATPDataConnector - Represents OfficeATP (Office 365 Advanced Threat Protection) data connector. +type OfficeATPDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // OfficeATP (Office 365 Advanced Threat Protection) data connector properties. + Properties *OfficeATPDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type OfficeATPDataConnector. +func (o *OfficeATPDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: o.Etag, + ID: o.ID, + Kind: o.Kind, + Name: o.Name, + SystemData: o.SystemData, + Type: o.Type, + } +} + +// OfficeATPDataConnectorProperties - OfficeATP (Office 365 Advanced Threat Protection) data connector properties. +type OfficeATPDataConnectorProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string + + // The available data types for the connector. + DataTypes *AlertsDataTypeOfDataConnector +} + +// OfficeConsent - Consent for Office365 tenant that already made. +type OfficeConsent struct { + // Office consent properties + Properties *OfficeConsentProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// OfficeConsentList - List of all the office365 consents. +type OfficeConsentList struct { + // REQUIRED; Array of the consents. + Value []*OfficeConsent + + // READ-ONLY; URL to fetch the next set of office consents. + NextLink *string +} + +// OfficeConsentProperties - Consent property bag. +type OfficeConsentProperties struct { + // Help to easily cascade among the data layers. + ConsentID *string + + // The tenantId of the Office365 with the consent. + TenantID *string +} + +// OfficeDataConnector - Represents office data connector. +type OfficeDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // Office data connector properties. + Properties *OfficeDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type OfficeDataConnector. +func (o *OfficeDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: o.Etag, + ID: o.ID, + Kind: o.Kind, + Name: o.Name, + SystemData: o.SystemData, + Type: o.Type, + } +} + +// OfficeDataConnectorDataTypes - The available data types for office data connector. +type OfficeDataConnectorDataTypes struct { + // REQUIRED; Exchange data type connection. + Exchange *OfficeDataConnectorDataTypesExchange + + // REQUIRED; SharePoint data type connection. + SharePoint *OfficeDataConnectorDataTypesSharePoint + + // REQUIRED; Teams data type connection. + Teams *OfficeDataConnectorDataTypesTeams +} + +// OfficeDataConnectorDataTypesExchange - Exchange data type connection. +type OfficeDataConnectorDataTypesExchange struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// OfficeDataConnectorDataTypesSharePoint - SharePoint data type connection. +type OfficeDataConnectorDataTypesSharePoint struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// OfficeDataConnectorDataTypesTeams - Teams data type connection. +type OfficeDataConnectorDataTypesTeams struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// OfficeDataConnectorProperties - Office data connector properties. +type OfficeDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *OfficeDataConnectorDataTypes + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// OfficeIRMCheckRequirements - Represents OfficeIRM (Microsoft Insider Risk Management) requirements check request. +type OfficeIRMCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // OfficeIRM (Microsoft Insider Risk Management) requirements check properties. + Properties *OfficeIRMCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type OfficeIRMCheckRequirements. +func (o *OfficeIRMCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: o.Kind, + } +} + +// OfficeIRMCheckRequirementsProperties - OfficeIRM (Microsoft Insider Risk Management) requirements check properties. +type OfficeIRMCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// OfficeIRMDataConnector - Represents OfficeIRM (Microsoft Insider Risk Management) data connector. +type OfficeIRMDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // OfficeIRM (Microsoft Insider Risk Management) data connector properties. + Properties *OfficeIRMDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type OfficeIRMDataConnector. +func (o *OfficeIRMDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: o.Etag, + ID: o.ID, + Kind: o.Kind, + Name: o.Name, + SystemData: o.SystemData, + Type: o.Type, + } +} + +// OfficeIRMDataConnectorProperties - OfficeIRM (Microsoft Insider Risk Management) data connector properties. +type OfficeIRMDataConnectorProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string + + // The available data types for the connector. + DataTypes *AlertsDataTypeOfDataConnector +} + +// OfficePowerBICheckRequirements - Represents Office PowerBI requirements check request. +type OfficePowerBICheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // Office Power BI requirements check properties. + Properties *OfficePowerBICheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type OfficePowerBICheckRequirements. +func (o *OfficePowerBICheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: o.Kind, + } +} + +// OfficePowerBICheckRequirementsProperties - Office PowerBI requirements check properties. +type OfficePowerBICheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// OfficePowerBIConnectorDataTypes - The available data types for Office Microsoft PowerBI data connector. +type OfficePowerBIConnectorDataTypes struct { + // REQUIRED; Logs data type. + Logs *OfficePowerBIConnectorDataTypesLogs +} + +// OfficePowerBIConnectorDataTypesLogs - Logs data type. +type OfficePowerBIConnectorDataTypesLogs struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// OfficePowerBIDataConnector - Represents Office Microsoft PowerBI data connector. +type OfficePowerBIDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // Office Microsoft PowerBI data connector properties. + Properties *OfficePowerBIDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type OfficePowerBIDataConnector. +func (o *OfficePowerBIDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: o.Etag, + ID: o.ID, + Kind: o.Kind, + Name: o.Name, + SystemData: o.SystemData, + Type: o.Type, + } +} + +// OfficePowerBIDataConnectorProperties - Office Microsoft PowerBI data connector properties. +type OfficePowerBIDataConnectorProperties struct { + // REQUIRED; The available data types for the connector. + DataTypes *OfficePowerBIConnectorDataTypes + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// Operation provided by provider +type Operation struct { + // Properties of the operation + Display *OperationDisplay + + // Indicates whether the operation is a data action + IsDataAction *bool + + // Name of the operation + Name *string + + // The origin of the operation + Origin *string +} + +// OperationDisplay - Properties of the operation +type OperationDisplay struct { + // Description of the operation + Description *string + + // Operation name + Operation *string + + // Provider name + Provider *string + + // Resource name + Resource *string +} + +// OperationsList - Lists the operations available in the SecurityInsights RP. +type OperationsList struct { + // REQUIRED; Array of operations + Value []*Operation + + // READ-ONLY; URL to fetch the next set of operations. + NextLink *string +} + +// OracleAuthModel - Model for API authentication for Oracle. +type OracleAuthModel struct { + // REQUIRED; Content of the PRM file + PemFile *string + + // REQUIRED; Public Fingerprint + PublicFingerprint *string + + // REQUIRED; Oracle tenant ID + TenantID *string + + // REQUIRED; The auth type + Type *CcpAuthType + + // REQUIRED; Oracle user ID + UserID *string +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type OracleAuthModel. +func (o *OracleAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: o.Type, + } +} + +// PackageList - List available packages. +type PackageList struct { + // REQUIRED; Array of packages. + Value []*PackageModel + + // READ-ONLY; URL to fetch the next set of packages. + NextLink *string +} + +// PackageModel - Represents a Package in Azure Security Insights. +type PackageModel struct { + // Etag of the azure resource + Etag *string + + // package properties + Properties *PackageProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// PackageProperties - Describes package properties +type PackageProperties struct { + // The author of the package + Author *MetadataAuthor + + // The categories of the package + Categories *MetadataCategories + + // The content id of the package + ContentID *string + + // The package kind + ContentKind *PackageKind + + // Unique ID for the content. It should be generated based on the contentId, contentKind and the contentVersion of the package + ContentProductID *string + + // The version of the content schema. + ContentSchemaVersion *string + + // The support tier of the package + Dependencies *MetadataDependencies + + // The description of the package + Description *string + + // The display name of the package + DisplayName *string + + // first publish date package item + FirstPublishDate *time.Time + + // the icon identifier. this id can later be fetched from the content metadata + Icon *string + + // Flag indicates if this template is deprecated + IsDeprecated *Flag + + // Flag indicates if this package is among the featured list. + IsFeatured *Flag + + // Flag indicates if this is a newly published package. + IsNew *Flag + + // Flag indicates if this package is in preview. + IsPreview *Flag + + // last publish date for the package item + LastPublishDate *time.Time + + // Providers for the package item + Providers []*string + + // The publisher display name of the package + PublisherDisplayName *string + + // The source of the package + Source *MetadataSource + + // The support tier of the package + Support *MetadataSupport + + // the tactics the resource covers + ThreatAnalysisTactics []*string + + // the techniques the resource covers, these have to be aligned with the tactics being used + ThreatAnalysisTechniques []*string + + // the latest version number of the package + Version *string +} + +// Permissions required for the connector +type Permissions struct { + // Customs permissions required for the connector + Customs []*PermissionsCustomsItem + + // Resource provider permissions required for the connector + ResourceProvider []*PermissionsResourceProviderItem +} + +type PermissionsCustomsItem struct { + // Customs permissions description + Description *string + + // Customs permissions name + Name *string +} + +type PermissionsResourceProviderItem struct { + // Permission description text + PermissionsDisplayText *string + + // Provider name + Provider *ProviderName + + // Permission provider display name + ProviderDisplayName *string + + // Required permissions for the connector + RequiredPermissions *RequiredPermissions + + // Permission provider scope + Scope *PermissionProviderScope +} + +type PlaybookActionProperties struct { + // REQUIRED; The resource id of the playbook resource. + LogicAppResourceID *string + + // The tenant id of the playbook resource. + TenantID *string +} + +// ProcessEntity - Represents a process entity. +type ProcessEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // Process entity properties + Properties *ProcessEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type ProcessEntity. +func (p *ProcessEntity) GetEntity() *Entity { + return &Entity{ + ID: p.ID, + Kind: p.Kind, + Name: p.Name, + SystemData: p.SystemData, + Type: p.Type, + } +} + +// ProcessEntityProperties - Process entity property bag. +type ProcessEntityProperties struct { + // The elevation token associated with the process. + ElevationToken *ElevationToken + + // READ-ONLY; The account entity id running the processes. + AccountEntityID *string + + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The command line used to create the process + CommandLine *string + + // READ-ONLY; The time when the process started to run + CreationTimeUTC *time.Time + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; The host entity id on which the process was running + HostEntityID *string + + // READ-ONLY; The session entity id in which the process was running + HostLogonSessionEntityID *string + + // READ-ONLY; Image file entity id + ImageFileEntityID *string + + // READ-ONLY; The parent process entity id. + ParentProcessEntityID *string + + // READ-ONLY; The process ID + ProcessID *string +} + +// ProductPackageList - List available packages. +type ProductPackageList struct { + // REQUIRED; Array of packages. + Value []*ProductPackageModel + + // READ-ONLY; URL to fetch the next set of packages. + NextLink *string +} + +// ProductPackageModel - Represents a Package in Azure Security Insights. +type ProductPackageModel struct { + // Etag of the azure resource + Etag *string + + // package properties + Properties *ProductPackageProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// ProductPackageProperties - Describes package properties +type ProductPackageProperties struct { + // The author of the package + Author *MetadataAuthor + + // The categories of the package + Categories *MetadataCategories + + // The content id of the package + ContentID *string + + // The package kind + ContentKind *PackageKind + + // Unique ID for the content. It should be generated based on the contentId, contentKind and the contentVersion of the package + ContentProductID *string + + // The version of the content schema. + ContentSchemaVersion *string + + // The support tier of the package + Dependencies *MetadataDependencies + + // The description of the package + Description *string + + // The display name of the package + DisplayName *string + + // first publish date package item + FirstPublishDate *time.Time + + // the icon identifier. this id can later be fetched from the content metadata + Icon *string + + // The version of the installed package, null or absent means not installed. + InstalledVersion *string + + // Flag indicates if this template is deprecated + IsDeprecated *Flag + + // Flag indicates if this package is among the featured list. + IsFeatured *Flag + + // Flag indicates if this is a newly published package. + IsNew *Flag + + // Flag indicates if this package is in preview. + IsPreview *Flag + + // last publish date for the package item + LastPublishDate *time.Time + + // The metadata resource id. + MetadataResourceID *string + + // The json of the ARM template to deploy. Expandable. + PackagedContent any + + // Providers for the package item + Providers []*string + + // The publisher display name of the package + PublisherDisplayName *string + + // The source of the package + Source *MetadataSource + + // The support tier of the package + Support *MetadataSupport + + // the tactics the resource covers + ThreatAnalysisTactics []*string + + // the techniques the resource covers, these have to be aligned with the tactics being used + ThreatAnalysisTechniques []*string + + // the latest version number of the package + Version *string +} + +// ProductTemplateList - List of all the template. +type ProductTemplateList struct { + // REQUIRED; Array of templates. + Value []*ProductTemplateModel + + // READ-ONLY; URL to fetch the next page of template. + NextLink *string +} + +// ProductTemplateModel - Template resource definition. +type ProductTemplateModel struct { + // Etag of the azure resource + Etag *string + + // template properties + Properties *ProductTemplateProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// ProductTemplateProperties - Template property bag. +type ProductTemplateProperties struct { + // The creator of the content item. + Author *MetadataAuthor + + // Categories for the item + Categories *MetadataCategories + + // Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for + // out of the box content and solutions. Dynamic for user-created. This is the + // resource name + ContentID *string + + // The kind of content the template is for. + ContentKind *Kind + + // Unique ID for the content. It should be generated based on the contentId of the package, contentId of the template, contentKind + // of the template and the contentVersion of the template + ContentProductID *string + + // Schema version of the content. Can be used to distinguish between different flow based on the schema version + ContentSchemaVersion *string + + // The custom version of the content. A optional free text + CustomVersion *string + + // Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies + // using a recursive/nested structure. For a single dependency an id/kind/version + // can be supplied or operator/criteria for complex formats. + Dependencies *MetadataDependencies + + // The display name of the template + DisplayName *string + + // first publish date content item + FirstPublishDate *time.Time + + // the icon identifier. this id can later be fetched from the content metadata + Icon *string + + // last publish date for the content item + LastPublishDate *time.Time + + // the package Id contains this template + PackageID *string + + // the packageKind of the package contains this template + PackageKind *PackageKind + + // the name of the package contains this template + PackageName *string + + // Version of the package. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM metadata + // best practices. Can also be any string, but then we cannot guarantee any version + // checks + PackageVersion *string + + // The json of the ARM template to deploy + PackagedContent any + + // preview image file names. These will be taken from the solution artifacts + PreviewImages []*string + + // preview image file names. These will be taken from the solution artifacts. used for dark theme support + PreviewImagesDark []*string + + // Providers for the content item + Providers []*string + + // Source of the content. This is where/how it was created. + Source *MetadataSource + + // Support information for the template - type, name, contact information + Support *MetadataSupport + + // the tactics the resource covers + ThreatAnalysisTactics []*string + + // the techniques the resource covers, these have to be aligned with the tactics being used + ThreatAnalysisTechniques []*string + + // Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM metadata + // best practices. Can also be any string, but then we cannot guarantee any version + // checks + Version *string + + // READ-ONLY; Flag indicates if this template is deprecated + IsDeprecated *Flag +} + +// PropertyArrayChangedConditionProperties - Describes an automation rule condition that evaluates an array property's value +// change +type PropertyArrayChangedConditionProperties struct { + // REQUIRED + ConditionType *ConditionType + ConditionProperties *AutomationRulePropertyArrayChangedValuesCondition +} + +// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyArrayChangedConditionProperties. +func (p *PropertyArrayChangedConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { + return &AutomationRuleCondition{ + ConditionType: p.ConditionType, + } +} + +// PropertyArrayConditionProperties - Describes an automation rule condition that evaluates an array property's value +type PropertyArrayConditionProperties struct { + // REQUIRED + ConditionType *ConditionType + ConditionProperties *AutomationRulePropertyArrayValuesCondition +} + +// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyArrayConditionProperties. +func (p *PropertyArrayConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { + return &AutomationRuleCondition{ + ConditionType: p.ConditionType, + } +} + +// PropertyChangedConditionProperties - Describes an automation rule condition that evaluates a property's value change +type PropertyChangedConditionProperties struct { + // REQUIRED + ConditionType *ConditionType + ConditionProperties *AutomationRulePropertyValuesChangedCondition +} + +// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyChangedConditionProperties. +func (p *PropertyChangedConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { + return &AutomationRuleCondition{ + ConditionType: p.ConditionType, + } } // PropertyConditionProperties - Describes an automation rule condition that evaluates a property's value @@ -2482,20 +7601,479 @@ type PropertyConditionProperties struct { ConditionProperties *AutomationRulePropertyValuesCondition } -// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyConditionProperties. -func (p *PropertyConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { - return &AutomationRuleCondition{ - ConditionType: p.ConditionType, +// GetAutomationRuleCondition implements the AutomationRuleConditionClassification interface for type PropertyConditionProperties. +func (p *PropertyConditionProperties) GetAutomationRuleCondition() *AutomationRuleCondition { + return &AutomationRuleCondition{ + ConditionType: p.ConditionType, + } +} + +// PullRequest - Information regarding pull request for protected branches. +type PullRequest struct { + // READ-ONLY; State of the pull request + State *State + + // READ-ONLY; URL of pull request + URL *string +} + +// Query - Represents a query to run on the TI objects in the workspace. +type Query struct { + // Query properties + Properties *QueryProperties +} + +// QueryAutoGenerated - Represents a query to run on the TI objects in the workspace. +type QueryAutoGenerated struct { + // Represents a condition used to query for TI objects. + Condition *QueryCondition + + // Represents the maximum size of the page that will be returned from the query API. + MaxPageSize *int32 + + // Represents the minimum size of the page that will be returned from the query API. + MinPageSize *int32 + + // Specifies how to sort the query results. + SortBy *QuerySortBy +} + +// QueryCondition - Represents a condition used to query for TI objects. +type QueryCondition struct { + // REQUIRED; The list of clauses to be evaluated in disjunction or conjunction base on the specified top level connective + // operator. + Clauses []*ConditionClause + + // The top level connective operator for this condition. + ConditionConnective *Connective + + // The STIX type for the objects returned by this query. + StixObjectType *string +} + +// QueryProperties - Describes the query properties +type QueryProperties struct { + // Represents a condition used to query for TI objects. + Condition *ConditionProperties +} + +// QuerySortBy - Specifies how to sort the query results. +type QuerySortBy struct { + // The direction to sort the results by. + Direction *SortingDirection + + // Represents the field to sort the results by. + Field *string +} + +// Recommendation object. +type Recommendation struct { + // Etag of the azure resource + Etag *string + + // Recommendation properties object. + Properties *RecommendationProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// RecommendationList - A list of recommendations +type RecommendationList struct { + // An list of recommendations + Value []*Recommendation +} + +// RecommendationPatch - Recommendation Fields to update. +type RecommendationPatch struct { + // Recommendation Fields Properties to update. + Properties *RecommendationPatchProperties +} + +// RecommendationPatchProperties - Recommendation Fields Properties to update. +type RecommendationPatchProperties struct { + // State of the recommendation. + State *State +} + +// RecommendationProperties - Recommendation properties object. +type RecommendationProperties struct { + // REQUIRED; The time stamp (UTC) when the recommendation was created. + CreationTimeUTC *time.Time + + // REQUIRED; Description of the recommendation. + Description *string + + // REQUIRED; The time stamp (UTC) when the recommendation was last evaluated. + LastEvaluatedTimeUTC *time.Time + + // REQUIRED; The time stamp (UTC) when the recommendation was last modified. + LastModifiedTimeUTC *time.Time + + // REQUIRED; Id of the recommendation type. + RecommendationTypeID *string + + // REQUIRED; State of the recommendation. + State *State + + // REQUIRED; List of suggestions to take for this recommendation. + Suggestions []*RecommendedSuggestion + + // REQUIRED; Title of the recommendation. + Title *string + + // Collection of additional properties for the recommendation. + AdditionalProperties map[string]*string + + // Id of the resource this recommendation refers to. + ResourceID *string +} + +// RecommendedSuggestion - What suggestions should be taken to complete the recommendation. +type RecommendedSuggestion struct { + // REQUIRED; Action of the suggestion. + Action *string + + // REQUIRED; Description of the suggestion. + Description *string + + // REQUIRED; Id of the suggestion type. + SuggestionTypeID *string + + // REQUIRED; Title of the suggestion. + Title *string + + // Collection of additional properties for the suggestion. + AdditionalProperties map[string]*string +} + +// ReevaluateResponse - Reevaluate response object. +type ReevaluateResponse struct { + // The time stamp (UTC) when the recommendation was last evaluated. + LastEvaluatedTimeUTC *time.Time +} + +// RegistryKeyEntity - Represents a registry key entity. +type RegistryKeyEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // RegistryKey entity properties + Properties *RegistryKeyEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type RegistryKeyEntity. +func (r *RegistryKeyEntity) GetEntity() *Entity { + return &Entity{ + ID: r.ID, + Kind: r.Kind, + Name: r.Name, + SystemData: r.SystemData, + Type: r.Type, + } +} + +// RegistryKeyEntityProperties - RegistryKey entity property bag. +type RegistryKeyEntityProperties struct { + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; the hive that holds the registry key. + Hive *RegistryHive + + // READ-ONLY; The registry key path. + Key *string +} + +// RegistryValueEntity - Represents a registry value entity. +type RegistryValueEntity struct { + // REQUIRED; The kind of the entity. + Kind *EntityKindEnum + + // RegistryKey entity properties + Properties *RegistryValueEntityProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetEntity implements the EntityClassification interface for type RegistryValueEntity. +func (r *RegistryValueEntity) GetEntity() *Entity { + return &Entity{ + ID: r.ID, + Kind: r.Kind, + Name: r.Name, + SystemData: r.SystemData, + Type: r.Type, + } +} + +// RegistryValueEntityProperties - RegistryValue entity property bag. +type RegistryValueEntityProperties struct { + // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]any + + // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property + // is optional and might be system generated. + FriendlyName *string + + // READ-ONLY; The registry key entity id. + KeyEntityID *string + + // READ-ONLY; String formatted representation of the value data. + ValueData *string + + // READ-ONLY; The registry value name. + ValueName *string + + // READ-ONLY; Specifies the data types to use when storing values in the registry, or identifies the data type of a value + // in the registry. + ValueType *RegistryValueKind +} + +// Relation - Represents a relation between two resources +type Relation struct { + // Etag of the azure resource + Etag *string + + // Relation properties + Properties *RelationProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// RelationList - List of relations. +type RelationList struct { + // REQUIRED; Array of relations. + Value []*Relation + + // READ-ONLY; URL to fetch the next set of relations. + NextLink *string +} + +// RelationProperties - Relation property bag. +type RelationProperties struct { + // REQUIRED; The resource ID of the related resource + RelatedResourceID *string + + // READ-ONLY; The resource kind of the related resource + RelatedResourceKind *string + + // READ-ONLY; The name of the related resource + RelatedResourceName *string + + // READ-ONLY; The resource type of the related resource + RelatedResourceType *string +} + +// Relationship - Represents a relationship in Azure Security Insights. +type Relationship struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type Relationship. +func (r *Relationship) GetTIObject() *TIObject { + return &TIObject{ + ID: r.ID, + Kind: r.Kind, + Name: r.Name, + Properties: r.Properties, + SystemData: r.SystemData, + Type: r.Type, } } -// RegistryKeyEntity - Represents a registry key entity. -type RegistryKeyEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum +// RelationshipHint - An object used to help follow relationships from this object to other STIX objects. +type RelationshipHint struct { + FieldName *string + Source *string +} + +// Repo - Represents a repository. +type Repo struct { + // Array of branches. + Branches []*string + + // The name of the repository. + FullName *string + + // The installation id of the repository. + InstallationID *int64 + + // The url to access the repository. + URL *string +} + +// RepoList - List all the source controls. +type RepoList struct { + // REQUIRED; Array of repositories. + Value []*Repo + + // READ-ONLY; URL to fetch the next set of repositories. + NextLink *string +} + +// Repository - metadata of a repository. +type Repository struct { + // REQUIRED; Branch name of repository. + Branch *string + + // REQUIRED; Url of repository. + URL *string + + // Display url of repository. + DisplayURL *string + + // READ-ONLY; Url to access repository action logs. + DeploymentLogsURL *string +} + +// RepositoryAccess - Credentials to access repository. +type RepositoryAccess struct { + // REQUIRED; The kind of repository access credentials + Kind *RepositoryAccessKind + + // OAuth ClientId. Required when kind is OAuth + ClientID *string + + // OAuth Code. Required when kind is OAuth + Code *string + + // Application installation ID. Required when kind is App. Supported by GitHub only. + InstallationID *string + + // OAuth State. Required when kind is OAuth + State *string + + // Personal Access Token. Required when kind is PAT + Token *string +} + +// RepositoryAccessObject - Credentials to access repository. +type RepositoryAccessObject struct { + // REQUIRED; RepositoryAccess properties + RepositoryAccess *RepositoryAccess +} + +// RepositoryAccessProperties - Credentials to access repository. +type RepositoryAccessProperties struct { + // REQUIRED; RepositoryAccess properties + Properties *RepositoryAccessObject +} + +// RepositoryResourceInfo - Resources created in user's repository for the source-control. +type RepositoryResourceInfo struct { + // The webhook object created for the source-control. + Webhook *Webhook + + // READ-ONLY; Resources created in Azure DevOps for this source-control. + AzureDevOpsResourceInfo *AzureDevOpsResourceInfo + + // READ-ONLY; Resources created in GitHub for this source-control. + GitHubResourceInfo *GitHubResourceInfo +} + +// RequiredPermissions - Required permissions for the connector +type RequiredPermissions struct { + // action permission + Action *bool + + // delete permission + Delete *bool + + // read permission + Read *bool + + // write permission + Write *bool +} + +// ResourceProviderRequiredPermissions - Required permissions for the connector resource provider that define in ResourceProviders. +// For more information about the permissions see here. +type ResourceProviderRequiredPermissions struct { + // Gets or sets a value indicating whether the permission is custom actions (POST). + Action *bool + + // Gets or sets a value indicating whether the permission is delete action (DELETE). + Delete *bool + + // Gets or sets a value indicating whether the permission is read action (GET). + Read *bool + + // Gets or sets a value indicating whether the permission is write action (PUT or PATCH). + Write *bool +} + +// RestAPIPollerDataConnector - Represents Rest Api Poller data connector. +type RestAPIPollerDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind - // RegistryKey entity properties - Properties *RegistryKeyEntityProperties + // Etag of the azure resource + Etag *string + + // Rest Api Poller data connector properties. + Properties *RestAPIPollerDataConnectorProperties // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -2510,9 +8088,10 @@ type RegistryKeyEntity struct { Type *string } -// GetEntity implements the EntityClassification interface for type RegistryKeyEntity. -func (r *RegistryKeyEntity) GetEntity() *Entity { - return &Entity{ +// GetDataConnector implements the DataConnectorClassification interface for type RestAPIPollerDataConnector. +func (r *RestAPIPollerDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: r.Etag, ID: r.ID, Kind: r.Kind, Name: r.Name, @@ -2521,84 +8100,112 @@ func (r *RegistryKeyEntity) GetEntity() *Entity { } } -// RegistryKeyEntityProperties - RegistryKey entity property bag. -type RegistryKeyEntityProperties struct { - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any +// RestAPIPollerDataConnectorProperties - Rest Api Poller data connector properties. +type RestAPIPollerDataConnectorProperties struct { + // REQUIRED; The a authentication model. + Auth CcpAuthConfigClassification - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string + // REQUIRED; The connector definition name (the dataConnectorDefinition resource id). + ConnectorDefinitionName *string - // READ-ONLY; the hive that holds the registry key. - Hive *RegistryHive + // REQUIRED; The request configuration. + Request *RestAPIPollerRequestConfig - // READ-ONLY; The registry key path. - Key *string + // The add on attributes. The key name will become attribute name (a column) and the value will become the attribute value + // in the payload. + AddOnAttributes map[string]*string + + // The Log Analytics table destination. + DataType *string + + // The DCR related properties. + DcrConfig *DCRConfiguration + + // Indicates whether the connector is active or not. + IsActive *bool + + // The paging configuration. + Paging *RestAPIPollerRequestPagingConfig + + // The response configuration. + Response *CcpResponseConfig } -// RegistryValueEntity - Represents a registry value entity. -type RegistryValueEntity struct { - // REQUIRED; The kind of the entity. - Kind *EntityKindEnum +// RestAPIPollerRequestConfig - The request configuration. +type RestAPIPollerRequestConfig struct { + // REQUIRED; The API endpoint. + APIEndpoint *string - // RegistryKey entity properties - Properties *RegistryValueEntityProperties + // The query parameter name which the remote server expect to end query. This property goes hand to hand with startTimeAttributeName + EndTimeAttributeName *string - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} - ID *string + // The HTTP method, default value GET. + HTTPMethod *HTTPMethodVerb - // READ-ONLY; The name of the resource - Name *string + // The header for the request for the remote server. + Headers map[string]*string - // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. - SystemData *SystemData + // Flag to indicate if HTTP POST payload is in JSON format (vs form-urlencoded). + IsPostPayloadJSON *bool - // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" - Type *string -} + // The HTTP query parameters to RESTful API. + QueryParameters map[string]any -// GetEntity implements the EntityClassification interface for type RegistryValueEntity. -func (r *RegistryValueEntity) GetEntity() *Entity { - return &Entity{ - ID: r.ID, - Kind: r.Kind, - Name: r.Name, - SystemData: r.SystemData, - Type: r.Type, - } -} + // the query parameters template. Defines the query parameters template to use when passing query parameters in advanced scenarios. + QueryParametersTemplate *string -// RegistryValueEntityProperties - RegistryValue entity property bag. -type RegistryValueEntityProperties struct { - // READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]any + // The query time format. A remote server can have a query to pull data from range 'start' to 'end'. This property indicate + // what is the expected time format the remote server know to parse. + QueryTimeFormat *string - // READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property - // is optional and might be system generated. - FriendlyName *string + // The query parameter name which we need to send the server for query logs in time interval. Should be defined with queryTimeIntervalPrepend + // and queryTimeIntervalDelimiter + QueryTimeIntervalAttributeName *string - // READ-ONLY; The registry key entity id. - KeyEntityID *string + // The delimiter string between 2 QueryTimeFormat in the query parameter queryTimeIntervalAttributeName. + QueryTimeIntervalDelimiter *string - // READ-ONLY; String formatted representation of the value data. - ValueData *string + // The string prepend to the value of the query parameter in queryTimeIntervalAttributeName. + QueryTimeIntervalPrepend *string - // READ-ONLY; The registry value name. - ValueName *string + // The query window in minutes for the request. + QueryWindowInMin *int32 - // READ-ONLY; Specifies the data types to use when storing values in the registry, or identifies the data type of a value - // in the registry. - ValueType *RegistryValueKind + // The Rate limit queries per second for the request.. + RateLimitQPS *int32 + + // The retry count. + RetryCount *int32 + + // The query parameter name which the remote server expect to start query. This property goes hand to hand with endTimeAttributeName. + StartTimeAttributeName *string + + // The timeout in seconds. + TimeoutInSeconds *int32 } -// Relation - Represents a relation between two resources -type Relation struct { - // Etag of the azure resource - Etag *string +// RestAPIPollerRequestPagingConfig - The request paging configuration. +type RestAPIPollerRequestPagingConfig struct { + // REQUIRED; Type of paging + PagingType *RestAPIPollerRequestPagingKind - // Relation properties - Properties *RelationProperties + // Page size + PageSize *int32 + + // Page size parameter name + PageSizeParameterName *string +} + +// SapSolutionUsageStatistic - Billing statistic about the Microsoft Sentinel solution for SAP Usage +type SapSolutionUsageStatistic struct { + // REQUIRED; The kind of the billing statistic + Kind *BillingStatisticKind + + // The SAP solution usage object + Properties *SapSolutionUsageStatisticProperties + + // READ-ONLY; Resource Etag. + Etag *string // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -2613,33 +8220,28 @@ type Relation struct { Type *string } -// RelationList - List of relations. -type RelationList struct { - // REQUIRED; Array of relations. - Value []*Relation - - // READ-ONLY; URL to fetch the next set of relations. - NextLink *string +// GetBillingStatistic implements the BillingStatisticClassification interface for type SapSolutionUsageStatistic. +func (s *SapSolutionUsageStatistic) GetBillingStatistic() *BillingStatistic { + return &BillingStatistic{ + Etag: s.Etag, + ID: s.ID, + Kind: s.Kind, + Name: s.Name, + SystemData: s.SystemData, + Type: s.Type, + } } -// RelationProperties - Relation property bag. -type RelationProperties struct { - // REQUIRED; The resource ID of the related resource - RelatedResourceID *string - - // READ-ONLY; The resource kind of the related resource - RelatedResourceKind *string - - // READ-ONLY; The name of the related resource - RelatedResourceName *string - - // READ-ONLY; The resource type of the related resource - RelatedResourceType *string +// SapSolutionUsageStatisticProperties - Properties of the billing statistic about the Microsoft Sentinel solution for SAP +// usage +type SapSolutionUsageStatisticProperties struct { + // READ-ONLY; The latest count of active SAP system IDs under the Microsoft Sentinel solution for SAP Usage + ActiveSystemIDCount *int64 } // ScheduledAlertRule - Represents scheduled alert rule. type ScheduledAlertRule struct { - // REQUIRED; The alert rule kind + // REQUIRED; The kind of the alert rule Kind *AlertRuleKind // Etag of the azure resource @@ -2717,12 +8319,21 @@ type ScheduledAlertRuleProperties struct { // The period (in ISO 8601 duration format) that this alert rule looks at. QueryPeriod *string + // Array of the sentinel entity mappings of the alert rule + SentinelEntitiesMappings []*SentinelEntityMapping + // The severity for alerts created by this alert rule. Severity *AlertSeverity + // The sub-techniques of the alert rule + SubTechniques []*string + // The tactics of the alert rule Tactics []*AttackTactic + // The techniques of the alert rule + Techniques []*string + // The version of the alert rule template used to create this rule - in format , where all are numbers, for example 0 TemplateVersion *string @@ -2738,7 +8349,7 @@ type ScheduledAlertRuleProperties struct { // ScheduledAlertRuleTemplate - Represents scheduled alert rule template. type ScheduledAlertRuleTemplate struct { - // REQUIRED; The alert rule kind + // REQUIRED; The kind of the alert rule Kind *AlertRuleKind // Scheduled alert rule template properties @@ -2803,15 +8414,24 @@ type ScheduledAlertRuleTemplateProperties struct { // The required data connectors for this template RequiredDataConnectors []*AlertRuleTemplateDataSource + // Array of the sentinel entity mappings of the alert rule + SentinelEntitiesMappings []*SentinelEntityMapping + // The severity for alerts created by this alert rule. Severity *AlertSeverity // The alert rule template status. Status *TemplateStatus + // The sub-techniques of the alert rule + SubTechniques []*string + // The tactics of the alert rule template Tactics []*AttackTactic + // The techniques of the alert rule + Techniques []*string + // The operation against the threshold that triggers alert rule. TriggerOperator *TriggerOperator @@ -2955,6 +8575,52 @@ type SecurityAlertPropertiesConfidenceReasonsItem struct { ReasonType *string } +// SecurityAlertTimelineItem - Represents security alert timeline item. +type SecurityAlertTimelineItem struct { + // REQUIRED; The name of the alert type. + AlertType *string + + // REQUIRED; The alert azure resource id. + AzureResourceID *string + + // REQUIRED; The alert name. + DisplayName *string + + // REQUIRED; The alert end time. + EndTimeUTC *time.Time + + // REQUIRED; The entity query kind type. + Kind *EntityTimelineKind + + // REQUIRED; The alert severity. + Severity *AlertSeverity + + // REQUIRED; The alert start time. + StartTimeUTC *time.Time + + // REQUIRED; The alert generated time. + TimeGenerated *time.Time + + // The alert description. + Description *string + + // The alert product name. + ProductName *string + + // The techniques of the alert. + Techniques []*string + + // READ-ONLY; The intent of the alert. + Intent *KillChainIntent +} + +// GetEntityTimelineItem implements the EntityTimelineItemClassification interface for type SecurityAlertTimelineItem. +func (s *SecurityAlertTimelineItem) GetEntityTimelineItem() *EntityTimelineItem { + return &EntityTimelineItem{ + Kind: s.Kind, + } +} + // SecurityGroupEntity - Represents a security group entity. type SecurityGroupEntity struct { // REQUIRED; The kind of the entity. @@ -3006,14 +8672,179 @@ type SecurityGroupEntityProperties struct { Sid *string } -// SentinelOnboardingState - Sentinel onboarding state -type SentinelOnboardingState struct { +// SecurityMLAnalyticsSetting - Security ML Analytics Setting +type SecurityMLAnalyticsSetting struct { + // REQUIRED; The kind of security ML Analytics Settings + Kind *SecurityMLAnalyticsSettingsKind + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetSecurityMLAnalyticsSetting implements the SecurityMLAnalyticsSettingClassification interface for type SecurityMLAnalyticsSetting. +func (s *SecurityMLAnalyticsSetting) GetSecurityMLAnalyticsSetting() *SecurityMLAnalyticsSetting { + return s +} + +// SecurityMLAnalyticsSettingsDataSource - security ml analytics settings data sources +type SecurityMLAnalyticsSettingsDataSource struct { + // The connector id that provides the following data types + ConnectorID *string + + // The data types used by the security ml analytics settings + DataTypes []*string +} + +// SecurityMLAnalyticsSettingsList - List all the SecurityMLAnalyticsSettings +type SecurityMLAnalyticsSettingsList struct { + // REQUIRED; Array of SecurityMLAnalyticsSettings + Value []SecurityMLAnalyticsSettingClassification + + // READ-ONLY; URL to fetch the next set of SecurityMLAnalyticsSettings. + NextLink *string +} + +// SentinelEntityMapping - A single sentinel entity mapping +type SentinelEntityMapping struct { + // the column name to be mapped to the SentinelEntities + ColumnName *string +} + +// SentinelOnboardingState - Sentinel onboarding state +type SentinelOnboardingState struct { + // Etag of the azure resource + Etag *string + + // The Sentinel onboarding state object + Properties *SentinelOnboardingStateProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// SentinelOnboardingStateProperties - The Sentinel onboarding state properties +type SentinelOnboardingStateProperties struct { + // Flag that indicates the status of the CMK setting + CustomerManagedKey *bool +} + +// SentinelOnboardingStatesList - List of the Sentinel onboarding states +type SentinelOnboardingStatesList struct { + // REQUIRED; Array of Sentinel onboarding states + Value []*SentinelOnboardingState +} + +// ServicePrincipal - Service principal metadata. +type ServicePrincipal struct { + // Expiration time of service principal credentials. + CredentialsExpireOn *time.Time + + // READ-ONLY; App id of service principal. + AppID *string + + // READ-ONLY; Id of service principal. + ID *string + + // READ-ONLY; Tenant id of service principal. + TenantID *string +} + +// SessionAuthModel - Model for API authentication with session cookie. +type SessionAuthModel struct { + // REQUIRED; The password attribute name. + Password map[string]*string + + // REQUIRED; The auth type + Type *CcpAuthType + + // REQUIRED; The user name attribute key value. + UserName map[string]*string + + // HTTP request headers to session service endpoint. + Headers map[string]*string + + // Indicating whether API key is set in HTTP POST payload. + IsPostPayloadJSON *bool + + // Query parameters to session service endpoint. + QueryParameters map[string]any + + // Session id attribute name from HTTP response header. + SessionIDName *string + + // HTTP request URL to session service endpoint. + SessionLoginRequestURI *string + + // Session timeout in minutes. + SessionTimeoutInMinutes *int32 +} + +// GetCcpAuthConfig implements the CcpAuthConfigClassification interface for type SessionAuthModel. +func (s *SessionAuthModel) GetCcpAuthConfig() *CcpAuthConfig { + return &CcpAuthConfig{ + Type: s.Type, + } +} + +// SettingList - List of all the settings. +type SettingList struct { + // REQUIRED; Array of settings. + Value []SettingsClassification +} + +// Settings - The Setting. +type Settings struct { + // REQUIRED; The kind of the setting + Kind *SettingKind + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetSettings implements the SettingsClassification interface for type Settings. +func (s *Settings) GetSettings() *Settings { return s } + +// SourceControl - Represents a SourceControl in Azure Security Insights. +type SourceControl struct { + // REQUIRED; source control properties + Properties *SourceControlProperties + // Etag of the azure resource Etag *string - // The Sentinel onboarding state object - Properties *SentinelOnboardingStateProperties - // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string @@ -3027,16 +8858,52 @@ type SentinelOnboardingState struct { Type *string } -// SentinelOnboardingStateProperties - The Sentinel onboarding state properties -type SentinelOnboardingStateProperties struct { - // Flag that indicates the status of the CMK setting - CustomerManagedKey *bool +// SourceControlList - List all the source controls. +type SourceControlList struct { + // REQUIRED; Array of source controls. + Value []*SourceControl + + // READ-ONLY; URL to fetch the next set of source controls. + NextLink *string } -// SentinelOnboardingStatesList - List of the Sentinel onboarding states -type SentinelOnboardingStatesList struct { - // REQUIRED; Array of Sentinel onboarding states - Value []*SentinelOnboardingState +// SourceControlProperties - Describes source control properties +type SourceControlProperties struct { + // REQUIRED; Array of source control content types. + ContentTypes []*ContentType + + // REQUIRED; The display name of the source control + DisplayName *string + + // REQUIRED; The repository type of the source control + RepoType *RepoType + + // REQUIRED; Repository metadata. + Repository *Repository + + // A description of the source control + Description *string + + // Repository access credentials. This is write-only object and it never returns back to a user. + RepositoryAccess *RepositoryAccess + + // Information regarding the resources created in user's repository. + RepositoryResourceInfo *RepositoryResourceInfo + + // Service principal metadata. + ServicePrincipal *ServicePrincipal + + // READ-ONLY; The id (a Guid) of the source control + ID *string + + // READ-ONLY; Information regarding the latest deployment for the source control. + LastDeploymentInfo *DeploymentInfo + + // READ-ONLY; Information regarding the pull request of the source control. + PullRequest *PullRequest + + // READ-ONLY; The version number associated with the source control + Version *Version } // SubmissionMailEntity - Represents a submission mail entity. @@ -3132,6 +8999,28 @@ type SystemData struct { LastModifiedByType *CreatedByType } +// TICheckRequirements - Threat Intelligence Platforms data connector check requirements +type TICheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // Threat Intelligence Platforms data connector check required properties + Properties *TICheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type TICheckRequirements. +func (t *TICheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: t.Kind, + } +} + +// TICheckRequirementsProperties - Threat Intelligence Platforms data connector required properties. +type TICheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + // TIDataConnector - Represents threat intelligence data connector. type TIDataConnector struct { // REQUIRED; The data connector kind @@ -3170,28 +9059,261 @@ func (t *TIDataConnector) GetDataConnector() *DataConnector { // TIDataConnectorDataTypes - The available data types for TI (Threat Intelligence) data connector. type TIDataConnectorDataTypes struct { - // Data type for indicators connection. + // REQUIRED; Data type for indicators connection. Indicators *TIDataConnectorDataTypesIndicators } // TIDataConnectorDataTypesIndicators - Data type for indicators connection. type TIDataConnectorDataTypesIndicators struct { - // Describe whether this data type connection is enabled or not. + // REQUIRED; Describe whether this data type connection is enabled or not. State *DataTypeState } // TIDataConnectorProperties - TI (Threat Intelligence) data connector properties. type TIDataConnectorProperties struct { - // The available data types for the connector. + // REQUIRED; The available data types for the connector. DataTypes *TIDataConnectorDataTypes - // The tenant id to connect to, and get the data from. + // REQUIRED; The tenant id to connect to, and get the data from. TenantID *string // The lookback period for the feed to be imported. TipLookbackPeriod *time.Time } +// TIObject - Represents a threat intelligence object in Azure Security Insights. +type TIObject struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type TIObject. +func (t *TIObject) GetTIObject() *TIObject { return t } + +// TIObjectCommonProperties - Describes properties common to all threat intelligence objects +type TIObjectCommonProperties struct { + // READ-ONLY; The UserInfo of the user/entity which originally created this TI object. + CreatedBy *UserInfoAutoGenerated + + // READ-ONLY; The core STIX object that this TI object represents. + Data map[string]any + + // READ-ONLY; The timestamp for the first time this object was ingested. + FirstIngestedTimeUTC *time.Time + + // READ-ONLY; The ID of the rules version that was active when this TI object was last ingested. + IngestionRulesVersion *string + + // READ-ONLY; The timestamp for the last time this object was ingested. + LastIngestedTimeUTC *time.Time + + // READ-ONLY; The UserInfo of the user/entity which last modified this TI object. + LastModifiedBy *UserInfoAutoGenerated + + // READ-ONLY; The name of the method/application that initiated the last write to this TI object. + LastUpdateMethod *string + + // READ-ONLY; The timestamp for the last time this TI object was updated. + LastUpdatedDateTimeUTC *time.Time + + // READ-ONLY; A dictionary used to help follow relationships from this object to other STIX objects. The keys are field names + // from the STIX object (in the 'data' field), and the values are lists of sources that can + // be prepended to the object ID in order to efficiently locate the target TI object. + RelationshipHints []*RelationshipHint + + // READ-ONLY; The source name for this TI object. + Source *string +} + +// TeamInformation - Describes team information +type TeamInformation struct { + // READ-ONLY; The description of the team + Description *string + + // READ-ONLY; The name of the team + Name *string + + // READ-ONLY; The primary channel URL of the team + PrimaryChannelURL *string + + // READ-ONLY; The time the team was created + TeamCreationTimeUTC *time.Time + + // READ-ONLY; Team ID + TeamID *string +} + +// TemplateList - List of all the template. +type TemplateList struct { + // REQUIRED; Array of templates. + Value []*TemplateModel + + // READ-ONLY; URL to fetch the next page of template. + NextLink *string +} + +// TemplateModel - Template resource definition. +type TemplateModel struct { + // Etag of the azure resource + Etag *string + + // template properties + Properties *TemplateProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// TemplateProperties - Template property bag. +type TemplateProperties struct { + // The creator of the content item. + Author *MetadataAuthor + + // Categories for the item + Categories *MetadataCategories + + // Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for + // out of the box content and solutions. Dynamic for user-created. This is the + // resource name + ContentID *string + + // The kind of content the template is for. + ContentKind *Kind + + // Unique ID for the content. It should be generated based on the contentId of the package, contentId of the template, contentKind + // of the template and the contentVersion of the template + ContentProductID *string + + // Schema version of the content. Can be used to distinguish between different flow based on the schema version + ContentSchemaVersion *string + + // The custom version of the content. A optional free text + CustomVersion *string + + // Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies + // using a recursive/nested structure. For a single dependency an id/kind/version + // can be supplied or operator/criteria for complex formats. + Dependencies *MetadataDependencies + + // The display name of the template + DisplayName *string + + // first publish date content item + FirstPublishDate *time.Time + + // the icon identifier. this id can later be fetched from the content metadata + Icon *string + + // last publish date for the content item + LastPublishDate *time.Time + + // The JSON of the ARM template to deploy active content. Expandable. + MainTemplate any + + // the package Id contains this template + PackageID *string + + // the packageKind of the package contains this template + PackageKind *PackageKind + + // the name of the package contains this template + PackageName *string + + // Version of the package. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM metadata + // best practices. Can also be any string, but then we cannot guarantee any version + // checks + PackageVersion *string + + // preview image file names. These will be taken from the solution artifacts + PreviewImages []*string + + // preview image file names. These will be taken from the solution artifacts. used for dark theme support + PreviewImagesDark []*string + + // Providers for the content item + Providers []*string + + // Source of the content. This is where/how it was created. + Source *MetadataSource + + // Support information for the template - type, name, contact information + Support *MetadataSupport + + // the tactics the resource covers + ThreatAnalysisTactics []*string + + // the techniques the resource covers, these have to be aligned with the tactics being used + ThreatAnalysisTechniques []*string + + // Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM metadata + // best practices. Can also be any string, but then we cannot guarantee any version + // checks + Version *string + + // READ-ONLY; Dependant templates. Expandable. + DependantTemplates []*TemplateProperties + + // READ-ONLY; Flag indicates if this template is deprecated + IsDeprecated *Flag +} + +// ThreatActor - Represents a threat actor in Azure Security Insights. +type ThreatActor struct { + // REQUIRED; The kind of the TI object + Kind *TIObjectKind + + // The properties of the TI object + Properties *TIObjectCommonProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetTIObject implements the TIObjectClassification interface for type ThreatActor. +func (t *ThreatActor) GetTIObject() *TIObject { + return &TIObject{ + ID: t.ID, + Kind: t.Kind, + Name: t.Name, + Properties: t.Properties, + SystemData: t.SystemData, + Type: t.Type, + } +} + // ThreatIntelligence property bag. type ThreatIntelligence struct { // READ-ONLY; Confidence (must be between 0 and 1) @@ -3213,12 +9335,149 @@ type ThreatIntelligence struct { ThreatType *string } +// ThreatIntelligenceAlertRule - Represents Threat Intelligence alert rule. +type ThreatIntelligenceAlertRule struct { + // REQUIRED; The kind of the alert rule + Kind *AlertRuleKind + + // Etag of the azure resource + Etag *string + + // Threat Intelligence alert rule properties + Properties *ThreatIntelligenceAlertRuleProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetAlertRule implements the AlertRuleClassification interface for type ThreatIntelligenceAlertRule. +func (t *ThreatIntelligenceAlertRule) GetAlertRule() *AlertRule { + return &AlertRule{ + Etag: t.Etag, + ID: t.ID, + Kind: t.Kind, + Name: t.Name, + SystemData: t.SystemData, + Type: t.Type, + } +} + +// ThreatIntelligenceAlertRuleProperties - Threat Intelligence alert rule base property bag. +type ThreatIntelligenceAlertRuleProperties struct { + // REQUIRED; The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string + + // REQUIRED; Determines whether this alert rule is enabled or disabled. + Enabled *bool + + // READ-ONLY; The description of the alert rule. + Description *string + + // READ-ONLY; The display name for alerts created by this alert rule. + DisplayName *string + + // READ-ONLY; The last time that this alert has been modified. + LastModifiedUTC *time.Time + + // READ-ONLY; The severity for alerts created by this alert rule. + Severity *AlertSeverity + + // READ-ONLY; The sub-techniques of the alert rule + SubTechniques []*string + + // READ-ONLY; The tactics of the alert rule + Tactics []*AttackTactic + + // READ-ONLY; The techniques of the alert rule + Techniques []*string +} + +// ThreatIntelligenceAlertRuleTemplate - Represents Threat Intelligence alert rule template. +type ThreatIntelligenceAlertRuleTemplate struct { + // REQUIRED; The kind of the alert rule + Kind *AlertRuleKind + + // Threat Intelligence alert rule template properties + Properties *ThreatIntelligenceAlertRuleTemplateProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetAlertRuleTemplate implements the AlertRuleTemplateClassification interface for type ThreatIntelligenceAlertRuleTemplate. +func (t *ThreatIntelligenceAlertRuleTemplate) GetAlertRuleTemplate() *AlertRuleTemplate { + return &AlertRuleTemplate{ + ID: t.ID, + Kind: t.Kind, + Name: t.Name, + SystemData: t.SystemData, + Type: t.Type, + } +} + +// ThreatIntelligenceAlertRuleTemplateProperties - Threat Intelligence alert rule template properties +type ThreatIntelligenceAlertRuleTemplateProperties struct { + // REQUIRED; The severity for alerts created by this alert rule. + Severity *AlertSeverity + + // the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 + + // The description of the alert rule template. + Description *string + + // The display name for alert rule template. + DisplayName *string + + // The required data sources for this template + RequiredDataConnectors []*AlertRuleTemplateDataSource + + // The alert rule template status. + Status *TemplateStatus + + // The tactics of the alert rule + Tactics []*AttackTactic + + // The techniques of the alert rule + Techniques []*string + + // READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *time.Time + + // READ-ONLY; The last time that this alert rule template has been updated. + LastUpdatedDateUTC *time.Time +} + // ThreatIntelligenceAppendTags - Array of tags to be appended to the threat intelligence indicator. type ThreatIntelligenceAppendTags struct { // List of tags to be appended. ThreatIntelligenceTags []*string } +// ThreatIntelligenceCount - Count of all the threat intelligence objects on the workspace that match the provided query. +type ThreatIntelligenceCount struct { + // READ-ONLY; Count of all the threat intelligence objects on the workspace that match the provided query. + Count *int32 +} + // ThreatIntelligenceExternalReference - Describes external reference type ThreatIntelligenceExternalReference struct { // External reference description @@ -3465,6 +9724,15 @@ type ThreatIntelligenceKillChainPhase struct { PhaseName *string } +// ThreatIntelligenceList - List all the threat intelligence objects on the workspace that match the provided query. +type ThreatIntelligenceList struct { + // REQUIRED; Array of threat intelligence objects on the workspace that match the provided query. + Value []TIObjectClassification + + // READ-ONLY; URL to fetch the next set of threat intelligence objects. + NextLink *string +} + // ThreatIntelligenceMetric - Describes threat intelligence metric type ThreatIntelligenceMetric struct { // Last updated indicator metric @@ -3528,6 +9796,190 @@ type ThreatIntelligenceSortingCriteria struct { SortOrder *ThreatIntelligenceSortingOrder } +// TiTaxiiCheckRequirements - Threat Intelligence TAXII data connector check requirements +type TiTaxiiCheckRequirements struct { + // REQUIRED; Describes the kind of connector to be checked. + Kind *DataConnectorKind + + // Threat Intelligence TAXII check required properties. + Properties *TiTaxiiCheckRequirementsProperties +} + +// GetDataConnectorsCheckRequirements implements the DataConnectorsCheckRequirementsClassification interface for type TiTaxiiCheckRequirements. +func (t *TiTaxiiCheckRequirements) GetDataConnectorsCheckRequirements() *DataConnectorsCheckRequirements { + return &DataConnectorsCheckRequirements{ + Kind: t.Kind, + } +} + +// TiTaxiiCheckRequirementsProperties - Threat Intelligence TAXII data connector required properties. +type TiTaxiiCheckRequirementsProperties struct { + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string +} + +// TiTaxiiDataConnector - Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server +type TiTaxiiDataConnector struct { + // REQUIRED; The data connector kind + Kind *DataConnectorKind + + // Etag of the azure resource + Etag *string + + // Threat intelligence TAXII data connector properties. + Properties *TiTaxiiDataConnectorProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetDataConnector implements the DataConnectorClassification interface for type TiTaxiiDataConnector. +func (t *TiTaxiiDataConnector) GetDataConnector() *DataConnector { + return &DataConnector{ + Etag: t.Etag, + ID: t.ID, + Kind: t.Kind, + Name: t.Name, + SystemData: t.SystemData, + Type: t.Type, + } +} + +// TiTaxiiDataConnectorDataTypes - The available data types for Threat Intelligence TAXII data connector. +type TiTaxiiDataConnectorDataTypes struct { + // REQUIRED; Data type for TAXII connector. + TaxiiClient *TiTaxiiDataConnectorDataTypesTaxiiClient +} + +// TiTaxiiDataConnectorDataTypesTaxiiClient - Data type for TAXII connector. +type TiTaxiiDataConnectorDataTypesTaxiiClient struct { + // REQUIRED; Describe whether this data type connection is enabled or not. + State *DataTypeState +} + +// TiTaxiiDataConnectorProperties - Threat Intelligence TAXII data connector properties. +type TiTaxiiDataConnectorProperties struct { + // REQUIRED; The available data types for Threat Intelligence TAXII data connector. + DataTypes *TiTaxiiDataConnectorDataTypes + + // REQUIRED; The polling frequency for the TAXII server. + PollingFrequency *PollingFrequency + + // REQUIRED; The tenant id to connect to, and get the data from. + TenantID *string + + // The collection id of the TAXII server. + CollectionID *string + + // The friendly name for the TAXII server. + FriendlyName *string + + // The password for the TAXII server. + Password *string + + // The lookback period for the TAXII server. + TaxiiLookbackPeriod *time.Time + + // The API root for the TAXII server. + TaxiiServer *string + + // The userName for the TAXII server. + UserName *string + + // The workspace id. + WorkspaceID *string +} + +// TimelineAggregation - timeline aggregation information per kind +type TimelineAggregation struct { + // REQUIRED; the total items found for a kind + Count *int32 + + // REQUIRED; the query kind + Kind *EntityTimelineKind +} + +// TimelineError - Timeline Query Errors. +type TimelineError struct { + // REQUIRED; the error message + ErrorMessage *string + + // REQUIRED; the query kind + Kind *EntityTimelineKind + + // the query id + QueryID *string +} + +// TimelineResultsMetadata - Expansion result metadata. +type TimelineResultsMetadata struct { + // REQUIRED; timeline aggregation per kind + Aggregations []*TimelineAggregation + + // REQUIRED; the total items found for the timeline request + TotalCount *int32 + + // information about the failure queries + Errors []*TimelineError +} + +// TriggeredAnalyticsRuleRun - The triggered analytics rule run +type TriggeredAnalyticsRuleRun struct { + // REQUIRED; The triggered analytics rule run Properties + Properties *TriggeredAnalyticsRuleRunProperties + + // Etag of the azure resource + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// TriggeredAnalyticsRuleRunProperties - The triggered analytics rule run Properties +type TriggeredAnalyticsRuleRunProperties struct { + // REQUIRED + ExecutionTimeUTC *time.Time + + // REQUIRED; The triggered analytics rule run provisioning state + ProvisioningState *ProvisioningState + + // REQUIRED + RuleID *string + + // REQUIRED + TriggeredAnalyticsRuleRunID *string + + // Dictionary of + RuleRunAdditionalData map[string]any +} + +// TriggeredAnalyticsRuleRuns - The triggered analytics rule run array +type TriggeredAnalyticsRuleRuns struct { + // REQUIRED + Value []*TriggeredAnalyticsRuleRun + + // READ-ONLY + NextLink *string +} + // URLEntity - Represents a url entity. type URLEntity struct { // REQUIRED; The kind of the entity. @@ -3573,6 +10025,48 @@ type URLEntityProperties struct { URL *string } +// Ueba - Settings with single toggle. +type Ueba struct { + // REQUIRED; The kind of the setting + Kind *SettingKind + + // Etag of the azure resource + Etag *string + + // Ueba properties + Properties *UebaProperties + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// GetSettings implements the SettingsClassification interface for type Ueba. +func (u *Ueba) GetSettings() *Settings { + return &Settings{ + Etag: u.Etag, + ID: u.ID, + Kind: u.Kind, + Name: u.Name, + SystemData: u.SystemData, + Type: u.Type, + } +} + +// UebaProperties - Ueba property bag. +type UebaProperties struct { + // The relevant data sources that enriched by ueba + DataSources []*UebaDataSources +} + // UserInfo - User information that made some action type UserInfo struct { // The object id of the user. @@ -3585,6 +10079,45 @@ type UserInfo struct { Name *string } +// UserInfoAutoGenerated - Data about a user or client application. +type UserInfoAutoGenerated struct { + // The user's email address. + Email *string + + // The user's name. + Name *string + + // READ-ONLY; The user's object ID. + ObjectID *string +} + +// ValidationError - Describes an error encountered in the file during validation. +type ValidationError struct { + // The number of the record that has the error. + RecordIndex *int32 + + // READ-ONLY; A list of descriptions of the error. + ErrorMessages []*string +} + +// Warning response structure. +type Warning struct { + // READ-ONLY; Warning data. + Warning *WarningBody +} + +// WarningBody - Warning details. +type WarningBody struct { + // READ-ONLY; An identifier for the warning. Codes are invariant and are intended to be consumed programmatically. + Code *WarningCode + + // READ-ONLY + Details []*WarningBody + + // READ-ONLY; A message describing the warning, intended to be suitable for display in a user interface. + Message *string +} + // Watchlist - Represents a Watchlist in Azure Security Insights. type Watchlist struct { // Etag of the azure resource @@ -3606,7 +10139,7 @@ type Watchlist struct { Type *string } -// WatchlistItem - Represents a Watchlist Item in Azure Security Insights. +// WatchlistItem - Represents a Watchlist item in Azure Security Insights. type WatchlistItem struct { // Etag of the azure resource Etag *string @@ -3632,14 +10165,14 @@ type WatchlistItemList struct { // REQUIRED; Array of watchlist items. Value []*WatchlistItem - // READ-ONLY; URL to fetch the next set of watchlist items. + // READ-ONLY; URL to fetch the next set of watchlist item. NextLink *string } // WatchlistItemProperties - Describes watchlist item properties type WatchlistItemProperties struct { // REQUIRED; key-value pairs for a watchlist item - ItemsKeyValue any + ItemsKeyValue map[string]any // The time the watchlist item was created Created *time.Time @@ -3648,7 +10181,7 @@ type WatchlistItemProperties struct { CreatedBy *UserInfo // key-value pairs for a watchlist item entity mapping - EntityMapping any + EntityMapping map[string]any // A flag that indicates if the watchlist item is deleted or not IsDeleted *bool @@ -3691,10 +10224,7 @@ type WatchlistProperties struct { // REQUIRED; The provider of the watchlist Provider *string - // REQUIRED; The source of the watchlist - Source *Source - - // The content type of the raw content. For now, only text/csv is valid + // The content type of the raw content. Example : text/csv or text/tsv ContentType *string // The time the watchlist was created @@ -3715,12 +10245,19 @@ type WatchlistProperties struct { // List of labels relevant to this watchlist Labels []*string - // The number of lines in a csv content to skip before the header + // The number of lines in a csv/tsv content to skip before the header NumberOfLinesToSkip *int32 - // The raw content that represents to watchlist items to create. Example : This line will be skipped header1,header2 value1,value2 + // The raw content that represents to watchlist items to create. In case of csv/tsv content type, it's the content of the + // file that will parsed by the endpoint RawContent *string + // The filename of the watchlist, called 'source' + Source *string + + // The sourceType of the watchlist + SourceType *SourceType + // The tenantId where the watchlist belongs to TenantID *string @@ -3730,8 +10267,8 @@ type WatchlistProperties struct { // Describes a user that updated the watchlist UpdatedBy *UserInfo - // The status of the Watchlist upload : New, InProgress or Complete. Note : When a Watchlist upload status is InProgress, - // the Watchlist cannot be deleted + // The status of the Watchlist upload : New, InProgress or Complete. Pls note : When a Watchlist upload status is equal to + // InProgress, the Watchlist cannot be deleted UploadStatus *string // The alias of the watchlist @@ -3743,3 +10280,180 @@ type WatchlistProperties struct { // The type of the watchlist WatchlistType *string } + +// Webhook - Detail about the webhook object. +type Webhook struct { + // A flag to instruct the backend service to rotate webhook secret. + RotateWebhookSecret *bool + + // READ-ONLY; Unique identifier for the webhook. + WebhookID *string + + // READ-ONLY; Time when the webhook secret was updated. + WebhookSecretUpdateTime *time.Time + + // READ-ONLY; URL that gets invoked by the webhook. + WebhookURL *string +} + +// WorkspaceManagerAssignment - The workspace manager assignment +type WorkspaceManagerAssignment struct { + // The workspace manager assignment object + Properties *WorkspaceManagerAssignmentProperties + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// WorkspaceManagerAssignmentList - List of all the workspace manager assignments. +type WorkspaceManagerAssignmentList struct { + // REQUIRED; Array of workspace manager assignments. + Value []*WorkspaceManagerAssignment + + // READ-ONLY; URL to fetch the next set of workspace manager assignments. + NextLink *string +} + +// WorkspaceManagerAssignmentProperties - The workspace manager assignment properties +type WorkspaceManagerAssignmentProperties struct { + // REQUIRED; List of resources included in this workspace manager assignment + Items []*AssignmentItem + + // REQUIRED; The resource name of the workspace manager group targeted by the workspace manager assignment + TargetResourceName *string + + // READ-ONLY; The time the last job associated to this assignment ended at + LastJobEndTime *time.Time + + // READ-ONLY; State of the last job associated to this assignment + LastJobProvisioningState *ProvisioningState +} + +// WorkspaceManagerConfiguration - The workspace manager configuration +type WorkspaceManagerConfiguration struct { + // The workspace manager configuration object + Properties *WorkspaceManagerConfigurationProperties + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// WorkspaceManagerConfigurationList - List all the workspace manager configurations for the workspace. +type WorkspaceManagerConfigurationList struct { + // REQUIRED; Array of workspace manager configurations. + Value []*WorkspaceManagerConfiguration + + // READ-ONLY; URL to fetch the next set of workspace manager configurations. + NextLink *string +} + +// WorkspaceManagerConfigurationProperties - The workspace manager configuration properties +type WorkspaceManagerConfigurationProperties struct { + // REQUIRED; The current mode of the workspace manager configuration + Mode *Mode +} + +// WorkspaceManagerGroup - The workspace manager group +type WorkspaceManagerGroup struct { + // The workspace manager group object + Properties *WorkspaceManagerGroupProperties + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// WorkspaceManagerGroupList - List of all the workspace manager groups. +type WorkspaceManagerGroupList struct { + // REQUIRED; Array of workspace manager groups. + Value []*WorkspaceManagerGroup + + // READ-ONLY; URL to fetch the next set of workspace manager groups. + NextLink *string +} + +// WorkspaceManagerGroupProperties - The workspace manager group properties +type WorkspaceManagerGroupProperties struct { + // REQUIRED; The display name of the workspace manager group + DisplayName *string + + // REQUIRED; The names of the workspace manager members participating in this group. + MemberResourceNames []*string + + // The description of the workspace manager group + Description *string +} + +// WorkspaceManagerMember - The workspace manager member +type WorkspaceManagerMember struct { + // The workspace manager member object + Properties *WorkspaceManagerMemberProperties + + // READ-ONLY; Resource Etag. + Etag *string + + // READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string + + // READ-ONLY; The name of the resource + Name *string + + // READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData + + // READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string +} + +// WorkspaceManagerMemberProperties - The workspace manager member properties +type WorkspaceManagerMemberProperties struct { + // REQUIRED; Fully qualified resource ID of the target Sentinel workspace joining the given Sentinel workspace manager + TargetWorkspaceResourceID *string + + // REQUIRED; Tenant id of the target Sentinel workspace joining the given Sentinel workspace manager + TargetWorkspaceTenantID *string +} + +// WorkspaceManagerMembersList - List of workspace manager members +type WorkspaceManagerMembersList struct { + // REQUIRED; Array of workspace manager members + Value []*WorkspaceManagerMember + + // READ-ONLY; URL to fetch the next set of workspace manager members + NextLink *string +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/models_serde.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/models_serde.go index ba0e6d7617f2..23611c1f78c7 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/models_serde.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/models_serde.go @@ -15,6 +15,64 @@ import ( "reflect" ) +// MarshalJSON implements the json.Marshaller interface for type AADCheckRequirements. +func (a AADCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindAzureActiveDirectory + populate(objectMap, "properties", a.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AADCheckRequirements. +func (a *AADCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &a.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AADCheckRequirementsProperties. +func (a AADCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", a.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AADCheckRequirementsProperties. +func (a *AADCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &a.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type AADDataConnector. func (a AADDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -97,6 +155,64 @@ func (a *AADDataConnectorProperties) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type AATPCheckRequirements. +func (a AATPCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindAzureAdvancedThreatProtection + populate(objectMap, "properties", a.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AATPCheckRequirements. +func (a *AATPCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &a.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AATPCheckRequirementsProperties. +func (a AATPCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", a.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AATPCheckRequirementsProperties. +func (a *AATPCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &a.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type AATPDataConnector. func (a AATPDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -179,6 +295,138 @@ func (a *AATPDataConnectorProperties) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type APIKeyAuthModel. +func (a APIKeyAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "apiKey", a.APIKey) + populate(objectMap, "apiKeyIdentifier", a.APIKeyIdentifier) + populate(objectMap, "apiKeyName", a.APIKeyName) + populate(objectMap, "isApiKeyInPostPayload", a.IsAPIKeyInPostPayload) + objectMap["type"] = CcpAuthTypeAPIKey + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type APIKeyAuthModel. +func (a *APIKeyAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "apiKey": + err = unpopulate(val, "APIKey", &a.APIKey) + delete(rawMsg, key) + case "apiKeyIdentifier": + err = unpopulate(val, "APIKeyIdentifier", &a.APIKeyIdentifier) + delete(rawMsg, key) + case "apiKeyName": + err = unpopulate(val, "APIKeyName", &a.APIKeyName) + delete(rawMsg, key) + case "isApiKeyInPostPayload": + err = unpopulate(val, "IsAPIKeyInPostPayload", &a.IsAPIKeyInPostPayload) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type APIPollingParameters. +func (a APIPollingParameters) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "connectorUiConfig", a.ConnectorUIConfig) + populate(objectMap, "pollingConfig", a.PollingConfig) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type APIPollingParameters. +func (a *APIPollingParameters) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "connectorUiConfig": + err = unpopulate(val, "ConnectorUIConfig", &a.ConnectorUIConfig) + delete(rawMsg, key) + case "pollingConfig": + err = unpopulate(val, "PollingConfig", &a.PollingConfig) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ASCCheckRequirements. +func (a ASCCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindAzureSecurityCenter + populate(objectMap, "properties", a.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ASCCheckRequirements. +func (a *ASCCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &a.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ASCCheckRequirementsProperties. +func (a ASCCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "subscriptionId", a.SubscriptionID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ASCCheckRequirementsProperties. +func (a *ASCCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "subscriptionId": + err = unpopulate(val, "SubscriptionID", &a.SubscriptionID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type ASCDataConnector. func (a ASCDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -261,6 +509,41 @@ func (a *ASCDataConnectorProperties) UnmarshalJSON(data []byte) error { return nil } +// MarshalJSON implements the json.Marshaller interface for type AWSAuthModel. +func (a AWSAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "externalId", a.ExternalID) + populate(objectMap, "roleArn", a.RoleArn) + objectMap["type"] = CcpAuthTypeAWS + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AWSAuthModel. +func (a *AWSAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "externalId": + err = unpopulate(val, "ExternalID", &a.ExternalID) + delete(rawMsg, key) + case "roleArn": + err = unpopulate(val, "RoleArn", &a.RoleArn) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + // MarshalJSON implements the json.Marshaller interface for type AccountEntity. func (a AccountEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -574,18 +857,21 @@ func (a *ActionsList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AlertDetailsOverride. -func (a AlertDetailsOverride) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ActivityCustomEntityQuery. +func (a ActivityCustomEntityQuery) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertDescriptionFormat", a.AlertDescriptionFormat) - populate(objectMap, "alertDisplayNameFormat", a.AlertDisplayNameFormat) - populate(objectMap, "alertSeverityColumnName", a.AlertSeverityColumnName) - populate(objectMap, "alertTacticsColumnName", a.AlertTacticsColumnName) + populate(objectMap, "etag", a.Etag) + populate(objectMap, "id", a.ID) + objectMap["kind"] = CustomEntityQueryKindActivity + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "systemData", a.SystemData) + populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertDetailsOverride. -func (a *AlertDetailsOverride) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ActivityCustomEntityQuery. +func (a *ActivityCustomEntityQuery) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -593,40 +879,144 @@ func (a *AlertDetailsOverride) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "alertDescriptionFormat": - err = unpopulate(val, "AlertDescriptionFormat", &a.AlertDescriptionFormat) + case "etag": + err = unpopulate(val, "Etag", &a.Etag) delete(rawMsg, key) - case "alertDisplayNameFormat": - err = unpopulate(val, "AlertDisplayNameFormat", &a.AlertDisplayNameFormat) + case "id": + err = unpopulate(val, "ID", &a.ID) delete(rawMsg, key) - case "alertSeverityColumnName": - err = unpopulate(val, "AlertSeverityColumnName", &a.AlertSeverityColumnName) + case "kind": + err = unpopulate(val, "Kind", &a.Kind) delete(rawMsg, key) - case "alertTacticsColumnName": - err = unpopulate(val, "AlertTacticsColumnName", &a.AlertTacticsColumnName) + case "name": + err = unpopulate(val, "Name", &a.Name) delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", a, err) - } + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &a.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } } return nil } -// MarshalJSON implements the json.Marshaller interface for type AlertRule. -func (a AlertRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ActivityEntityQueriesProperties. +func (a ActivityEntityQueriesProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "content", a.Content) + populateDateTimeRFC3339(objectMap, "createdTimeUtc", a.CreatedTimeUTC) + populate(objectMap, "description", a.Description) + populate(objectMap, "enabled", a.Enabled) + populate(objectMap, "entitiesFilter", a.EntitiesFilter) + populate(objectMap, "inputEntityType", a.InputEntityType) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", a.LastModifiedTimeUTC) + populate(objectMap, "queryDefinitions", a.QueryDefinitions) + populate(objectMap, "requiredInputFieldsSets", a.RequiredInputFieldsSets) + populate(objectMap, "templateName", a.TemplateName) + populate(objectMap, "title", a.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ActivityEntityQueriesProperties. +func (a *ActivityEntityQueriesProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "content": + err = unpopulate(val, "Content", &a.Content) + delete(rawMsg, key) + case "createdTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &a.CreatedTimeUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &a.Description) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &a.Enabled) + delete(rawMsg, key) + case "entitiesFilter": + err = unpopulate(val, "EntitiesFilter", &a.EntitiesFilter) + delete(rawMsg, key) + case "inputEntityType": + err = unpopulate(val, "InputEntityType", &a.InputEntityType) + delete(rawMsg, key) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &a.LastModifiedTimeUTC) + delete(rawMsg, key) + case "queryDefinitions": + err = unpopulate(val, "QueryDefinitions", &a.QueryDefinitions) + delete(rawMsg, key) + case "requiredInputFieldsSets": + err = unpopulate(val, "RequiredInputFieldsSets", &a.RequiredInputFieldsSets) + delete(rawMsg, key) + case "templateName": + err = unpopulate(val, "TemplateName", &a.TemplateName) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &a.Title) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ActivityEntityQueriesPropertiesQueryDefinitions. +func (a ActivityEntityQueriesPropertiesQueryDefinitions) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "query", a.Query) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ActivityEntityQueriesPropertiesQueryDefinitions. +func (a *ActivityEntityQueriesPropertiesQueryDefinitions) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "query": + err = unpopulate(val, "Query", &a.Query) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ActivityEntityQuery. +func (a ActivityEntityQuery) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "etag", a.Etag) populate(objectMap, "id", a.ID) - objectMap["kind"] = a.Kind + objectMap["kind"] = EntityQueryKindActivity populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) populate(objectMap, "systemData", a.SystemData) populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRule. -func (a *AlertRule) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ActivityEntityQuery. +func (a *ActivityEntityQuery) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -646,6 +1036,9 @@ func (a *AlertRule) UnmarshalJSON(data []byte) error { case "name": err = unpopulate(val, "Name", &a.Name) delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) case "systemData": err = unpopulate(val, "SystemData", &a.SystemData) delete(rawMsg, key) @@ -660,19 +1053,20 @@ func (a *AlertRule) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AlertRuleTemplate. -func (a AlertRuleTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ActivityEntityQueryTemplate. +func (a ActivityEntityQueryTemplate) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "id", a.ID) - objectMap["kind"] = a.Kind + objectMap["kind"] = EntityQueryTemplateKindActivity populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) populate(objectMap, "systemData", a.SystemData) populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRuleTemplate. -func (a *AlertRuleTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ActivityEntityQueryTemplate. +func (a *ActivityEntityQueryTemplate) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -689,6 +1083,9 @@ func (a *AlertRuleTemplate) UnmarshalJSON(data []byte) error { case "name": err = unpopulate(val, "Name", &a.Name) delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) case "systemData": err = unpopulate(val, "SystemData", &a.SystemData) delete(rawMsg, key) @@ -703,16 +1100,22 @@ func (a *AlertRuleTemplate) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AlertRuleTemplateDataSource. -func (a AlertRuleTemplateDataSource) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ActivityEntityQueryTemplateProperties. +func (a ActivityEntityQueryTemplateProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "connectorId", a.ConnectorID) + populate(objectMap, "content", a.Content) populate(objectMap, "dataTypes", a.DataTypes) + populate(objectMap, "description", a.Description) + populate(objectMap, "entitiesFilter", a.EntitiesFilter) + populate(objectMap, "inputEntityType", a.InputEntityType) + populate(objectMap, "queryDefinitions", a.QueryDefinitions) + populate(objectMap, "requiredInputFieldsSets", a.RequiredInputFieldsSets) + populate(objectMap, "title", a.Title) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRuleTemplateDataSource. -func (a *AlertRuleTemplateDataSource) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ActivityEntityQueryTemplateProperties. +func (a *ActivityEntityQueryTemplateProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -720,12 +1123,30 @@ func (a *AlertRuleTemplateDataSource) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "connectorId": - err = unpopulate(val, "ConnectorID", &a.ConnectorID) + case "content": + err = unpopulate(val, "Content", &a.Content) delete(rawMsg, key) case "dataTypes": err = unpopulate(val, "DataTypes", &a.DataTypes) delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &a.Description) + delete(rawMsg, key) + case "entitiesFilter": + err = unpopulate(val, "EntitiesFilter", &a.EntitiesFilter) + delete(rawMsg, key) + case "inputEntityType": + err = unpopulate(val, "InputEntityType", &a.InputEntityType) + delete(rawMsg, key) + case "queryDefinitions": + err = unpopulate(val, "QueryDefinitions", &a.QueryDefinitions) + delete(rawMsg, key) + case "requiredInputFieldsSets": + err = unpopulate(val, "RequiredInputFieldsSets", &a.RequiredInputFieldsSets) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &a.Title) + delete(rawMsg, key) } if err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -734,16 +1155,16 @@ func (a *AlertRuleTemplateDataSource) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AlertRuleTemplatesList. -func (a AlertRuleTemplatesList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ActivityEntityQueryTemplatePropertiesQueryDefinitions. +func (a ActivityEntityQueryTemplatePropertiesQueryDefinitions) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", a.NextLink) - populate(objectMap, "value", a.Value) + populate(objectMap, "query", a.Query) + populate(objectMap, "summarizeBy", a.SummarizeBy) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRuleTemplatesList. -func (a *AlertRuleTemplatesList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ActivityEntityQueryTemplatePropertiesQueryDefinitions. +func (a *ActivityEntityQueryTemplatePropertiesQueryDefinitions) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -751,11 +1172,11 @@ func (a *AlertRuleTemplatesList) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &a.NextLink) + case "query": + err = unpopulate(val, "Query", &a.Query) delete(rawMsg, key) - case "value": - a.Value, err = unmarshalAlertRuleTemplateClassificationArray(val) + case "summarizeBy": + err = unpopulate(val, "SummarizeBy", &a.SummarizeBy) delete(rawMsg, key) } if err != nil { @@ -765,16 +1186,22 @@ func (a *AlertRuleTemplatesList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AlertRulesList. -func (a AlertRulesList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ActivityTimelineItem. +func (a ActivityTimelineItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", a.NextLink) - populate(objectMap, "value", a.Value) + populateDateTimeRFC3339(objectMap, "bucketEndTimeUTC", a.BucketEndTimeUTC) + populateDateTimeRFC3339(objectMap, "bucketStartTimeUTC", a.BucketStartTimeUTC) + populate(objectMap, "content", a.Content) + populateDateTimeRFC3339(objectMap, "firstActivityTimeUTC", a.FirstActivityTimeUTC) + objectMap["kind"] = EntityTimelineKindActivity + populateDateTimeRFC3339(objectMap, "lastActivityTimeUTC", a.LastActivityTimeUTC) + populate(objectMap, "queryId", a.QueryID) + populate(objectMap, "title", a.Title) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRulesList. -func (a *AlertRulesList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ActivityTimelineItem. +func (a *ActivityTimelineItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -782,11 +1209,29 @@ func (a *AlertRulesList) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &a.NextLink) + case "bucketEndTimeUTC": + err = unpopulateDateTimeRFC3339(val, "BucketEndTimeUTC", &a.BucketEndTimeUTC) delete(rawMsg, key) - case "value": - a.Value, err = unmarshalAlertRuleClassificationArray(val) + case "bucketStartTimeUTC": + err = unpopulateDateTimeRFC3339(val, "BucketStartTimeUTC", &a.BucketStartTimeUTC) + delete(rawMsg, key) + case "content": + err = unpopulate(val, "Content", &a.Content) + delete(rawMsg, key) + case "firstActivityTimeUTC": + err = unpopulateDateTimeRFC3339(val, "FirstActivityTimeUTC", &a.FirstActivityTimeUTC) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &a.Kind) + delete(rawMsg, key) + case "lastActivityTimeUTC": + err = unpopulateDateTimeRFC3339(val, "LastActivityTimeUTC", &a.LastActivityTimeUTC) + delete(rawMsg, key) + case "queryId": + err = unpopulate(val, "QueryID", &a.QueryID) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &a.Title) delete(rawMsg, key) } if err != nil { @@ -796,15 +1241,16 @@ func (a *AlertRulesList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AlertsDataTypeOfDataConnector. -func (a AlertsDataTypeOfDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AddIncidentTaskActionProperties. +func (a AddIncidentTaskActionProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alerts", a.Alerts) + populate(objectMap, "description", a.Description) + populate(objectMap, "title", a.Title) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertsDataTypeOfDataConnector. -func (a *AlertsDataTypeOfDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AddIncidentTaskActionProperties. +func (a *AddIncidentTaskActionProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -812,8 +1258,11 @@ func (a *AlertsDataTypeOfDataConnector) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "alerts": - err = unpopulate(val, "Alerts", &a.Alerts) + case "description": + err = unpopulate(val, "Description", &a.Description) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &a.Title) delete(rawMsg, key) } if err != nil { @@ -823,20 +1272,19 @@ func (a *AlertsDataTypeOfDataConnector) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AutomationRule. -func (a AutomationRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AlertDetailsOverride. +func (a AlertDetailsOverride) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", a.Etag) - populate(objectMap, "id", a.ID) - populate(objectMap, "name", a.Name) - populate(objectMap, "properties", a.Properties) - populate(objectMap, "systemData", a.SystemData) - populate(objectMap, "type", a.Type) + populate(objectMap, "alertDescriptionFormat", a.AlertDescriptionFormat) + populate(objectMap, "alertDisplayNameFormat", a.AlertDisplayNameFormat) + populate(objectMap, "alertDynamicProperties", a.AlertDynamicProperties) + populate(objectMap, "alertSeverityColumnName", a.AlertSeverityColumnName) + populate(objectMap, "alertTacticsColumnName", a.AlertTacticsColumnName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRule. -func (a *AutomationRule) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertDetailsOverride. +func (a *AlertDetailsOverride) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -844,23 +1292,20 @@ func (a *AutomationRule) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &a.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &a.ID) + case "alertDescriptionFormat": + err = unpopulate(val, "AlertDescriptionFormat", &a.AlertDescriptionFormat) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &a.Name) + case "alertDisplayNameFormat": + err = unpopulate(val, "AlertDisplayNameFormat", &a.AlertDisplayNameFormat) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &a.Properties) + case "alertDynamicProperties": + err = unpopulate(val, "AlertDynamicProperties", &a.AlertDynamicProperties) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &a.SystemData) + case "alertSeverityColumnName": + err = unpopulate(val, "AlertSeverityColumnName", &a.AlertSeverityColumnName) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &a.Type) + case "alertTacticsColumnName": + err = unpopulate(val, "AlertTacticsColumnName", &a.AlertTacticsColumnName) delete(rawMsg, key) } if err != nil { @@ -870,16 +1315,16 @@ func (a *AutomationRule) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AutomationRuleAction. -func (a AutomationRuleAction) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AlertPropertyMapping. +func (a AlertPropertyMapping) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["actionType"] = a.ActionType - populate(objectMap, "order", a.Order) + populate(objectMap, "alertProperty", a.AlertProperty) + populate(objectMap, "value", a.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleAction. -func (a *AutomationRuleAction) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertPropertyMapping. +func (a *AlertPropertyMapping) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -887,11 +1332,11 @@ func (a *AutomationRuleAction) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "actionType": - err = unpopulate(val, "ActionType", &a.ActionType) + case "alertProperty": + err = unpopulate(val, "AlertProperty", &a.AlertProperty) delete(rawMsg, key) - case "order": - err = unpopulate(val, "Order", &a.Order) + case "value": + err = unpopulate(val, "Value", &a.Value) delete(rawMsg, key) } if err != nil { @@ -901,15 +1346,20 @@ func (a *AutomationRuleAction) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AutomationRuleCondition. -func (a AutomationRuleCondition) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AlertRule. +func (a AlertRule) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - objectMap["conditionType"] = a.ConditionType + populate(objectMap, "etag", a.Etag) + populate(objectMap, "id", a.ID) + objectMap["kind"] = a.Kind + populate(objectMap, "name", a.Name) + populate(objectMap, "systemData", a.SystemData) + populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleCondition. -func (a *AutomationRuleCondition) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRule. +func (a *AlertRule) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -917,8 +1367,23 @@ func (a *AutomationRuleCondition) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "conditionType": - err = unpopulate(val, "ConditionType", &a.ConditionType) + case "etag": + err = unpopulate(val, "Etag", &a.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &a.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &a.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) delete(rawMsg, key) } if err != nil { @@ -928,17 +1393,19 @@ func (a *AutomationRuleCondition) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AutomationRuleModifyPropertiesAction. -func (a AutomationRuleModifyPropertiesAction) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AlertRuleTemplate. +func (a AlertRuleTemplate) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "actionConfiguration", a.ActionConfiguration) - objectMap["actionType"] = ActionTypeModifyProperties - populate(objectMap, "order", a.Order) + populate(objectMap, "id", a.ID) + objectMap["kind"] = a.Kind + populate(objectMap, "name", a.Name) + populate(objectMap, "systemData", a.SystemData) + populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleModifyPropertiesAction. -func (a *AutomationRuleModifyPropertiesAction) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRuleTemplate. +func (a *AlertRuleTemplate) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -946,14 +1413,20 @@ func (a *AutomationRuleModifyPropertiesAction) UnmarshalJSON(data []byte) error for key, val := range rawMsg { var err error switch key { - case "actionConfiguration": - err = unpopulate(val, "ActionConfiguration", &a.ActionConfiguration) + case "id": + err = unpopulate(val, "ID", &a.ID) delete(rawMsg, key) - case "actionType": - err = unpopulate(val, "ActionType", &a.ActionType) + case "kind": + err = unpopulate(val, "Kind", &a.Kind) delete(rawMsg, key) - case "order": - err = unpopulate(val, "Order", &a.Order) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &a.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) delete(rawMsg, key) } if err != nil { @@ -963,22 +1436,16 @@ func (a *AutomationRuleModifyPropertiesAction) UnmarshalJSON(data []byte) error return nil } -// MarshalJSON implements the json.Marshaller interface for type AutomationRuleProperties. -func (a AutomationRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AlertRuleTemplateDataSource. +func (a AlertRuleTemplateDataSource) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "actions", a.Actions) - populate(objectMap, "createdBy", a.CreatedBy) - populateDateTimeRFC3339(objectMap, "createdTimeUtc", a.CreatedTimeUTC) - populate(objectMap, "displayName", a.DisplayName) - populate(objectMap, "lastModifiedBy", a.LastModifiedBy) - populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", a.LastModifiedTimeUTC) - populate(objectMap, "order", a.Order) - populate(objectMap, "triggeringLogic", a.TriggeringLogic) + populate(objectMap, "connectorId", a.ConnectorID) + populate(objectMap, "dataTypes", a.DataTypes) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleProperties. -func (a *AutomationRuleProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRuleTemplateDataSource. +func (a *AlertRuleTemplateDataSource) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -986,29 +1453,11 @@ func (a *AutomationRuleProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "actions": - a.Actions, err = unmarshalAutomationRuleActionClassificationArray(val) - delete(rawMsg, key) - case "createdBy": - err = unpopulate(val, "CreatedBy", &a.CreatedBy) - delete(rawMsg, key) - case "createdTimeUtc": - err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &a.CreatedTimeUTC) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &a.DisplayName) - delete(rawMsg, key) - case "lastModifiedBy": - err = unpopulate(val, "LastModifiedBy", &a.LastModifiedBy) - delete(rawMsg, key) - case "lastModifiedTimeUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &a.LastModifiedTimeUTC) - delete(rawMsg, key) - case "order": - err = unpopulate(val, "Order", &a.Order) + case "connectorId": + err = unpopulate(val, "ConnectorID", &a.ConnectorID) delete(rawMsg, key) - case "triggeringLogic": - err = unpopulate(val, "TriggeringLogic", &a.TriggeringLogic) + case "dataTypes": + err = unpopulate(val, "DataTypes", &a.DataTypes) delete(rawMsg, key) } if err != nil { @@ -1018,17 +1467,16 @@ func (a *AutomationRuleProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AutomationRulePropertyValuesCondition. -func (a AutomationRulePropertyValuesCondition) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AlertRuleTemplatesList. +func (a AlertRuleTemplatesList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "operator", a.Operator) - populate(objectMap, "propertyName", a.PropertyName) - populate(objectMap, "propertyValues", a.PropertyValues) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRulePropertyValuesCondition. -func (a *AutomationRulePropertyValuesCondition) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRuleTemplatesList. +func (a *AlertRuleTemplatesList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -1036,14 +1484,11 @@ func (a *AutomationRulePropertyValuesCondition) UnmarshalJSON(data []byte) error for key, val := range rawMsg { var err error switch key { - case "operator": - err = unpopulate(val, "Operator", &a.Operator) - delete(rawMsg, key) - case "propertyName": - err = unpopulate(val, "PropertyName", &a.PropertyName) + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) delete(rawMsg, key) - case "propertyValues": - err = unpopulate(val, "PropertyValues", &a.PropertyValues) + case "value": + a.Value, err = unmarshalAlertRuleTemplateClassificationArray(val) delete(rawMsg, key) } if err != nil { @@ -1053,17 +1498,16 @@ func (a *AutomationRulePropertyValuesCondition) UnmarshalJSON(data []byte) error return nil } -// MarshalJSON implements the json.Marshaller interface for type AutomationRuleRunPlaybookAction. -func (a AutomationRuleRunPlaybookAction) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AlertRulesList. +func (a AlertRulesList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "actionConfiguration", a.ActionConfiguration) - objectMap["actionType"] = ActionTypeRunPlaybook - populate(objectMap, "order", a.Order) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleRunPlaybookAction. -func (a *AutomationRuleRunPlaybookAction) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRulesList. +func (a *AlertRulesList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -1071,14 +1515,11 @@ func (a *AutomationRuleRunPlaybookAction) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "actionConfiguration": - err = unpopulate(val, "ActionConfiguration", &a.ActionConfiguration) - delete(rawMsg, key) - case "actionType": - err = unpopulate(val, "ActionType", &a.ActionType) + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) delete(rawMsg, key) - case "order": - err = unpopulate(val, "Order", &a.Order) + case "value": + a.Value, err = unmarshalAlertRuleClassificationArray(val) delete(rawMsg, key) } if err != nil { @@ -1088,19 +1529,15 @@ func (a *AutomationRuleRunPlaybookAction) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AutomationRuleTriggeringLogic. -func (a AutomationRuleTriggeringLogic) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AlertsDataTypeOfDataConnector. +func (a AlertsDataTypeOfDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "conditions", a.Conditions) - populateDateTimeRFC3339(objectMap, "expirationTimeUtc", a.ExpirationTimeUTC) - populate(objectMap, "isEnabled", a.IsEnabled) - populate(objectMap, "triggersOn", a.TriggersOn) - populate(objectMap, "triggersWhen", a.TriggersWhen) + populate(objectMap, "alerts", a.Alerts) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleTriggeringLogic. -func (a *AutomationRuleTriggeringLogic) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertsDataTypeOfDataConnector. +func (a *AlertsDataTypeOfDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -1108,20 +1545,8 @@ func (a *AutomationRuleTriggeringLogic) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "conditions": - a.Conditions, err = unmarshalAutomationRuleConditionClassificationArray(val) - delete(rawMsg, key) - case "expirationTimeUtc": - err = unpopulateDateTimeRFC3339(val, "ExpirationTimeUTC", &a.ExpirationTimeUTC) - delete(rawMsg, key) - case "isEnabled": - err = unpopulate(val, "IsEnabled", &a.IsEnabled) - delete(rawMsg, key) - case "triggersOn": - err = unpopulate(val, "TriggersOn", &a.TriggersOn) - delete(rawMsg, key) - case "triggersWhen": - err = unpopulate(val, "TriggersWhen", &a.TriggersWhen) + case "alerts": + err = unpopulate(val, "Alerts", &a.Alerts) delete(rawMsg, key) } if err != nil { @@ -1131,16 +1556,15 @@ func (a *AutomationRuleTriggeringLogic) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AutomationRulesList. -func (a AutomationRulesList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AnalyticsRuleRunTrigger. +func (a AnalyticsRuleRunTrigger) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", a.NextLink) - populate(objectMap, "value", a.Value) + populate(objectMap, "properties", a.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRulesList. -func (a *AutomationRulesList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AnalyticsRuleRunTrigger. +func (a *AnalyticsRuleRunTrigger) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -1148,11 +1572,35 @@ func (a *AutomationRulesList) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &a.NextLink) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &a.Value) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AnalyticsRuleRunTriggerProperties. +func (a AnalyticsRuleRunTriggerProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "executionTimeUtc", a.ExecutionTimeUTC) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AnalyticsRuleRunTriggerProperties. +func (a *AnalyticsRuleRunTriggerProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "executionTimeUtc": + err = unpopulateDateTimeRFC3339(val, "ExecutionTimeUTC", &a.ExecutionTimeUTC) delete(rawMsg, key) } if err != nil { @@ -1162,12 +1610,12 @@ func (a *AutomationRulesList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AwsCloudTrailDataConnector. -func (a AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Anomalies. +func (a Anomalies) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "etag", a.Etag) populate(objectMap, "id", a.ID) - objectMap["kind"] = DataConnectorKindAmazonWebServicesCloudTrail + objectMap["kind"] = SettingKindAnomalies populate(objectMap, "name", a.Name) populate(objectMap, "properties", a.Properties) populate(objectMap, "systemData", a.SystemData) @@ -1175,8 +1623,8 @@ func (a AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AwsCloudTrailDataConnector. -func (a *AwsCloudTrailDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Anomalies. +func (a *Anomalies) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -1213,70 +1661,15 @@ func (a *AwsCloudTrailDataConnector) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AwsCloudTrailDataConnectorDataTypes. -func (a AwsCloudTrailDataConnectorDataTypes) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "logs", a.Logs) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type AwsCloudTrailDataConnectorDataTypes. -func (a *AwsCloudTrailDataConnectorDataTypes) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", a, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "logs": - err = unpopulate(val, "Logs", &a.Logs) - delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", a, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type AwsCloudTrailDataConnectorDataTypesLogs. -func (a AwsCloudTrailDataConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "state", a.State) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type AwsCloudTrailDataConnectorDataTypesLogs. -func (a *AwsCloudTrailDataConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", a, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "state": - err = unpopulate(val, "State", &a.State) - delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", a, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type AwsCloudTrailDataConnectorProperties. -func (a AwsCloudTrailDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AnomaliesSettingsProperties. +func (a AnomaliesSettingsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "awsRoleArn", a.AwsRoleArn) - populate(objectMap, "dataTypes", a.DataTypes) + populate(objectMap, "isEnabled", a.IsEnabled) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AwsCloudTrailDataConnectorProperties. -func (a *AwsCloudTrailDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AnomaliesSettingsProperties. +func (a *AnomaliesSettingsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -1284,11 +1677,8 @@ func (a *AwsCloudTrailDataConnectorProperties) UnmarshalJSON(data []byte) error for key, val := range rawMsg { var err error switch key { - case "awsRoleArn": - err = unpopulate(val, "AwsRoleArn", &a.AwsRoleArn) - delete(rawMsg, key) - case "dataTypes": - err = unpopulate(val, "DataTypes", &a.DataTypes) + case "isEnabled": + err = unpopulate(val, "IsEnabled", &a.IsEnabled) delete(rawMsg, key) } if err != nil { @@ -1298,11 +1688,12 @@ func (a *AwsCloudTrailDataConnectorProperties) UnmarshalJSON(data []byte) error return nil } -// MarshalJSON implements the json.Marshaller interface for type AzureResourceEntity. -func (a AzureResourceEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AnomalySecurityMLAnalyticsSettings. +func (a AnomalySecurityMLAnalyticsSettings) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) + populate(objectMap, "etag", a.Etag) populate(objectMap, "id", a.ID) - objectMap["kind"] = EntityKindEnumAzureResource + objectMap["kind"] = SecurityMLAnalyticsSettingsKindAnomaly populate(objectMap, "name", a.Name) populate(objectMap, "properties", a.Properties) populate(objectMap, "systemData", a.SystemData) @@ -1310,8 +1701,8 @@ func (a AzureResourceEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AzureResourceEntity. -func (a *AzureResourceEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AnomalySecurityMLAnalyticsSettings. +func (a *AnomalySecurityMLAnalyticsSettings) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -1319,6 +1710,9 @@ func (a *AzureResourceEntity) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { + case "etag": + err = unpopulate(val, "Etag", &a.Etag) + delete(rawMsg, key) case "id": err = unpopulate(val, "ID", &a.ID) delete(rawMsg, key) @@ -1345,18 +1739,28 @@ func (a *AzureResourceEntity) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type AzureResourceEntityProperties. -func (a AzureResourceEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AnomalySecurityMLAnalyticsSettingsProperties. +func (a AnomalySecurityMLAnalyticsSettingsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", a.AdditionalData) - populate(objectMap, "friendlyName", a.FriendlyName) - populate(objectMap, "resourceId", a.ResourceID) - populate(objectMap, "subscriptionId", a.SubscriptionID) + populate(objectMap, "anomalySettingsVersion", a.AnomalySettingsVersion) + populate(objectMap, "anomalyVersion", a.AnomalyVersion) + populateAny(objectMap, "customizableObservations", a.CustomizableObservations) + populate(objectMap, "description", a.Description) + populate(objectMap, "displayName", a.DisplayName) + populate(objectMap, "enabled", a.Enabled) + populate(objectMap, "frequency", a.Frequency) + populate(objectMap, "isDefaultSettings", a.IsDefaultSettings) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", a.LastModifiedUTC) + populate(objectMap, "requiredDataConnectors", a.RequiredDataConnectors) + populate(objectMap, "settingsDefinitionId", a.SettingsDefinitionID) + populate(objectMap, "settingsStatus", a.SettingsStatus) + populate(objectMap, "tactics", a.Tactics) + populate(objectMap, "techniques", a.Techniques) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type AzureResourceEntityProperties. -func (a *AzureResourceEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AnomalySecurityMLAnalyticsSettingsProperties. +func (a *AnomalySecurityMLAnalyticsSettingsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", a, err) @@ -1364,17 +1768,47 @@ func (a *AzureResourceEntityProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &a.AdditionalData) + case "anomalySettingsVersion": + err = unpopulate(val, "AnomalySettingsVersion", &a.AnomalySettingsVersion) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &a.FriendlyName) + case "anomalyVersion": + err = unpopulate(val, "AnomalyVersion", &a.AnomalyVersion) delete(rawMsg, key) - case "resourceId": - err = unpopulate(val, "ResourceID", &a.ResourceID) + case "customizableObservations": + err = unpopulate(val, "CustomizableObservations", &a.CustomizableObservations) delete(rawMsg, key) - case "subscriptionId": - err = unpopulate(val, "SubscriptionID", &a.SubscriptionID) + case "description": + err = unpopulate(val, "Description", &a.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &a.Enabled) + delete(rawMsg, key) + case "frequency": + err = unpopulate(val, "Frequency", &a.Frequency) + delete(rawMsg, key) + case "isDefaultSettings": + err = unpopulate(val, "IsDefaultSettings", &a.IsDefaultSettings) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &a.LastModifiedUTC) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &a.RequiredDataConnectors) + delete(rawMsg, key) + case "settingsDefinitionId": + err = unpopulate(val, "SettingsDefinitionID", &a.SettingsDefinitionID) + delete(rawMsg, key) + case "settingsStatus": + err = unpopulate(val, "SettingsStatus", &a.SettingsStatus) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &a.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &a.Techniques) delete(rawMsg, key) } if err != nil { @@ -1384,4843 +1818,19015 @@ func (a *AzureResourceEntityProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type Bookmark. -func (b Bookmark) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AnomalyTimelineItem. +func (a AnomalyTimelineItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", b.Etag) - populate(objectMap, "id", b.ID) - populate(objectMap, "name", b.Name) - populate(objectMap, "properties", b.Properties) - populate(objectMap, "systemData", b.SystemData) - populate(objectMap, "type", b.Type) + populate(objectMap, "azureResourceId", a.AzureResourceID) + populate(objectMap, "description", a.Description) + populate(objectMap, "displayName", a.DisplayName) + populateDateTimeRFC3339(objectMap, "endTimeUtc", a.EndTimeUTC) + populate(objectMap, "intent", a.Intent) + objectMap["kind"] = EntityTimelineKindAnomaly + populate(objectMap, "productName", a.ProductName) + populate(objectMap, "reasons", a.Reasons) + populateDateTimeRFC3339(objectMap, "startTimeUtc", a.StartTimeUTC) + populate(objectMap, "techniques", a.Techniques) + populateDateTimeRFC3339(objectMap, "timeGenerated", a.TimeGenerated) + populate(objectMap, "vendor", a.Vendor) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Bookmark. -func (b *Bookmark) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AnomalyTimelineItem. +func (a *AnomalyTimelineItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", b, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &b.Etag) + case "azureResourceId": + err = unpopulate(val, "AzureResourceID", &a.AzureResourceID) delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &b.ID) + case "description": + err = unpopulate(val, "Description", &a.Description) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &b.Name) + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &b.Properties) + case "endTimeUtc": + err = unpopulateDateTimeRFC3339(val, "EndTimeUTC", &a.EndTimeUTC) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &b.SystemData) + case "intent": + err = unpopulate(val, "Intent", &a.Intent) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &b.Type) + case "kind": + err = unpopulate(val, "Kind", &a.Kind) + delete(rawMsg, key) + case "productName": + err = unpopulate(val, "ProductName", &a.ProductName) + delete(rawMsg, key) + case "reasons": + err = unpopulate(val, "Reasons", &a.Reasons) + delete(rawMsg, key) + case "startTimeUtc": + err = unpopulateDateTimeRFC3339(val, "StartTimeUTC", &a.StartTimeUTC) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &a.Techniques) + delete(rawMsg, key) + case "timeGenerated": + err = unpopulateDateTimeRFC3339(val, "TimeGenerated", &a.TimeGenerated) + delete(rawMsg, key) + case "vendor": + err = unpopulate(val, "Vendor", &a.Vendor) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", b, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type BookmarkList. -func (b BookmarkList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AssignmentItem. +func (a AssignmentItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", b.NextLink) - populate(objectMap, "value", b.Value) + populate(objectMap, "resourceId", a.ResourceID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type BookmarkList. -func (b *BookmarkList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AssignmentItem. +func (a *AssignmentItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", b, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &b.NextLink) - delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &b.Value) + case "resourceId": + err = unpopulate(val, "ResourceID", &a.ResourceID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", b, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type BookmarkProperties. -func (b BookmarkProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AttackPattern. +func (a AttackPattern) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateDateTimeRFC3339(objectMap, "created", b.Created) - populate(objectMap, "createdBy", b.CreatedBy) - populate(objectMap, "displayName", b.DisplayName) - populateDateTimeRFC3339(objectMap, "eventTime", b.EventTime) - populate(objectMap, "incidentInfo", b.IncidentInfo) - populate(objectMap, "labels", b.Labels) - populate(objectMap, "notes", b.Notes) - populate(objectMap, "query", b.Query) - populateDateTimeRFC3339(objectMap, "queryEndTime", b.QueryEndTime) - populate(objectMap, "queryResult", b.QueryResult) - populateDateTimeRFC3339(objectMap, "queryStartTime", b.QueryStartTime) - populateDateTimeRFC3339(objectMap, "updated", b.Updated) - populate(objectMap, "updatedBy", b.UpdatedBy) + populate(objectMap, "id", a.ID) + objectMap["kind"] = TIObjectKindAttackPattern + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "systemData", a.SystemData) + populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type BookmarkProperties. -func (b *BookmarkProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AttackPattern. +func (a *AttackPattern) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", b, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "created": - err = unpopulateDateTimeRFC3339(val, "Created", &b.Created) - delete(rawMsg, key) - case "createdBy": - err = unpopulate(val, "CreatedBy", &b.CreatedBy) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &b.DisplayName) - delete(rawMsg, key) - case "eventTime": - err = unpopulateDateTimeRFC3339(val, "EventTime", &b.EventTime) - delete(rawMsg, key) - case "incidentInfo": - err = unpopulate(val, "IncidentInfo", &b.IncidentInfo) - delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &b.Labels) - delete(rawMsg, key) - case "notes": - err = unpopulate(val, "Notes", &b.Notes) - delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &b.Query) + case "id": + err = unpopulate(val, "ID", &a.ID) delete(rawMsg, key) - case "queryEndTime": - err = unpopulateDateTimeRFC3339(val, "QueryEndTime", &b.QueryEndTime) + case "kind": + err = unpopulate(val, "Kind", &a.Kind) delete(rawMsg, key) - case "queryResult": - err = unpopulate(val, "QueryResult", &b.QueryResult) + case "name": + err = unpopulate(val, "Name", &a.Name) delete(rawMsg, key) - case "queryStartTime": - err = unpopulateDateTimeRFC3339(val, "QueryStartTime", &b.QueryStartTime) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) delete(rawMsg, key) - case "updated": - err = unpopulateDateTimeRFC3339(val, "Updated", &b.Updated) + case "systemData": + err = unpopulate(val, "SystemData", &a.SystemData) delete(rawMsg, key) - case "updatedBy": - err = unpopulate(val, "UpdatedBy", &b.UpdatedBy) + case "type": + err = unpopulate(val, "Type", &a.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", b, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ClientInfo. -func (c ClientInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRule. +func (a AutomationRule) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "email", c.Email) - populate(objectMap, "name", c.Name) - populate(objectMap, "objectId", c.ObjectID) - populate(objectMap, "userPrincipalName", c.UserPrincipalName) + populate(objectMap, "etag", a.Etag) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "systemData", a.SystemData) + populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ClientInfo. -func (c *ClientInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRule. +func (a *AutomationRule) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "email": - err = unpopulate(val, "Email", &c.Email) + case "etag": + err = unpopulate(val, "Etag", &a.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &a.ID) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &c.Name) + err = unpopulate(val, "Name", &a.Name) delete(rawMsg, key) - case "objectId": - err = unpopulate(val, "ObjectID", &c.ObjectID) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) delete(rawMsg, key) - case "userPrincipalName": - err = unpopulate(val, "UserPrincipalName", &c.UserPrincipalName) + case "systemData": + err = unpopulate(val, "SystemData", &a.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type CloudApplicationEntity. -func (c CloudApplicationEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRuleAction. +func (a AutomationRuleAction) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", c.ID) - objectMap["kind"] = EntityKindEnumCloudApplication - populate(objectMap, "name", c.Name) - populate(objectMap, "properties", c.Properties) - populate(objectMap, "systemData", c.SystemData) - populate(objectMap, "type", c.Type) + objectMap["actionType"] = a.ActionType + populate(objectMap, "order", a.Order) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type CloudApplicationEntity. -func (c *CloudApplicationEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleAction. +func (a *AutomationRuleAction) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &c.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &c.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &c.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &c.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &c.SystemData) + case "actionType": + err = unpopulate(val, "ActionType", &a.ActionType) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &c.Type) + case "order": + err = unpopulate(val, "Order", &a.Order) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type CloudApplicationEntityProperties. -func (c CloudApplicationEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRuleAddIncidentTaskAction. +func (a AutomationRuleAddIncidentTaskAction) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", c.AdditionalData) - populate(objectMap, "appId", c.AppID) - populate(objectMap, "appName", c.AppName) - populate(objectMap, "friendlyName", c.FriendlyName) - populate(objectMap, "instanceName", c.InstanceName) + populate(objectMap, "actionConfiguration", a.ActionConfiguration) + objectMap["actionType"] = ActionTypeAddIncidentTask + populate(objectMap, "order", a.Order) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type CloudApplicationEntityProperties. -func (c *CloudApplicationEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleAddIncidentTaskAction. +func (a *AutomationRuleAddIncidentTaskAction) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &c.AdditionalData) + case "actionConfiguration": + err = unpopulate(val, "ActionConfiguration", &a.ActionConfiguration) delete(rawMsg, key) - case "appId": - err = unpopulate(val, "AppID", &c.AppID) - delete(rawMsg, key) - case "appName": - err = unpopulate(val, "AppName", &c.AppName) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &c.FriendlyName) + case "actionType": + err = unpopulate(val, "ActionType", &a.ActionType) delete(rawMsg, key) - case "instanceName": - err = unpopulate(val, "InstanceName", &c.InstanceName) + case "order": + err = unpopulate(val, "Order", &a.Order) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DNSEntity. -func (d DNSEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRuleBooleanCondition. +func (a AutomationRuleBooleanCondition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", d.ID) - objectMap["kind"] = EntityKindEnumDNSResolution - populate(objectMap, "name", d.Name) - populate(objectMap, "properties", d.Properties) - populate(objectMap, "systemData", d.SystemData) - populate(objectMap, "type", d.Type) + populate(objectMap, "innerConditions", a.InnerConditions) + populate(objectMap, "operator", a.Operator) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DNSEntity. -func (d *DNSEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleBooleanCondition. +func (a *AutomationRuleBooleanCondition) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &d.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &d.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &d.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &d.Properties) + case "innerConditions": + a.InnerConditions, err = unmarshalAutomationRuleConditionClassificationArray(val) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &d.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &d.Type) + case "operator": + err = unpopulate(val, "Operator", &a.Operator) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DNSEntityProperties. -func (d DNSEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRuleCondition. +func (a AutomationRuleCondition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", d.AdditionalData) - populate(objectMap, "dnsServerIpEntityId", d.DNSServerIPEntityID) - populate(objectMap, "domainName", d.DomainName) - populate(objectMap, "friendlyName", d.FriendlyName) - populate(objectMap, "hostIpAddressEntityId", d.HostIPAddressEntityID) - populate(objectMap, "ipAddressEntityIds", d.IPAddressEntityIDs) + objectMap["conditionType"] = a.ConditionType return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DNSEntityProperties. -func (d *DNSEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleCondition. +func (a *AutomationRuleCondition) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &d.AdditionalData) - delete(rawMsg, key) - case "dnsServerIpEntityId": - err = unpopulate(val, "DNSServerIPEntityID", &d.DNSServerIPEntityID) - delete(rawMsg, key) - case "domainName": - err = unpopulate(val, "DomainName", &d.DomainName) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &d.FriendlyName) - delete(rawMsg, key) - case "hostIpAddressEntityId": - err = unpopulate(val, "HostIPAddressEntityID", &d.HostIPAddressEntityID) - delete(rawMsg, key) - case "ipAddressEntityIds": - err = unpopulate(val, "IPAddressEntityIDs", &d.IPAddressEntityIDs) + case "conditionType": + err = unpopulate(val, "ConditionType", &a.ConditionType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DataConnector. -func (d DataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRuleModifyPropertiesAction. +func (a AutomationRuleModifyPropertiesAction) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", d.Etag) - populate(objectMap, "id", d.ID) - objectMap["kind"] = d.Kind - populate(objectMap, "name", d.Name) - populate(objectMap, "systemData", d.SystemData) - populate(objectMap, "type", d.Type) + populate(objectMap, "actionConfiguration", a.ActionConfiguration) + objectMap["actionType"] = ActionTypeModifyProperties + populate(objectMap, "order", a.Order) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnector. -func (d *DataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleModifyPropertiesAction. +func (a *AutomationRuleModifyPropertiesAction) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &d.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &d.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &d.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &d.Name) + case "actionConfiguration": + err = unpopulate(val, "ActionConfiguration", &a.ActionConfiguration) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &d.SystemData) + case "actionType": + err = unpopulate(val, "ActionType", &a.ActionType) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &d.Type) + case "order": + err = unpopulate(val, "Order", &a.Order) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DataConnectorDataTypeCommon. -func (d DataConnectorDataTypeCommon) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRuleProperties. +func (a AutomationRuleProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", d.State) + populate(objectMap, "actions", a.Actions) + populate(objectMap, "createdBy", a.CreatedBy) + populateDateTimeRFC3339(objectMap, "createdTimeUtc", a.CreatedTimeUTC) + populate(objectMap, "displayName", a.DisplayName) + populate(objectMap, "lastModifiedBy", a.LastModifiedBy) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", a.LastModifiedTimeUTC) + populate(objectMap, "order", a.Order) + populate(objectMap, "triggeringLogic", a.TriggeringLogic) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDataTypeCommon. -func (d *DataConnectorDataTypeCommon) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleProperties. +func (a *AutomationRuleProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &d.State) + case "actions": + a.Actions, err = unmarshalAutomationRuleActionClassificationArray(val) + delete(rawMsg, key) + case "createdBy": + err = unpopulate(val, "CreatedBy", &a.CreatedBy) + delete(rawMsg, key) + case "createdTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &a.CreatedTimeUTC) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "lastModifiedBy": + err = unpopulate(val, "LastModifiedBy", &a.LastModifiedBy) + delete(rawMsg, key) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &a.LastModifiedTimeUTC) + delete(rawMsg, key) + case "order": + err = unpopulate(val, "Order", &a.Order) + delete(rawMsg, key) + case "triggeringLogic": + err = unpopulate(val, "TriggeringLogic", &a.TriggeringLogic) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type DataConnectorList. -func (d DataConnectorList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRulePropertyArrayChangedValuesCondition. +func (a AutomationRulePropertyArrayChangedValuesCondition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", d.NextLink) - populate(objectMap, "value", d.Value) + populate(objectMap, "arrayType", a.ArrayType) + populate(objectMap, "changeType", a.ChangeType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorList. -func (d *DataConnectorList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRulePropertyArrayChangedValuesCondition. +func (a *AutomationRulePropertyArrayChangedValuesCondition) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &d.NextLink) + case "arrayType": + err = unpopulate(val, "ArrayType", &a.ArrayType) delete(rawMsg, key) - case "value": - d.Value, err = unmarshalDataConnectorClassificationArray(val) + case "changeType": + err = unpopulate(val, "ChangeType", &a.ChangeType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", d, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Entity. -func (e Entity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRulePropertyArrayValuesCondition. +func (a AutomationRulePropertyArrayValuesCondition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", e.ID) - objectMap["kind"] = e.Kind - populate(objectMap, "name", e.Name) - populate(objectMap, "systemData", e.SystemData) - populate(objectMap, "type", e.Type) + populate(objectMap, "arrayConditionType", a.ArrayConditionType) + populate(objectMap, "arrayType", a.ArrayType) + populate(objectMap, "itemConditions", a.ItemConditions) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Entity. -func (e *Entity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRulePropertyArrayValuesCondition. +func (a *AutomationRulePropertyArrayValuesCondition) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &e.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &e.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &e.Name) + case "arrayConditionType": + err = unpopulate(val, "ArrayConditionType", &a.ArrayConditionType) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &e.SystemData) + case "arrayType": + err = unpopulate(val, "ArrayType", &a.ArrayType) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &e.Type) + case "itemConditions": + a.ItemConditions, err = unmarshalAutomationRuleConditionClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EntityMapping. -func (e EntityMapping) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRulePropertyValuesChangedCondition. +func (a AutomationRulePropertyValuesChangedCondition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "entityType", e.EntityType) - populate(objectMap, "fieldMappings", e.FieldMappings) + populate(objectMap, "changeType", a.ChangeType) + populate(objectMap, "operator", a.Operator) + populate(objectMap, "propertyName", a.PropertyName) + populate(objectMap, "propertyValues", a.PropertyValues) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EntityMapping. -func (e *EntityMapping) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRulePropertyValuesChangedCondition. +func (a *AutomationRulePropertyValuesChangedCondition) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "entityType": - err = unpopulate(val, "EntityType", &e.EntityType) + case "changeType": + err = unpopulate(val, "ChangeType", &a.ChangeType) delete(rawMsg, key) - case "fieldMappings": - err = unpopulate(val, "FieldMappings", &e.FieldMappings) + case "operator": + err = unpopulate(val, "Operator", &a.Operator) + delete(rawMsg, key) + case "propertyName": + err = unpopulate(val, "PropertyName", &a.PropertyName) + delete(rawMsg, key) + case "propertyValues": + err = unpopulate(val, "PropertyValues", &a.PropertyValues) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type EventGroupingSettings. -func (e EventGroupingSettings) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRulePropertyValuesCondition. +func (a AutomationRulePropertyValuesCondition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "aggregationKind", e.AggregationKind) + populate(objectMap, "operator", a.Operator) + populate(objectMap, "propertyName", a.PropertyName) + populate(objectMap, "propertyValues", a.PropertyValues) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type EventGroupingSettings. -func (e *EventGroupingSettings) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRulePropertyValuesCondition. +func (a *AutomationRulePropertyValuesCondition) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "aggregationKind": - err = unpopulate(val, "AggregationKind", &e.AggregationKind) - delete(rawMsg, key) + case "operator": + err = unpopulate(val, "Operator", &a.Operator) + delete(rawMsg, key) + case "propertyName": + err = unpopulate(val, "PropertyName", &a.PropertyName) + delete(rawMsg, key) + case "propertyValues": + err = unpopulate(val, "PropertyValues", &a.PropertyValues) + delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FieldMapping. -func (f FieldMapping) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRuleRunPlaybookAction. +func (a AutomationRuleRunPlaybookAction) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "columnName", f.ColumnName) - populate(objectMap, "identifier", f.Identifier) + populate(objectMap, "actionConfiguration", a.ActionConfiguration) + objectMap["actionType"] = ActionTypeRunPlaybook + populate(objectMap, "order", a.Order) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FieldMapping. -func (f *FieldMapping) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleRunPlaybookAction. +func (a *AutomationRuleRunPlaybookAction) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "columnName": - err = unpopulate(val, "ColumnName", &f.ColumnName) + case "actionConfiguration": + err = unpopulate(val, "ActionConfiguration", &a.ActionConfiguration) delete(rawMsg, key) - case "identifier": - err = unpopulate(val, "Identifier", &f.Identifier) + case "actionType": + err = unpopulate(val, "ActionType", &a.ActionType) + delete(rawMsg, key) + case "order": + err = unpopulate(val, "Order", &a.Order) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileEntity. -func (f FileEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRuleTriggeringLogic. +func (a AutomationRuleTriggeringLogic) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", f.ID) - objectMap["kind"] = EntityKindEnumFile - populate(objectMap, "name", f.Name) - populate(objectMap, "properties", f.Properties) - populate(objectMap, "systemData", f.SystemData) - populate(objectMap, "type", f.Type) + populate(objectMap, "conditions", a.Conditions) + populateDateTimeRFC3339(objectMap, "expirationTimeUtc", a.ExpirationTimeUTC) + populate(objectMap, "isEnabled", a.IsEnabled) + populate(objectMap, "triggersOn", a.TriggersOn) + populate(objectMap, "triggersWhen", a.TriggersWhen) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileEntity. -func (f *FileEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRuleTriggeringLogic. +func (a *AutomationRuleTriggeringLogic) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &f.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &f.Kind) + case "conditions": + a.Conditions, err = unmarshalAutomationRuleConditionClassificationArray(val) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &f.Name) + case "expirationTimeUtc": + err = unpopulateDateTimeRFC3339(val, "ExpirationTimeUTC", &a.ExpirationTimeUTC) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &f.Properties) + case "isEnabled": + err = unpopulate(val, "IsEnabled", &a.IsEnabled) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &f.SystemData) + case "triggersOn": + err = unpopulate(val, "TriggersOn", &a.TriggersOn) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &f.Type) + case "triggersWhen": + err = unpopulate(val, "TriggersWhen", &a.TriggersWhen) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileEntityProperties. -func (f FileEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AutomationRulesList. +func (a AutomationRulesList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", f.AdditionalData) - populate(objectMap, "directory", f.Directory) - populate(objectMap, "fileHashEntityIds", f.FileHashEntityIDs) - populate(objectMap, "fileName", f.FileName) - populate(objectMap, "friendlyName", f.FriendlyName) - populate(objectMap, "hostEntityId", f.HostEntityID) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileEntityProperties. -func (f *FileEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AutomationRulesList. +func (a *AutomationRulesList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &f.AdditionalData) - delete(rawMsg, key) - case "directory": - err = unpopulate(val, "Directory", &f.Directory) - delete(rawMsg, key) - case "fileHashEntityIds": - err = unpopulate(val, "FileHashEntityIDs", &f.FileHashEntityIDs) - delete(rawMsg, key) - case "fileName": - err = unpopulate(val, "FileName", &f.FileName) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &f.FriendlyName) + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) delete(rawMsg, key) - case "hostEntityId": - err = unpopulate(val, "HostEntityID", &f.HostEntityID) + case "value": + err = unpopulate(val, "Value", &a.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileHashEntity. -func (f FileHashEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Availability. +func (a Availability) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", f.ID) - objectMap["kind"] = EntityKindEnumFileHash - populate(objectMap, "name", f.Name) - populate(objectMap, "properties", f.Properties) - populate(objectMap, "systemData", f.SystemData) - populate(objectMap, "type", f.Type) + populate(objectMap, "isPreview", a.IsPreview) + objectMap["status"] = int32(1) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileHashEntity. -func (f *FileHashEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Availability. +func (a *Availability) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &f.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &f.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &f.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &f.Properties) + case "isPreview": + err = unpopulate(val, "IsPreview", &a.IsPreview) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &f.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &f.Type) + case "status": + err = unpopulate(val, "Status", &a.Status) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FileHashEntityProperties. -func (f FileHashEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AwsCloudTrailCheckRequirements. +func (a AwsCloudTrailCheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", f.AdditionalData) - populate(objectMap, "algorithm", f.Algorithm) - populate(objectMap, "friendlyName", f.FriendlyName) - populate(objectMap, "hashValue", f.HashValue) + objectMap["kind"] = DataConnectorKindAmazonWebServicesCloudTrail return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FileHashEntityProperties. -func (f *FileHashEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AwsCloudTrailCheckRequirements. +func (a *AwsCloudTrailCheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &f.AdditionalData) - delete(rawMsg, key) - case "algorithm": - err = unpopulate(val, "Algorithm", &f.Algorithm) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &f.FriendlyName) - delete(rawMsg, key) - case "hashValue": - err = unpopulate(val, "HashValue", &f.HashValue) + case "kind": + err = unpopulate(val, "Kind", &a.Kind) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionAlertRule. -func (f FusionAlertRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AwsCloudTrailDataConnector. +func (a AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", f.Etag) - populate(objectMap, "id", f.ID) - objectMap["kind"] = AlertRuleKindFusion - populate(objectMap, "name", f.Name) - populate(objectMap, "properties", f.Properties) - populate(objectMap, "systemData", f.SystemData) - populate(objectMap, "type", f.Type) + populate(objectMap, "etag", a.Etag) + populate(objectMap, "id", a.ID) + objectMap["kind"] = DataConnectorKindAmazonWebServicesCloudTrail + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "systemData", a.SystemData) + populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRule. -func (f *FusionAlertRule) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AwsCloudTrailDataConnector. +func (a *AwsCloudTrailDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { case "etag": - err = unpopulate(val, "Etag", &f.Etag) + err = unpopulate(val, "Etag", &a.Etag) delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &f.ID) + err = unpopulate(val, "ID", &a.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &f.Kind) + err = unpopulate(val, "Kind", &a.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &f.Name) + err = unpopulate(val, "Name", &a.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &f.Properties) + err = unpopulate(val, "Properties", &a.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &f.SystemData) + err = unpopulate(val, "SystemData", &a.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &f.Type) + err = unpopulate(val, "Type", &a.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleProperties. -func (f FusionAlertRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AwsCloudTrailDataConnectorDataTypes. +func (a AwsCloudTrailDataConnectorDataTypes) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertRuleTemplateName", f.AlertRuleTemplateName) - populate(objectMap, "description", f.Description) - populate(objectMap, "displayName", f.DisplayName) - populate(objectMap, "enabled", f.Enabled) - populateDateTimeRFC3339(objectMap, "lastModifiedUtc", f.LastModifiedUTC) - populate(objectMap, "severity", f.Severity) - populate(objectMap, "tactics", f.Tactics) + populate(objectMap, "logs", a.Logs) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleProperties. -func (f *FusionAlertRuleProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AwsCloudTrailDataConnectorDataTypes. +func (a *AwsCloudTrailDataConnectorDataTypes) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "alertRuleTemplateName": - err = unpopulate(val, "AlertRuleTemplateName", &f.AlertRuleTemplateName) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &f.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &f.DisplayName) - delete(rawMsg, key) - case "enabled": - err = unpopulate(val, "Enabled", &f.Enabled) - delete(rawMsg, key) - case "lastModifiedUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &f.LastModifiedUTC) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &f.Severity) - delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &f.Tactics) + case "logs": + err = unpopulate(val, "Logs", &a.Logs) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleTemplate. -func (f FusionAlertRuleTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AwsCloudTrailDataConnectorDataTypesLogs. +func (a AwsCloudTrailDataConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", f.ID) - objectMap["kind"] = AlertRuleKindFusion - populate(objectMap, "name", f.Name) - populate(objectMap, "properties", f.Properties) - populate(objectMap, "systemData", f.SystemData) - populate(objectMap, "type", f.Type) + populate(objectMap, "state", a.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleTemplate. -func (f *FusionAlertRuleTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AwsCloudTrailDataConnectorDataTypesLogs. +func (a *AwsCloudTrailDataConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &f.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &f.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &f.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &f.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &f.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &f.Type) + case "state": + err = unpopulate(val, "State", &a.State) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleTemplateProperties. -func (f FusionAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AwsCloudTrailDataConnectorProperties. +func (a AwsCloudTrailDataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertRulesCreatedByTemplateCount", f.AlertRulesCreatedByTemplateCount) - populateDateTimeRFC3339(objectMap, "createdDateUTC", f.CreatedDateUTC) - populate(objectMap, "description", f.Description) - populate(objectMap, "displayName", f.DisplayName) - populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", f.LastUpdatedDateUTC) - populate(objectMap, "requiredDataConnectors", f.RequiredDataConnectors) - populate(objectMap, "severity", f.Severity) - populate(objectMap, "status", f.Status) - populate(objectMap, "tactics", f.Tactics) + populate(objectMap, "awsRoleArn", a.AwsRoleArn) + populate(objectMap, "dataTypes", a.DataTypes) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleTemplateProperties. -func (f *FusionAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AwsCloudTrailDataConnectorProperties. +func (a *AwsCloudTrailDataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "alertRulesCreatedByTemplateCount": - err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &f.AlertRulesCreatedByTemplateCount) - delete(rawMsg, key) - case "createdDateUTC": - err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &f.CreatedDateUTC) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &f.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &f.DisplayName) - delete(rawMsg, key) - case "lastUpdatedDateUTC": - err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &f.LastUpdatedDateUTC) - delete(rawMsg, key) - case "requiredDataConnectors": - err = unpopulate(val, "RequiredDataConnectors", &f.RequiredDataConnectors) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &f.Severity) - delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &f.Status) + case "awsRoleArn": + err = unpopulate(val, "AwsRoleArn", &a.AwsRoleArn) delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &f.Tactics) + case "dataTypes": + err = unpopulate(val, "DataTypes", &a.DataTypes) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", f, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type GeoLocation. -func (g GeoLocation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AwsS3CheckRequirements. +func (a AwsS3CheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "asn", g.Asn) - populate(objectMap, "city", g.City) - populate(objectMap, "countryCode", g.CountryCode) - populate(objectMap, "countryName", g.CountryName) - populate(objectMap, "latitude", g.Latitude) - populate(objectMap, "longitude", g.Longitude) - populate(objectMap, "state", g.State) + objectMap["kind"] = DataConnectorKindAmazonWebServicesS3 return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type GeoLocation. -func (g *GeoLocation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AwsS3CheckRequirements. +func (a *AwsS3CheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "asn": - err = unpopulate(val, "Asn", &g.Asn) - delete(rawMsg, key) - case "city": - err = unpopulate(val, "City", &g.City) - delete(rawMsg, key) - case "countryCode": - err = unpopulate(val, "CountryCode", &g.CountryCode) - delete(rawMsg, key) - case "countryName": - err = unpopulate(val, "CountryName", &g.CountryName) - delete(rawMsg, key) - case "latitude": - err = unpopulate(val, "Latitude", &g.Latitude) - delete(rawMsg, key) - case "longitude": - err = unpopulate(val, "Longitude", &g.Longitude) - delete(rawMsg, key) - case "state": - err = unpopulate(val, "State", &g.State) + case "kind": + err = unpopulate(val, "Kind", &a.Kind) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type GroupingConfiguration. -func (g GroupingConfiguration) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AwsS3DataConnector. +func (a AwsS3DataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "enabled", g.Enabled) - populate(objectMap, "groupByAlertDetails", g.GroupByAlertDetails) - populate(objectMap, "groupByCustomDetails", g.GroupByCustomDetails) - populate(objectMap, "groupByEntities", g.GroupByEntities) - populate(objectMap, "lookbackDuration", g.LookbackDuration) - populate(objectMap, "matchingMethod", g.MatchingMethod) - populate(objectMap, "reopenClosedIncident", g.ReopenClosedIncident) + populate(objectMap, "etag", a.Etag) + populate(objectMap, "id", a.ID) + objectMap["kind"] = DataConnectorKindAmazonWebServicesS3 + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "systemData", a.SystemData) + populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type GroupingConfiguration. -func (g *GroupingConfiguration) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AwsS3DataConnector. +func (a *AwsS3DataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "enabled": - err = unpopulate(val, "Enabled", &g.Enabled) + case "etag": + err = unpopulate(val, "Etag", &a.Etag) delete(rawMsg, key) - case "groupByAlertDetails": - err = unpopulate(val, "GroupByAlertDetails", &g.GroupByAlertDetails) + case "id": + err = unpopulate(val, "ID", &a.ID) delete(rawMsg, key) - case "groupByCustomDetails": - err = unpopulate(val, "GroupByCustomDetails", &g.GroupByCustomDetails) + case "kind": + err = unpopulate(val, "Kind", &a.Kind) delete(rawMsg, key) - case "groupByEntities": - err = unpopulate(val, "GroupByEntities", &g.GroupByEntities) + case "name": + err = unpopulate(val, "Name", &a.Name) delete(rawMsg, key) - case "lookbackDuration": - err = unpopulate(val, "LookbackDuration", &g.LookbackDuration) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) delete(rawMsg, key) - case "matchingMethod": - err = unpopulate(val, "MatchingMethod", &g.MatchingMethod) + case "systemData": + err = unpopulate(val, "SystemData", &a.SystemData) delete(rawMsg, key) - case "reopenClosedIncident": - err = unpopulate(val, "ReopenClosedIncident", &g.ReopenClosedIncident) + case "type": + err = unpopulate(val, "Type", &a.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", g, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type HostEntity. -func (h HostEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AwsS3DataConnectorDataTypes. +func (a AwsS3DataConnectorDataTypes) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", h.ID) - objectMap["kind"] = EntityKindEnumHost - populate(objectMap, "name", h.Name) - populate(objectMap, "properties", h.Properties) - populate(objectMap, "systemData", h.SystemData) - populate(objectMap, "type", h.Type) + populate(objectMap, "logs", a.Logs) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type HostEntity. -func (h *HostEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AwsS3DataConnectorDataTypes. +func (a *AwsS3DataConnectorDataTypes) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &h.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &h.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &h.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &h.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &h.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &h.Type) + case "logs": + err = unpopulate(val, "Logs", &a.Logs) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type HostEntityProperties. -func (h HostEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AwsS3DataConnectorDataTypesLogs. +func (a AwsS3DataConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", h.AdditionalData) - populate(objectMap, "azureID", h.AzureID) - populate(objectMap, "dnsDomain", h.DNSDomain) - populate(objectMap, "friendlyName", h.FriendlyName) - populate(objectMap, "hostName", h.HostName) - populate(objectMap, "isDomainJoined", h.IsDomainJoined) - populate(objectMap, "netBiosName", h.NetBiosName) - populate(objectMap, "ntDomain", h.NtDomain) - populate(objectMap, "osFamily", h.OSFamily) - populate(objectMap, "osVersion", h.OSVersion) - populate(objectMap, "omsAgentID", h.OmsAgentID) + populate(objectMap, "state", a.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type HostEntityProperties. -func (h *HostEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AwsS3DataConnectorDataTypesLogs. +func (a *AwsS3DataConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &h.AdditionalData) - delete(rawMsg, key) - case "azureID": - err = unpopulate(val, "AzureID", &h.AzureID) - delete(rawMsg, key) - case "dnsDomain": - err = unpopulate(val, "DNSDomain", &h.DNSDomain) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &h.FriendlyName) - delete(rawMsg, key) - case "hostName": - err = unpopulate(val, "HostName", &h.HostName) - delete(rawMsg, key) - case "isDomainJoined": - err = unpopulate(val, "IsDomainJoined", &h.IsDomainJoined) - delete(rawMsg, key) - case "netBiosName": - err = unpopulate(val, "NetBiosName", &h.NetBiosName) - delete(rawMsg, key) - case "ntDomain": - err = unpopulate(val, "NtDomain", &h.NtDomain) - delete(rawMsg, key) - case "osFamily": - err = unpopulate(val, "OSFamily", &h.OSFamily) - delete(rawMsg, key) - case "osVersion": - err = unpopulate(val, "OSVersion", &h.OSVersion) - delete(rawMsg, key) - case "omsAgentID": - err = unpopulate(val, "OmsAgentID", &h.OmsAgentID) + case "state": + err = unpopulate(val, "State", &a.State) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type HuntingBookmark. -func (h HuntingBookmark) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AwsS3DataConnectorProperties. +func (a AwsS3DataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", h.ID) - objectMap["kind"] = EntityKindEnumBookmark - populate(objectMap, "name", h.Name) - populate(objectMap, "properties", h.Properties) - populate(objectMap, "systemData", h.SystemData) - populate(objectMap, "type", h.Type) + populate(objectMap, "dataTypes", a.DataTypes) + populate(objectMap, "destinationTable", a.DestinationTable) + populate(objectMap, "roleArn", a.RoleArn) + populate(objectMap, "sqsUrls", a.SqsUrls) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type HuntingBookmark. -func (h *HuntingBookmark) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AwsS3DataConnectorProperties. +func (a *AwsS3DataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &h.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &h.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &h.Name) + case "dataTypes": + err = unpopulate(val, "DataTypes", &a.DataTypes) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &h.Properties) + case "destinationTable": + err = unpopulate(val, "DestinationTable", &a.DestinationTable) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &h.SystemData) + case "roleArn": + err = unpopulate(val, "RoleArn", &a.RoleArn) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &h.Type) + case "sqsUrls": + err = unpopulate(val, "SqsUrls", &a.SqsUrls) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type HuntingBookmarkProperties. -func (h HuntingBookmarkProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AzureDevOpsResourceInfo. +func (a AzureDevOpsResourceInfo) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", h.AdditionalData) - populateDateTimeRFC3339(objectMap, "created", h.Created) - populate(objectMap, "createdBy", h.CreatedBy) - populate(objectMap, "displayName", h.DisplayName) - populateDateTimeRFC3339(objectMap, "eventTime", h.EventTime) - populate(objectMap, "friendlyName", h.FriendlyName) - populate(objectMap, "incidentInfo", h.IncidentInfo) - populate(objectMap, "labels", h.Labels) - populate(objectMap, "notes", h.Notes) - populate(objectMap, "query", h.Query) - populate(objectMap, "queryResult", h.QueryResult) - populateDateTimeRFC3339(objectMap, "updated", h.Updated) - populate(objectMap, "updatedBy", h.UpdatedBy) + populate(objectMap, "pipelineId", a.PipelineID) + populate(objectMap, "serviceConnectionId", a.ServiceConnectionID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type HuntingBookmarkProperties. -func (h *HuntingBookmarkProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AzureDevOpsResourceInfo. +func (a *AzureDevOpsResourceInfo) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &h.AdditionalData) - delete(rawMsg, key) - case "created": - err = unpopulateDateTimeRFC3339(val, "Created", &h.Created) - delete(rawMsg, key) - case "createdBy": - err = unpopulate(val, "CreatedBy", &h.CreatedBy) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &h.DisplayName) - delete(rawMsg, key) - case "eventTime": - err = unpopulateDateTimeRFC3339(val, "EventTime", &h.EventTime) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &h.FriendlyName) - delete(rawMsg, key) - case "incidentInfo": - err = unpopulate(val, "IncidentInfo", &h.IncidentInfo) - delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &h.Labels) - delete(rawMsg, key) - case "notes": - err = unpopulate(val, "Notes", &h.Notes) - delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &h.Query) - delete(rawMsg, key) - case "queryResult": - err = unpopulate(val, "QueryResult", &h.QueryResult) - delete(rawMsg, key) - case "updated": - err = unpopulateDateTimeRFC3339(val, "Updated", &h.Updated) + case "pipelineId": + err = unpopulate(val, "PipelineID", &a.PipelineID) delete(rawMsg, key) - case "updatedBy": - err = unpopulate(val, "UpdatedBy", &h.UpdatedBy) + case "serviceConnectionId": + err = unpopulate(val, "ServiceConnectionID", &a.ServiceConnectionID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", h, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IPEntity. -func (i IPEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AzureResourceEntity. +func (a AzureResourceEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", i.ID) - objectMap["kind"] = EntityKindEnumIP - populate(objectMap, "name", i.Name) - populate(objectMap, "properties", i.Properties) - populate(objectMap, "systemData", i.SystemData) - populate(objectMap, "type", i.Type) + populate(objectMap, "id", a.ID) + objectMap["kind"] = EntityKindEnumAzureResource + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "systemData", a.SystemData) + populate(objectMap, "type", a.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IPEntity. -func (i *IPEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AzureResourceEntity. +func (a *AzureResourceEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &i.ID) + err = unpopulate(val, "ID", &a.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &i.Kind) + err = unpopulate(val, "Kind", &a.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &i.Name) + err = unpopulate(val, "Name", &a.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &i.Properties) + err = unpopulate(val, "Properties", &a.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &i.SystemData) + err = unpopulate(val, "SystemData", &a.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &i.Type) + err = unpopulate(val, "Type", &a.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IPEntityProperties. -func (i IPEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type AzureResourceEntityProperties. +func (a AzureResourceEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", i.AdditionalData) - populate(objectMap, "address", i.Address) - populate(objectMap, "friendlyName", i.FriendlyName) - populate(objectMap, "location", i.Location) - populate(objectMap, "threatIntelligence", i.ThreatIntelligence) + populate(objectMap, "additionalData", a.AdditionalData) + populate(objectMap, "friendlyName", a.FriendlyName) + populate(objectMap, "resourceId", a.ResourceID) + populate(objectMap, "subscriptionId", a.SubscriptionID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IPEntityProperties. -func (i *IPEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type AzureResourceEntityProperties. +func (a *AzureResourceEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } for key, val := range rawMsg { var err error switch key { case "additionalData": - err = unpopulate(val, "AdditionalData", &i.AdditionalData) - delete(rawMsg, key) - case "address": - err = unpopulate(val, "Address", &i.Address) + err = unpopulate(val, "AdditionalData", &a.AdditionalData) delete(rawMsg, key) case "friendlyName": - err = unpopulate(val, "FriendlyName", &i.FriendlyName) + err = unpopulate(val, "FriendlyName", &a.FriendlyName) delete(rawMsg, key) - case "location": - err = unpopulate(val, "Location", &i.Location) + case "resourceId": + err = unpopulate(val, "ResourceID", &a.ResourceID) delete(rawMsg, key) - case "threatIntelligence": - err = unpopulate(val, "ThreatIntelligence", &i.ThreatIntelligence) + case "subscriptionId": + err = unpopulate(val, "SubscriptionID", &a.SubscriptionID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", a, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Incident. -func (i Incident) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BasicAuthModel. +func (b BasicAuthModel) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", i.Etag) - populate(objectMap, "id", i.ID) - populate(objectMap, "name", i.Name) - populate(objectMap, "properties", i.Properties) - populate(objectMap, "systemData", i.SystemData) - populate(objectMap, "type", i.Type) + populate(objectMap, "password", b.Password) + objectMap["type"] = CcpAuthTypeBasic + populate(objectMap, "userName", b.UserName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Incident. -func (i *Incident) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BasicAuthModel. +func (b *BasicAuthModel) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &i.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &i.ID) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &i.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &i.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &i.SystemData) + case "password": + err = unpopulate(val, "Password", &b.Password) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &i.Type) + err = unpopulate(val, "Type", &b.Type) + delete(rawMsg, key) + case "userName": + err = unpopulate(val, "UserName", &b.UserName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentAdditionalData. -func (i IncidentAdditionalData) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BillingStatistic. +func (b BillingStatistic) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertProductNames", i.AlertProductNames) - populate(objectMap, "alertsCount", i.AlertsCount) - populate(objectMap, "bookmarksCount", i.BookmarksCount) - populate(objectMap, "commentsCount", i.CommentsCount) - populate(objectMap, "tactics", i.Tactics) + populate(objectMap, "etag", b.Etag) + populate(objectMap, "id", b.ID) + objectMap["kind"] = b.Kind + populate(objectMap, "name", b.Name) + populate(objectMap, "systemData", b.SystemData) + populate(objectMap, "type", b.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentAdditionalData. -func (i *IncidentAdditionalData) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BillingStatistic. +func (b *BillingStatistic) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "alertProductNames": - err = unpopulate(val, "AlertProductNames", &i.AlertProductNames) + case "etag": + err = unpopulate(val, "Etag", &b.Etag) delete(rawMsg, key) - case "alertsCount": - err = unpopulate(val, "AlertsCount", &i.AlertsCount) + case "id": + err = unpopulate(val, "ID", &b.ID) delete(rawMsg, key) - case "bookmarksCount": - err = unpopulate(val, "BookmarksCount", &i.BookmarksCount) + case "kind": + err = unpopulate(val, "Kind", &b.Kind) delete(rawMsg, key) - case "commentsCount": - err = unpopulate(val, "CommentsCount", &i.CommentsCount) + case "name": + err = unpopulate(val, "Name", &b.Name) delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &i.Tactics) + case "systemData": + err = unpopulate(val, "SystemData", &b.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &b.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentAlertList. -func (i IncidentAlertList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BillingStatisticList. +func (b BillingStatisticList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "value", i.Value) + populate(objectMap, "nextLink", b.NextLink) + populate(objectMap, "value", b.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentAlertList. -func (i *IncidentAlertList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BillingStatisticList. +func (b *BillingStatisticList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "value": - err = unpopulate(val, "Value", &i.Value) + case "nextLink": + err = unpopulate(val, "NextLink", &b.NextLink) delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type IncidentBookmarkList. -func (i IncidentBookmarkList) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "value", i.Value) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentBookmarkList. -func (i *IncidentBookmarkList) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) - } - for key, val := range rawMsg { - var err error - switch key { case "value": - err = unpopulate(val, "Value", &i.Value) + b.Value, err = unmarshalBillingStatisticClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentComment. -func (i IncidentComment) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Bookmark. +func (b Bookmark) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", i.Etag) - populate(objectMap, "id", i.ID) - populate(objectMap, "name", i.Name) - populate(objectMap, "properties", i.Properties) - populate(objectMap, "systemData", i.SystemData) - populate(objectMap, "type", i.Type) + populate(objectMap, "etag", b.Etag) + populate(objectMap, "id", b.ID) + populate(objectMap, "name", b.Name) + populate(objectMap, "properties", b.Properties) + populate(objectMap, "systemData", b.SystemData) + populate(objectMap, "type", b.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentComment. -func (i *IncidentComment) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Bookmark. +func (b *Bookmark) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { case "etag": - err = unpopulate(val, "Etag", &i.Etag) + err = unpopulate(val, "Etag", &b.Etag) delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &i.ID) + err = unpopulate(val, "ID", &b.ID) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &i.Name) + err = unpopulate(val, "Name", &b.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &i.Properties) + err = unpopulate(val, "Properties", &b.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &i.SystemData) + err = unpopulate(val, "SystemData", &b.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &i.Type) + err = unpopulate(val, "Type", &b.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentCommentList. -func (i IncidentCommentList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BookmarkEntityMappings. +func (b BookmarkEntityMappings) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", i.NextLink) - populate(objectMap, "value", i.Value) + populate(objectMap, "entityType", b.EntityType) + populate(objectMap, "fieldMappings", b.FieldMappings) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentCommentList. -func (i *IncidentCommentList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BookmarkEntityMappings. +func (b *BookmarkEntityMappings) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &i.NextLink) + case "entityType": + err = unpopulate(val, "EntityType", &b.EntityType) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &i.Value) + case "fieldMappings": + err = unpopulate(val, "FieldMappings", &b.FieldMappings) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentCommentProperties. -func (i IncidentCommentProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BookmarkExpandParameters. +func (b BookmarkExpandParameters) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "author", i.Author) - populateDateTimeRFC3339(objectMap, "createdTimeUtc", i.CreatedTimeUTC) - populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", i.LastModifiedTimeUTC) - populate(objectMap, "message", i.Message) + populateDateTimeRFC3339(objectMap, "endTime", b.EndTime) + populate(objectMap, "expansionId", b.ExpansionID) + populateDateTimeRFC3339(objectMap, "startTime", b.StartTime) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentCommentProperties. -func (i *IncidentCommentProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BookmarkExpandParameters. +func (b *BookmarkExpandParameters) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "author": - err = unpopulate(val, "Author", &i.Author) + case "endTime": + err = unpopulateDateTimeRFC3339(val, "EndTime", &b.EndTime) delete(rawMsg, key) - case "createdTimeUtc": - err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &i.CreatedTimeUTC) - delete(rawMsg, key) - case "lastModifiedTimeUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &i.LastModifiedTimeUTC) + case "expansionId": + err = unpopulate(val, "ExpansionID", &b.ExpansionID) delete(rawMsg, key) - case "message": - err = unpopulate(val, "Message", &i.Message) + case "startTime": + err = unpopulateDateTimeRFC3339(val, "StartTime", &b.StartTime) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentConfiguration. -func (i IncidentConfiguration) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BookmarkExpandResponse. +func (b BookmarkExpandResponse) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "createIncident", i.CreateIncident) - populate(objectMap, "groupingConfiguration", i.GroupingConfiguration) + populate(objectMap, "metaData", b.MetaData) + populate(objectMap, "value", b.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentConfiguration. -func (i *IncidentConfiguration) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BookmarkExpandResponse. +func (b *BookmarkExpandResponse) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "createIncident": - err = unpopulate(val, "CreateIncident", &i.CreateIncident) + case "metaData": + err = unpopulate(val, "MetaData", &b.MetaData) delete(rawMsg, key) - case "groupingConfiguration": - err = unpopulate(val, "GroupingConfiguration", &i.GroupingConfiguration) + case "value": + err = unpopulate(val, "Value", &b.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentEntitiesResponse. -func (i IncidentEntitiesResponse) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BookmarkExpandResponseValue. +func (b BookmarkExpandResponseValue) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "entities", i.Entities) - populate(objectMap, "metaData", i.MetaData) + populate(objectMap, "edges", b.Edges) + populate(objectMap, "entities", b.Entities) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentEntitiesResponse. -func (i *IncidentEntitiesResponse) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BookmarkExpandResponseValue. +func (b *BookmarkExpandResponseValue) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "entities": - i.Entities, err = unmarshalEntityClassificationArray(val) + case "edges": + err = unpopulate(val, "Edges", &b.Edges) delete(rawMsg, key) - case "metaData": - err = unpopulate(val, "MetaData", &i.MetaData) + case "entities": + b.Entities, err = unmarshalEntityClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentEntitiesResultsMetadata. -func (i IncidentEntitiesResultsMetadata) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BookmarkList. +func (b BookmarkList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "count", i.Count) - populate(objectMap, "entityKind", i.EntityKind) + populate(objectMap, "nextLink", b.NextLink) + populate(objectMap, "value", b.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentEntitiesResultsMetadata. -func (i *IncidentEntitiesResultsMetadata) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BookmarkList. +func (b *BookmarkList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "count": - err = unpopulate(val, "Count", &i.Count) + case "nextLink": + err = unpopulate(val, "NextLink", &b.NextLink) delete(rawMsg, key) - case "entityKind": - err = unpopulate(val, "EntityKind", &i.EntityKind) + case "value": + err = unpopulate(val, "Value", &b.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentInfo. -func (i IncidentInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BookmarkProperties. +func (b BookmarkProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "incidentId", i.IncidentID) - populate(objectMap, "relationName", i.RelationName) - populate(objectMap, "severity", i.Severity) - populate(objectMap, "title", i.Title) + populateDateTimeRFC3339(objectMap, "created", b.Created) + populate(objectMap, "createdBy", b.CreatedBy) + populate(objectMap, "displayName", b.DisplayName) + populate(objectMap, "entityMappings", b.EntityMappings) + populateDateTimeRFC3339(objectMap, "eventTime", b.EventTime) + populate(objectMap, "incidentInfo", b.IncidentInfo) + populate(objectMap, "labels", b.Labels) + populate(objectMap, "notes", b.Notes) + populate(objectMap, "query", b.Query) + populateDateTimeRFC3339(objectMap, "queryEndTime", b.QueryEndTime) + populate(objectMap, "queryResult", b.QueryResult) + populateDateTimeRFC3339(objectMap, "queryStartTime", b.QueryStartTime) + populate(objectMap, "tactics", b.Tactics) + populate(objectMap, "techniques", b.Techniques) + populateDateTimeRFC3339(objectMap, "updated", b.Updated) + populate(objectMap, "updatedBy", b.UpdatedBy) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentInfo. -func (i *IncidentInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BookmarkProperties. +func (b *BookmarkProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "incidentId": - err = unpopulate(val, "IncidentID", &i.IncidentID) + case "created": + err = unpopulateDateTimeRFC3339(val, "Created", &b.Created) delete(rawMsg, key) - case "relationName": - err = unpopulate(val, "RelationName", &i.RelationName) + case "createdBy": + err = unpopulate(val, "CreatedBy", &b.CreatedBy) delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &i.Severity) + case "displayName": + err = unpopulate(val, "DisplayName", &b.DisplayName) delete(rawMsg, key) - case "title": - err = unpopulate(val, "Title", &i.Title) + case "entityMappings": + err = unpopulate(val, "EntityMappings", &b.EntityMappings) + delete(rawMsg, key) + case "eventTime": + err = unpopulateDateTimeRFC3339(val, "EventTime", &b.EventTime) + delete(rawMsg, key) + case "incidentInfo": + err = unpopulate(val, "IncidentInfo", &b.IncidentInfo) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &b.Labels) + delete(rawMsg, key) + case "notes": + err = unpopulate(val, "Notes", &b.Notes) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &b.Query) + delete(rawMsg, key) + case "queryEndTime": + err = unpopulateDateTimeRFC3339(val, "QueryEndTime", &b.QueryEndTime) + delete(rawMsg, key) + case "queryResult": + err = unpopulate(val, "QueryResult", &b.QueryResult) + delete(rawMsg, key) + case "queryStartTime": + err = unpopulateDateTimeRFC3339(val, "QueryStartTime", &b.QueryStartTime) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &b.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &b.Techniques) + delete(rawMsg, key) + case "updated": + err = unpopulateDateTimeRFC3339(val, "Updated", &b.Updated) + delete(rawMsg, key) + case "updatedBy": + err = unpopulate(val, "UpdatedBy", &b.UpdatedBy) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentLabel. -func (i IncidentLabel) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BookmarkTimelineItem. +func (b BookmarkTimelineItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "labelName", i.LabelName) - populate(objectMap, "labelType", i.LabelType) + populate(objectMap, "azureResourceId", b.AzureResourceID) + populate(objectMap, "createdBy", b.CreatedBy) + populate(objectMap, "displayName", b.DisplayName) + populateDateTimeRFC3339(objectMap, "endTimeUtc", b.EndTimeUTC) + populateDateTimeRFC3339(objectMap, "eventTime", b.EventTime) + objectMap["kind"] = EntityTimelineKindBookmark + populate(objectMap, "labels", b.Labels) + populate(objectMap, "notes", b.Notes) + populateDateTimeRFC3339(objectMap, "startTimeUtc", b.StartTimeUTC) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentLabel. -func (i *IncidentLabel) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BookmarkTimelineItem. +func (b *BookmarkTimelineItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "labelName": - err = unpopulate(val, "LabelName", &i.LabelName) + case "azureResourceId": + err = unpopulate(val, "AzureResourceID", &b.AzureResourceID) delete(rawMsg, key) - case "labelType": - err = unpopulate(val, "LabelType", &i.LabelType) + case "createdBy": + err = unpopulate(val, "CreatedBy", &b.CreatedBy) delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type IncidentList. -func (i IncidentList) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "nextLink", i.NextLink) - populate(objectMap, "value", i.Value) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentList. -func (i *IncidentList) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &i.NextLink) + case "displayName": + err = unpopulate(val, "DisplayName", &b.DisplayName) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &i.Value) + case "endTimeUtc": + err = unpopulateDateTimeRFC3339(val, "EndTimeUTC", &b.EndTimeUTC) + delete(rawMsg, key) + case "eventTime": + err = unpopulateDateTimeRFC3339(val, "EventTime", &b.EventTime) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &b.Kind) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &b.Labels) + delete(rawMsg, key) + case "notes": + err = unpopulate(val, "Notes", &b.Notes) + delete(rawMsg, key) + case "startTimeUtc": + err = unpopulateDateTimeRFC3339(val, "StartTimeUTC", &b.StartTimeUTC) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentOwnerInfo. -func (i IncidentOwnerInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type BooleanConditionProperties. +func (b BooleanConditionProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "assignedTo", i.AssignedTo) - populate(objectMap, "email", i.Email) - populate(objectMap, "objectId", i.ObjectID) - populate(objectMap, "userPrincipalName", i.UserPrincipalName) + populate(objectMap, "conditionProperties", b.ConditionProperties) + objectMap["conditionType"] = ConditionTypeBoolean return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentOwnerInfo. -func (i *IncidentOwnerInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type BooleanConditionProperties. +func (b *BooleanConditionProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } for key, val := range rawMsg { var err error switch key { - case "assignedTo": - err = unpopulate(val, "AssignedTo", &i.AssignedTo) - delete(rawMsg, key) - case "email": - err = unpopulate(val, "Email", &i.Email) - delete(rawMsg, key) - case "objectId": - err = unpopulate(val, "ObjectID", &i.ObjectID) + case "conditionProperties": + err = unpopulate(val, "ConditionProperties", &b.ConditionProperties) delete(rawMsg, key) - case "userPrincipalName": - err = unpopulate(val, "UserPrincipalName", &i.UserPrincipalName) + case "conditionType": + err = unpopulate(val, "ConditionType", &b.ConditionType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", b, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentOwnerInfoAutoGenerated. -func (i IncidentOwnerInfoAutoGenerated) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CcpAuthConfig. +func (c CcpAuthConfig) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "assignedTo", i.AssignedTo) - populate(objectMap, "email", i.Email) - populate(objectMap, "objectId", i.ObjectID) - populate(objectMap, "ownerType", i.OwnerType) - populate(objectMap, "userPrincipalName", i.UserPrincipalName) + objectMap["type"] = c.Type return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentOwnerInfoAutoGenerated. -func (i *IncidentOwnerInfoAutoGenerated) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CcpAuthConfig. +func (c *CcpAuthConfig) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "assignedTo": - err = unpopulate(val, "AssignedTo", &i.AssignedTo) - delete(rawMsg, key) - case "email": - err = unpopulate(val, "Email", &i.Email) - delete(rawMsg, key) - case "objectId": - err = unpopulate(val, "ObjectID", &i.ObjectID) - delete(rawMsg, key) - case "ownerType": - err = unpopulate(val, "OwnerType", &i.OwnerType) - delete(rawMsg, key) - case "userPrincipalName": - err = unpopulate(val, "UserPrincipalName", &i.UserPrincipalName) + case "type": + err = unpopulate(val, "Type", &c.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentProperties. -func (i IncidentProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CcpResponseConfig. +func (c CcpResponseConfig) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", i.AdditionalData) - populate(objectMap, "classification", i.Classification) - populate(objectMap, "classificationComment", i.ClassificationComment) - populate(objectMap, "classificationReason", i.ClassificationReason) - populateDateTimeRFC3339(objectMap, "createdTimeUtc", i.CreatedTimeUTC) - populate(objectMap, "description", i.Description) - populateDateTimeRFC3339(objectMap, "firstActivityTimeUtc", i.FirstActivityTimeUTC) - populate(objectMap, "incidentNumber", i.IncidentNumber) - populate(objectMap, "incidentUrl", i.IncidentURL) - populate(objectMap, "labels", i.Labels) - populateDateTimeRFC3339(objectMap, "lastActivityTimeUtc", i.LastActivityTimeUTC) - populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", i.LastModifiedTimeUTC) - populate(objectMap, "owner", i.Owner) - populate(objectMap, "relatedAnalyticRuleIds", i.RelatedAnalyticRuleIDs) - populate(objectMap, "severity", i.Severity) - populate(objectMap, "status", i.Status) - populate(objectMap, "title", i.Title) + populate(objectMap, "csvDelimiter", c.CSVDelimiter) + populate(objectMap, "csvEscape", c.CSVEscape) + populate(objectMap, "compressionAlgo", c.CompressionAlgo) + populate(objectMap, "convertChildPropertiesToArray", c.ConvertChildPropertiesToArray) + populate(objectMap, "eventsJsonPaths", c.EventsJSONPaths) + populate(objectMap, "format", c.Format) + populate(objectMap, "hasCsvBoundary", c.HasCSVBoundary) + populate(objectMap, "hasCsvHeader", c.HasCSVHeader) + populate(objectMap, "isGzipCompressed", c.IsGzipCompressed) + populate(objectMap, "successStatusJsonPath", c.SuccessStatusJSONPath) + populate(objectMap, "successStatusValue", c.SuccessStatusValue) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentProperties. -func (i *IncidentProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CcpResponseConfig. +func (c *CcpResponseConfig) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &i.AdditionalData) - delete(rawMsg, key) - case "classification": - err = unpopulate(val, "Classification", &i.Classification) - delete(rawMsg, key) - case "classificationComment": - err = unpopulate(val, "ClassificationComment", &i.ClassificationComment) - delete(rawMsg, key) - case "classificationReason": - err = unpopulate(val, "ClassificationReason", &i.ClassificationReason) - delete(rawMsg, key) - case "createdTimeUtc": - err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &i.CreatedTimeUTC) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &i.Description) - delete(rawMsg, key) - case "firstActivityTimeUtc": - err = unpopulateDateTimeRFC3339(val, "FirstActivityTimeUTC", &i.FirstActivityTimeUTC) + case "csvDelimiter": + err = unpopulate(val, "CSVDelimiter", &c.CSVDelimiter) delete(rawMsg, key) - case "incidentNumber": - err = unpopulate(val, "IncidentNumber", &i.IncidentNumber) + case "csvEscape": + err = unpopulate(val, "CSVEscape", &c.CSVEscape) delete(rawMsg, key) - case "incidentUrl": - err = unpopulate(val, "IncidentURL", &i.IncidentURL) + case "compressionAlgo": + err = unpopulate(val, "CompressionAlgo", &c.CompressionAlgo) delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &i.Labels) + case "convertChildPropertiesToArray": + err = unpopulate(val, "ConvertChildPropertiesToArray", &c.ConvertChildPropertiesToArray) delete(rawMsg, key) - case "lastActivityTimeUtc": - err = unpopulateDateTimeRFC3339(val, "LastActivityTimeUTC", &i.LastActivityTimeUTC) + case "eventsJsonPaths": + err = unpopulate(val, "EventsJSONPaths", &c.EventsJSONPaths) delete(rawMsg, key) - case "lastModifiedTimeUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &i.LastModifiedTimeUTC) + case "format": + err = unpopulate(val, "Format", &c.Format) delete(rawMsg, key) - case "owner": - err = unpopulate(val, "Owner", &i.Owner) + case "hasCsvBoundary": + err = unpopulate(val, "HasCSVBoundary", &c.HasCSVBoundary) delete(rawMsg, key) - case "relatedAnalyticRuleIds": - err = unpopulate(val, "RelatedAnalyticRuleIDs", &i.RelatedAnalyticRuleIDs) + case "hasCsvHeader": + err = unpopulate(val, "HasCSVHeader", &c.HasCSVHeader) delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &i.Severity) + case "isGzipCompressed": + err = unpopulate(val, "IsGzipCompressed", &c.IsGzipCompressed) delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &i.Status) + case "successStatusJsonPath": + err = unpopulate(val, "SuccessStatusJSONPath", &c.SuccessStatusJSONPath) delete(rawMsg, key) - case "title": - err = unpopulate(val, "Title", &i.Title) + case "successStatusValue": + err = unpopulate(val, "SuccessStatusValue", &c.SuccessStatusValue) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IncidentPropertiesAction. -func (i IncidentPropertiesAction) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ClientInfo. +func (c ClientInfo) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "classification", i.Classification) - populate(objectMap, "classificationComment", i.ClassificationComment) - populate(objectMap, "classificationReason", i.ClassificationReason) - populate(objectMap, "labels", i.Labels) - populate(objectMap, "owner", i.Owner) - populate(objectMap, "severity", i.Severity) - populate(objectMap, "status", i.Status) + populate(objectMap, "email", c.Email) + populate(objectMap, "name", c.Name) + populate(objectMap, "objectId", c.ObjectID) + populate(objectMap, "userPrincipalName", c.UserPrincipalName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentPropertiesAction. -func (i *IncidentPropertiesAction) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ClientInfo. +func (c *ClientInfo) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "classification": - err = unpopulate(val, "Classification", &i.Classification) - delete(rawMsg, key) - case "classificationComment": - err = unpopulate(val, "ClassificationComment", &i.ClassificationComment) - delete(rawMsg, key) - case "classificationReason": - err = unpopulate(val, "ClassificationReason", &i.ClassificationReason) - delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &i.Labels) + case "email": + err = unpopulate(val, "Email", &c.Email) delete(rawMsg, key) - case "owner": - err = unpopulate(val, "Owner", &i.Owner) + case "name": + err = unpopulate(val, "Name", &c.Name) delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &i.Severity) + case "objectId": + err = unpopulate(val, "ObjectID", &c.ObjectID) delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &i.Status) + case "userPrincipalName": + err = unpopulate(val, "UserPrincipalName", &c.UserPrincipalName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IoTDeviceEntity. -func (i IoTDeviceEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CloudApplicationEntity. +func (c CloudApplicationEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", i.ID) - objectMap["kind"] = EntityKindEnumIoTDevice - populate(objectMap, "name", i.Name) - populate(objectMap, "properties", i.Properties) - populate(objectMap, "systemData", i.SystemData) - populate(objectMap, "type", i.Type) + populate(objectMap, "id", c.ID) + objectMap["kind"] = EntityKindEnumCloudApplication + populate(objectMap, "name", c.Name) + populate(objectMap, "properties", c.Properties) + populate(objectMap, "systemData", c.SystemData) + populate(objectMap, "type", c.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDeviceEntity. -func (i *IoTDeviceEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CloudApplicationEntity. +func (c *CloudApplicationEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &i.ID) + err = unpopulate(val, "ID", &c.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &i.Kind) + err = unpopulate(val, "Kind", &c.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &i.Name) + err = unpopulate(val, "Name", &c.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &i.Properties) + err = unpopulate(val, "Properties", &c.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &i.SystemData) + err = unpopulate(val, "SystemData", &c.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &i.Type) + err = unpopulate(val, "Type", &c.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type IoTDeviceEntityProperties. -func (i IoTDeviceEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CloudApplicationEntityProperties. +func (c CloudApplicationEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", i.AdditionalData) - populate(objectMap, "deviceId", i.DeviceID) - populate(objectMap, "deviceName", i.DeviceName) - populate(objectMap, "deviceType", i.DeviceType) - populate(objectMap, "edgeId", i.EdgeID) - populate(objectMap, "firmwareVersion", i.FirmwareVersion) - populate(objectMap, "friendlyName", i.FriendlyName) - populate(objectMap, "hostEntityId", i.HostEntityID) - populate(objectMap, "ipAddressEntityId", i.IPAddressEntityID) - populate(objectMap, "iotHubEntityId", i.IotHubEntityID) - populate(objectMap, "iotSecurityAgentId", i.IotSecurityAgentID) - populate(objectMap, "macAddress", i.MacAddress) - populate(objectMap, "model", i.Model) - populate(objectMap, "operatingSystem", i.OperatingSystem) - populate(objectMap, "protocols", i.Protocols) - populate(objectMap, "serialNumber", i.SerialNumber) - populate(objectMap, "source", i.Source) - populate(objectMap, "threatIntelligence", i.ThreatIntelligence) - populate(objectMap, "vendor", i.Vendor) + populate(objectMap, "additionalData", c.AdditionalData) + populate(objectMap, "appId", c.AppID) + populate(objectMap, "appName", c.AppName) + populate(objectMap, "friendlyName", c.FriendlyName) + populate(objectMap, "instanceName", c.InstanceName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDeviceEntityProperties. -func (i *IoTDeviceEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CloudApplicationEntityProperties. +func (c *CloudApplicationEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { case "additionalData": - err = unpopulate(val, "AdditionalData", &i.AdditionalData) - delete(rawMsg, key) - case "deviceId": - err = unpopulate(val, "DeviceID", &i.DeviceID) - delete(rawMsg, key) - case "deviceName": - err = unpopulate(val, "DeviceName", &i.DeviceName) - delete(rawMsg, key) - case "deviceType": - err = unpopulate(val, "DeviceType", &i.DeviceType) + err = unpopulate(val, "AdditionalData", &c.AdditionalData) delete(rawMsg, key) - case "edgeId": - err = unpopulate(val, "EdgeID", &i.EdgeID) + case "appId": + err = unpopulate(val, "AppID", &c.AppID) delete(rawMsg, key) - case "firmwareVersion": - err = unpopulate(val, "FirmwareVersion", &i.FirmwareVersion) + case "appName": + err = unpopulate(val, "AppName", &c.AppName) delete(rawMsg, key) case "friendlyName": - err = unpopulate(val, "FriendlyName", &i.FriendlyName) - delete(rawMsg, key) - case "hostEntityId": - err = unpopulate(val, "HostEntityID", &i.HostEntityID) - delete(rawMsg, key) - case "ipAddressEntityId": - err = unpopulate(val, "IPAddressEntityID", &i.IPAddressEntityID) - delete(rawMsg, key) - case "iotHubEntityId": - err = unpopulate(val, "IotHubEntityID", &i.IotHubEntityID) - delete(rawMsg, key) - case "iotSecurityAgentId": - err = unpopulate(val, "IotSecurityAgentID", &i.IotSecurityAgentID) - delete(rawMsg, key) - case "macAddress": - err = unpopulate(val, "MacAddress", &i.MacAddress) - delete(rawMsg, key) - case "model": - err = unpopulate(val, "Model", &i.Model) - delete(rawMsg, key) - case "operatingSystem": - err = unpopulate(val, "OperatingSystem", &i.OperatingSystem) - delete(rawMsg, key) - case "protocols": - err = unpopulate(val, "Protocols", &i.Protocols) - delete(rawMsg, key) - case "serialNumber": - err = unpopulate(val, "SerialNumber", &i.SerialNumber) - delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &i.Source) - delete(rawMsg, key) - case "threatIntelligence": - err = unpopulate(val, "ThreatIntelligence", &i.ThreatIntelligence) + err = unpopulate(val, "FriendlyName", &c.FriendlyName) delete(rawMsg, key) - case "vendor": - err = unpopulate(val, "Vendor", &i.Vendor) + case "instanceName": + err = unpopulate(val, "InstanceName", &c.InstanceName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", i, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MCASDataConnector. -func (m MCASDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessAPIPollingDataConnector. +func (c CodelessAPIPollingDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - objectMap["kind"] = DataConnectorKindMicrosoftCloudAppSecurity - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "etag", c.Etag) + populate(objectMap, "id", c.ID) + objectMap["kind"] = DataConnectorKindAPIPolling + populate(objectMap, "name", c.Name) + populate(objectMap, "properties", c.Properties) + populate(objectMap, "systemData", c.SystemData) + populate(objectMap, "type", c.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnector. -func (m *MCASDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessAPIPollingDataConnector. +func (c *CodelessAPIPollingDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { case "etag": - err = unpopulate(val, "Etag", &m.Etag) + err = unpopulate(val, "Etag", &c.Etag) delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &m.ID) + err = unpopulate(val, "ID", &c.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &m.Kind) + err = unpopulate(val, "Kind", &c.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &m.Name) + err = unpopulate(val, "Name", &c.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &m.Properties) + err = unpopulate(val, "Properties", &c.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + err = unpopulate(val, "SystemData", &c.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &m.Type) + err = unpopulate(val, "Type", &c.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MCASDataConnectorDataTypes. -func (m MCASDataConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessConnectorPollingAuthProperties. +func (c CodelessConnectorPollingAuthProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alerts", m.Alerts) - populate(objectMap, "discoveryLogs", m.DiscoveryLogs) + populate(objectMap, "apiKeyIdentifier", c.APIKeyIdentifier) + populate(objectMap, "apiKeyName", c.APIKeyName) + populate(objectMap, "authType", c.AuthType) + populate(objectMap, "authorizationEndpoint", c.AuthorizationEndpoint) + populateAny(objectMap, "authorizationEndpointQueryParameters", c.AuthorizationEndpointQueryParameters) + populate(objectMap, "flowName", c.FlowName) + populate(objectMap, "isApiKeyInPostPayload", c.IsAPIKeyInPostPayload) + populate(objectMap, "isClientSecretInHeader", c.IsClientSecretInHeader) + populate(objectMap, "redirectionEndpoint", c.RedirectionEndpoint) + populate(objectMap, "scope", c.Scope) + populate(objectMap, "tokenEndpoint", c.TokenEndpoint) + populateAny(objectMap, "tokenEndpointHeaders", c.TokenEndpointHeaders) + populateAny(objectMap, "tokenEndpointQueryParameters", c.TokenEndpointQueryParameters) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnectorDataTypes. -func (m *MCASDataConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessConnectorPollingAuthProperties. +func (c *CodelessConnectorPollingAuthProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "alerts": - err = unpopulate(val, "Alerts", &m.Alerts) + case "apiKeyIdentifier": + err = unpopulate(val, "APIKeyIdentifier", &c.APIKeyIdentifier) delete(rawMsg, key) - case "discoveryLogs": - err = unpopulate(val, "DiscoveryLogs", &m.DiscoveryLogs) + case "apiKeyName": + err = unpopulate(val, "APIKeyName", &c.APIKeyName) + delete(rawMsg, key) + case "authType": + err = unpopulate(val, "AuthType", &c.AuthType) + delete(rawMsg, key) + case "authorizationEndpoint": + err = unpopulate(val, "AuthorizationEndpoint", &c.AuthorizationEndpoint) + delete(rawMsg, key) + case "authorizationEndpointQueryParameters": + err = unpopulate(val, "AuthorizationEndpointQueryParameters", &c.AuthorizationEndpointQueryParameters) + delete(rawMsg, key) + case "flowName": + err = unpopulate(val, "FlowName", &c.FlowName) + delete(rawMsg, key) + case "isApiKeyInPostPayload": + err = unpopulate(val, "IsAPIKeyInPostPayload", &c.IsAPIKeyInPostPayload) + delete(rawMsg, key) + case "isClientSecretInHeader": + err = unpopulate(val, "IsClientSecretInHeader", &c.IsClientSecretInHeader) + delete(rawMsg, key) + case "redirectionEndpoint": + err = unpopulate(val, "RedirectionEndpoint", &c.RedirectionEndpoint) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &c.Scope) + delete(rawMsg, key) + case "tokenEndpoint": + err = unpopulate(val, "TokenEndpoint", &c.TokenEndpoint) + delete(rawMsg, key) + case "tokenEndpointHeaders": + err = unpopulate(val, "TokenEndpointHeaders", &c.TokenEndpointHeaders) + delete(rawMsg, key) + case "tokenEndpointQueryParameters": + err = unpopulate(val, "TokenEndpointQueryParameters", &c.TokenEndpointQueryParameters) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MCASDataConnectorProperties. -func (m MCASDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessConnectorPollingConfigProperties. +func (c CodelessConnectorPollingConfigProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", m.DataTypes) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "auth", c.Auth) + populate(objectMap, "isActive", c.IsActive) + populate(objectMap, "paging", c.Paging) + populate(objectMap, "request", c.Request) + populate(objectMap, "response", c.Response) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnectorProperties. -func (m *MCASDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessConnectorPollingConfigProperties. +func (c *CodelessConnectorPollingConfigProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &m.DataTypes) + case "auth": + err = unpopulate(val, "Auth", &c.Auth) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "isActive": + err = unpopulate(val, "IsActive", &c.IsActive) + delete(rawMsg, key) + case "paging": + err = unpopulate(val, "Paging", &c.Paging) + delete(rawMsg, key) + case "request": + err = unpopulate(val, "Request", &c.Request) + delete(rawMsg, key) + case "response": + err = unpopulate(val, "Response", &c.Response) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MDATPDataConnector. -func (m MDATPDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessConnectorPollingPagingProperties. +func (c CodelessConnectorPollingPagingProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - objectMap["kind"] = DataConnectorKindMicrosoftDefenderAdvancedThreatProtection - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "nextPageParaName", c.NextPageParaName) + populate(objectMap, "nextPageTokenJsonPath", c.NextPageTokenJSONPath) + populate(objectMap, "pageCountAttributePath", c.PageCountAttributePath) + populate(objectMap, "pageSize", c.PageSize) + populate(objectMap, "pageSizeParaName", c.PageSizeParaName) + populate(objectMap, "pageTimeStampAttributePath", c.PageTimeStampAttributePath) + populate(objectMap, "pageTotalCountAttributePath", c.PageTotalCountAttributePath) + populate(objectMap, "pagingType", c.PagingType) + populate(objectMap, "searchTheLatestTimeStampFromEventsList", c.SearchTheLatestTimeStampFromEventsList) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPDataConnector. -func (m *MDATPDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessConnectorPollingPagingProperties. +func (c *CodelessConnectorPollingPagingProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &m.Etag) + case "nextPageParaName": + err = unpopulate(val, "NextPageParaName", &c.NextPageParaName) delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &m.ID) + case "nextPageTokenJsonPath": + err = unpopulate(val, "NextPageTokenJSONPath", &c.NextPageTokenJSONPath) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) + case "pageCountAttributePath": + err = unpopulate(val, "PageCountAttributePath", &c.PageCountAttributePath) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) + case "pageSize": + err = unpopulate(val, "PageSize", &c.PageSize) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) + case "pageSizeParaName": + err = unpopulate(val, "PageSizeParaName", &c.PageSizeParaName) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "pageTimeStampAttributePath": + err = unpopulate(val, "PageTimeStampAttributePath", &c.PageTimeStampAttributePath) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "pageTotalCountAttributePath": + err = unpopulate(val, "PageTotalCountAttributePath", &c.PageTotalCountAttributePath) + delete(rawMsg, key) + case "pagingType": + err = unpopulate(val, "PagingType", &c.PagingType) + delete(rawMsg, key) + case "searchTheLatestTimeStampFromEventsList": + err = unpopulate(val, "SearchTheLatestTimeStampFromEventsList", &c.SearchTheLatestTimeStampFromEventsList) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MDATPDataConnectorProperties. -func (m MDATPDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessConnectorPollingRequestProperties. +func (c CodelessConnectorPollingRequestProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", m.DataTypes) - populate(objectMap, "tenantId", m.TenantID) + populate(objectMap, "apiEndpoint", c.APIEndpoint) + populate(objectMap, "endTimeAttributeName", c.EndTimeAttributeName) + populate(objectMap, "httpMethod", c.HTTPMethod) + populateAny(objectMap, "headers", c.Headers) + populateAny(objectMap, "queryParameters", c.QueryParameters) + populate(objectMap, "queryParametersTemplate", c.QueryParametersTemplate) + populate(objectMap, "queryTimeFormat", c.QueryTimeFormat) + populate(objectMap, "queryWindowInMin", c.QueryWindowInMin) + populate(objectMap, "rateLimitQps", c.RateLimitQPS) + populate(objectMap, "retryCount", c.RetryCount) + populate(objectMap, "startTimeAttributeName", c.StartTimeAttributeName) + populate(objectMap, "timeoutInSeconds", c.TimeoutInSeconds) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPDataConnectorProperties. -func (m *MDATPDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessConnectorPollingRequestProperties. +func (c *CodelessConnectorPollingRequestProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &m.DataTypes) + case "apiEndpoint": + err = unpopulate(val, "APIEndpoint", &c.APIEndpoint) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &m.TenantID) + case "endTimeAttributeName": + err = unpopulate(val, "EndTimeAttributeName", &c.EndTimeAttributeName) + delete(rawMsg, key) + case "httpMethod": + err = unpopulate(val, "HTTPMethod", &c.HTTPMethod) + delete(rawMsg, key) + case "headers": + err = unpopulate(val, "Headers", &c.Headers) + delete(rawMsg, key) + case "queryParameters": + err = unpopulate(val, "QueryParameters", &c.QueryParameters) + delete(rawMsg, key) + case "queryParametersTemplate": + err = unpopulate(val, "QueryParametersTemplate", &c.QueryParametersTemplate) + delete(rawMsg, key) + case "queryTimeFormat": + err = unpopulate(val, "QueryTimeFormat", &c.QueryTimeFormat) + delete(rawMsg, key) + case "queryWindowInMin": + err = unpopulate(val, "QueryWindowInMin", &c.QueryWindowInMin) + delete(rawMsg, key) + case "rateLimitQps": + err = unpopulate(val, "RateLimitQPS", &c.RateLimitQPS) + delete(rawMsg, key) + case "retryCount": + err = unpopulate(val, "RetryCount", &c.RetryCount) + delete(rawMsg, key) + case "startTimeAttributeName": + err = unpopulate(val, "StartTimeAttributeName", &c.StartTimeAttributeName) + delete(rawMsg, key) + case "timeoutInSeconds": + err = unpopulate(val, "TimeoutInSeconds", &c.TimeoutInSeconds) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailClusterEntity. -func (m MailClusterEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessConnectorPollingResponseProperties. +func (c CodelessConnectorPollingResponseProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = EntityKindEnumMailCluster - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "eventsJsonPaths", c.EventsJSONPaths) + populate(objectMap, "isGzipCompressed", c.IsGzipCompressed) + populate(objectMap, "successStatusJsonPath", c.SuccessStatusJSONPath) + populate(objectMap, "successStatusValue", c.SuccessStatusValue) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailClusterEntity. -func (m *MailClusterEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessConnectorPollingResponseProperties. +func (c *CodelessConnectorPollingResponseProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) + case "eventsJsonPaths": + err = unpopulate(val, "EventsJSONPaths", &c.EventsJSONPaths) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) + case "isGzipCompressed": + err = unpopulate(val, "IsGzipCompressed", &c.IsGzipCompressed) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "successStatusJsonPath": + err = unpopulate(val, "SuccessStatusJSONPath", &c.SuccessStatusJSONPath) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "successStatusValue": + err = unpopulate(val, "SuccessStatusValue", &c.SuccessStatusValue) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailClusterEntityProperties. -func (m MailClusterEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessParameters. +func (c CodelessParameters) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", m.AdditionalData) - populate(objectMap, "clusterGroup", m.ClusterGroup) - populateDateTimeRFC3339(objectMap, "clusterQueryEndTime", m.ClusterQueryEndTime) - populateDateTimeRFC3339(objectMap, "clusterQueryStartTime", m.ClusterQueryStartTime) - populate(objectMap, "clusterSourceIdentifier", m.ClusterSourceIdentifier) - populate(objectMap, "clusterSourceType", m.ClusterSourceType) - populateAny(objectMap, "countByDeliveryStatus", m.CountByDeliveryStatus) - populateAny(objectMap, "countByProtectionStatus", m.CountByProtectionStatus) - populateAny(objectMap, "countByThreatType", m.CountByThreatType) - populate(objectMap, "friendlyName", m.FriendlyName) - populate(objectMap, "isVolumeAnomaly", m.IsVolumeAnomaly) - populate(objectMap, "mailCount", m.MailCount) - populate(objectMap, "networkMessageIds", m.NetworkMessageIDs) - populate(objectMap, "query", m.Query) - populateDateTimeRFC3339(objectMap, "queryTime", m.QueryTime) - populate(objectMap, "source", m.Source) - populate(objectMap, "threats", m.Threats) + populate(objectMap, "connectorUiConfig", c.ConnectorUIConfig) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailClusterEntityProperties. -func (m *MailClusterEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessParameters. +func (c *CodelessParameters) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &m.AdditionalData) - delete(rawMsg, key) - case "clusterGroup": - err = unpopulate(val, "ClusterGroup", &m.ClusterGroup) + case "connectorUiConfig": + err = unpopulate(val, "ConnectorUIConfig", &c.ConnectorUIConfig) delete(rawMsg, key) - case "clusterQueryEndTime": - err = unpopulateDateTimeRFC3339(val, "ClusterQueryEndTime", &m.ClusterQueryEndTime) - delete(rawMsg, key) - case "clusterQueryStartTime": - err = unpopulateDateTimeRFC3339(val, "ClusterQueryStartTime", &m.ClusterQueryStartTime) - delete(rawMsg, key) - case "clusterSourceIdentifier": - err = unpopulate(val, "ClusterSourceIdentifier", &m.ClusterSourceIdentifier) - delete(rawMsg, key) - case "clusterSourceType": - err = unpopulate(val, "ClusterSourceType", &m.ClusterSourceType) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type CodelessUIConnectorConfigProperties. +func (c CodelessUIConnectorConfigProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "availability", c.Availability) + populate(objectMap, "connectivityCriteria", c.ConnectivityCriteria) + populate(objectMap, "customImage", c.CustomImage) + populate(objectMap, "dataTypes", c.DataTypes) + populate(objectMap, "descriptionMarkdown", c.DescriptionMarkdown) + populate(objectMap, "graphQueries", c.GraphQueries) + populate(objectMap, "graphQueriesTableName", c.GraphQueriesTableName) + populate(objectMap, "instructionSteps", c.InstructionSteps) + populate(objectMap, "permissions", c.Permissions) + populate(objectMap, "publisher", c.Publisher) + populate(objectMap, "sampleQueries", c.SampleQueries) + populate(objectMap, "title", c.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessUIConnectorConfigProperties. +func (c *CodelessUIConnectorConfigProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "availability": + err = unpopulate(val, "Availability", &c.Availability) delete(rawMsg, key) - case "countByDeliveryStatus": - err = unpopulate(val, "CountByDeliveryStatus", &m.CountByDeliveryStatus) + case "connectivityCriteria": + err = unpopulate(val, "ConnectivityCriteria", &c.ConnectivityCriteria) delete(rawMsg, key) - case "countByProtectionStatus": - err = unpopulate(val, "CountByProtectionStatus", &m.CountByProtectionStatus) + case "customImage": + err = unpopulate(val, "CustomImage", &c.CustomImage) delete(rawMsg, key) - case "countByThreatType": - err = unpopulate(val, "CountByThreatType", &m.CountByThreatType) + case "dataTypes": + err = unpopulate(val, "DataTypes", &c.DataTypes) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &m.FriendlyName) + case "descriptionMarkdown": + err = unpopulate(val, "DescriptionMarkdown", &c.DescriptionMarkdown) delete(rawMsg, key) - case "isVolumeAnomaly": - err = unpopulate(val, "IsVolumeAnomaly", &m.IsVolumeAnomaly) + case "graphQueries": + err = unpopulate(val, "GraphQueries", &c.GraphQueries) delete(rawMsg, key) - case "mailCount": - err = unpopulate(val, "MailCount", &m.MailCount) + case "graphQueriesTableName": + err = unpopulate(val, "GraphQueriesTableName", &c.GraphQueriesTableName) delete(rawMsg, key) - case "networkMessageIds": - err = unpopulate(val, "NetworkMessageIDs", &m.NetworkMessageIDs) + case "instructionSteps": + err = unpopulate(val, "InstructionSteps", &c.InstructionSteps) delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &m.Query) + case "permissions": + err = unpopulate(val, "Permissions", &c.Permissions) delete(rawMsg, key) - case "queryTime": - err = unpopulateDateTimeRFC3339(val, "QueryTime", &m.QueryTime) + case "publisher": + err = unpopulate(val, "Publisher", &c.Publisher) delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &m.Source) + case "sampleQueries": + err = unpopulate(val, "SampleQueries", &c.SampleQueries) delete(rawMsg, key) - case "threats": - err = unpopulate(val, "Threats", &m.Threats) + case "title": + err = unpopulate(val, "Title", &c.Title) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailMessageEntity. -func (m MailMessageEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem. +func (c CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = EntityKindEnumMailMessage - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "type", c.Type) + populate(objectMap, "value", c.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailMessageEntity. -func (m *MailMessageEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem. +func (c *CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) - delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &m.Type) + err = unpopulate(val, "Type", &c.Type) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &c.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailMessageEntityProperties. -func (m MailMessageEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessUIConnectorConfigPropertiesDataTypesItem. +func (c CodelessUIConnectorConfigPropertiesDataTypesItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", m.AdditionalData) - populate(objectMap, "antispamDirection", m.AntispamDirection) - populate(objectMap, "bodyFingerprintBin1", m.BodyFingerprintBin1) - populate(objectMap, "bodyFingerprintBin2", m.BodyFingerprintBin2) - populate(objectMap, "bodyFingerprintBin3", m.BodyFingerprintBin3) - populate(objectMap, "bodyFingerprintBin4", m.BodyFingerprintBin4) - populate(objectMap, "bodyFingerprintBin5", m.BodyFingerprintBin5) - populate(objectMap, "deliveryAction", m.DeliveryAction) - populate(objectMap, "deliveryLocation", m.DeliveryLocation) - populate(objectMap, "fileEntityIds", m.FileEntityIDs) - populate(objectMap, "friendlyName", m.FriendlyName) - populate(objectMap, "internetMessageId", m.InternetMessageID) - populate(objectMap, "language", m.Language) - populate(objectMap, "networkMessageId", m.NetworkMessageID) - populate(objectMap, "p1Sender", m.P1Sender) - populate(objectMap, "p1SenderDisplayName", m.P1SenderDisplayName) - populate(objectMap, "p1SenderDomain", m.P1SenderDomain) - populate(objectMap, "p2Sender", m.P2Sender) - populate(objectMap, "p2SenderDisplayName", m.P2SenderDisplayName) - populate(objectMap, "p2SenderDomain", m.P2SenderDomain) - populateDateTimeRFC3339(objectMap, "receiveDate", m.ReceiveDate) - populate(objectMap, "recipient", m.Recipient) - populate(objectMap, "senderIP", m.SenderIP) - populate(objectMap, "subject", m.Subject) - populate(objectMap, "threatDetectionMethods", m.ThreatDetectionMethods) - populate(objectMap, "threats", m.Threats) - populate(objectMap, "urls", m.Urls) + populate(objectMap, "lastDataReceivedQuery", c.LastDataReceivedQuery) + populate(objectMap, "name", c.Name) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailMessageEntityProperties. -func (m *MailMessageEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessUIConnectorConfigPropertiesDataTypesItem. +func (c *CodelessUIConnectorConfigPropertiesDataTypesItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &m.AdditionalData) - delete(rawMsg, key) - case "antispamDirection": - err = unpopulate(val, "AntispamDirection", &m.AntispamDirection) - delete(rawMsg, key) - case "bodyFingerprintBin1": - err = unpopulate(val, "BodyFingerprintBin1", &m.BodyFingerprintBin1) - delete(rawMsg, key) - case "bodyFingerprintBin2": - err = unpopulate(val, "BodyFingerprintBin2", &m.BodyFingerprintBin2) - delete(rawMsg, key) - case "bodyFingerprintBin3": - err = unpopulate(val, "BodyFingerprintBin3", &m.BodyFingerprintBin3) - delete(rawMsg, key) - case "bodyFingerprintBin4": - err = unpopulate(val, "BodyFingerprintBin4", &m.BodyFingerprintBin4) - delete(rawMsg, key) - case "bodyFingerprintBin5": - err = unpopulate(val, "BodyFingerprintBin5", &m.BodyFingerprintBin5) - delete(rawMsg, key) - case "deliveryAction": - err = unpopulate(val, "DeliveryAction", &m.DeliveryAction) - delete(rawMsg, key) - case "deliveryLocation": - err = unpopulate(val, "DeliveryLocation", &m.DeliveryLocation) - delete(rawMsg, key) - case "fileEntityIds": - err = unpopulate(val, "FileEntityIDs", &m.FileEntityIDs) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &m.FriendlyName) - delete(rawMsg, key) - case "internetMessageId": - err = unpopulate(val, "InternetMessageID", &m.InternetMessageID) - delete(rawMsg, key) - case "language": - err = unpopulate(val, "Language", &m.Language) - delete(rawMsg, key) - case "networkMessageId": - err = unpopulate(val, "NetworkMessageID", &m.NetworkMessageID) - delete(rawMsg, key) - case "p1Sender": - err = unpopulate(val, "P1Sender", &m.P1Sender) - delete(rawMsg, key) - case "p1SenderDisplayName": - err = unpopulate(val, "P1SenderDisplayName", &m.P1SenderDisplayName) - delete(rawMsg, key) - case "p1SenderDomain": - err = unpopulate(val, "P1SenderDomain", &m.P1SenderDomain) - delete(rawMsg, key) - case "p2Sender": - err = unpopulate(val, "P2Sender", &m.P2Sender) - delete(rawMsg, key) - case "p2SenderDisplayName": - err = unpopulate(val, "P2SenderDisplayName", &m.P2SenderDisplayName) - delete(rawMsg, key) - case "p2SenderDomain": - err = unpopulate(val, "P2SenderDomain", &m.P2SenderDomain) - delete(rawMsg, key) - case "receiveDate": - err = unpopulateDateTimeRFC3339(val, "ReceiveDate", &m.ReceiveDate) - delete(rawMsg, key) - case "recipient": - err = unpopulate(val, "Recipient", &m.Recipient) - delete(rawMsg, key) - case "senderIP": - err = unpopulate(val, "SenderIP", &m.SenderIP) + case "lastDataReceivedQuery": + err = unpopulate(val, "LastDataReceivedQuery", &c.LastDataReceivedQuery) delete(rawMsg, key) - case "subject": - err = unpopulate(val, "Subject", &m.Subject) - delete(rawMsg, key) - case "threatDetectionMethods": - err = unpopulate(val, "ThreatDetectionMethods", &m.ThreatDetectionMethods) - delete(rawMsg, key) - case "threats": - err = unpopulate(val, "Threats", &m.Threats) - delete(rawMsg, key) - case "urls": - err = unpopulate(val, "Urls", &m.Urls) + case "name": + err = unpopulate(val, "Name", &c.Name) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailboxEntity. -func (m MailboxEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessUIConnectorConfigPropertiesGraphQueriesItem. +func (c CodelessUIConnectorConfigPropertiesGraphQueriesItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = EntityKindEnumMailbox - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "baseQuery", c.BaseQuery) + populate(objectMap, "legend", c.Legend) + populate(objectMap, "metricName", c.MetricName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailboxEntity. -func (m *MailboxEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessUIConnectorConfigPropertiesGraphQueriesItem. +func (c *CodelessUIConnectorConfigPropertiesGraphQueriesItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) + case "baseQuery": + err = unpopulate(val, "BaseQuery", &c.BaseQuery) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "legend": + err = unpopulate(val, "Legend", &c.Legend) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "metricName": + err = unpopulate(val, "MetricName", &c.MetricName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MailboxEntityProperties. -func (m MailboxEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessUIConnectorConfigPropertiesInstructionStepsItem. +func (c CodelessUIConnectorConfigPropertiesInstructionStepsItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", m.AdditionalData) - populate(objectMap, "displayName", m.DisplayName) - populate(objectMap, "externalDirectoryObjectId", m.ExternalDirectoryObjectID) - populate(objectMap, "friendlyName", m.FriendlyName) - populate(objectMap, "mailboxPrimaryAddress", m.MailboxPrimaryAddress) - populate(objectMap, "upn", m.Upn) + populate(objectMap, "description", c.Description) + populate(objectMap, "instructions", c.Instructions) + populate(objectMap, "title", c.Title) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MailboxEntityProperties. -func (m *MailboxEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessUIConnectorConfigPropertiesInstructionStepsItem. +func (c *CodelessUIConnectorConfigPropertiesInstructionStepsItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &m.AdditionalData) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &m.DisplayName) + case "description": + err = unpopulate(val, "Description", &c.Description) delete(rawMsg, key) - case "externalDirectoryObjectId": - err = unpopulate(val, "ExternalDirectoryObjectID", &m.ExternalDirectoryObjectID) + case "instructions": + err = unpopulate(val, "Instructions", &c.Instructions) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &m.FriendlyName) + case "title": + err = unpopulate(val, "Title", &c.Title) delete(rawMsg, key) - case "mailboxPrimaryAddress": - err = unpopulate(val, "MailboxPrimaryAddress", &m.MailboxPrimaryAddress) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type CodelessUIConnectorConfigPropertiesSampleQueriesItem. +func (c CodelessUIConnectorConfigPropertiesSampleQueriesItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", c.Description) + populate(objectMap, "query", c.Query) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessUIConnectorConfigPropertiesSampleQueriesItem. +func (c *CodelessUIConnectorConfigPropertiesSampleQueriesItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &c.Description) delete(rawMsg, key) - case "upn": - err = unpopulate(val, "Upn", &m.Upn) + case "query": + err = unpopulate(val, "Query", &c.Query) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MalwareEntity. -func (m MalwareEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CodelessUIDataConnector. +func (c CodelessUIDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = EntityKindEnumMalware - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "etag", c.Etag) + populate(objectMap, "id", c.ID) + objectMap["kind"] = DataConnectorKindGenericUI + populate(objectMap, "name", c.Name) + populate(objectMap, "properties", c.Properties) + populate(objectMap, "systemData", c.SystemData) + populate(objectMap, "type", c.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MalwareEntity. -func (m *MalwareEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CodelessUIDataConnector. +func (c *CodelessUIDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { + case "etag": + err = unpopulate(val, "Etag", &c.Etag) + delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &m.ID) + err = unpopulate(val, "ID", &c.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &m.Kind) + err = unpopulate(val, "Kind", &c.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &m.Name) + err = unpopulate(val, "Name", &c.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &m.Properties) + err = unpopulate(val, "Properties", &c.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + err = unpopulate(val, "SystemData", &c.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &m.Type) + err = unpopulate(val, "Type", &c.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MalwareEntityProperties. -func (m MalwareEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConditionClause. +func (c ConditionClause) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", m.AdditionalData) - populate(objectMap, "category", m.Category) - populate(objectMap, "fileEntityIds", m.FileEntityIDs) - populate(objectMap, "friendlyName", m.FriendlyName) - populate(objectMap, "malwareName", m.MalwareName) - populate(objectMap, "processEntityIds", m.ProcessEntityIDs) + populate(objectMap, "clauseConnective", c.ClauseConnective) + populate(objectMap, "field", c.Field) + populate(objectMap, "operator", c.Operator) + populate(objectMap, "values", c.Values) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MalwareEntityProperties. -func (m *MalwareEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConditionClause. +func (c *ConditionClause) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &m.AdditionalData) - delete(rawMsg, key) - case "category": - err = unpopulate(val, "Category", &m.Category) - delete(rawMsg, key) - case "fileEntityIds": - err = unpopulate(val, "FileEntityIDs", &m.FileEntityIDs) + case "clauseConnective": + err = unpopulate(val, "ClauseConnective", &c.ClauseConnective) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &m.FriendlyName) + case "field": + err = unpopulate(val, "Field", &c.Field) delete(rawMsg, key) - case "malwareName": - err = unpopulate(val, "MalwareName", &m.MalwareName) + case "operator": + err = unpopulate(val, "Operator", &c.Operator) delete(rawMsg, key) - case "processEntityIds": - err = unpopulate(val, "ProcessEntityIDs", &m.ProcessEntityIDs) + case "values": + err = unpopulate(val, "Values", &c.Values) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRule. -func (m MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConditionProperties. +func (c ConditionProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", m.Etag) - populate(objectMap, "id", m.ID) - objectMap["kind"] = AlertRuleKindMicrosoftSecurityIncidentCreation - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "clauses", c.Clauses) + populate(objectMap, "conditionConnective", c.ConditionConnective) + populate(objectMap, "stixObjectType", c.StixObjectType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRule. -func (m *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConditionProperties. +func (c *ConditionProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &m.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) + case "clauses": + err = unpopulate(val, "Clauses", &c.Clauses) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) + case "conditionConnective": + err = unpopulate(val, "ConditionConnective", &c.ConditionConnective) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + case "stixObjectType": + err = unpopulate(val, "StixObjectType", &c.StixObjectType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleProperties. -func (m MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConnectedEntity. +func (c ConnectedEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertRuleTemplateName", m.AlertRuleTemplateName) - populate(objectMap, "description", m.Description) - populate(objectMap, "displayName", m.DisplayName) - populate(objectMap, "displayNamesExcludeFilter", m.DisplayNamesExcludeFilter) - populate(objectMap, "displayNamesFilter", m.DisplayNamesFilter) - populate(objectMap, "enabled", m.Enabled) - populateDateTimeRFC3339(objectMap, "lastModifiedUtc", m.LastModifiedUTC) - populate(objectMap, "productFilter", m.ProductFilter) - populate(objectMap, "severitiesFilter", m.SeveritiesFilter) + populateAny(objectMap, "additionalData", c.AdditionalData) + populate(objectMap, "targetEntityId", c.TargetEntityID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleProperties. -func (m *MicrosoftSecurityIncidentCreationAlertRuleProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectedEntity. +func (c *ConnectedEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "alertRuleTemplateName": - err = unpopulate(val, "AlertRuleTemplateName", &m.AlertRuleTemplateName) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &m.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &m.DisplayName) - delete(rawMsg, key) - case "displayNamesExcludeFilter": - err = unpopulate(val, "DisplayNamesExcludeFilter", &m.DisplayNamesExcludeFilter) - delete(rawMsg, key) - case "displayNamesFilter": - err = unpopulate(val, "DisplayNamesFilter", &m.DisplayNamesFilter) - delete(rawMsg, key) - case "enabled": - err = unpopulate(val, "Enabled", &m.Enabled) + case "additionalData": + err = unpopulate(val, "AdditionalData", &c.AdditionalData) delete(rawMsg, key) - case "lastModifiedUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &m.LastModifiedUTC) + case "targetEntityId": + err = unpopulate(val, "TargetEntityID", &c.TargetEntityID) delete(rawMsg, key) - case "productFilter": - err = unpopulate(val, "ProductFilter", &m.ProductFilter) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ConnectivityCriterion. +func (c ConnectivityCriterion) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "type", c.Type) + populate(objectMap, "value", c.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectivityCriterion. +func (c *ConnectivityCriterion) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "type": + err = unpopulate(val, "Type", &c.Type) delete(rawMsg, key) - case "severitiesFilter": - err = unpopulate(val, "SeveritiesFilter", &m.SeveritiesFilter) + case "value": + err = unpopulate(val, "Value", &c.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (m MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConnectorDataType. +func (c ConnectorDataType) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", m.ID) - objectMap["kind"] = AlertRuleKindMicrosoftSecurityIncidentCreation - populate(objectMap, "name", m.Name) - populate(objectMap, "properties", m.Properties) - populate(objectMap, "systemData", m.SystemData) - populate(objectMap, "type", m.Type) + populate(objectMap, "lastDataReceivedQuery", c.LastDataReceivedQuery) + populate(objectMap, "name", c.Name) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (m *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectorDataType. +func (c *ConnectorDataType) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &m.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &m.Kind) + case "lastDataReceivedQuery": + err = unpopulate(val, "LastDataReceivedQuery", &c.LastDataReceivedQuery) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &m.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &m.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &m.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &m.Type) + err = unpopulate(val, "Name", &c.Name) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties. -func (m MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConnectorDefinitionsAvailability. +func (c ConnectorDefinitionsAvailability) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertRulesCreatedByTemplateCount", m.AlertRulesCreatedByTemplateCount) - populateDateTimeRFC3339(objectMap, "createdDateUTC", m.CreatedDateUTC) - populate(objectMap, "description", m.Description) - populate(objectMap, "displayName", m.DisplayName) - populate(objectMap, "displayNamesExcludeFilter", m.DisplayNamesExcludeFilter) - populate(objectMap, "displayNamesFilter", m.DisplayNamesFilter) - populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", m.LastUpdatedDateUTC) - populate(objectMap, "productFilter", m.ProductFilter) - populate(objectMap, "requiredDataConnectors", m.RequiredDataConnectors) - populate(objectMap, "severitiesFilter", m.SeveritiesFilter) - populate(objectMap, "status", m.Status) + populate(objectMap, "isPreview", c.IsPreview) + populate(objectMap, "status", c.Status) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties. -func (m *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectorDefinitionsAvailability. +func (c *ConnectorDefinitionsAvailability) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "alertRulesCreatedByTemplateCount": - err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &m.AlertRulesCreatedByTemplateCount) - delete(rawMsg, key) - case "createdDateUTC": - err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &m.CreatedDateUTC) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &m.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &m.DisplayName) - delete(rawMsg, key) - case "displayNamesExcludeFilter": - err = unpopulate(val, "DisplayNamesExcludeFilter", &m.DisplayNamesExcludeFilter) - delete(rawMsg, key) - case "displayNamesFilter": - err = unpopulate(val, "DisplayNamesFilter", &m.DisplayNamesFilter) - delete(rawMsg, key) - case "lastUpdatedDateUTC": - err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &m.LastUpdatedDateUTC) - delete(rawMsg, key) - case "productFilter": - err = unpopulate(val, "ProductFilter", &m.ProductFilter) - delete(rawMsg, key) - case "requiredDataConnectors": - err = unpopulate(val, "RequiredDataConnectors", &m.RequiredDataConnectors) - delete(rawMsg, key) - case "severitiesFilter": - err = unpopulate(val, "SeveritiesFilter", &m.SeveritiesFilter) + case "isPreview": + err = unpopulate(val, "IsPreview", &c.IsPreview) delete(rawMsg, key) case "status": - err = unpopulate(val, "Status", &m.Status) + err = unpopulate(val, "Status", &c.Status) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", m, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnector. -func (o OfficeDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConnectorDefinitionsPermissions. +func (c ConnectorDefinitionsPermissions) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", o.Etag) - populate(objectMap, "id", o.ID) - objectMap["kind"] = DataConnectorKindOffice365 - populate(objectMap, "name", o.Name) - populate(objectMap, "properties", o.Properties) - populate(objectMap, "systemData", o.SystemData) - populate(objectMap, "type", o.Type) + populate(objectMap, "customs", c.Customs) + populate(objectMap, "licenses", c.Licenses) + populate(objectMap, "resourceProvider", c.ResourceProvider) + populate(objectMap, "tenant", c.Tenant) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnector. -func (o *OfficeDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectorDefinitionsPermissions. +func (c *ConnectorDefinitionsPermissions) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &o.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &o.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &o.Kind) + case "customs": + err = unpopulate(val, "Customs", &c.Customs) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &o.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &o.Properties) + case "licenses": + err = unpopulate(val, "Licenses", &c.Licenses) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &o.SystemData) + case "resourceProvider": + err = unpopulate(val, "ResourceProvider", &c.ResourceProvider) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &o.Type) + case "tenant": + err = unpopulate(val, "Tenant", &c.Tenant) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypes. -func (o OfficeDataConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ConnectorDefinitionsResourceProvider. +func (c ConnectorDefinitionsResourceProvider) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "exchange", o.Exchange) - populate(objectMap, "sharePoint", o.SharePoint) - populate(objectMap, "teams", o.Teams) + populate(objectMap, "permissionsDisplayText", c.PermissionsDisplayText) + populate(objectMap, "provider", c.Provider) + populate(objectMap, "providerDisplayName", c.ProviderDisplayName) + populate(objectMap, "requiredPermissions", c.RequiredPermissions) + populate(objectMap, "scope", c.Scope) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypes. -func (o *OfficeDataConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ConnectorDefinitionsResourceProvider. +func (c *ConnectorDefinitionsResourceProvider) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "exchange": - err = unpopulate(val, "Exchange", &o.Exchange) + case "permissionsDisplayText": + err = unpopulate(val, "PermissionsDisplayText", &c.PermissionsDisplayText) delete(rawMsg, key) - case "sharePoint": - err = unpopulate(val, "SharePoint", &o.SharePoint) + case "provider": + err = unpopulate(val, "Provider", &c.Provider) delete(rawMsg, key) - case "teams": - err = unpopulate(val, "Teams", &o.Teams) + case "providerDisplayName": + err = unpopulate(val, "ProviderDisplayName", &c.ProviderDisplayName) + delete(rawMsg, key) + case "requiredPermissions": + err = unpopulate(val, "RequiredPermissions", &c.RequiredPermissions) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &c.Scope) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesExchange. -func (o OfficeDataConnectorDataTypesExchange) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomEntityQuery. +func (c CustomEntityQuery) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", o.State) + populate(objectMap, "etag", c.Etag) + populate(objectMap, "id", c.ID) + objectMap["kind"] = c.Kind + populate(objectMap, "name", c.Name) + populate(objectMap, "systemData", c.SystemData) + populate(objectMap, "type", c.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesExchange. -func (o *OfficeDataConnectorDataTypesExchange) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomEntityQuery. +func (c *CustomEntityQuery) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &o.State) + case "etag": + err = unpopulate(val, "Etag", &c.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &c.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &c.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &c.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &c.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &c.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesSharePoint. -func (o OfficeDataConnectorDataTypesSharePoint) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomPermissionDetails. +func (c CustomPermissionDetails) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", o.State) + populate(objectMap, "description", c.Description) + populate(objectMap, "name", c.Name) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesSharePoint. -func (o *OfficeDataConnectorDataTypesSharePoint) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomPermissionDetails. +func (c *CustomPermissionDetails) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &o.State) + case "description": + err = unpopulate(val, "Description", &c.Description) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &c.Name) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesTeams. -func (o OfficeDataConnectorDataTypesTeams) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomizableConnectionsConfig. +func (c CustomizableConnectionsConfig) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", o.State) + populate(objectMap, "templateSpecName", c.TemplateSpecName) + populate(objectMap, "templateSpecVersion", c.TemplateSpecVersion) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesTeams. -func (o *OfficeDataConnectorDataTypesTeams) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomizableConnectionsConfig. +func (c *CustomizableConnectionsConfig) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &o.State) + case "templateSpecName": + err = unpopulate(val, "TemplateSpecName", &c.TemplateSpecName) + delete(rawMsg, key) + case "templateSpecVersion": + err = unpopulate(val, "TemplateSpecVersion", &c.TemplateSpecVersion) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorProperties. -func (o OfficeDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomizableConnectorDefinition. +func (c CustomizableConnectorDefinition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", o.DataTypes) - populate(objectMap, "tenantId", o.TenantID) + populate(objectMap, "etag", c.Etag) + populate(objectMap, "id", c.ID) + objectMap["kind"] = DataConnectorDefinitionKindCustomizable + populate(objectMap, "name", c.Name) + populate(objectMap, "properties", c.Properties) + populate(objectMap, "systemData", c.SystemData) + populate(objectMap, "type", c.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorProperties. -func (o *OfficeDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomizableConnectorDefinition. +func (c *CustomizableConnectorDefinition) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &o.DataTypes) + case "etag": + err = unpopulate(val, "Etag", &c.Etag) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &o.TenantID) + case "id": + err = unpopulate(val, "ID", &c.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &c.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &c.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &c.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &c.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &c.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Operation. -func (o Operation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomizableConnectorDefinitionProperties. +func (c CustomizableConnectorDefinitionProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "display", o.Display) - populate(objectMap, "isDataAction", o.IsDataAction) - populate(objectMap, "name", o.Name) - populate(objectMap, "origin", o.Origin) + populate(objectMap, "connectionsConfig", c.ConnectionsConfig) + populate(objectMap, "connectorUiConfig", c.ConnectorUIConfig) + populateDateTimeRFC3339(objectMap, "createdTimeUtc", c.CreatedTimeUTC) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", c.LastModifiedUTC) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Operation. -func (o *Operation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomizableConnectorDefinitionProperties. +func (c *CustomizableConnectorDefinitionProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "display": - err = unpopulate(val, "Display", &o.Display) + case "connectionsConfig": + err = unpopulate(val, "ConnectionsConfig", &c.ConnectionsConfig) delete(rawMsg, key) - case "isDataAction": - err = unpopulate(val, "IsDataAction", &o.IsDataAction) + case "connectorUiConfig": + err = unpopulate(val, "ConnectorUIConfig", &c.ConnectorUIConfig) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &o.Name) + case "createdTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &c.CreatedTimeUTC) delete(rawMsg, key) - case "origin": - err = unpopulate(val, "Origin", &o.Origin) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &c.LastModifiedUTC) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OperationDisplay. -func (o OperationDisplay) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type CustomizableConnectorUIConfig. +func (c CustomizableConnectorUIConfig) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "description", o.Description) - populate(objectMap, "operation", o.Operation) - populate(objectMap, "provider", o.Provider) - populate(objectMap, "resource", o.Resource) + populate(objectMap, "availability", c.Availability) + populate(objectMap, "connectivityCriteria", c.ConnectivityCriteria) + populate(objectMap, "dataTypes", c.DataTypes) + populate(objectMap, "descriptionMarkdown", c.DescriptionMarkdown) + populate(objectMap, "graphQueries", c.GraphQueries) + populate(objectMap, "id", c.ID) + populate(objectMap, "instructionSteps", c.InstructionSteps) + populate(objectMap, "isConnectivityCriteriasMatchSome", c.IsConnectivityCriteriasMatchSome) + populate(objectMap, "logo", c.Logo) + populate(objectMap, "permissions", c.Permissions) + populate(objectMap, "publisher", c.Publisher) + populate(objectMap, "title", c.Title) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OperationDisplay. -func (o *OperationDisplay) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type CustomizableConnectorUIConfig. +func (c *CustomizableConnectorUIConfig) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } for key, val := range rawMsg { var err error switch key { - case "description": - err = unpopulate(val, "Description", &o.Description) + case "availability": + err = unpopulate(val, "Availability", &c.Availability) delete(rawMsg, key) - case "operation": - err = unpopulate(val, "Operation", &o.Operation) + case "connectivityCriteria": + err = unpopulate(val, "ConnectivityCriteria", &c.ConnectivityCriteria) delete(rawMsg, key) - case "provider": - err = unpopulate(val, "Provider", &o.Provider) + case "dataTypes": + err = unpopulate(val, "DataTypes", &c.DataTypes) delete(rawMsg, key) - case "resource": - err = unpopulate(val, "Resource", &o.Resource) + case "descriptionMarkdown": + err = unpopulate(val, "DescriptionMarkdown", &c.DescriptionMarkdown) + delete(rawMsg, key) + case "graphQueries": + err = unpopulate(val, "GraphQueries", &c.GraphQueries) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &c.ID) + delete(rawMsg, key) + case "instructionSteps": + err = unpopulate(val, "InstructionSteps", &c.InstructionSteps) + delete(rawMsg, key) + case "isConnectivityCriteriasMatchSome": + err = unpopulate(val, "IsConnectivityCriteriasMatchSome", &c.IsConnectivityCriteriasMatchSome) + delete(rawMsg, key) + case "logo": + err = unpopulate(val, "Logo", &c.Logo) + delete(rawMsg, key) + case "permissions": + err = unpopulate(val, "Permissions", &c.Permissions) + delete(rawMsg, key) + case "publisher": + err = unpopulate(val, "Publisher", &c.Publisher) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &c.Title) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", c, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type OperationsList. -func (o OperationsList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DCRConfiguration. +func (d DCRConfiguration) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", o.NextLink) - populate(objectMap, "value", o.Value) + populate(objectMap, "dataCollectionEndpoint", d.DataCollectionEndpoint) + populate(objectMap, "dataCollectionRuleImmutableId", d.DataCollectionRuleImmutableID) + populate(objectMap, "streamName", d.StreamName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type OperationsList. -func (o *OperationsList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DCRConfiguration. +func (d *DCRConfiguration) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &o.NextLink) + case "dataCollectionEndpoint": + err = unpopulate(val, "DataCollectionEndpoint", &d.DataCollectionEndpoint) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &o.Value) + case "dataCollectionRuleImmutableId": + err = unpopulate(val, "DataCollectionRuleImmutableID", &d.DataCollectionRuleImmutableID) + delete(rawMsg, key) + case "streamName": + err = unpopulate(val, "StreamName", &d.StreamName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", o, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type PlaybookActionProperties. -func (p PlaybookActionProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DNSEntity. +func (d DNSEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "logicAppResourceId", p.LogicAppResourceID) - populate(objectMap, "tenantId", p.TenantID) - return json.Marshal(objectMap) + populate(objectMap, "id", d.ID) + objectMap["kind"] = EntityKindEnumDNSResolution + populate(objectMap, "name", d.Name) + populate(objectMap, "properties", d.Properties) + populate(objectMap, "systemData", d.SystemData) + populate(objectMap, "type", d.Type) + return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type PlaybookActionProperties. -func (p *PlaybookActionProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DNSEntity. +func (d *DNSEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "logicAppResourceId": - err = unpopulate(val, "LogicAppResourceID", &p.LogicAppResourceID) + case "id": + err = unpopulate(val, "ID", &d.ID) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &p.TenantID) + case "kind": + err = unpopulate(val, "Kind", &d.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &d.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &d.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &d.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &d.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ProcessEntity. -func (p ProcessEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DNSEntityProperties. +func (d DNSEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", p.ID) - objectMap["kind"] = EntityKindEnumProcess - populate(objectMap, "name", p.Name) - populate(objectMap, "properties", p.Properties) - populate(objectMap, "systemData", p.SystemData) - populate(objectMap, "type", p.Type) + populate(objectMap, "additionalData", d.AdditionalData) + populate(objectMap, "dnsServerIpEntityId", d.DNSServerIPEntityID) + populate(objectMap, "domainName", d.DomainName) + populate(objectMap, "friendlyName", d.FriendlyName) + populate(objectMap, "hostIpAddressEntityId", d.HostIPAddressEntityID) + populate(objectMap, "ipAddressEntityIds", d.IPAddressEntityIDs) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ProcessEntity. -func (p *ProcessEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DNSEntityProperties. +func (d *DNSEntityProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &d.AdditionalData) + delete(rawMsg, key) + case "dnsServerIpEntityId": + err = unpopulate(val, "DNSServerIPEntityID", &d.DNSServerIPEntityID) + delete(rawMsg, key) + case "domainName": + err = unpopulate(val, "DomainName", &d.DomainName) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &d.FriendlyName) + delete(rawMsg, key) + case "hostIpAddressEntityId": + err = unpopulate(val, "HostIPAddressEntityID", &d.HostIPAddressEntityID) + delete(rawMsg, key) + case "ipAddressEntityIds": + err = unpopulate(val, "IPAddressEntityIDs", &d.IPAddressEntityIDs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type DataConnector. +func (d DataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", d.Etag) + populate(objectMap, "id", d.ID) + objectMap["kind"] = d.Kind + populate(objectMap, "name", d.Name) + populate(objectMap, "systemData", d.SystemData) + populate(objectMap, "type", d.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnector. +func (d *DataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { + case "etag": + err = unpopulate(val, "Etag", &d.Etag) + delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &p.ID) + err = unpopulate(val, "ID", &d.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &p.Kind) + err = unpopulate(val, "Kind", &d.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &p.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &p.Properties) + err = unpopulate(val, "Name", &d.Name) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &p.SystemData) + err = unpopulate(val, "SystemData", &d.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &p.Type) + err = unpopulate(val, "Type", &d.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ProcessEntityProperties. -func (p ProcessEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorConnectBody. +func (d DataConnectorConnectBody) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "accountEntityId", p.AccountEntityID) - populate(objectMap, "additionalData", p.AdditionalData) - populate(objectMap, "commandLine", p.CommandLine) - populateDateTimeRFC3339(objectMap, "creationTimeUtc", p.CreationTimeUTC) - populate(objectMap, "elevationToken", p.ElevationToken) - populate(objectMap, "friendlyName", p.FriendlyName) - populate(objectMap, "hostEntityId", p.HostEntityID) - populate(objectMap, "hostLogonSessionEntityId", p.HostLogonSessionEntityID) - populate(objectMap, "imageFileEntityId", p.ImageFileEntityID) - populate(objectMap, "parentProcessEntityId", p.ParentProcessEntityID) - populate(objectMap, "processId", p.ProcessID) + populate(objectMap, "apiKey", d.APIKey) + populate(objectMap, "authorizationCode", d.AuthorizationCode) + populate(objectMap, "clientId", d.ClientID) + populate(objectMap, "clientSecret", d.ClientSecret) + populate(objectMap, "dataCollectionEndpoint", d.DataCollectionEndpoint) + populate(objectMap, "dataCollectionRuleImmutableId", d.DataCollectionRuleImmutableID) + populate(objectMap, "kind", d.Kind) + populate(objectMap, "outputStream", d.OutputStream) + populate(objectMap, "password", d.Password) + populate(objectMap, "requestConfigUserInputValues", d.RequestConfigUserInputValues) + populate(objectMap, "userName", d.UserName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ProcessEntityProperties. -func (p *ProcessEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorConnectBody. +func (d *DataConnectorConnectBody) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "accountEntityId": - err = unpopulate(val, "AccountEntityID", &p.AccountEntityID) + case "apiKey": + err = unpopulate(val, "APIKey", &d.APIKey) delete(rawMsg, key) - case "additionalData": - err = unpopulate(val, "AdditionalData", &p.AdditionalData) + case "authorizationCode": + err = unpopulate(val, "AuthorizationCode", &d.AuthorizationCode) delete(rawMsg, key) - case "commandLine": - err = unpopulate(val, "CommandLine", &p.CommandLine) + case "clientId": + err = unpopulate(val, "ClientID", &d.ClientID) delete(rawMsg, key) - case "creationTimeUtc": - err = unpopulateDateTimeRFC3339(val, "CreationTimeUTC", &p.CreationTimeUTC) + case "clientSecret": + err = unpopulate(val, "ClientSecret", &d.ClientSecret) delete(rawMsg, key) - case "elevationToken": - err = unpopulate(val, "ElevationToken", &p.ElevationToken) + case "dataCollectionEndpoint": + err = unpopulate(val, "DataCollectionEndpoint", &d.DataCollectionEndpoint) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &p.FriendlyName) + case "dataCollectionRuleImmutableId": + err = unpopulate(val, "DataCollectionRuleImmutableID", &d.DataCollectionRuleImmutableID) delete(rawMsg, key) - case "hostEntityId": - err = unpopulate(val, "HostEntityID", &p.HostEntityID) + case "kind": + err = unpopulate(val, "Kind", &d.Kind) delete(rawMsg, key) - case "hostLogonSessionEntityId": - err = unpopulate(val, "HostLogonSessionEntityID", &p.HostLogonSessionEntityID) + case "outputStream": + err = unpopulate(val, "OutputStream", &d.OutputStream) delete(rawMsg, key) - case "imageFileEntityId": - err = unpopulate(val, "ImageFileEntityID", &p.ImageFileEntityID) + case "password": + err = unpopulate(val, "Password", &d.Password) delete(rawMsg, key) - case "parentProcessEntityId": - err = unpopulate(val, "ParentProcessEntityID", &p.ParentProcessEntityID) + case "requestConfigUserInputValues": + err = unpopulate(val, "RequestConfigUserInputValues", &d.RequestConfigUserInputValues) delete(rawMsg, key) - case "processId": - err = unpopulate(val, "ProcessID", &p.ProcessID) + case "userName": + err = unpopulate(val, "UserName", &d.UserName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type PropertyConditionProperties. -func (p PropertyConditionProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorDataTypeCommon. +func (d DataConnectorDataTypeCommon) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "conditionProperties", p.ConditionProperties) - objectMap["conditionType"] = ConditionTypeProperty + populate(objectMap, "state", d.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyConditionProperties. -func (p *PropertyConditionProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDataTypeCommon. +func (d *DataConnectorDataTypeCommon) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "conditionProperties": - err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) - delete(rawMsg, key) - case "conditionType": - err = unpopulate(val, "ConditionType", &p.ConditionType) + case "state": + err = unpopulate(val, "State", &d.State) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", p, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RegistryKeyEntity. -func (r RegistryKeyEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorDefinition. +func (d DataConnectorDefinition) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", r.ID) - objectMap["kind"] = EntityKindEnumRegistryKey - populate(objectMap, "name", r.Name) - populate(objectMap, "properties", r.Properties) - populate(objectMap, "systemData", r.SystemData) - populate(objectMap, "type", r.Type) + populate(objectMap, "etag", d.Etag) + populate(objectMap, "id", d.ID) + objectMap["kind"] = d.Kind + populate(objectMap, "name", d.Name) + populate(objectMap, "systemData", d.SystemData) + populate(objectMap, "type", d.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryKeyEntity. -func (r *RegistryKeyEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDefinition. +func (d *DataConnectorDefinition) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { + case "etag": + err = unpopulate(val, "Etag", &d.Etag) + delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &r.ID) + err = unpopulate(val, "ID", &d.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &r.Kind) + err = unpopulate(val, "Kind", &d.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &r.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &r.Properties) + err = unpopulate(val, "Name", &d.Name) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &r.SystemData) + err = unpopulate(val, "SystemData", &d.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &r.Type) + err = unpopulate(val, "Type", &d.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RegistryKeyEntityProperties. -func (r RegistryKeyEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorDefinitionArmCollectionWrapper. +func (d DataConnectorDefinitionArmCollectionWrapper) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", r.AdditionalData) - populate(objectMap, "friendlyName", r.FriendlyName) - populate(objectMap, "hive", r.Hive) - populate(objectMap, "key", r.Key) + populate(objectMap, "nextLink", d.NextLink) + populate(objectMap, "value", d.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryKeyEntityProperties. -func (r *RegistryKeyEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDefinitionArmCollectionWrapper. +func (d *DataConnectorDefinitionArmCollectionWrapper) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &r.AdditionalData) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &r.FriendlyName) - delete(rawMsg, key) - case "hive": - err = unpopulate(val, "Hive", &r.Hive) + case "nextLink": + err = unpopulate(val, "NextLink", &d.NextLink) delete(rawMsg, key) - case "key": - err = unpopulate(val, "Key", &r.Key) + case "value": + d.Value, err = unmarshalDataConnectorDefinitionClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RegistryValueEntity. -func (r RegistryValueEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataConnectorList. +func (d DataConnectorList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", r.ID) - objectMap["kind"] = EntityKindEnumRegistryValue - populate(objectMap, "name", r.Name) - populate(objectMap, "properties", r.Properties) - populate(objectMap, "systemData", r.SystemData) - populate(objectMap, "type", r.Type) + populate(objectMap, "nextLink", d.NextLink) + populate(objectMap, "value", d.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryValueEntity. -func (r *RegistryValueEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorList. +func (d *DataConnectorList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &r.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &r.Kind) + case "nextLink": + err = unpopulate(val, "NextLink", &d.NextLink) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &r.Name) + case "value": + d.Value, err = unmarshalDataConnectorClassificationArray(val) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &r.Properties) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type DataConnectorRequirementsState. +func (d DataConnectorRequirementsState) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "authorizationState", d.AuthorizationState) + populate(objectMap, "licenseState", d.LicenseState) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorRequirementsState. +func (d *DataConnectorRequirementsState) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "authorizationState": + err = unpopulate(val, "AuthorizationState", &d.AuthorizationState) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &r.SystemData) + case "licenseState": + err = unpopulate(val, "LicenseState", &d.LicenseState) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &r.Type) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type DataConnectorsCheckRequirements. +func (d DataConnectorsCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = d.Kind + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsCheckRequirements. +func (d *DataConnectorsCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &d.Kind) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RegistryValueEntityProperties. -func (r RegistryValueEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DataTypeDefinitions. +func (d DataTypeDefinitions) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", r.AdditionalData) - populate(objectMap, "friendlyName", r.FriendlyName) - populate(objectMap, "keyEntityId", r.KeyEntityID) - populate(objectMap, "valueData", r.ValueData) - populate(objectMap, "valueName", r.ValueName) - populate(objectMap, "valueType", r.ValueType) + populate(objectMap, "dataType", d.DataType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryValueEntityProperties. -func (r *RegistryValueEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DataTypeDefinitions. +func (d *DataTypeDefinitions) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &r.AdditionalData) + case "dataType": + err = unpopulate(val, "DataType", &d.DataType) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &r.FriendlyName) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Deployment. +func (d Deployment) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "deploymentId", d.DeploymentID) + populate(objectMap, "deploymentLogsUrl", d.DeploymentLogsURL) + populate(objectMap, "deploymentResult", d.DeploymentResult) + populate(objectMap, "deploymentState", d.DeploymentState) + populateDateTimeRFC3339(objectMap, "deploymentTime", d.DeploymentTime) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Deployment. +func (d *Deployment) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "deploymentId": + err = unpopulate(val, "DeploymentID", &d.DeploymentID) delete(rawMsg, key) - case "keyEntityId": - err = unpopulate(val, "KeyEntityID", &r.KeyEntityID) + case "deploymentLogsUrl": + err = unpopulate(val, "DeploymentLogsURL", &d.DeploymentLogsURL) delete(rawMsg, key) - case "valueData": - err = unpopulate(val, "ValueData", &r.ValueData) + case "deploymentResult": + err = unpopulate(val, "DeploymentResult", &d.DeploymentResult) delete(rawMsg, key) - case "valueName": - err = unpopulate(val, "ValueName", &r.ValueName) + case "deploymentState": + err = unpopulate(val, "DeploymentState", &d.DeploymentState) delete(rawMsg, key) - case "valueType": - err = unpopulate(val, "ValueType", &r.ValueType) + case "deploymentTime": + err = unpopulateDateTimeRFC3339(val, "DeploymentTime", &d.DeploymentTime) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Relation. -func (r Relation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DeploymentInfo. +func (d DeploymentInfo) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", r.Etag) - populate(objectMap, "id", r.ID) - populate(objectMap, "name", r.Name) - populate(objectMap, "properties", r.Properties) - populate(objectMap, "systemData", r.SystemData) - populate(objectMap, "type", r.Type) + populate(objectMap, "deployment", d.Deployment) + populate(objectMap, "deploymentFetchStatus", d.DeploymentFetchStatus) + populate(objectMap, "message", d.Message) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Relation. -func (r *Relation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DeploymentInfo. +func (d *DeploymentInfo) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &r.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &r.ID) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &r.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &r.Properties) + case "deployment": + err = unpopulate(val, "Deployment", &d.Deployment) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &r.SystemData) + case "deploymentFetchStatus": + err = unpopulate(val, "DeploymentFetchStatus", &d.DeploymentFetchStatus) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &r.Type) + case "message": + err = unpopulate(val, "Message", &d.Message) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RelationList. -func (r RelationList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365CheckRequirements. +func (d Dynamics365CheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", r.NextLink) - populate(objectMap, "value", r.Value) + objectMap["kind"] = DataConnectorKindDynamics365 + populate(objectMap, "properties", d.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RelationList. -func (r *RelationList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365CheckRequirements. +func (d *Dynamics365CheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &r.NextLink) + case "kind": + err = unpopulate(val, "Kind", &d.Kind) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &r.Value) + case "properties": + err = unpopulate(val, "Properties", &d.Properties) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type RelationProperties. -func (r RelationProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365CheckRequirementsProperties. +func (d Dynamics365CheckRequirementsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "relatedResourceId", r.RelatedResourceID) - populate(objectMap, "relatedResourceKind", r.RelatedResourceKind) - populate(objectMap, "relatedResourceName", r.RelatedResourceName) - populate(objectMap, "relatedResourceType", r.RelatedResourceType) + populate(objectMap, "tenantId", d.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type RelationProperties. -func (r *RelationProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365CheckRequirementsProperties. +func (d *Dynamics365CheckRequirementsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "relatedResourceId": - err = unpopulate(val, "RelatedResourceID", &r.RelatedResourceID) - delete(rawMsg, key) - case "relatedResourceKind": - err = unpopulate(val, "RelatedResourceKind", &r.RelatedResourceKind) - delete(rawMsg, key) - case "relatedResourceName": - err = unpopulate(val, "RelatedResourceName", &r.RelatedResourceName) - delete(rawMsg, key) - case "relatedResourceType": - err = unpopulate(val, "RelatedResourceType", &r.RelatedResourceType) + case "tenantId": + err = unpopulate(val, "TenantID", &d.TenantID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", r, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRule. -func (s ScheduledAlertRule) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnector. +func (d Dynamics365DataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", s.Etag) - populate(objectMap, "id", s.ID) - objectMap["kind"] = AlertRuleKindScheduled - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "etag", d.Etag) + populate(objectMap, "id", d.ID) + objectMap["kind"] = DataConnectorKindDynamics365 + populate(objectMap, "name", d.Name) + populate(objectMap, "properties", d.Properties) + populate(objectMap, "systemData", d.SystemData) + populate(objectMap, "type", d.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRule. -func (s *ScheduledAlertRule) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnector. +func (d *Dynamics365DataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { case "etag": - err = unpopulate(val, "Etag", &s.Etag) + err = unpopulate(val, "Etag", &d.Etag) delete(rawMsg, key) case "id": - err = unpopulate(val, "ID", &s.ID) + err = unpopulate(val, "ID", &d.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &s.Kind) + err = unpopulate(val, "Kind", &d.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &s.Name) + err = unpopulate(val, "Name", &d.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &s.Properties) + err = unpopulate(val, "Properties", &d.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + err = unpopulate(val, "SystemData", &d.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &s.Type) + err = unpopulate(val, "Type", &d.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleProperties. -func (s ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnectorDataTypes. +func (d Dynamics365DataConnectorDataTypes) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertDetailsOverride", s.AlertDetailsOverride) - populate(objectMap, "alertRuleTemplateName", s.AlertRuleTemplateName) - populate(objectMap, "customDetails", s.CustomDetails) - populate(objectMap, "description", s.Description) - populate(objectMap, "displayName", s.DisplayName) - populate(objectMap, "enabled", s.Enabled) - populate(objectMap, "entityMappings", s.EntityMappings) - populate(objectMap, "eventGroupingSettings", s.EventGroupingSettings) - populate(objectMap, "incidentConfiguration", s.IncidentConfiguration) - populateDateTimeRFC3339(objectMap, "lastModifiedUtc", s.LastModifiedUTC) - populate(objectMap, "query", s.Query) - populate(objectMap, "queryFrequency", s.QueryFrequency) - populate(objectMap, "queryPeriod", s.QueryPeriod) - populate(objectMap, "severity", s.Severity) - populate(objectMap, "suppressionDuration", s.SuppressionDuration) - populate(objectMap, "suppressionEnabled", s.SuppressionEnabled) - populate(objectMap, "tactics", s.Tactics) - populate(objectMap, "templateVersion", s.TemplateVersion) - populate(objectMap, "triggerOperator", s.TriggerOperator) - populate(objectMap, "triggerThreshold", s.TriggerThreshold) + populate(objectMap, "dynamics365CdsActivities", d.Dynamics365CdsActivities) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleProperties. -func (s *ScheduledAlertRuleProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnectorDataTypes. +func (d *Dynamics365DataConnectorDataTypes) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "alertDetailsOverride": - err = unpopulate(val, "AlertDetailsOverride", &s.AlertDetailsOverride) - delete(rawMsg, key) - case "alertRuleTemplateName": - err = unpopulate(val, "AlertRuleTemplateName", &s.AlertRuleTemplateName) - delete(rawMsg, key) - case "customDetails": - err = unpopulate(val, "CustomDetails", &s.CustomDetails) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &s.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &s.DisplayName) - delete(rawMsg, key) - case "enabled": - err = unpopulate(val, "Enabled", &s.Enabled) - delete(rawMsg, key) - case "entityMappings": - err = unpopulate(val, "EntityMappings", &s.EntityMappings) - delete(rawMsg, key) - case "eventGroupingSettings": - err = unpopulate(val, "EventGroupingSettings", &s.EventGroupingSettings) - delete(rawMsg, key) - case "incidentConfiguration": - err = unpopulate(val, "IncidentConfiguration", &s.IncidentConfiguration) - delete(rawMsg, key) - case "lastModifiedUtc": - err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &s.LastModifiedUTC) - delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &s.Query) - delete(rawMsg, key) - case "queryFrequency": - err = unpopulate(val, "QueryFrequency", &s.QueryFrequency) - delete(rawMsg, key) - case "queryPeriod": - err = unpopulate(val, "QueryPeriod", &s.QueryPeriod) - delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &s.Severity) - delete(rawMsg, key) - case "suppressionDuration": - err = unpopulate(val, "SuppressionDuration", &s.SuppressionDuration) - delete(rawMsg, key) - case "suppressionEnabled": - err = unpopulate(val, "SuppressionEnabled", &s.SuppressionEnabled) - delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &s.Tactics) - delete(rawMsg, key) - case "templateVersion": - err = unpopulate(val, "TemplateVersion", &s.TemplateVersion) - delete(rawMsg, key) - case "triggerOperator": - err = unpopulate(val, "TriggerOperator", &s.TriggerOperator) - delete(rawMsg, key) - case "triggerThreshold": - err = unpopulate(val, "TriggerThreshold", &s.TriggerThreshold) + case "dynamics365CdsActivities": + err = unpopulate(val, "Dynamics365CdsActivities", &d.Dynamics365CdsActivities) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleTemplate. -func (s ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnectorDataTypesDynamics365CdsActivities. +func (d Dynamics365DataConnectorDataTypesDynamics365CdsActivities) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", s.ID) - objectMap["kind"] = AlertRuleKindScheduled - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "state", d.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleTemplate. -func (s *ScheduledAlertRuleTemplate) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnectorDataTypesDynamics365CdsActivities. +func (d *Dynamics365DataConnectorDataTypesDynamics365CdsActivities) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &s.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &s.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &s.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &s.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &s.Type) + case "state": + err = unpopulate(val, "State", &d.State) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleTemplateProperties. -func (s ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Dynamics365DataConnectorProperties. +func (d Dynamics365DataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "alertDetailsOverride", s.AlertDetailsOverride) - populate(objectMap, "alertRulesCreatedByTemplateCount", s.AlertRulesCreatedByTemplateCount) - populateDateTimeRFC3339(objectMap, "createdDateUTC", s.CreatedDateUTC) - populate(objectMap, "customDetails", s.CustomDetails) - populate(objectMap, "description", s.Description) - populate(objectMap, "displayName", s.DisplayName) - populate(objectMap, "entityMappings", s.EntityMappings) - populate(objectMap, "eventGroupingSettings", s.EventGroupingSettings) - populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", s.LastUpdatedDateUTC) - populate(objectMap, "query", s.Query) - populate(objectMap, "queryFrequency", s.QueryFrequency) - populate(objectMap, "queryPeriod", s.QueryPeriod) - populate(objectMap, "requiredDataConnectors", s.RequiredDataConnectors) - populate(objectMap, "severity", s.Severity) - populate(objectMap, "status", s.Status) - populate(objectMap, "tactics", s.Tactics) - populate(objectMap, "triggerOperator", s.TriggerOperator) - populate(objectMap, "triggerThreshold", s.TriggerThreshold) - populate(objectMap, "version", s.Version) + populate(objectMap, "dataTypes", d.DataTypes) + populate(objectMap, "tenantId", d.TenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleTemplateProperties. -func (s *ScheduledAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Dynamics365DataConnectorProperties. +func (d *Dynamics365DataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", d, err) } for key, val := range rawMsg { var err error switch key { - case "alertDetailsOverride": - err = unpopulate(val, "AlertDetailsOverride", &s.AlertDetailsOverride) + case "dataTypes": + err = unpopulate(val, "DataTypes", &d.DataTypes) delete(rawMsg, key) - case "alertRulesCreatedByTemplateCount": - err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &s.AlertRulesCreatedByTemplateCount) + case "tenantId": + err = unpopulate(val, "TenantID", &d.TenantID) delete(rawMsg, key) - case "createdDateUTC": - err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &s.CreatedDateUTC) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainBody. +func (e EnrichmentDomainBody) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "domain", e.Domain) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainBody. +func (e *EnrichmentDomainBody) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "domain": + err = unpopulate(val, "Domain", &e.Domain) delete(rawMsg, key) - case "customDetails": - err = unpopulate(val, "CustomDetails", &s.CustomDetails) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhois. +func (e EnrichmentDomainWhois) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "created", e.Created) + populate(objectMap, "domain", e.Domain) + populateDateTimeRFC3339(objectMap, "expires", e.Expires) + populate(objectMap, "parsedWhois", e.ParsedWhois) + populate(objectMap, "server", e.Server) + populateDateTimeRFC3339(objectMap, "updated", e.Updated) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhois. +func (e *EnrichmentDomainWhois) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "created": + err = unpopulateDateTimeRFC3339(val, "Created", &e.Created) delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &s.Description) + case "domain": + err = unpopulate(val, "Domain", &e.Domain) delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &s.DisplayName) + case "expires": + err = unpopulateDateTimeRFC3339(val, "Expires", &e.Expires) delete(rawMsg, key) - case "entityMappings": - err = unpopulate(val, "EntityMappings", &s.EntityMappings) + case "parsedWhois": + err = unpopulate(val, "ParsedWhois", &e.ParsedWhois) delete(rawMsg, key) - case "eventGroupingSettings": - err = unpopulate(val, "EventGroupingSettings", &s.EventGroupingSettings) + case "server": + err = unpopulate(val, "Server", &e.Server) delete(rawMsg, key) - case "lastUpdatedDateUTC": - err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &s.LastUpdatedDateUTC) + case "updated": + err = unpopulateDateTimeRFC3339(val, "Updated", &e.Updated) delete(rawMsg, key) - case "query": - err = unpopulate(val, "Query", &s.Query) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisContact. +func (e EnrichmentDomainWhoisContact) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "city", e.City) + populate(objectMap, "country", e.Country) + populate(objectMap, "email", e.Email) + populate(objectMap, "fax", e.Fax) + populate(objectMap, "name", e.Name) + populate(objectMap, "org", e.Org) + populate(objectMap, "phone", e.Phone) + populate(objectMap, "postal", e.Postal) + populate(objectMap, "state", e.State) + populate(objectMap, "street", e.Street) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisContact. +func (e *EnrichmentDomainWhoisContact) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "city": + err = unpopulate(val, "City", &e.City) delete(rawMsg, key) - case "queryFrequency": - err = unpopulate(val, "QueryFrequency", &s.QueryFrequency) + case "country": + err = unpopulate(val, "Country", &e.Country) delete(rawMsg, key) - case "queryPeriod": - err = unpopulate(val, "QueryPeriod", &s.QueryPeriod) + case "email": + err = unpopulate(val, "Email", &e.Email) delete(rawMsg, key) - case "requiredDataConnectors": - err = unpopulate(val, "RequiredDataConnectors", &s.RequiredDataConnectors) + case "fax": + err = unpopulate(val, "Fax", &e.Fax) delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &s.Severity) + case "name": + err = unpopulate(val, "Name", &e.Name) delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &s.Status) + case "org": + err = unpopulate(val, "Org", &e.Org) delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &s.Tactics) + case "phone": + err = unpopulate(val, "Phone", &e.Phone) delete(rawMsg, key) - case "triggerOperator": - err = unpopulate(val, "TriggerOperator", &s.TriggerOperator) + case "postal": + err = unpopulate(val, "Postal", &e.Postal) delete(rawMsg, key) - case "triggerThreshold": - err = unpopulate(val, "TriggerThreshold", &s.TriggerThreshold) + case "state": + err = unpopulate(val, "State", &e.State) delete(rawMsg, key) - case "version": - err = unpopulate(val, "Version", &s.Version) + case "street": + err = unpopulate(val, "Street", &e.Street) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityAlert. -func (s SecurityAlert) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisContacts. +func (e EnrichmentDomainWhoisContacts) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", s.ID) - objectMap["kind"] = EntityKindEnumSecurityAlert - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "admin", e.Admin) + populate(objectMap, "billing", e.Billing) + populate(objectMap, "registrant", e.Registrant) + populate(objectMap, "tech", e.Tech) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlert. -func (s *SecurityAlert) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisContacts. +func (e *EnrichmentDomainWhoisContacts) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &s.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &s.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &s.Name) + case "admin": + err = unpopulate(val, "Admin", &e.Admin) delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &s.Properties) + case "billing": + err = unpopulate(val, "Billing", &e.Billing) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + case "registrant": + err = unpopulate(val, "Registrant", &e.Registrant) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &s.Type) + case "tech": + err = unpopulate(val, "Tech", &e.Tech) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityAlertProperties. -func (s SecurityAlertProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisDetails. +func (e EnrichmentDomainWhoisDetails) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", s.AdditionalData) - populate(objectMap, "alertDisplayName", s.AlertDisplayName) - populate(objectMap, "alertLink", s.AlertLink) - populate(objectMap, "alertType", s.AlertType) - populate(objectMap, "compromisedEntity", s.CompromisedEntity) - populate(objectMap, "confidenceLevel", s.ConfidenceLevel) - populate(objectMap, "confidenceReasons", s.ConfidenceReasons) - populate(objectMap, "confidenceScore", s.ConfidenceScore) - populate(objectMap, "confidenceScoreStatus", s.ConfidenceScoreStatus) - populate(objectMap, "description", s.Description) - populateDateTimeRFC3339(objectMap, "endTimeUtc", s.EndTimeUTC) - populate(objectMap, "friendlyName", s.FriendlyName) - populate(objectMap, "intent", s.Intent) - populateDateTimeRFC3339(objectMap, "processingEndTime", s.ProcessingEndTime) - populate(objectMap, "productComponentName", s.ProductComponentName) - populate(objectMap, "productName", s.ProductName) - populate(objectMap, "productVersion", s.ProductVersion) - populate(objectMap, "providerAlertId", s.ProviderAlertID) - populate(objectMap, "remediationSteps", s.RemediationSteps) - populate(objectMap, "resourceIdentifiers", s.ResourceIdentifiers) - populate(objectMap, "severity", s.Severity) - populateDateTimeRFC3339(objectMap, "startTimeUtc", s.StartTimeUTC) - populate(objectMap, "status", s.Status) - populate(objectMap, "systemAlertId", s.SystemAlertID) - populate(objectMap, "tactics", s.Tactics) - populateDateTimeRFC3339(objectMap, "timeGenerated", s.TimeGenerated) - populate(objectMap, "vendorName", s.VendorName) + populate(objectMap, "contacts", e.Contacts) + populate(objectMap, "nameServers", e.NameServers) + populate(objectMap, "registrar", e.Registrar) + populate(objectMap, "statuses", e.Statuses) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertProperties. -func (s *SecurityAlertProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisDetails. +func (e *EnrichmentDomainWhoisDetails) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &s.AdditionalData) + case "contacts": + err = unpopulate(val, "Contacts", &e.Contacts) delete(rawMsg, key) - case "alertDisplayName": - err = unpopulate(val, "AlertDisplayName", &s.AlertDisplayName) + case "nameServers": + err = unpopulate(val, "NameServers", &e.NameServers) delete(rawMsg, key) - case "alertLink": - err = unpopulate(val, "AlertLink", &s.AlertLink) + case "registrar": + err = unpopulate(val, "Registrar", &e.Registrar) delete(rawMsg, key) - case "alertType": - err = unpopulate(val, "AlertType", &s.AlertType) + case "statuses": + err = unpopulate(val, "Statuses", &e.Statuses) delete(rawMsg, key) - case "compromisedEntity": - err = unpopulate(val, "CompromisedEntity", &s.CompromisedEntity) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EnrichmentDomainWhoisRegistrarDetails. +func (e EnrichmentDomainWhoisRegistrarDetails) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "abuseContactEmail", e.AbuseContactEmail) + populate(objectMap, "abuseContactPhone", e.AbuseContactPhone) + populate(objectMap, "ianaId", e.IanaID) + populate(objectMap, "name", e.Name) + populate(objectMap, "url", e.URL) + populate(objectMap, "whoisServer", e.WhoisServer) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentDomainWhoisRegistrarDetails. +func (e *EnrichmentDomainWhoisRegistrarDetails) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "abuseContactEmail": + err = unpopulate(val, "AbuseContactEmail", &e.AbuseContactEmail) delete(rawMsg, key) - case "confidenceLevel": - err = unpopulate(val, "ConfidenceLevel", &s.ConfidenceLevel) + case "abuseContactPhone": + err = unpopulate(val, "AbuseContactPhone", &e.AbuseContactPhone) delete(rawMsg, key) - case "confidenceReasons": - err = unpopulate(val, "ConfidenceReasons", &s.ConfidenceReasons) + case "ianaId": + err = unpopulate(val, "IanaID", &e.IanaID) delete(rawMsg, key) - case "confidenceScore": - err = unpopulate(val, "ConfidenceScore", &s.ConfidenceScore) + case "name": + err = unpopulate(val, "Name", &e.Name) delete(rawMsg, key) - case "confidenceScoreStatus": - err = unpopulate(val, "ConfidenceScoreStatus", &s.ConfidenceScoreStatus) + case "url": + err = unpopulate(val, "URL", &e.URL) delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &s.Description) + case "whoisServer": + err = unpopulate(val, "WhoisServer", &e.WhoisServer) delete(rawMsg, key) - case "endTimeUtc": - err = unpopulateDateTimeRFC3339(val, "EndTimeUTC", &s.EndTimeUTC) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EnrichmentIPAddressBody. +func (e EnrichmentIPAddressBody) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "ipAddress", e.IPAddress) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentIPAddressBody. +func (e *EnrichmentIPAddressBody) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "ipAddress": + err = unpopulate(val, "IPAddress", &e.IPAddress) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &s.FriendlyName) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EnrichmentIPGeodata. +func (e EnrichmentIPGeodata) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "asn", e.Asn) + populate(objectMap, "carrier", e.Carrier) + populate(objectMap, "city", e.City) + populate(objectMap, "cityCf", e.CityCf) + populate(objectMap, "continent", e.Continent) + populate(objectMap, "country", e.Country) + populate(objectMap, "countryCf", e.CountryCf) + populate(objectMap, "ipAddr", e.IPAddr) + populate(objectMap, "ipRoutingType", e.IPRoutingType) + populate(objectMap, "latitude", e.Latitude) + populate(objectMap, "longitude", e.Longitude) + populate(objectMap, "organization", e.Organization) + populate(objectMap, "organizationType", e.OrganizationType) + populate(objectMap, "region", e.Region) + populate(objectMap, "state", e.State) + populate(objectMap, "stateCf", e.StateCf) + populate(objectMap, "stateCode", e.StateCode) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentIPGeodata. +func (e *EnrichmentIPGeodata) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "asn": + err = unpopulate(val, "Asn", &e.Asn) delete(rawMsg, key) - case "intent": - err = unpopulate(val, "Intent", &s.Intent) + case "carrier": + err = unpopulate(val, "Carrier", &e.Carrier) delete(rawMsg, key) - case "processingEndTime": - err = unpopulateDateTimeRFC3339(val, "ProcessingEndTime", &s.ProcessingEndTime) + case "city": + err = unpopulate(val, "City", &e.City) delete(rawMsg, key) - case "productComponentName": - err = unpopulate(val, "ProductComponentName", &s.ProductComponentName) + case "cityCf": + err = unpopulate(val, "CityCf", &e.CityCf) delete(rawMsg, key) - case "productName": - err = unpopulate(val, "ProductName", &s.ProductName) + case "continent": + err = unpopulate(val, "Continent", &e.Continent) delete(rawMsg, key) - case "productVersion": - err = unpopulate(val, "ProductVersion", &s.ProductVersion) + case "country": + err = unpopulate(val, "Country", &e.Country) delete(rawMsg, key) - case "providerAlertId": - err = unpopulate(val, "ProviderAlertID", &s.ProviderAlertID) + case "countryCf": + err = unpopulate(val, "CountryCf", &e.CountryCf) delete(rawMsg, key) - case "remediationSteps": - err = unpopulate(val, "RemediationSteps", &s.RemediationSteps) + case "ipAddr": + err = unpopulate(val, "IPAddr", &e.IPAddr) delete(rawMsg, key) - case "resourceIdentifiers": - err = unpopulate(val, "ResourceIdentifiers", &s.ResourceIdentifiers) + case "ipRoutingType": + err = unpopulate(val, "IPRoutingType", &e.IPRoutingType) delete(rawMsg, key) - case "severity": - err = unpopulate(val, "Severity", &s.Severity) + case "latitude": + err = unpopulate(val, "Latitude", &e.Latitude) delete(rawMsg, key) - case "startTimeUtc": - err = unpopulateDateTimeRFC3339(val, "StartTimeUTC", &s.StartTimeUTC) + case "longitude": + err = unpopulate(val, "Longitude", &e.Longitude) delete(rawMsg, key) - case "status": - err = unpopulate(val, "Status", &s.Status) + case "organization": + err = unpopulate(val, "Organization", &e.Organization) delete(rawMsg, key) - case "systemAlertId": - err = unpopulate(val, "SystemAlertID", &s.SystemAlertID) + case "organizationType": + err = unpopulate(val, "OrganizationType", &e.OrganizationType) delete(rawMsg, key) - case "tactics": - err = unpopulate(val, "Tactics", &s.Tactics) + case "region": + err = unpopulate(val, "Region", &e.Region) delete(rawMsg, key) - case "timeGenerated": - err = unpopulateDateTimeRFC3339(val, "TimeGenerated", &s.TimeGenerated) + case "state": + err = unpopulate(val, "State", &e.State) delete(rawMsg, key) - case "vendorName": - err = unpopulate(val, "VendorName", &s.VendorName) + case "stateCf": + err = unpopulate(val, "StateCf", &e.StateCf) + delete(rawMsg, key) + case "stateCode": + err = unpopulate(val, "StateCode", &e.StateCode) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityAlertPropertiesConfidenceReasonsItem. -func (s SecurityAlertPropertiesConfidenceReasonsItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type EnrichmentIPGeodataAutoGenerated. +func (e EnrichmentIPGeodataAutoGenerated) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "reason", s.Reason) - populate(objectMap, "reasonType", s.ReasonType) + populate(objectMap, "asn", e.Asn) + populate(objectMap, "carrier", e.Carrier) + populate(objectMap, "city", e.City) + populate(objectMap, "cityConfidenceFactor", e.CityConfidenceFactor) + populate(objectMap, "continent", e.Continent) + populate(objectMap, "country", e.Country) + populate(objectMap, "countryConfidenceFactor", e.CountryConfidenceFactor) + populate(objectMap, "ipAddr", e.IPAddr) + populate(objectMap, "ipRoutingType", e.IPRoutingType) + populate(objectMap, "latitude", e.Latitude) + populate(objectMap, "longitude", e.Longitude) + populate(objectMap, "organization", e.Organization) + populate(objectMap, "organizationType", e.OrganizationType) + populate(objectMap, "region", e.Region) + populate(objectMap, "state", e.State) + populate(objectMap, "stateCode", e.StateCode) + populate(objectMap, "stateConfidenceFactor", e.StateConfidenceFactor) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertPropertiesConfidenceReasonsItem. -func (s *SecurityAlertPropertiesConfidenceReasonsItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type EnrichmentIPGeodataAutoGenerated. +func (e *EnrichmentIPGeodataAutoGenerated) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { - case "reason": - err = unpopulate(val, "Reason", &s.Reason) + case "asn": + err = unpopulate(val, "Asn", &e.Asn) delete(rawMsg, key) - case "reasonType": - err = unpopulate(val, "ReasonType", &s.ReasonType) + case "carrier": + err = unpopulate(val, "Carrier", &e.Carrier) + delete(rawMsg, key) + case "city": + err = unpopulate(val, "City", &e.City) + delete(rawMsg, key) + case "cityConfidenceFactor": + err = unpopulate(val, "CityConfidenceFactor", &e.CityConfidenceFactor) + delete(rawMsg, key) + case "continent": + err = unpopulate(val, "Continent", &e.Continent) + delete(rawMsg, key) + case "country": + err = unpopulate(val, "Country", &e.Country) + delete(rawMsg, key) + case "countryConfidenceFactor": + err = unpopulate(val, "CountryConfidenceFactor", &e.CountryConfidenceFactor) + delete(rawMsg, key) + case "ipAddr": + err = unpopulate(val, "IPAddr", &e.IPAddr) + delete(rawMsg, key) + case "ipRoutingType": + err = unpopulate(val, "IPRoutingType", &e.IPRoutingType) + delete(rawMsg, key) + case "latitude": + err = unpopulate(val, "Latitude", &e.Latitude) + delete(rawMsg, key) + case "longitude": + err = unpopulate(val, "Longitude", &e.Longitude) + delete(rawMsg, key) + case "organization": + err = unpopulate(val, "Organization", &e.Organization) + delete(rawMsg, key) + case "organizationType": + err = unpopulate(val, "OrganizationType", &e.OrganizationType) + delete(rawMsg, key) + case "region": + err = unpopulate(val, "Region", &e.Region) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &e.State) + delete(rawMsg, key) + case "stateCode": + err = unpopulate(val, "StateCode", &e.StateCode) + delete(rawMsg, key) + case "stateConfidenceFactor": + err = unpopulate(val, "StateConfidenceFactor", &e.StateConfidenceFactor) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityGroupEntity. -func (s SecurityGroupEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Entity. +func (e Entity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", s.ID) - objectMap["kind"] = EntityKindEnumSecurityGroup - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "id", e.ID) + objectMap["kind"] = e.Kind + populate(objectMap, "name", e.Name) + populate(objectMap, "systemData", e.SystemData) + populate(objectMap, "type", e.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityGroupEntity. -func (s *SecurityGroupEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Entity. +func (e *Entity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", e, err) } for key, val := range rawMsg { var err error switch key { case "id": - err = unpopulate(val, "ID", &s.ID) + err = unpopulate(val, "ID", &e.ID) delete(rawMsg, key) case "kind": - err = unpopulate(val, "Kind", &s.Kind) + err = unpopulate(val, "Kind", &e.Kind) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &s.Name) + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &e.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityAnalytics. +func (e EntityAnalytics) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", e.Etag) + populate(objectMap, "id", e.ID) + objectMap["kind"] = SettingKindEntityAnalytics + populate(objectMap, "name", e.Name) + populate(objectMap, "properties", e.Properties) + populate(objectMap, "systemData", e.SystemData) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityAnalytics. +func (e *EntityAnalytics) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &e.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &s.Properties) + err = unpopulate(val, "Properties", &e.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + err = unpopulate(val, "SystemData", &e.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityAnalyticsProperties. +func (e EntityAnalyticsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "entityProviders", e.EntityProviders) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityAnalyticsProperties. +func (e *EntityAnalyticsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "entityProviders": + err = unpopulate(val, "EntityProviders", &e.EntityProviders) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityEdges. +func (e EntityEdges) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", e.AdditionalData) + populate(objectMap, "targetEntityId", e.TargetEntityID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityEdges. +func (e *EntityEdges) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &e.AdditionalData) + delete(rawMsg, key) + case "targetEntityId": + err = unpopulate(val, "TargetEntityID", &e.TargetEntityID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityExpandParameters. +func (e EntityExpandParameters) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) + populate(objectMap, "expansionId", e.ExpansionID) + populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityExpandParameters. +func (e *EntityExpandParameters) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "endTime": + err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) + delete(rawMsg, key) + case "expansionId": + err = unpopulate(val, "ExpansionID", &e.ExpansionID) + delete(rawMsg, key) + case "startTime": + err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityExpandResponse. +func (e EntityExpandResponse) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "metaData", e.MetaData) + populate(objectMap, "value", e.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityExpandResponse. +func (e *EntityExpandResponse) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "metaData": + err = unpopulate(val, "MetaData", &e.MetaData) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &e.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityExpandResponseValue. +func (e EntityExpandResponseValue) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "edges", e.Edges) + populate(objectMap, "entities", e.Entities) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityExpandResponseValue. +func (e *EntityExpandResponseValue) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "edges": + err = unpopulate(val, "Edges", &e.Edges) + delete(rawMsg, key) + case "entities": + e.Entities, err = unmarshalEntityClassificationArray(val) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityFieldMapping. +func (e EntityFieldMapping) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "identifier", e.Identifier) + populate(objectMap, "value", e.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityFieldMapping. +func (e *EntityFieldMapping) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "identifier": + err = unpopulate(val, "Identifier", &e.Identifier) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &e.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityGetInsightsParameters. +func (e EntityGetInsightsParameters) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "addDefaultExtendedTimeRange", e.AddDefaultExtendedTimeRange) + populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) + populate(objectMap, "insightQueryIds", e.InsightQueryIDs) + populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityGetInsightsParameters. +func (e *EntityGetInsightsParameters) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "addDefaultExtendedTimeRange": + err = unpopulate(val, "AddDefaultExtendedTimeRange", &e.AddDefaultExtendedTimeRange) + delete(rawMsg, key) + case "endTime": + err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) + delete(rawMsg, key) + case "insightQueryIds": + err = unpopulate(val, "InsightQueryIDs", &e.InsightQueryIDs) + delete(rawMsg, key) + case "startTime": + err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityGetInsightsResponse. +func (e EntityGetInsightsResponse) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "metaData", e.MetaData) + populate(objectMap, "value", e.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityGetInsightsResponse. +func (e *EntityGetInsightsResponse) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "metaData": + err = unpopulate(val, "MetaData", &e.MetaData) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &e.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityInsightItem. +func (e EntityInsightItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "chartQueryResults", e.ChartQueryResults) + populate(objectMap, "queryId", e.QueryID) + populate(objectMap, "queryTimeInterval", e.QueryTimeInterval) + populate(objectMap, "tableQueryResults", e.TableQueryResults) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityInsightItem. +func (e *EntityInsightItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "chartQueryResults": + err = unpopulate(val, "ChartQueryResults", &e.ChartQueryResults) + delete(rawMsg, key) + case "queryId": + err = unpopulate(val, "QueryID", &e.QueryID) + delete(rawMsg, key) + case "queryTimeInterval": + err = unpopulate(val, "QueryTimeInterval", &e.QueryTimeInterval) + delete(rawMsg, key) + case "tableQueryResults": + err = unpopulate(val, "TableQueryResults", &e.TableQueryResults) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityInsightItemQueryTimeInterval. +func (e EntityInsightItemQueryTimeInterval) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) + populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityInsightItemQueryTimeInterval. +func (e *EntityInsightItemQueryTimeInterval) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "endTime": + err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) + delete(rawMsg, key) + case "startTime": + err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityList. +func (e EntityList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", e.NextLink) + populate(objectMap, "value", e.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityList. +func (e *EntityList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &e.NextLink) + delete(rawMsg, key) + case "value": + e.Value, err = unmarshalEntityClassificationArray(val) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityManualTriggerRequestBody. +func (e EntityManualTriggerRequestBody) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "incidentArmId", e.IncidentArmID) + populate(objectMap, "logicAppsResourceId", e.LogicAppsResourceID) + populate(objectMap, "tenantId", e.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityManualTriggerRequestBody. +func (e *EntityManualTriggerRequestBody) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "incidentArmId": + err = unpopulate(val, "IncidentArmID", &e.IncidentArmID) + delete(rawMsg, key) + case "logicAppsResourceId": + err = unpopulate(val, "LogicAppsResourceID", &e.LogicAppsResourceID) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &e.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityMapping. +func (e EntityMapping) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "entityType", e.EntityType) + populate(objectMap, "fieldMappings", e.FieldMappings) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityMapping. +func (e *EntityMapping) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "entityType": + err = unpopulate(val, "EntityType", &e.EntityType) + delete(rawMsg, key) + case "fieldMappings": + err = unpopulate(val, "FieldMappings", &e.FieldMappings) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityQuery. +func (e EntityQuery) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", e.Etag) + populate(objectMap, "id", e.ID) + objectMap["kind"] = e.Kind + populate(objectMap, "name", e.Name) + populate(objectMap, "systemData", e.SystemData) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQuery. +func (e *EntityQuery) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &e.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &e.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityQueryItem. +func (e EntityQueryItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", e.ID) + objectMap["kind"] = e.Kind + populate(objectMap, "name", e.Name) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryItem. +func (e *EntityQueryItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityQueryItemPropertiesDataTypesItem. +func (e EntityQueryItemPropertiesDataTypesItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataType", e.DataType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryItemPropertiesDataTypesItem. +func (e *EntityQueryItemPropertiesDataTypesItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataType": + err = unpopulate(val, "DataType", &e.DataType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityQueryList. +func (e EntityQueryList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", e.NextLink) + populate(objectMap, "value", e.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryList. +func (e *EntityQueryList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &e.NextLink) + delete(rawMsg, key) + case "value": + e.Value, err = unmarshalEntityQueryClassificationArray(val) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityQueryTemplate. +func (e EntityQueryTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", e.ID) + objectMap["kind"] = e.Kind + populate(objectMap, "name", e.Name) + populate(objectMap, "systemData", e.SystemData) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryTemplate. +func (e *EntityQueryTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &e.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityQueryTemplateList. +func (e EntityQueryTemplateList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", e.NextLink) + populate(objectMap, "value", e.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryTemplateList. +func (e *EntityQueryTemplateList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &e.NextLink) + delete(rawMsg, key) + case "value": + e.Value, err = unmarshalEntityQueryTemplateClassificationArray(val) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityTimelineItem. +func (e EntityTimelineItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = e.Kind + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityTimelineItem. +func (e *EntityTimelineItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &e.Kind) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityTimelineParameters. +func (e EntityTimelineParameters) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "endTime", e.EndTime) + populate(objectMap, "kinds", e.Kinds) + populate(objectMap, "numberOfBucket", e.NumberOfBucket) + populateDateTimeRFC3339(objectMap, "startTime", e.StartTime) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityTimelineParameters. +func (e *EntityTimelineParameters) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "endTime": + err = unpopulateDateTimeRFC3339(val, "EndTime", &e.EndTime) + delete(rawMsg, key) + case "kinds": + err = unpopulate(val, "Kinds", &e.Kinds) + delete(rawMsg, key) + case "numberOfBucket": + err = unpopulate(val, "NumberOfBucket", &e.NumberOfBucket) + delete(rawMsg, key) + case "startTime": + err = unpopulateDateTimeRFC3339(val, "StartTime", &e.StartTime) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EntityTimelineResponse. +func (e EntityTimelineResponse) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "metaData", e.MetaData) + populate(objectMap, "value", e.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityTimelineResponse. +func (e *EntityTimelineResponse) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "metaData": + err = unpopulate(val, "MetaData", &e.MetaData) + delete(rawMsg, key) + case "value": + e.Value, err = unmarshalEntityTimelineItemClassificationArray(val) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Error. +func (e Error) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "errorMessage", e.ErrorMessage) + populate(objectMap, "memberResourceName", e.MemberResourceName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Error. +func (e *Error) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "errorMessage": + err = unpopulate(val, "ErrorMessage", &e.ErrorMessage) + delete(rawMsg, key) + case "memberResourceName": + err = unpopulate(val, "MemberResourceName", &e.MemberResourceName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EventGroupingSettings. +func (e EventGroupingSettings) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "aggregationKind", e.AggregationKind) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EventGroupingSettings. +func (e *EventGroupingSettings) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "aggregationKind": + err = unpopulate(val, "AggregationKind", &e.AggregationKind) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ExpansionEntityQueriesProperties. +func (e ExpansionEntityQueriesProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataSources", e.DataSources) + populate(objectMap, "displayName", e.DisplayName) + populate(objectMap, "inputEntityType", e.InputEntityType) + populate(objectMap, "inputFields", e.InputFields) + populate(objectMap, "outputEntityTypes", e.OutputEntityTypes) + populate(objectMap, "queryTemplate", e.QueryTemplate) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionEntityQueriesProperties. +func (e *ExpansionEntityQueriesProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataSources": + err = unpopulate(val, "DataSources", &e.DataSources) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &e.DisplayName) + delete(rawMsg, key) + case "inputEntityType": + err = unpopulate(val, "InputEntityType", &e.InputEntityType) + delete(rawMsg, key) + case "inputFields": + err = unpopulate(val, "InputFields", &e.InputFields) + delete(rawMsg, key) + case "outputEntityTypes": + err = unpopulate(val, "OutputEntityTypes", &e.OutputEntityTypes) + delete(rawMsg, key) + case "queryTemplate": + err = unpopulate(val, "QueryTemplate", &e.QueryTemplate) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ExpansionEntityQuery. +func (e ExpansionEntityQuery) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", e.Etag) + populate(objectMap, "id", e.ID) + objectMap["kind"] = EntityQueryKindExpansion + populate(objectMap, "name", e.Name) + populate(objectMap, "properties", e.Properties) + populate(objectMap, "systemData", e.SystemData) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionEntityQuery. +func (e *ExpansionEntityQuery) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &e.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &e.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &e.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ExpansionResultAggregation. +func (e ExpansionResultAggregation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "aggregationType", e.AggregationType) + populate(objectMap, "count", e.Count) + populate(objectMap, "displayName", e.DisplayName) + populate(objectMap, "entityKind", e.EntityKind) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionResultAggregation. +func (e *ExpansionResultAggregation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "aggregationType": + err = unpopulate(val, "AggregationType", &e.AggregationType) + delete(rawMsg, key) + case "count": + err = unpopulate(val, "Count", &e.Count) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &e.DisplayName) + delete(rawMsg, key) + case "entityKind": + err = unpopulate(val, "EntityKind", &e.EntityKind) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ExpansionResultsMetadata. +func (e ExpansionResultsMetadata) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "aggregations", e.Aggregations) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpansionResultsMetadata. +func (e *ExpansionResultsMetadata) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "aggregations": + err = unpopulate(val, "Aggregations", &e.Aggregations) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EyesOn. +func (e EyesOn) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", e.Etag) + populate(objectMap, "id", e.ID) + objectMap["kind"] = SettingKindEyesOn + populate(objectMap, "name", e.Name) + populate(objectMap, "properties", e.Properties) + populate(objectMap, "systemData", e.SystemData) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EyesOn. +func (e *EyesOn) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &e.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &e.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &e.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &e.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EyesOnSettingsProperties. +func (e EyesOnSettingsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "isEnabled", e.IsEnabled) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EyesOnSettingsProperties. +func (e *EyesOnSettingsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "isEnabled": + err = unpopulate(val, "IsEnabled", &e.IsEnabled) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FieldMapping. +func (f FieldMapping) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "columnName", f.ColumnName) + populate(objectMap, "identifier", f.Identifier) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FieldMapping. +func (f *FieldMapping) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "columnName": + err = unpopulate(val, "ColumnName", &f.ColumnName) + delete(rawMsg, key) + case "identifier": + err = unpopulate(val, "Identifier", &f.Identifier) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FileEntity. +func (f FileEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", f.ID) + objectMap["kind"] = EntityKindEnumFile + populate(objectMap, "name", f.Name) + populate(objectMap, "properties", f.Properties) + populate(objectMap, "systemData", f.SystemData) + populate(objectMap, "type", f.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FileEntity. +func (f *FileEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &f.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &f.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &f.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &f.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &f.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &f.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FileEntityProperties. +func (f FileEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", f.AdditionalData) + populate(objectMap, "directory", f.Directory) + populate(objectMap, "fileHashEntityIds", f.FileHashEntityIDs) + populate(objectMap, "fileName", f.FileName) + populate(objectMap, "friendlyName", f.FriendlyName) + populate(objectMap, "hostEntityId", f.HostEntityID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FileEntityProperties. +func (f *FileEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &f.AdditionalData) + delete(rawMsg, key) + case "directory": + err = unpopulate(val, "Directory", &f.Directory) + delete(rawMsg, key) + case "fileHashEntityIds": + err = unpopulate(val, "FileHashEntityIDs", &f.FileHashEntityIDs) + delete(rawMsg, key) + case "fileName": + err = unpopulate(val, "FileName", &f.FileName) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &f.FriendlyName) + delete(rawMsg, key) + case "hostEntityId": + err = unpopulate(val, "HostEntityID", &f.HostEntityID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FileHashEntity. +func (f FileHashEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", f.ID) + objectMap["kind"] = EntityKindEnumFileHash + populate(objectMap, "name", f.Name) + populate(objectMap, "properties", f.Properties) + populate(objectMap, "systemData", f.SystemData) + populate(objectMap, "type", f.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FileHashEntity. +func (f *FileHashEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &f.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &f.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &f.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &f.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &f.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &f.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FileHashEntityProperties. +func (f FileHashEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", f.AdditionalData) + populate(objectMap, "algorithm", f.Algorithm) + populate(objectMap, "friendlyName", f.FriendlyName) + populate(objectMap, "hashValue", f.HashValue) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FileHashEntityProperties. +func (f *FileHashEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &f.AdditionalData) + delete(rawMsg, key) + case "algorithm": + err = unpopulate(val, "Algorithm", &f.Algorithm) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &f.FriendlyName) + delete(rawMsg, key) + case "hashValue": + err = unpopulate(val, "HashValue", &f.HashValue) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FileImport. +func (f FileImport) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", f.ID) + populate(objectMap, "name", f.Name) + populate(objectMap, "properties", f.Properties) + populate(objectMap, "systemData", f.SystemData) + populate(objectMap, "type", f.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FileImport. +func (f *FileImport) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &f.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &f.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &f.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &f.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &f.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FileImportList. +func (f FileImportList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", f.NextLink) + populate(objectMap, "value", f.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FileImportList. +func (f *FileImportList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &f.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &f.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FileImportProperties. +func (f FileImportProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "contentType", f.ContentType) + populateDateTimeRFC3339(objectMap, "createdTimeUTC", f.CreatedTimeUTC) + populate(objectMap, "errorFile", f.ErrorFile) + populate(objectMap, "errorsPreview", f.ErrorsPreview) + populateDateTimeRFC3339(objectMap, "filesValidUntilTimeUTC", f.FilesValidUntilTimeUTC) + populate(objectMap, "importFile", f.ImportFile) + populateDateTimeRFC3339(objectMap, "importValidUntilTimeUTC", f.ImportValidUntilTimeUTC) + populate(objectMap, "ingestedRecordCount", f.IngestedRecordCount) + populate(objectMap, "ingestionMode", f.IngestionMode) + populate(objectMap, "source", f.Source) + populate(objectMap, "state", f.State) + populate(objectMap, "totalRecordCount", f.TotalRecordCount) + populate(objectMap, "validRecordCount", f.ValidRecordCount) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FileImportProperties. +func (f *FileImportProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "contentType": + err = unpopulate(val, "ContentType", &f.ContentType) + delete(rawMsg, key) + case "createdTimeUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &f.CreatedTimeUTC) + delete(rawMsg, key) + case "errorFile": + err = unpopulate(val, "ErrorFile", &f.ErrorFile) + delete(rawMsg, key) + case "errorsPreview": + err = unpopulate(val, "ErrorsPreview", &f.ErrorsPreview) + delete(rawMsg, key) + case "filesValidUntilTimeUTC": + err = unpopulateDateTimeRFC3339(val, "FilesValidUntilTimeUTC", &f.FilesValidUntilTimeUTC) + delete(rawMsg, key) + case "importFile": + err = unpopulate(val, "ImportFile", &f.ImportFile) + delete(rawMsg, key) + case "importValidUntilTimeUTC": + err = unpopulateDateTimeRFC3339(val, "ImportValidUntilTimeUTC", &f.ImportValidUntilTimeUTC) + delete(rawMsg, key) + case "ingestedRecordCount": + err = unpopulate(val, "IngestedRecordCount", &f.IngestedRecordCount) + delete(rawMsg, key) + case "ingestionMode": + err = unpopulate(val, "IngestionMode", &f.IngestionMode) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &f.Source) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &f.State) + delete(rawMsg, key) + case "totalRecordCount": + err = unpopulate(val, "TotalRecordCount", &f.TotalRecordCount) + delete(rawMsg, key) + case "validRecordCount": + err = unpopulate(val, "ValidRecordCount", &f.ValidRecordCount) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FileMetadata. +func (f FileMetadata) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "deleteStatus", f.DeleteStatus) + populate(objectMap, "fileContentUri", f.FileContentURI) + populate(objectMap, "fileFormat", f.FileFormat) + populate(objectMap, "fileName", f.FileName) + populate(objectMap, "fileSize", f.FileSize) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FileMetadata. +func (f *FileMetadata) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "deleteStatus": + err = unpopulate(val, "DeleteStatus", &f.DeleteStatus) + delete(rawMsg, key) + case "fileContentUri": + err = unpopulate(val, "FileContentURI", &f.FileContentURI) + delete(rawMsg, key) + case "fileFormat": + err = unpopulate(val, "FileFormat", &f.FileFormat) + delete(rawMsg, key) + case "fileName": + err = unpopulate(val, "FileName", &f.FileName) + delete(rawMsg, key) + case "fileSize": + err = unpopulate(val, "FileSize", &f.FileSize) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionAlertRule. +func (f FusionAlertRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", f.Etag) + populate(objectMap, "id", f.ID) + objectMap["kind"] = AlertRuleKindFusion + populate(objectMap, "name", f.Name) + populate(objectMap, "properties", f.Properties) + populate(objectMap, "systemData", f.SystemData) + populate(objectMap, "type", f.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRule. +func (f *FusionAlertRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &f.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &f.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &f.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &f.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &f.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &f.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &f.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleProperties. +func (f FusionAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertRuleTemplateName", f.AlertRuleTemplateName) + populate(objectMap, "description", f.Description) + populate(objectMap, "displayName", f.DisplayName) + populate(objectMap, "enabled", f.Enabled) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", f.LastModifiedUTC) + populate(objectMap, "scenarioExclusionPatterns", f.ScenarioExclusionPatterns) + populate(objectMap, "severity", f.Severity) + populate(objectMap, "sourceSettings", f.SourceSettings) + populate(objectMap, "subTechniques", f.SubTechniques) + populate(objectMap, "tactics", f.Tactics) + populate(objectMap, "techniques", f.Techniques) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleProperties. +func (f *FusionAlertRuleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &f.AlertRuleTemplateName) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &f.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &f.DisplayName) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &f.Enabled) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &f.LastModifiedUTC) + delete(rawMsg, key) + case "scenarioExclusionPatterns": + err = unpopulate(val, "ScenarioExclusionPatterns", &f.ScenarioExclusionPatterns) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &f.Severity) + delete(rawMsg, key) + case "sourceSettings": + err = unpopulate(val, "SourceSettings", &f.SourceSettings) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &f.SubTechniques) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &f.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &f.Techniques) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleTemplate. +func (f FusionAlertRuleTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", f.ID) + objectMap["kind"] = AlertRuleKindFusion + populate(objectMap, "name", f.Name) + populate(objectMap, "properties", f.Properties) + populate(objectMap, "systemData", f.SystemData) + populate(objectMap, "type", f.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleTemplate. +func (f *FusionAlertRuleTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &f.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &f.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &f.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &f.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &f.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &f.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionAlertRuleTemplateProperties. +func (f FusionAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertRulesCreatedByTemplateCount", f.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", f.CreatedDateUTC) + populate(objectMap, "description", f.Description) + populate(objectMap, "displayName", f.DisplayName) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", f.LastUpdatedDateUTC) + populate(objectMap, "requiredDataConnectors", f.RequiredDataConnectors) + populate(objectMap, "severity", f.Severity) + populate(objectMap, "sourceSettings", f.SourceSettings) + populate(objectMap, "status", f.Status) + populate(objectMap, "subTechniques", f.SubTechniques) + populate(objectMap, "tactics", f.Tactics) + populate(objectMap, "techniques", f.Techniques) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionAlertRuleTemplateProperties. +func (f *FusionAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &f.AlertRulesCreatedByTemplateCount) + delete(rawMsg, key) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &f.CreatedDateUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &f.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &f.DisplayName) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &f.LastUpdatedDateUTC) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &f.RequiredDataConnectors) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &f.Severity) + delete(rawMsg, key) + case "sourceSettings": + err = unpopulate(val, "SourceSettings", &f.SourceSettings) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &f.Status) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &f.SubTechniques) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &f.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &f.Techniques) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionScenarioExclusionPattern. +func (f FusionScenarioExclusionPattern) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dateAddedInUTC", f.DateAddedInUTC) + populate(objectMap, "exclusionPattern", f.ExclusionPattern) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionScenarioExclusionPattern. +func (f *FusionScenarioExclusionPattern) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dateAddedInUTC": + err = unpopulate(val, "DateAddedInUTC", &f.DateAddedInUTC) + delete(rawMsg, key) + case "exclusionPattern": + err = unpopulate(val, "ExclusionPattern", &f.ExclusionPattern) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionSourceSettings. +func (f FusionSourceSettings) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "enabled", f.Enabled) + populate(objectMap, "sourceName", f.SourceName) + populate(objectMap, "sourceSubTypes", f.SourceSubTypes) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSourceSettings. +func (f *FusionSourceSettings) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "enabled": + err = unpopulate(val, "Enabled", &f.Enabled) + delete(rawMsg, key) + case "sourceName": + err = unpopulate(val, "SourceName", &f.SourceName) + delete(rawMsg, key) + case "sourceSubTypes": + err = unpopulate(val, "SourceSubTypes", &f.SourceSubTypes) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionSourceSubTypeSetting. +func (f FusionSourceSubTypeSetting) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "enabled", f.Enabled) + populate(objectMap, "severityFilters", f.SeverityFilters) + populate(objectMap, "sourceSubTypeDisplayName", f.SourceSubTypeDisplayName) + populate(objectMap, "sourceSubTypeName", f.SourceSubTypeName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSourceSubTypeSetting. +func (f *FusionSourceSubTypeSetting) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "enabled": + err = unpopulate(val, "Enabled", &f.Enabled) + delete(rawMsg, key) + case "severityFilters": + err = unpopulate(val, "SeverityFilters", &f.SeverityFilters) + delete(rawMsg, key) + case "sourceSubTypeDisplayName": + err = unpopulate(val, "SourceSubTypeDisplayName", &f.SourceSubTypeDisplayName) + delete(rawMsg, key) + case "sourceSubTypeName": + err = unpopulate(val, "SourceSubTypeName", &f.SourceSubTypeName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionSubTypeSeverityFilter. +func (f FusionSubTypeSeverityFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "filters", f.Filters) + populate(objectMap, "isSupported", f.IsSupported) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSubTypeSeverityFilter. +func (f *FusionSubTypeSeverityFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "filters": + err = unpopulate(val, "Filters", &f.Filters) + delete(rawMsg, key) + case "isSupported": + err = unpopulate(val, "IsSupported", &f.IsSupported) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionSubTypeSeverityFiltersItem. +func (f FusionSubTypeSeverityFiltersItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "enabled", f.Enabled) + populate(objectMap, "severity", f.Severity) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionSubTypeSeverityFiltersItem. +func (f *FusionSubTypeSeverityFiltersItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "enabled": + err = unpopulate(val, "Enabled", &f.Enabled) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &f.Severity) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionTemplateSourceSetting. +func (f FusionTemplateSourceSetting) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "sourceName", f.SourceName) + populate(objectMap, "sourceSubTypes", f.SourceSubTypes) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionTemplateSourceSetting. +func (f *FusionTemplateSourceSetting) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "sourceName": + err = unpopulate(val, "SourceName", &f.SourceName) + delete(rawMsg, key) + case "sourceSubTypes": + err = unpopulate(val, "SourceSubTypes", &f.SourceSubTypes) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionTemplateSourceSubType. +func (f FusionTemplateSourceSubType) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "severityFilter", f.SeverityFilter) + populate(objectMap, "sourceSubTypeDisplayName", f.SourceSubTypeDisplayName) + populate(objectMap, "sourceSubTypeName", f.SourceSubTypeName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionTemplateSourceSubType. +func (f *FusionTemplateSourceSubType) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "severityFilter": + err = unpopulate(val, "SeverityFilter", &f.SeverityFilter) + delete(rawMsg, key) + case "sourceSubTypeDisplayName": + err = unpopulate(val, "SourceSubTypeDisplayName", &f.SourceSubTypeDisplayName) + delete(rawMsg, key) + case "sourceSubTypeName": + err = unpopulate(val, "SourceSubTypeName", &f.SourceSubTypeName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type FusionTemplateSubTypeSeverityFilter. +func (f FusionTemplateSubTypeSeverityFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "isSupported", f.IsSupported) + populate(objectMap, "severityFilters", f.SeverityFilters) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type FusionTemplateSubTypeSeverityFilter. +func (f *FusionTemplateSubTypeSeverityFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "isSupported": + err = unpopulate(val, "IsSupported", &f.IsSupported) + delete(rawMsg, key) + case "severityFilters": + err = unpopulate(val, "SeverityFilters", &f.SeverityFilters) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", f, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GCPAuthModel. +func (g GCPAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "projectNumber", g.ProjectNumber) + populate(objectMap, "serviceAccountEmail", g.ServiceAccountEmail) + objectMap["type"] = CcpAuthTypeGCP + populate(objectMap, "workloadIdentityProviderId", g.WorkloadIdentityProviderID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GCPAuthModel. +func (g *GCPAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "projectNumber": + err = unpopulate(val, "ProjectNumber", &g.ProjectNumber) + delete(rawMsg, key) + case "serviceAccountEmail": + err = unpopulate(val, "ServiceAccountEmail", &g.ServiceAccountEmail) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &g.Type) + delete(rawMsg, key) + case "workloadIdentityProviderId": + err = unpopulate(val, "WorkloadIdentityProviderID", &g.WorkloadIdentityProviderID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GCPAuthProperties. +func (g GCPAuthProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "projectNumber", g.ProjectNumber) + populate(objectMap, "serviceAccountEmail", g.ServiceAccountEmail) + populate(objectMap, "workloadIdentityProviderId", g.WorkloadIdentityProviderID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GCPAuthProperties. +func (g *GCPAuthProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "projectNumber": + err = unpopulate(val, "ProjectNumber", &g.ProjectNumber) + delete(rawMsg, key) + case "serviceAccountEmail": + err = unpopulate(val, "ServiceAccountEmail", &g.ServiceAccountEmail) + delete(rawMsg, key) + case "workloadIdentityProviderId": + err = unpopulate(val, "WorkloadIdentityProviderID", &g.WorkloadIdentityProviderID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GCPDataConnector. +func (g GCPDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", g.Etag) + populate(objectMap, "id", g.ID) + objectMap["kind"] = DataConnectorKindGCP + populate(objectMap, "name", g.Name) + populate(objectMap, "properties", g.Properties) + populate(objectMap, "systemData", g.SystemData) + populate(objectMap, "type", g.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GCPDataConnector. +func (g *GCPDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &g.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &g.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &g.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &g.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &g.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &g.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &g.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GCPDataConnectorProperties. +func (g GCPDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "auth", g.Auth) + populate(objectMap, "connectorDefinitionName", g.ConnectorDefinitionName) + populate(objectMap, "dcrConfig", g.DcrConfig) + populate(objectMap, "request", g.Request) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GCPDataConnectorProperties. +func (g *GCPDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "auth": + err = unpopulate(val, "Auth", &g.Auth) + delete(rawMsg, key) + case "connectorDefinitionName": + err = unpopulate(val, "ConnectorDefinitionName", &g.ConnectorDefinitionName) + delete(rawMsg, key) + case "dcrConfig": + err = unpopulate(val, "DcrConfig", &g.DcrConfig) + delete(rawMsg, key) + case "request": + err = unpopulate(val, "Request", &g.Request) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GCPRequestProperties. +func (g GCPRequestProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "projectId", g.ProjectID) + populate(objectMap, "subscriptionNames", g.SubscriptionNames) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GCPRequestProperties. +func (g *GCPRequestProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "projectId": + err = unpopulate(val, "ProjectID", &g.ProjectID) + delete(rawMsg, key) + case "subscriptionNames": + err = unpopulate(val, "SubscriptionNames", &g.SubscriptionNames) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GenericBlobSbsAuthModel. +func (g GenericBlobSbsAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "credentialsConfig", g.CredentialsConfig) + populate(objectMap, "storageAccountCredentialsConfig", g.StorageAccountCredentialsConfig) + objectMap["type"] = CcpAuthTypeServiceBus + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GenericBlobSbsAuthModel. +func (g *GenericBlobSbsAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "credentialsConfig": + err = unpopulate(val, "CredentialsConfig", &g.CredentialsConfig) + delete(rawMsg, key) + case "storageAccountCredentialsConfig": + err = unpopulate(val, "StorageAccountCredentialsConfig", &g.StorageAccountCredentialsConfig) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &g.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GeoLocation. +func (g GeoLocation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "asn", g.Asn) + populate(objectMap, "city", g.City) + populate(objectMap, "countryCode", g.CountryCode) + populate(objectMap, "countryName", g.CountryName) + populate(objectMap, "latitude", g.Latitude) + populate(objectMap, "longitude", g.Longitude) + populate(objectMap, "state", g.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GeoLocation. +func (g *GeoLocation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "asn": + err = unpopulate(val, "Asn", &g.Asn) + delete(rawMsg, key) + case "city": + err = unpopulate(val, "City", &g.City) + delete(rawMsg, key) + case "countryCode": + err = unpopulate(val, "CountryCode", &g.CountryCode) + delete(rawMsg, key) + case "countryName": + err = unpopulate(val, "CountryName", &g.CountryName) + delete(rawMsg, key) + case "latitude": + err = unpopulate(val, "Latitude", &g.Latitude) + delete(rawMsg, key) + case "longitude": + err = unpopulate(val, "Longitude", &g.Longitude) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &g.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GetInsightsErrorKind. +func (g GetInsightsErrorKind) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "errorMessage", g.ErrorMessage) + populate(objectMap, "kind", g.Kind) + populate(objectMap, "queryId", g.QueryID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GetInsightsErrorKind. +func (g *GetInsightsErrorKind) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "errorMessage": + err = unpopulate(val, "ErrorMessage", &g.ErrorMessage) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &g.Kind) + delete(rawMsg, key) + case "queryId": + err = unpopulate(val, "QueryID", &g.QueryID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GetInsightsResultsMetadata. +func (g GetInsightsResultsMetadata) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "errors", g.Errors) + populate(objectMap, "totalCount", g.TotalCount) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GetInsightsResultsMetadata. +func (g *GetInsightsResultsMetadata) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "errors": + err = unpopulate(val, "Errors", &g.Errors) + delete(rawMsg, key) + case "totalCount": + err = unpopulate(val, "TotalCount", &g.TotalCount) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GetQueriesResponse. +func (g GetQueriesResponse) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "value", g.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GetQueriesResponse. +func (g *GetQueriesResponse) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "value": + g.Value, err = unmarshalEntityQueryItemClassificationArray(val) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GitHubAuthModel. +func (g GitHubAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "installationId", g.InstallationID) + objectMap["type"] = CcpAuthTypeGitHub + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GitHubAuthModel. +func (g *GitHubAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "installationId": + err = unpopulate(val, "InstallationID", &g.InstallationID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &g.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GitHubResourceInfo. +func (g GitHubResourceInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "appInstallationId", g.AppInstallationID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GitHubResourceInfo. +func (g *GitHubResourceInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "appInstallationId": + err = unpopulate(val, "AppInstallationID", &g.AppInstallationID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GraphQuery. +func (g GraphQuery) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "baseQuery", g.BaseQuery) + populate(objectMap, "legend", g.Legend) + populate(objectMap, "metricName", g.MetricName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GraphQuery. +func (g *GraphQuery) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "baseQuery": + err = unpopulate(val, "BaseQuery", &g.BaseQuery) + delete(rawMsg, key) + case "legend": + err = unpopulate(val, "Legend", &g.Legend) + delete(rawMsg, key) + case "metricName": + err = unpopulate(val, "MetricName", &g.MetricName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type GroupingConfiguration. +func (g GroupingConfiguration) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "enabled", g.Enabled) + populate(objectMap, "groupByAlertDetails", g.GroupByAlertDetails) + populate(objectMap, "groupByCustomDetails", g.GroupByCustomDetails) + populate(objectMap, "groupByEntities", g.GroupByEntities) + populate(objectMap, "lookbackDuration", g.LookbackDuration) + populate(objectMap, "matchingMethod", g.MatchingMethod) + populate(objectMap, "reopenClosedIncident", g.ReopenClosedIncident) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type GroupingConfiguration. +func (g *GroupingConfiguration) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "enabled": + err = unpopulate(val, "Enabled", &g.Enabled) + delete(rawMsg, key) + case "groupByAlertDetails": + err = unpopulate(val, "GroupByAlertDetails", &g.GroupByAlertDetails) + delete(rawMsg, key) + case "groupByCustomDetails": + err = unpopulate(val, "GroupByCustomDetails", &g.GroupByCustomDetails) + delete(rawMsg, key) + case "groupByEntities": + err = unpopulate(val, "GroupByEntities", &g.GroupByEntities) + delete(rawMsg, key) + case "lookbackDuration": + err = unpopulate(val, "LookbackDuration", &g.LookbackDuration) + delete(rawMsg, key) + case "matchingMethod": + err = unpopulate(val, "MatchingMethod", &g.MatchingMethod) + delete(rawMsg, key) + case "reopenClosedIncident": + err = unpopulate(val, "ReopenClosedIncident", &g.ReopenClosedIncident) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", g, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HostEntity. +func (h HostEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", h.ID) + objectMap["kind"] = EntityKindEnumHost + populate(objectMap, "name", h.Name) + populate(objectMap, "properties", h.Properties) + populate(objectMap, "systemData", h.SystemData) + populate(objectMap, "type", h.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HostEntity. +func (h *HostEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &h.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &h.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &h.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &h.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &h.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &h.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HostEntityProperties. +func (h HostEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", h.AdditionalData) + populate(objectMap, "azureID", h.AzureID) + populate(objectMap, "dnsDomain", h.DNSDomain) + populate(objectMap, "friendlyName", h.FriendlyName) + populate(objectMap, "hostName", h.HostName) + populate(objectMap, "isDomainJoined", h.IsDomainJoined) + populate(objectMap, "netBiosName", h.NetBiosName) + populate(objectMap, "ntDomain", h.NtDomain) + populate(objectMap, "osFamily", h.OSFamily) + populate(objectMap, "osVersion", h.OSVersion) + populate(objectMap, "omsAgentID", h.OmsAgentID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HostEntityProperties. +func (h *HostEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &h.AdditionalData) + delete(rawMsg, key) + case "azureID": + err = unpopulate(val, "AzureID", &h.AzureID) + delete(rawMsg, key) + case "dnsDomain": + err = unpopulate(val, "DNSDomain", &h.DNSDomain) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &h.FriendlyName) + delete(rawMsg, key) + case "hostName": + err = unpopulate(val, "HostName", &h.HostName) + delete(rawMsg, key) + case "isDomainJoined": + err = unpopulate(val, "IsDomainJoined", &h.IsDomainJoined) + delete(rawMsg, key) + case "netBiosName": + err = unpopulate(val, "NetBiosName", &h.NetBiosName) + delete(rawMsg, key) + case "ntDomain": + err = unpopulate(val, "NtDomain", &h.NtDomain) + delete(rawMsg, key) + case "osFamily": + err = unpopulate(val, "OSFamily", &h.OSFamily) + delete(rawMsg, key) + case "osVersion": + err = unpopulate(val, "OSVersion", &h.OSVersion) + delete(rawMsg, key) + case "omsAgentID": + err = unpopulate(val, "OmsAgentID", &h.OmsAgentID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Hunt. +func (h Hunt) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", h.Etag) + populate(objectMap, "id", h.ID) + populate(objectMap, "name", h.Name) + populate(objectMap, "properties", h.Properties) + populate(objectMap, "systemData", h.SystemData) + populate(objectMap, "type", h.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Hunt. +func (h *Hunt) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &h.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &h.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &h.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &h.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &h.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &h.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntComment. +func (h HuntComment) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", h.Etag) + populate(objectMap, "id", h.ID) + populate(objectMap, "name", h.Name) + populate(objectMap, "properties", h.Properties) + populate(objectMap, "systemData", h.SystemData) + populate(objectMap, "type", h.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntComment. +func (h *HuntComment) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &h.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &h.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &h.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &h.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &h.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &h.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntCommentList. +func (h HuntCommentList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", h.NextLink) + populate(objectMap, "value", h.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntCommentList. +func (h *HuntCommentList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &h.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &h.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntCommentProperties. +func (h HuntCommentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "message", h.Message) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntCommentProperties. +func (h *HuntCommentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "message": + err = unpopulate(val, "Message", &h.Message) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntList. +func (h HuntList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", h.NextLink) + populate(objectMap, "value", h.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntList. +func (h *HuntList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &h.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &h.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntOwner. +func (h HuntOwner) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "assignedTo", h.AssignedTo) + populate(objectMap, "email", h.Email) + populate(objectMap, "objectId", h.ObjectID) + populate(objectMap, "ownerType", h.OwnerType) + populate(objectMap, "userPrincipalName", h.UserPrincipalName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntOwner. +func (h *HuntOwner) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "assignedTo": + err = unpopulate(val, "AssignedTo", &h.AssignedTo) + delete(rawMsg, key) + case "email": + err = unpopulate(val, "Email", &h.Email) + delete(rawMsg, key) + case "objectId": + err = unpopulate(val, "ObjectID", &h.ObjectID) + delete(rawMsg, key) + case "ownerType": + err = unpopulate(val, "OwnerType", &h.OwnerType) + delete(rawMsg, key) + case "userPrincipalName": + err = unpopulate(val, "UserPrincipalName", &h.UserPrincipalName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntProperties. +func (h HuntProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "attackTactics", h.AttackTactics) + populate(objectMap, "attackTechniques", h.AttackTechniques) + populate(objectMap, "description", h.Description) + populate(objectMap, "displayName", h.DisplayName) + populate(objectMap, "hypothesisStatus", h.HypothesisStatus) + populate(objectMap, "labels", h.Labels) + populate(objectMap, "owner", h.Owner) + populate(objectMap, "status", h.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntProperties. +func (h *HuntProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "attackTactics": + err = unpopulate(val, "AttackTactics", &h.AttackTactics) + delete(rawMsg, key) + case "attackTechniques": + err = unpopulate(val, "AttackTechniques", &h.AttackTechniques) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &h.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &h.DisplayName) + delete(rawMsg, key) + case "hypothesisStatus": + err = unpopulate(val, "HypothesisStatus", &h.HypothesisStatus) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &h.Labels) + delete(rawMsg, key) + case "owner": + err = unpopulate(val, "Owner", &h.Owner) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &h.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntRelation. +func (h HuntRelation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", h.Etag) + populate(objectMap, "id", h.ID) + populate(objectMap, "name", h.Name) + populate(objectMap, "properties", h.Properties) + populate(objectMap, "systemData", h.SystemData) + populate(objectMap, "type", h.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntRelation. +func (h *HuntRelation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &h.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &h.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &h.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &h.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &h.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &h.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntRelationList. +func (h HuntRelationList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", h.NextLink) + populate(objectMap, "value", h.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntRelationList. +func (h *HuntRelationList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &h.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &h.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntRelationProperties. +func (h HuntRelationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "labels", h.Labels) + populate(objectMap, "relatedResourceId", h.RelatedResourceID) + populate(objectMap, "relatedResourceKind", h.RelatedResourceKind) + populate(objectMap, "relatedResourceName", h.RelatedResourceName) + populate(objectMap, "relationType", h.RelationType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntRelationProperties. +func (h *HuntRelationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "labels": + err = unpopulate(val, "Labels", &h.Labels) + delete(rawMsg, key) + case "relatedResourceId": + err = unpopulate(val, "RelatedResourceID", &h.RelatedResourceID) + delete(rawMsg, key) + case "relatedResourceKind": + err = unpopulate(val, "RelatedResourceKind", &h.RelatedResourceKind) + delete(rawMsg, key) + case "relatedResourceName": + err = unpopulate(val, "RelatedResourceName", &h.RelatedResourceName) + delete(rawMsg, key) + case "relationType": + err = unpopulate(val, "RelationType", &h.RelationType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntingBookmark. +func (h HuntingBookmark) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", h.ID) + objectMap["kind"] = EntityKindEnumBookmark + populate(objectMap, "name", h.Name) + populate(objectMap, "properties", h.Properties) + populate(objectMap, "systemData", h.SystemData) + populate(objectMap, "type", h.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntingBookmark. +func (h *HuntingBookmark) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &h.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &h.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &h.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &h.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &h.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &h.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type HuntingBookmarkProperties. +func (h HuntingBookmarkProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", h.AdditionalData) + populateDateTimeRFC3339(objectMap, "created", h.Created) + populate(objectMap, "createdBy", h.CreatedBy) + populate(objectMap, "displayName", h.DisplayName) + populateDateTimeRFC3339(objectMap, "eventTime", h.EventTime) + populate(objectMap, "friendlyName", h.FriendlyName) + populate(objectMap, "incidentInfo", h.IncidentInfo) + populate(objectMap, "labels", h.Labels) + populate(objectMap, "notes", h.Notes) + populate(objectMap, "query", h.Query) + populate(objectMap, "queryResult", h.QueryResult) + populateDateTimeRFC3339(objectMap, "updated", h.Updated) + populate(objectMap, "updatedBy", h.UpdatedBy) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type HuntingBookmarkProperties. +func (h *HuntingBookmarkProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &h.AdditionalData) + delete(rawMsg, key) + case "created": + err = unpopulateDateTimeRFC3339(val, "Created", &h.Created) + delete(rawMsg, key) + case "createdBy": + err = unpopulate(val, "CreatedBy", &h.CreatedBy) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &h.DisplayName) + delete(rawMsg, key) + case "eventTime": + err = unpopulateDateTimeRFC3339(val, "EventTime", &h.EventTime) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &h.FriendlyName) + delete(rawMsg, key) + case "incidentInfo": + err = unpopulate(val, "IncidentInfo", &h.IncidentInfo) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &h.Labels) + delete(rawMsg, key) + case "notes": + err = unpopulate(val, "Notes", &h.Notes) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &h.Query) + delete(rawMsg, key) + case "queryResult": + err = unpopulate(val, "QueryResult", &h.QueryResult) + delete(rawMsg, key) + case "updated": + err = unpopulateDateTimeRFC3339(val, "Updated", &h.Updated) + delete(rawMsg, key) + case "updatedBy": + err = unpopulate(val, "UpdatedBy", &h.UpdatedBy) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", h, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IPEntity. +func (i IPEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", i.ID) + objectMap["kind"] = EntityKindEnumIP + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IPEntity. +func (i *IPEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &i.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IPEntityProperties. +func (i IPEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", i.AdditionalData) + populate(objectMap, "address", i.Address) + populate(objectMap, "friendlyName", i.FriendlyName) + populate(objectMap, "location", i.Location) + populate(objectMap, "threatIntelligence", i.ThreatIntelligence) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IPEntityProperties. +func (i *IPEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &i.AdditionalData) + delete(rawMsg, key) + case "address": + err = unpopulate(val, "Address", &i.Address) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &i.FriendlyName) + delete(rawMsg, key) + case "location": + err = unpopulate(val, "Location", &i.Location) + delete(rawMsg, key) + case "threatIntelligence": + err = unpopulate(val, "ThreatIntelligence", &i.ThreatIntelligence) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Identity. +func (i Identity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", i.ID) + objectMap["kind"] = TIObjectKindIdentity + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Identity. +func (i *Identity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &i.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Incident. +func (i Incident) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", i.Etag) + populate(objectMap, "id", i.ID) + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Incident. +func (i *Incident) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &i.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentAdditionalData. +func (i IncidentAdditionalData) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertProductNames", i.AlertProductNames) + populate(objectMap, "alertsCount", i.AlertsCount) + populate(objectMap, "bookmarksCount", i.BookmarksCount) + populate(objectMap, "commentsCount", i.CommentsCount) + populate(objectMap, "providerIncidentUrl", i.ProviderIncidentURL) + populate(objectMap, "tactics", i.Tactics) + populate(objectMap, "techniques", i.Techniques) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentAdditionalData. +func (i *IncidentAdditionalData) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertProductNames": + err = unpopulate(val, "AlertProductNames", &i.AlertProductNames) + delete(rawMsg, key) + case "alertsCount": + err = unpopulate(val, "AlertsCount", &i.AlertsCount) + delete(rawMsg, key) + case "bookmarksCount": + err = unpopulate(val, "BookmarksCount", &i.BookmarksCount) + delete(rawMsg, key) + case "commentsCount": + err = unpopulate(val, "CommentsCount", &i.CommentsCount) + delete(rawMsg, key) + case "providerIncidentUrl": + err = unpopulate(val, "ProviderIncidentURL", &i.ProviderIncidentURL) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &i.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &i.Techniques) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentAlertList. +func (i IncidentAlertList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "value", i.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentAlertList. +func (i *IncidentAlertList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "value": + err = unpopulate(val, "Value", &i.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentBookmarkList. +func (i IncidentBookmarkList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "value", i.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentBookmarkList. +func (i *IncidentBookmarkList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "value": + err = unpopulate(val, "Value", &i.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentComment. +func (i IncidentComment) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", i.Etag) + populate(objectMap, "id", i.ID) + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentComment. +func (i *IncidentComment) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &i.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentCommentList. +func (i IncidentCommentList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", i.NextLink) + populate(objectMap, "value", i.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentCommentList. +func (i *IncidentCommentList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &i.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &i.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentCommentProperties. +func (i IncidentCommentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", i.Author) + populateDateTimeRFC3339(objectMap, "createdTimeUtc", i.CreatedTimeUTC) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", i.LastModifiedTimeUTC) + populate(objectMap, "message", i.Message) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentCommentProperties. +func (i *IncidentCommentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &i.Author) + delete(rawMsg, key) + case "createdTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &i.CreatedTimeUTC) + delete(rawMsg, key) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &i.LastModifiedTimeUTC) + delete(rawMsg, key) + case "message": + err = unpopulate(val, "Message", &i.Message) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentConfiguration. +func (i IncidentConfiguration) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "createIncident", i.CreateIncident) + populate(objectMap, "groupingConfiguration", i.GroupingConfiguration) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentConfiguration. +func (i *IncidentConfiguration) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "createIncident": + err = unpopulate(val, "CreateIncident", &i.CreateIncident) + delete(rawMsg, key) + case "groupingConfiguration": + err = unpopulate(val, "GroupingConfiguration", &i.GroupingConfiguration) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentEntitiesResponse. +func (i IncidentEntitiesResponse) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "entities", i.Entities) + populate(objectMap, "metaData", i.MetaData) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentEntitiesResponse. +func (i *IncidentEntitiesResponse) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "entities": + i.Entities, err = unmarshalEntityClassificationArray(val) + delete(rawMsg, key) + case "metaData": + err = unpopulate(val, "MetaData", &i.MetaData) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentEntitiesResultsMetadata. +func (i IncidentEntitiesResultsMetadata) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "count", i.Count) + populate(objectMap, "entityKind", i.EntityKind) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentEntitiesResultsMetadata. +func (i *IncidentEntitiesResultsMetadata) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "count": + err = unpopulate(val, "Count", &i.Count) + delete(rawMsg, key) + case "entityKind": + err = unpopulate(val, "EntityKind", &i.EntityKind) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentInfo. +func (i IncidentInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "incidentId", i.IncidentID) + populate(objectMap, "relationName", i.RelationName) + populate(objectMap, "severity", i.Severity) + populate(objectMap, "title", i.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentInfo. +func (i *IncidentInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "incidentId": + err = unpopulate(val, "IncidentID", &i.IncidentID) + delete(rawMsg, key) + case "relationName": + err = unpopulate(val, "RelationName", &i.RelationName) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &i.Severity) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &i.Title) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentLabel. +func (i IncidentLabel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "labelName", i.LabelName) + populate(objectMap, "labelType", i.LabelType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentLabel. +func (i *IncidentLabel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "labelName": + err = unpopulate(val, "LabelName", &i.LabelName) + delete(rawMsg, key) + case "labelType": + err = unpopulate(val, "LabelType", &i.LabelType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentList. +func (i IncidentList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", i.NextLink) + populate(objectMap, "value", i.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentList. +func (i *IncidentList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &i.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &i.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentOwnerInfo. +func (i IncidentOwnerInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "assignedTo", i.AssignedTo) + populate(objectMap, "email", i.Email) + populate(objectMap, "objectId", i.ObjectID) + populate(objectMap, "ownerType", i.OwnerType) + populate(objectMap, "userPrincipalName", i.UserPrincipalName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentOwnerInfo. +func (i *IncidentOwnerInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "assignedTo": + err = unpopulate(val, "AssignedTo", &i.AssignedTo) + delete(rawMsg, key) + case "email": + err = unpopulate(val, "Email", &i.Email) + delete(rawMsg, key) + case "objectId": + err = unpopulate(val, "ObjectID", &i.ObjectID) + delete(rawMsg, key) + case "ownerType": + err = unpopulate(val, "OwnerType", &i.OwnerType) + delete(rawMsg, key) + case "userPrincipalName": + err = unpopulate(val, "UserPrincipalName", &i.UserPrincipalName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentProperties. +func (i IncidentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", i.AdditionalData) + populate(objectMap, "classification", i.Classification) + populate(objectMap, "classificationComment", i.ClassificationComment) + populate(objectMap, "classificationReason", i.ClassificationReason) + populateDateTimeRFC3339(objectMap, "createdTimeUtc", i.CreatedTimeUTC) + populate(objectMap, "description", i.Description) + populateDateTimeRFC3339(objectMap, "firstActivityTimeUtc", i.FirstActivityTimeUTC) + populate(objectMap, "incidentNumber", i.IncidentNumber) + populate(objectMap, "incidentUrl", i.IncidentURL) + populate(objectMap, "labels", i.Labels) + populateDateTimeRFC3339(objectMap, "lastActivityTimeUtc", i.LastActivityTimeUTC) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", i.LastModifiedTimeUTC) + populate(objectMap, "owner", i.Owner) + populate(objectMap, "providerIncidentId", i.ProviderIncidentID) + populate(objectMap, "providerName", i.ProviderName) + populate(objectMap, "relatedAnalyticRuleIds", i.RelatedAnalyticRuleIDs) + populate(objectMap, "severity", i.Severity) + populate(objectMap, "status", i.Status) + populate(objectMap, "teamInformation", i.TeamInformation) + populate(objectMap, "title", i.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentProperties. +func (i *IncidentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &i.AdditionalData) + delete(rawMsg, key) + case "classification": + err = unpopulate(val, "Classification", &i.Classification) + delete(rawMsg, key) + case "classificationComment": + err = unpopulate(val, "ClassificationComment", &i.ClassificationComment) + delete(rawMsg, key) + case "classificationReason": + err = unpopulate(val, "ClassificationReason", &i.ClassificationReason) + delete(rawMsg, key) + case "createdTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &i.CreatedTimeUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &i.Description) + delete(rawMsg, key) + case "firstActivityTimeUtc": + err = unpopulateDateTimeRFC3339(val, "FirstActivityTimeUTC", &i.FirstActivityTimeUTC) + delete(rawMsg, key) + case "incidentNumber": + err = unpopulate(val, "IncidentNumber", &i.IncidentNumber) + delete(rawMsg, key) + case "incidentUrl": + err = unpopulate(val, "IncidentURL", &i.IncidentURL) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &i.Labels) + delete(rawMsg, key) + case "lastActivityTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastActivityTimeUTC", &i.LastActivityTimeUTC) + delete(rawMsg, key) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &i.LastModifiedTimeUTC) + delete(rawMsg, key) + case "owner": + err = unpopulate(val, "Owner", &i.Owner) + delete(rawMsg, key) + case "providerIncidentId": + err = unpopulate(val, "ProviderIncidentID", &i.ProviderIncidentID) + delete(rawMsg, key) + case "providerName": + err = unpopulate(val, "ProviderName", &i.ProviderName) + delete(rawMsg, key) + case "relatedAnalyticRuleIds": + err = unpopulate(val, "RelatedAnalyticRuleIDs", &i.RelatedAnalyticRuleIDs) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &i.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &i.Status) + delete(rawMsg, key) + case "teamInformation": + err = unpopulate(val, "TeamInformation", &i.TeamInformation) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &i.Title) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentPropertiesAction. +func (i IncidentPropertiesAction) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "classification", i.Classification) + populate(objectMap, "classificationComment", i.ClassificationComment) + populate(objectMap, "classificationReason", i.ClassificationReason) + populate(objectMap, "labels", i.Labels) + populate(objectMap, "owner", i.Owner) + populate(objectMap, "severity", i.Severity) + populate(objectMap, "status", i.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentPropertiesAction. +func (i *IncidentPropertiesAction) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "classification": + err = unpopulate(val, "Classification", &i.Classification) + delete(rawMsg, key) + case "classificationComment": + err = unpopulate(val, "ClassificationComment", &i.ClassificationComment) + delete(rawMsg, key) + case "classificationReason": + err = unpopulate(val, "ClassificationReason", &i.ClassificationReason) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &i.Labels) + delete(rawMsg, key) + case "owner": + err = unpopulate(val, "Owner", &i.Owner) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &i.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &i.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentTask. +func (i IncidentTask) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", i.Etag) + populate(objectMap, "id", i.ID) + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentTask. +func (i *IncidentTask) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &i.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentTaskList. +func (i IncidentTaskList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", i.NextLink) + populate(objectMap, "value", i.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentTaskList. +func (i *IncidentTaskList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &i.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &i.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IncidentTaskProperties. +func (i IncidentTaskProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "createdBy", i.CreatedBy) + populateDateTimeRFC3339(objectMap, "createdTimeUtc", i.CreatedTimeUTC) + populate(objectMap, "description", i.Description) + populate(objectMap, "lastModifiedBy", i.LastModifiedBy) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", i.LastModifiedTimeUTC) + populate(objectMap, "status", i.Status) + populate(objectMap, "title", i.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IncidentTaskProperties. +func (i *IncidentTaskProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "createdBy": + err = unpopulate(val, "CreatedBy", &i.CreatedBy) + delete(rawMsg, key) + case "createdTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreatedTimeUTC", &i.CreatedTimeUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &i.Description) + delete(rawMsg, key) + case "lastModifiedBy": + err = unpopulate(val, "LastModifiedBy", &i.LastModifiedBy) + delete(rawMsg, key) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &i.LastModifiedTimeUTC) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &i.Status) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &i.Title) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Indicator. +func (i Indicator) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", i.ID) + objectMap["kind"] = TIObjectKindIndicator + populate(objectMap, "name", i.Name) + populate(objectMap, "observables", i.Observables) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Indicator. +func (i *Indicator) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &i.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "observables": + err = unpopulate(val, "Observables", &i.Observables) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IndicatorObservablesItem. +func (i IndicatorObservablesItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "type", i.Type) + populate(objectMap, "value", i.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IndicatorObservablesItem. +func (i *IndicatorObservablesItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &i.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItem. +func (i InsightQueryItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", i.ID) + objectMap["kind"] = EntityQueryKindInsight + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItem. +func (i *InsightQueryItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &i.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemProperties. +func (i InsightQueryItemProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalQuery", i.AdditionalQuery) + populate(objectMap, "baseQuery", i.BaseQuery) + populateAny(objectMap, "chartQuery", i.ChartQuery) + populate(objectMap, "dataTypes", i.DataTypes) + populate(objectMap, "defaultTimeRange", i.DefaultTimeRange) + populate(objectMap, "description", i.Description) + populate(objectMap, "displayName", i.DisplayName) + populateAny(objectMap, "entitiesFilter", i.EntitiesFilter) + populate(objectMap, "inputEntityType", i.InputEntityType) + populate(objectMap, "referenceTimeRange", i.ReferenceTimeRange) + populate(objectMap, "requiredInputFieldsSets", i.RequiredInputFieldsSets) + populate(objectMap, "tableQuery", i.TableQuery) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemProperties. +func (i *InsightQueryItemProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalQuery": + err = unpopulate(val, "AdditionalQuery", &i.AdditionalQuery) + delete(rawMsg, key) + case "baseQuery": + err = unpopulate(val, "BaseQuery", &i.BaseQuery) + delete(rawMsg, key) + case "chartQuery": + err = unpopulate(val, "ChartQuery", &i.ChartQuery) + delete(rawMsg, key) + case "dataTypes": + err = unpopulate(val, "DataTypes", &i.DataTypes) + delete(rawMsg, key) + case "defaultTimeRange": + err = unpopulate(val, "DefaultTimeRange", &i.DefaultTimeRange) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &i.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &i.DisplayName) + delete(rawMsg, key) + case "entitiesFilter": + err = unpopulate(val, "EntitiesFilter", &i.EntitiesFilter) + delete(rawMsg, key) + case "inputEntityType": + err = unpopulate(val, "InputEntityType", &i.InputEntityType) + delete(rawMsg, key) + case "referenceTimeRange": + err = unpopulate(val, "ReferenceTimeRange", &i.ReferenceTimeRange) + delete(rawMsg, key) + case "requiredInputFieldsSets": + err = unpopulate(val, "RequiredInputFieldsSets", &i.RequiredInputFieldsSets) + delete(rawMsg, key) + case "tableQuery": + err = unpopulate(val, "TableQuery", &i.TableQuery) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesAdditionalQuery. +func (i InsightQueryItemPropertiesAdditionalQuery) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "query", i.Query) + populate(objectMap, "text", i.Text) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesAdditionalQuery. +func (i *InsightQueryItemPropertiesAdditionalQuery) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "query": + err = unpopulate(val, "Query", &i.Query) + delete(rawMsg, key) + case "text": + err = unpopulate(val, "Text", &i.Text) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesDefaultTimeRange. +func (i InsightQueryItemPropertiesDefaultTimeRange) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "afterRange", i.AfterRange) + populate(objectMap, "beforeRange", i.BeforeRange) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesDefaultTimeRange. +func (i *InsightQueryItemPropertiesDefaultTimeRange) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "afterRange": + err = unpopulate(val, "AfterRange", &i.AfterRange) + delete(rawMsg, key) + case "beforeRange": + err = unpopulate(val, "BeforeRange", &i.BeforeRange) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesReferenceTimeRange. +func (i InsightQueryItemPropertiesReferenceTimeRange) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "beforeRange", i.BeforeRange) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesReferenceTimeRange. +func (i *InsightQueryItemPropertiesReferenceTimeRange) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "beforeRange": + err = unpopulate(val, "BeforeRange", &i.BeforeRange) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQuery. +func (i InsightQueryItemPropertiesTableQuery) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "columnsDefinitions", i.ColumnsDefinitions) + populate(objectMap, "queriesDefinitions", i.QueriesDefinitions) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQuery. +func (i *InsightQueryItemPropertiesTableQuery) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "columnsDefinitions": + err = unpopulate(val, "ColumnsDefinitions", &i.ColumnsDefinitions) + delete(rawMsg, key) + case "queriesDefinitions": + err = unpopulate(val, "QueriesDefinitions", &i.QueriesDefinitions) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem. +func (i InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "header", i.Header) + populate(objectMap, "outputType", i.OutputType) + populate(objectMap, "supportDeepLink", i.SupportDeepLink) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem. +func (i *InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "header": + err = unpopulate(val, "Header", &i.Header) + delete(rawMsg, key) + case "outputType": + err = unpopulate(val, "OutputType", &i.OutputType) + delete(rawMsg, key) + case "supportDeepLink": + err = unpopulate(val, "SupportDeepLink", &i.SupportDeepLink) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem. +func (i InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "filter", i.Filter) + populate(objectMap, "linkColumnsDefinitions", i.LinkColumnsDefinitions) + populate(objectMap, "project", i.Project) + populate(objectMap, "summarize", i.Summarize) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem. +func (i *InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "filter": + err = unpopulate(val, "Filter", &i.Filter) + delete(rawMsg, key) + case "linkColumnsDefinitions": + err = unpopulate(val, "LinkColumnsDefinitions", &i.LinkColumnsDefinitions) + delete(rawMsg, key) + case "project": + err = unpopulate(val, "Project", &i.Project) + delete(rawMsg, key) + case "summarize": + err = unpopulate(val, "Summarize", &i.Summarize) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem. +func (i InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "projectedName", i.ProjectedName) + populate(objectMap, "Query", i.Query) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem. +func (i *InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "projectedName": + err = unpopulate(val, "ProjectedName", &i.ProjectedName) + delete(rawMsg, key) + case "Query": + err = unpopulate(val, "Query", &i.Query) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightsTableResult. +func (i InsightsTableResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "columns", i.Columns) + populate(objectMap, "rows", i.Rows) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightsTableResult. +func (i *InsightsTableResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "columns": + err = unpopulate(val, "Columns", &i.Columns) + delete(rawMsg, key) + case "rows": + err = unpopulate(val, "Rows", &i.Rows) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InsightsTableResultColumnsItem. +func (i InsightsTableResultColumnsItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "name", i.Name) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InsightsTableResultColumnsItem. +func (i *InsightsTableResultColumnsItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InstructionStep. +func (i InstructionStep) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", i.Description) + populate(objectMap, "innerSteps", i.InnerSteps) + populate(objectMap, "instructions", i.Instructions) + populate(objectMap, "title", i.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InstructionStep. +func (i *InstructionStep) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &i.Description) + delete(rawMsg, key) + case "innerSteps": + err = unpopulate(val, "InnerSteps", &i.InnerSteps) + delete(rawMsg, key) + case "instructions": + err = unpopulate(val, "Instructions", &i.Instructions) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &i.Title) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InstructionStepDetails. +func (i InstructionStepDetails) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateAny(objectMap, "parameters", i.Parameters) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InstructionStepDetails. +func (i *InstructionStepDetails) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "parameters": + err = unpopulate(val, "Parameters", &i.Parameters) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type InstructionStepsInstructionsItem. +func (i InstructionStepsInstructionsItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateAny(objectMap, "parameters", i.Parameters) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type InstructionStepsInstructionsItem. +func (i *InstructionStepsInstructionsItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "parameters": + err = unpopulate(val, "Parameters", &i.Parameters) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IoTCheckRequirements. +func (i IoTCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindIOT + populate(objectMap, "properties", i.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTCheckRequirements. +func (i *IoTCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &i.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IoTCheckRequirementsProperties. +func (i IoTCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "subscriptionId", i.SubscriptionID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTCheckRequirementsProperties. +func (i *IoTCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "subscriptionId": + err = unpopulate(val, "SubscriptionID", &i.SubscriptionID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IoTDataConnector. +func (i IoTDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", i.Etag) + populate(objectMap, "id", i.ID) + objectMap["kind"] = DataConnectorKindIOT + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDataConnector. +func (i *IoTDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &i.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &i.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IoTDataConnectorProperties. +func (i IoTDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", i.DataTypes) + populate(objectMap, "subscriptionId", i.SubscriptionID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDataConnectorProperties. +func (i *IoTDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &i.DataTypes) + delete(rawMsg, key) + case "subscriptionId": + err = unpopulate(val, "SubscriptionID", &i.SubscriptionID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IoTDeviceEntity. +func (i IoTDeviceEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", i.ID) + objectMap["kind"] = EntityKindEnumIoTDevice + populate(objectMap, "name", i.Name) + populate(objectMap, "properties", i.Properties) + populate(objectMap, "systemData", i.SystemData) + populate(objectMap, "type", i.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDeviceEntity. +func (i *IoTDeviceEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &i.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &i.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &i.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &i.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &i.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &i.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type IoTDeviceEntityProperties. +func (i IoTDeviceEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", i.AdditionalData) + populate(objectMap, "deviceId", i.DeviceID) + populate(objectMap, "deviceName", i.DeviceName) + populate(objectMap, "deviceSubType", i.DeviceSubType) + populate(objectMap, "deviceType", i.DeviceType) + populate(objectMap, "edgeId", i.EdgeID) + populate(objectMap, "firmwareVersion", i.FirmwareVersion) + populate(objectMap, "friendlyName", i.FriendlyName) + populate(objectMap, "hostEntityId", i.HostEntityID) + populate(objectMap, "ipAddressEntityId", i.IPAddressEntityID) + populate(objectMap, "importance", i.Importance) + populate(objectMap, "iotHubEntityId", i.IotHubEntityID) + populate(objectMap, "iotSecurityAgentId", i.IotSecurityAgentID) + populate(objectMap, "isAuthorized", i.IsAuthorized) + populate(objectMap, "isProgramming", i.IsProgramming) + populate(objectMap, "isScanner", i.IsScanner) + populate(objectMap, "macAddress", i.MacAddress) + populate(objectMap, "model", i.Model) + populate(objectMap, "nicEntityIds", i.NicEntityIDs) + populate(objectMap, "operatingSystem", i.OperatingSystem) + populate(objectMap, "owners", i.Owners) + populate(objectMap, "protocols", i.Protocols) + populate(objectMap, "purdueLayer", i.PurdueLayer) + populate(objectMap, "sensor", i.Sensor) + populate(objectMap, "serialNumber", i.SerialNumber) + populate(objectMap, "site", i.Site) + populate(objectMap, "source", i.Source) + populate(objectMap, "threatIntelligence", i.ThreatIntelligence) + populate(objectMap, "vendor", i.Vendor) + populate(objectMap, "zone", i.Zone) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type IoTDeviceEntityProperties. +func (i *IoTDeviceEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &i.AdditionalData) + delete(rawMsg, key) + case "deviceId": + err = unpopulate(val, "DeviceID", &i.DeviceID) + delete(rawMsg, key) + case "deviceName": + err = unpopulate(val, "DeviceName", &i.DeviceName) + delete(rawMsg, key) + case "deviceSubType": + err = unpopulate(val, "DeviceSubType", &i.DeviceSubType) + delete(rawMsg, key) + case "deviceType": + err = unpopulate(val, "DeviceType", &i.DeviceType) + delete(rawMsg, key) + case "edgeId": + err = unpopulate(val, "EdgeID", &i.EdgeID) + delete(rawMsg, key) + case "firmwareVersion": + err = unpopulate(val, "FirmwareVersion", &i.FirmwareVersion) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &i.FriendlyName) + delete(rawMsg, key) + case "hostEntityId": + err = unpopulate(val, "HostEntityID", &i.HostEntityID) + delete(rawMsg, key) + case "ipAddressEntityId": + err = unpopulate(val, "IPAddressEntityID", &i.IPAddressEntityID) + delete(rawMsg, key) + case "importance": + err = unpopulate(val, "Importance", &i.Importance) + delete(rawMsg, key) + case "iotHubEntityId": + err = unpopulate(val, "IotHubEntityID", &i.IotHubEntityID) + delete(rawMsg, key) + case "iotSecurityAgentId": + err = unpopulate(val, "IotSecurityAgentID", &i.IotSecurityAgentID) + delete(rawMsg, key) + case "isAuthorized": + err = unpopulate(val, "IsAuthorized", &i.IsAuthorized) + delete(rawMsg, key) + case "isProgramming": + err = unpopulate(val, "IsProgramming", &i.IsProgramming) + delete(rawMsg, key) + case "isScanner": + err = unpopulate(val, "IsScanner", &i.IsScanner) + delete(rawMsg, key) + case "macAddress": + err = unpopulate(val, "MacAddress", &i.MacAddress) + delete(rawMsg, key) + case "model": + err = unpopulate(val, "Model", &i.Model) + delete(rawMsg, key) + case "nicEntityIds": + err = unpopulate(val, "NicEntityIDs", &i.NicEntityIDs) + delete(rawMsg, key) + case "operatingSystem": + err = unpopulate(val, "OperatingSystem", &i.OperatingSystem) + delete(rawMsg, key) + case "owners": + err = unpopulate(val, "Owners", &i.Owners) + delete(rawMsg, key) + case "protocols": + err = unpopulate(val, "Protocols", &i.Protocols) + delete(rawMsg, key) + case "purdueLayer": + err = unpopulate(val, "PurdueLayer", &i.PurdueLayer) + delete(rawMsg, key) + case "sensor": + err = unpopulate(val, "Sensor", &i.Sensor) + delete(rawMsg, key) + case "serialNumber": + err = unpopulate(val, "SerialNumber", &i.SerialNumber) + delete(rawMsg, key) + case "site": + err = unpopulate(val, "Site", &i.Site) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &i.Source) + delete(rawMsg, key) + case "threatIntelligence": + err = unpopulate(val, "ThreatIntelligence", &i.ThreatIntelligence) + delete(rawMsg, key) + case "vendor": + err = unpopulate(val, "Vendor", &i.Vendor) + delete(rawMsg, key) + case "zone": + err = unpopulate(val, "Zone", &i.Zone) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", i, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Job. +func (j Job) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", j.Etag) + populate(objectMap, "id", j.ID) + populate(objectMap, "name", j.Name) + populate(objectMap, "properties", j.Properties) + populate(objectMap, "systemData", j.SystemData) + populate(objectMap, "type", j.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Job. +func (j *Job) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", j, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &j.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &j.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &j.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &j.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &j.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &j.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", j, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type JobItem. +func (j JobItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "errors", j.Errors) + populateDateTimeRFC3339(objectMap, "executionTime", j.ExecutionTime) + populate(objectMap, "resourceId", j.ResourceID) + populate(objectMap, "status", j.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type JobItem. +func (j *JobItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", j, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "errors": + err = unpopulate(val, "Errors", &j.Errors) + delete(rawMsg, key) + case "executionTime": + err = unpopulateDateTimeRFC3339(val, "ExecutionTime", &j.ExecutionTime) + delete(rawMsg, key) + case "resourceId": + err = unpopulate(val, "ResourceID", &j.ResourceID) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &j.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", j, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type JobList. +func (j JobList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", j.NextLink) + populate(objectMap, "value", j.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type JobList. +func (j *JobList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", j, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &j.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &j.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", j, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type JobProperties. +func (j JobProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "endTime", j.EndTime) + populate(objectMap, "errorMessage", j.ErrorMessage) + populate(objectMap, "items", j.Items) + populate(objectMap, "provisioningState", j.ProvisioningState) + populateDateTimeRFC3339(objectMap, "startTime", j.StartTime) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type JobProperties. +func (j *JobProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", j, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "endTime": + err = unpopulateDateTimeRFC3339(val, "EndTime", &j.EndTime) + delete(rawMsg, key) + case "errorMessage": + err = unpopulate(val, "ErrorMessage", &j.ErrorMessage) + delete(rawMsg, key) + case "items": + err = unpopulate(val, "Items", &j.Items) + delete(rawMsg, key) + case "provisioningState": + err = unpopulate(val, "ProvisioningState", &j.ProvisioningState) + delete(rawMsg, key) + case "startTime": + err = unpopulateDateTimeRFC3339(val, "StartTime", &j.StartTime) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", j, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type JwtAuthModel. +func (j JwtAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "headers", j.Headers) + populate(objectMap, "isCredentialsInHeaders", j.IsCredentialsInHeaders) + populate(objectMap, "isJsonRequest", j.IsJSONRequest) + populate(objectMap, "password", j.Password) + populate(objectMap, "queryParameters", j.QueryParameters) + populate(objectMap, "requestTimeoutInSeconds", j.RequestTimeoutInSeconds) + populate(objectMap, "tokenEndpoint", j.TokenEndpoint) + objectMap["type"] = CcpAuthTypeJwtToken + populate(objectMap, "userName", j.UserName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type JwtAuthModel. +func (j *JwtAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", j, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "headers": + err = unpopulate(val, "Headers", &j.Headers) + delete(rawMsg, key) + case "isCredentialsInHeaders": + err = unpopulate(val, "IsCredentialsInHeaders", &j.IsCredentialsInHeaders) + delete(rawMsg, key) + case "isJsonRequest": + err = unpopulate(val, "IsJSONRequest", &j.IsJSONRequest) + delete(rawMsg, key) + case "password": + err = unpopulate(val, "Password", &j.Password) + delete(rawMsg, key) + case "queryParameters": + err = unpopulate(val, "QueryParameters", &j.QueryParameters) + delete(rawMsg, key) + case "requestTimeoutInSeconds": + err = unpopulate(val, "RequestTimeoutInSeconds", &j.RequestTimeoutInSeconds) + delete(rawMsg, key) + case "tokenEndpoint": + err = unpopulate(val, "TokenEndpoint", &j.TokenEndpoint) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &j.Type) + delete(rawMsg, key) + case "userName": + err = unpopulate(val, "UserName", &j.UserName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", j, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MCASCheckRequirements. +func (m MCASCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindMicrosoftCloudAppSecurity + populate(objectMap, "properties", m.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MCASCheckRequirements. +func (m *MCASCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MCASCheckRequirementsProperties. +func (m MCASCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MCASCheckRequirementsProperties. +func (m *MCASCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MCASDataConnector. +func (m MCASDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = DataConnectorKindMicrosoftCloudAppSecurity + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnector. +func (m *MCASDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MCASDataConnectorDataTypes. +func (m MCASDataConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alerts", m.Alerts) + populate(objectMap, "discoveryLogs", m.DiscoveryLogs) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnectorDataTypes. +func (m *MCASDataConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alerts": + err = unpopulate(val, "Alerts", &m.Alerts) + delete(rawMsg, key) + case "discoveryLogs": + err = unpopulate(val, "DiscoveryLogs", &m.DiscoveryLogs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MCASDataConnectorProperties. +func (m MCASDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", m.DataTypes) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MCASDataConnectorProperties. +func (m *MCASDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &m.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MDATPCheckRequirements. +func (m MDATPCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindMicrosoftDefenderAdvancedThreatProtection + populate(objectMap, "properties", m.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPCheckRequirements. +func (m *MDATPCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MDATPCheckRequirementsProperties. +func (m MDATPCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPCheckRequirementsProperties. +func (m *MDATPCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MDATPDataConnector. +func (m MDATPDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = DataConnectorKindMicrosoftDefenderAdvancedThreatProtection + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPDataConnector. +func (m *MDATPDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MDATPDataConnectorProperties. +func (m MDATPDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", m.DataTypes) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MDATPDataConnectorProperties. +func (m *MDATPDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &m.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRule. +func (m MLBehaviorAnalyticsAlertRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = AlertRuleKindMLBehaviorAnalytics + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRule. +func (m *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRuleProperties. +func (m MLBehaviorAnalyticsAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertRuleTemplateName", m.AlertRuleTemplateName) + populate(objectMap, "description", m.Description) + populate(objectMap, "displayName", m.DisplayName) + populate(objectMap, "enabled", m.Enabled) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", m.LastModifiedUTC) + populate(objectMap, "severity", m.Severity) + populate(objectMap, "subTechniques", m.SubTechniques) + populate(objectMap, "tactics", m.Tactics) + populate(objectMap, "techniques", m.Techniques) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRuleProperties. +func (m *MLBehaviorAnalyticsAlertRuleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &m.AlertRuleTemplateName) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &m.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &m.DisplayName) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &m.Enabled) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &m.LastModifiedUTC) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &m.Severity) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &m.SubTechniques) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &m.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &m.Techniques) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRuleTemplate. +func (m MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", m.ID) + objectMap["kind"] = AlertRuleKindMLBehaviorAnalytics + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRuleTemplate. +func (m *MLBehaviorAnalyticsAlertRuleTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MLBehaviorAnalyticsAlertRuleTemplateProperties. +func (m MLBehaviorAnalyticsAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertRulesCreatedByTemplateCount", m.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", m.CreatedDateUTC) + populate(objectMap, "description", m.Description) + populate(objectMap, "displayName", m.DisplayName) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", m.LastUpdatedDateUTC) + populate(objectMap, "requiredDataConnectors", m.RequiredDataConnectors) + populate(objectMap, "severity", m.Severity) + populate(objectMap, "status", m.Status) + populate(objectMap, "tactics", m.Tactics) + populate(objectMap, "techniques", m.Techniques) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MLBehaviorAnalyticsAlertRuleTemplateProperties. +func (m *MLBehaviorAnalyticsAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &m.AlertRulesCreatedByTemplateCount) + delete(rawMsg, key) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &m.CreatedDateUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &m.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &m.DisplayName) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &m.LastUpdatedDateUTC) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &m.RequiredDataConnectors) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &m.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &m.Status) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &m.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &m.Techniques) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MSTICheckRequirements. +func (m MSTICheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindMicrosoftThreatIntelligence + populate(objectMap, "properties", m.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTICheckRequirements. +func (m *MSTICheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MSTICheckRequirementsProperties. +func (m MSTICheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTICheckRequirementsProperties. +func (m *MSTICheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnector. +func (m MSTIDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = DataConnectorKindMicrosoftThreatIntelligence + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnector. +func (m *MSTIDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnectorDataTypes. +func (m MSTIDataConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "microsoftEmergingThreatFeed", m.MicrosoftEmergingThreatFeed) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnectorDataTypes. +func (m *MSTIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "microsoftEmergingThreatFeed": + err = unpopulate(val, "MicrosoftEmergingThreatFeed", &m.MicrosoftEmergingThreatFeed) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed. +func (m MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "lookbackPeriod", m.LookbackPeriod) + populate(objectMap, "state", m.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed. +func (m *MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "lookbackPeriod": + err = unpopulate(val, "LookbackPeriod", &m.LookbackPeriod) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &m.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MSTIDataConnectorProperties. +func (m MSTIDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", m.DataTypes) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MSTIDataConnectorProperties. +func (m *MSTIDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &m.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MTPCheckRequirementsProperties. +func (m MTPCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPCheckRequirementsProperties. +func (m *MTPCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MTPDataConnector. +func (m MTPDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = DataConnectorKindMicrosoftThreatProtection + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnector. +func (m *MTPDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorDataTypes. +func (m MTPDataConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alerts", m.Alerts) + populate(objectMap, "incidents", m.Incidents) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorDataTypes. +func (m *MTPDataConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alerts": + err = unpopulate(val, "Alerts", &m.Alerts) + delete(rawMsg, key) + case "incidents": + err = unpopulate(val, "Incidents", &m.Incidents) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorDataTypesAlerts. +func (m MTPDataConnectorDataTypesAlerts) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", m.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorDataTypesAlerts. +func (m *MTPDataConnectorDataTypesAlerts) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &m.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorDataTypesIncidents. +func (m MTPDataConnectorDataTypesIncidents) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", m.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorDataTypesIncidents. +func (m *MTPDataConnectorDataTypesIncidents) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &m.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MTPDataConnectorProperties. +func (m MTPDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", m.DataTypes) + populate(objectMap, "filteredProviders", m.FilteredProviders) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MTPDataConnectorProperties. +func (m *MTPDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &m.DataTypes) + delete(rawMsg, key) + case "filteredProviders": + err = unpopulate(val, "FilteredProviders", &m.FilteredProviders) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MailClusterEntity. +func (m MailClusterEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", m.ID) + objectMap["kind"] = EntityKindEnumMailCluster + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MailClusterEntity. +func (m *MailClusterEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MailClusterEntityProperties. +func (m MailClusterEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", m.AdditionalData) + populate(objectMap, "clusterGroup", m.ClusterGroup) + populateDateTimeRFC3339(objectMap, "clusterQueryEndTime", m.ClusterQueryEndTime) + populateDateTimeRFC3339(objectMap, "clusterQueryStartTime", m.ClusterQueryStartTime) + populate(objectMap, "clusterSourceIdentifier", m.ClusterSourceIdentifier) + populate(objectMap, "clusterSourceType", m.ClusterSourceType) + populateAny(objectMap, "countByDeliveryStatus", m.CountByDeliveryStatus) + populateAny(objectMap, "countByProtectionStatus", m.CountByProtectionStatus) + populateAny(objectMap, "countByThreatType", m.CountByThreatType) + populate(objectMap, "friendlyName", m.FriendlyName) + populate(objectMap, "isVolumeAnomaly", m.IsVolumeAnomaly) + populate(objectMap, "mailCount", m.MailCount) + populate(objectMap, "networkMessageIds", m.NetworkMessageIDs) + populate(objectMap, "query", m.Query) + populateDateTimeRFC3339(objectMap, "queryTime", m.QueryTime) + populate(objectMap, "source", m.Source) + populate(objectMap, "threats", m.Threats) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MailClusterEntityProperties. +func (m *MailClusterEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &m.AdditionalData) + delete(rawMsg, key) + case "clusterGroup": + err = unpopulate(val, "ClusterGroup", &m.ClusterGroup) + delete(rawMsg, key) + case "clusterQueryEndTime": + err = unpopulateDateTimeRFC3339(val, "ClusterQueryEndTime", &m.ClusterQueryEndTime) + delete(rawMsg, key) + case "clusterQueryStartTime": + err = unpopulateDateTimeRFC3339(val, "ClusterQueryStartTime", &m.ClusterQueryStartTime) + delete(rawMsg, key) + case "clusterSourceIdentifier": + err = unpopulate(val, "ClusterSourceIdentifier", &m.ClusterSourceIdentifier) + delete(rawMsg, key) + case "clusterSourceType": + err = unpopulate(val, "ClusterSourceType", &m.ClusterSourceType) + delete(rawMsg, key) + case "countByDeliveryStatus": + err = unpopulate(val, "CountByDeliveryStatus", &m.CountByDeliveryStatus) + delete(rawMsg, key) + case "countByProtectionStatus": + err = unpopulate(val, "CountByProtectionStatus", &m.CountByProtectionStatus) + delete(rawMsg, key) + case "countByThreatType": + err = unpopulate(val, "CountByThreatType", &m.CountByThreatType) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &m.FriendlyName) + delete(rawMsg, key) + case "isVolumeAnomaly": + err = unpopulate(val, "IsVolumeAnomaly", &m.IsVolumeAnomaly) + delete(rawMsg, key) + case "mailCount": + err = unpopulate(val, "MailCount", &m.MailCount) + delete(rawMsg, key) + case "networkMessageIds": + err = unpopulate(val, "NetworkMessageIDs", &m.NetworkMessageIDs) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &m.Query) + delete(rawMsg, key) + case "queryTime": + err = unpopulateDateTimeRFC3339(val, "QueryTime", &m.QueryTime) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &m.Source) + delete(rawMsg, key) + case "threats": + err = unpopulate(val, "Threats", &m.Threats) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MailMessageEntity. +func (m MailMessageEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", m.ID) + objectMap["kind"] = EntityKindEnumMailMessage + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MailMessageEntity. +func (m *MailMessageEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MailMessageEntityProperties. +func (m MailMessageEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", m.AdditionalData) + populate(objectMap, "antispamDirection", m.AntispamDirection) + populate(objectMap, "bodyFingerprintBin1", m.BodyFingerprintBin1) + populate(objectMap, "bodyFingerprintBin2", m.BodyFingerprintBin2) + populate(objectMap, "bodyFingerprintBin3", m.BodyFingerprintBin3) + populate(objectMap, "bodyFingerprintBin4", m.BodyFingerprintBin4) + populate(objectMap, "bodyFingerprintBin5", m.BodyFingerprintBin5) + populate(objectMap, "deliveryAction", m.DeliveryAction) + populate(objectMap, "deliveryLocation", m.DeliveryLocation) + populate(objectMap, "fileEntityIds", m.FileEntityIDs) + populate(objectMap, "friendlyName", m.FriendlyName) + populate(objectMap, "internetMessageId", m.InternetMessageID) + populate(objectMap, "language", m.Language) + populate(objectMap, "networkMessageId", m.NetworkMessageID) + populate(objectMap, "p1Sender", m.P1Sender) + populate(objectMap, "p1SenderDisplayName", m.P1SenderDisplayName) + populate(objectMap, "p1SenderDomain", m.P1SenderDomain) + populate(objectMap, "p2Sender", m.P2Sender) + populate(objectMap, "p2SenderDisplayName", m.P2SenderDisplayName) + populate(objectMap, "p2SenderDomain", m.P2SenderDomain) + populateDateTimeRFC3339(objectMap, "receiveDate", m.ReceiveDate) + populate(objectMap, "recipient", m.Recipient) + populate(objectMap, "senderIP", m.SenderIP) + populate(objectMap, "subject", m.Subject) + populate(objectMap, "threatDetectionMethods", m.ThreatDetectionMethods) + populate(objectMap, "threats", m.Threats) + populate(objectMap, "urls", m.Urls) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MailMessageEntityProperties. +func (m *MailMessageEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &m.AdditionalData) + delete(rawMsg, key) + case "antispamDirection": + err = unpopulate(val, "AntispamDirection", &m.AntispamDirection) + delete(rawMsg, key) + case "bodyFingerprintBin1": + err = unpopulate(val, "BodyFingerprintBin1", &m.BodyFingerprintBin1) + delete(rawMsg, key) + case "bodyFingerprintBin2": + err = unpopulate(val, "BodyFingerprintBin2", &m.BodyFingerprintBin2) + delete(rawMsg, key) + case "bodyFingerprintBin3": + err = unpopulate(val, "BodyFingerprintBin3", &m.BodyFingerprintBin3) + delete(rawMsg, key) + case "bodyFingerprintBin4": + err = unpopulate(val, "BodyFingerprintBin4", &m.BodyFingerprintBin4) + delete(rawMsg, key) + case "bodyFingerprintBin5": + err = unpopulate(val, "BodyFingerprintBin5", &m.BodyFingerprintBin5) + delete(rawMsg, key) + case "deliveryAction": + err = unpopulate(val, "DeliveryAction", &m.DeliveryAction) + delete(rawMsg, key) + case "deliveryLocation": + err = unpopulate(val, "DeliveryLocation", &m.DeliveryLocation) + delete(rawMsg, key) + case "fileEntityIds": + err = unpopulate(val, "FileEntityIDs", &m.FileEntityIDs) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &m.FriendlyName) + delete(rawMsg, key) + case "internetMessageId": + err = unpopulate(val, "InternetMessageID", &m.InternetMessageID) + delete(rawMsg, key) + case "language": + err = unpopulate(val, "Language", &m.Language) + delete(rawMsg, key) + case "networkMessageId": + err = unpopulate(val, "NetworkMessageID", &m.NetworkMessageID) + delete(rawMsg, key) + case "p1Sender": + err = unpopulate(val, "P1Sender", &m.P1Sender) + delete(rawMsg, key) + case "p1SenderDisplayName": + err = unpopulate(val, "P1SenderDisplayName", &m.P1SenderDisplayName) + delete(rawMsg, key) + case "p1SenderDomain": + err = unpopulate(val, "P1SenderDomain", &m.P1SenderDomain) + delete(rawMsg, key) + case "p2Sender": + err = unpopulate(val, "P2Sender", &m.P2Sender) + delete(rawMsg, key) + case "p2SenderDisplayName": + err = unpopulate(val, "P2SenderDisplayName", &m.P2SenderDisplayName) + delete(rawMsg, key) + case "p2SenderDomain": + err = unpopulate(val, "P2SenderDomain", &m.P2SenderDomain) + delete(rawMsg, key) + case "receiveDate": + err = unpopulateDateTimeRFC3339(val, "ReceiveDate", &m.ReceiveDate) + delete(rawMsg, key) + case "recipient": + err = unpopulate(val, "Recipient", &m.Recipient) + delete(rawMsg, key) + case "senderIP": + err = unpopulate(val, "SenderIP", &m.SenderIP) + delete(rawMsg, key) + case "subject": + err = unpopulate(val, "Subject", &m.Subject) + delete(rawMsg, key) + case "threatDetectionMethods": + err = unpopulate(val, "ThreatDetectionMethods", &m.ThreatDetectionMethods) + delete(rawMsg, key) + case "threats": + err = unpopulate(val, "Threats", &m.Threats) + delete(rawMsg, key) + case "urls": + err = unpopulate(val, "Urls", &m.Urls) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MailboxEntity. +func (m MailboxEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", m.ID) + objectMap["kind"] = EntityKindEnumMailbox + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MailboxEntity. +func (m *MailboxEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MailboxEntityProperties. +func (m MailboxEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", m.AdditionalData) + populate(objectMap, "displayName", m.DisplayName) + populate(objectMap, "externalDirectoryObjectId", m.ExternalDirectoryObjectID) + populate(objectMap, "friendlyName", m.FriendlyName) + populate(objectMap, "mailboxPrimaryAddress", m.MailboxPrimaryAddress) + populate(objectMap, "upn", m.Upn) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MailboxEntityProperties. +func (m *MailboxEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &m.AdditionalData) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &m.DisplayName) + delete(rawMsg, key) + case "externalDirectoryObjectId": + err = unpopulate(val, "ExternalDirectoryObjectID", &m.ExternalDirectoryObjectID) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &m.FriendlyName) + delete(rawMsg, key) + case "mailboxPrimaryAddress": + err = unpopulate(val, "MailboxPrimaryAddress", &m.MailboxPrimaryAddress) + delete(rawMsg, key) + case "upn": + err = unpopulate(val, "Upn", &m.Upn) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MalwareEntity. +func (m MalwareEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", m.ID) + objectMap["kind"] = EntityKindEnumMalware + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MalwareEntity. +func (m *MalwareEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MalwareEntityProperties. +func (m MalwareEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", m.AdditionalData) + populate(objectMap, "category", m.Category) + populate(objectMap, "fileEntityIds", m.FileEntityIDs) + populate(objectMap, "friendlyName", m.FriendlyName) + populate(objectMap, "malwareName", m.MalwareName) + populate(objectMap, "processEntityIds", m.ProcessEntityIDs) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MalwareEntityProperties. +func (m *MalwareEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &m.AdditionalData) + delete(rawMsg, key) + case "category": + err = unpopulate(val, "Category", &m.Category) + delete(rawMsg, key) + case "fileEntityIds": + err = unpopulate(val, "FileEntityIDs", &m.FileEntityIDs) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &m.FriendlyName) + delete(rawMsg, key) + case "malwareName": + err = unpopulate(val, "MalwareName", &m.MalwareName) + delete(rawMsg, key) + case "processEntityIds": + err = unpopulate(val, "ProcessEntityIDs", &m.ProcessEntityIDs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ManualTriggerRequestBody. +func (m ManualTriggerRequestBody) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logicAppsResourceId", m.LogicAppsResourceID) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ManualTriggerRequestBody. +func (m *ManualTriggerRequestBody) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logicAppsResourceId": + err = unpopulate(val, "LogicAppsResourceID", &m.LogicAppsResourceID) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataAuthor. +func (m MetadataAuthor) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "email", m.Email) + populate(objectMap, "link", m.Link) + populate(objectMap, "name", m.Name) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataAuthor. +func (m *MetadataAuthor) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "email": + err = unpopulate(val, "Email", &m.Email) + delete(rawMsg, key) + case "link": + err = unpopulate(val, "Link", &m.Link) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataCategories. +func (m MetadataCategories) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "domains", m.Domains) + populate(objectMap, "verticals", m.Verticals) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataCategories. +func (m *MetadataCategories) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "domains": + err = unpopulate(val, "Domains", &m.Domains) + delete(rawMsg, key) + case "verticals": + err = unpopulate(val, "Verticals", &m.Verticals) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataDependencies. +func (m MetadataDependencies) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "contentId", m.ContentID) + populate(objectMap, "criteria", m.Criteria) + populate(objectMap, "kind", m.Kind) + populate(objectMap, "name", m.Name) + populate(objectMap, "operator", m.Operator) + populate(objectMap, "version", m.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataDependencies. +func (m *MetadataDependencies) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "contentId": + err = unpopulate(val, "ContentID", &m.ContentID) + delete(rawMsg, key) + case "criteria": + err = unpopulate(val, "Criteria", &m.Criteria) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "operator": + err = unpopulate(val, "Operator", &m.Operator) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &m.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataList. +func (m MetadataList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", m.NextLink) + populate(objectMap, "value", m.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataList. +func (m *MetadataList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &m.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &m.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataModel. +func (m MetadataModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataModel. +func (m *MetadataModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataPatch. +func (m MetadataPatch) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataPatch. +func (m *MetadataPatch) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataProperties. +func (m MetadataProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", m.Author) + populate(objectMap, "categories", m.Categories) + populate(objectMap, "contentId", m.ContentID) + populate(objectMap, "contentSchemaVersion", m.ContentSchemaVersion) + populate(objectMap, "customVersion", m.CustomVersion) + populate(objectMap, "dependencies", m.Dependencies) + populateDateType(objectMap, "firstPublishDate", m.FirstPublishDate) + populate(objectMap, "icon", m.Icon) + populate(objectMap, "kind", m.Kind) + populateDateType(objectMap, "lastPublishDate", m.LastPublishDate) + populate(objectMap, "parentId", m.ParentID) + populate(objectMap, "previewImages", m.PreviewImages) + populate(objectMap, "previewImagesDark", m.PreviewImagesDark) + populate(objectMap, "providers", m.Providers) + populate(objectMap, "source", m.Source) + populate(objectMap, "support", m.Support) + populate(objectMap, "threatAnalysisTactics", m.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", m.ThreatAnalysisTechniques) + populate(objectMap, "version", m.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataProperties. +func (m *MetadataProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &m.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &m.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &m.ContentID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &m.ContentSchemaVersion) + delete(rawMsg, key) + case "customVersion": + err = unpopulate(val, "CustomVersion", &m.CustomVersion) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &m.Dependencies) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &m.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &m.Icon) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &m.LastPublishDate) + delete(rawMsg, key) + case "parentId": + err = unpopulate(val, "ParentID", &m.ParentID) + delete(rawMsg, key) + case "previewImages": + err = unpopulate(val, "PreviewImages", &m.PreviewImages) + delete(rawMsg, key) + case "previewImagesDark": + err = unpopulate(val, "PreviewImagesDark", &m.PreviewImagesDark) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &m.Providers) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &m.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &m.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &m.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &m.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &m.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataPropertiesPatch. +func (m MetadataPropertiesPatch) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", m.Author) + populate(objectMap, "categories", m.Categories) + populate(objectMap, "contentId", m.ContentID) + populate(objectMap, "contentSchemaVersion", m.ContentSchemaVersion) + populate(objectMap, "customVersion", m.CustomVersion) + populate(objectMap, "dependencies", m.Dependencies) + populateDateType(objectMap, "firstPublishDate", m.FirstPublishDate) + populate(objectMap, "icon", m.Icon) + populate(objectMap, "kind", m.Kind) + populateDateType(objectMap, "lastPublishDate", m.LastPublishDate) + populate(objectMap, "parentId", m.ParentID) + populate(objectMap, "previewImages", m.PreviewImages) + populate(objectMap, "previewImagesDark", m.PreviewImagesDark) + populate(objectMap, "providers", m.Providers) + populate(objectMap, "source", m.Source) + populate(objectMap, "support", m.Support) + populate(objectMap, "threatAnalysisTactics", m.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", m.ThreatAnalysisTechniques) + populate(objectMap, "version", m.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataPropertiesPatch. +func (m *MetadataPropertiesPatch) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &m.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &m.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &m.ContentID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &m.ContentSchemaVersion) + delete(rawMsg, key) + case "customVersion": + err = unpopulate(val, "CustomVersion", &m.CustomVersion) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &m.Dependencies) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &m.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &m.Icon) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &m.LastPublishDate) + delete(rawMsg, key) + case "parentId": + err = unpopulate(val, "ParentID", &m.ParentID) + delete(rawMsg, key) + case "previewImages": + err = unpopulate(val, "PreviewImages", &m.PreviewImages) + delete(rawMsg, key) + case "previewImagesDark": + err = unpopulate(val, "PreviewImagesDark", &m.PreviewImagesDark) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &m.Providers) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &m.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &m.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &m.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &m.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &m.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataSource. +func (m MetadataSource) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "kind", m.Kind) + populate(objectMap, "name", m.Name) + populate(objectMap, "sourceId", m.SourceID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataSource. +func (m *MetadataSource) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "sourceId": + err = unpopulate(val, "SourceID", &m.SourceID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MetadataSupport. +func (m MetadataSupport) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "email", m.Email) + populate(objectMap, "link", m.Link) + populate(objectMap, "name", m.Name) + populate(objectMap, "tier", m.Tier) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MetadataSupport. +func (m *MetadataSupport) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "email": + err = unpopulate(val, "Email", &m.Email) + delete(rawMsg, key) + case "link": + err = unpopulate(val, "Link", &m.Link) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "tier": + err = unpopulate(val, "Tier", &m.Tier) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionCheckRequirements. +func (m MicrosoftPurviewInformationProtectionCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindMicrosoftPurviewInformationProtection + populate(objectMap, "properties", m.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionCheckRequirements. +func (m *MicrosoftPurviewInformationProtectionCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionCheckRequirementsProperties. +func (m MicrosoftPurviewInformationProtectionCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionCheckRequirementsProperties. +func (m *MicrosoftPurviewInformationProtectionCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionConnectorDataTypes. +func (m MicrosoftPurviewInformationProtectionConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logs", m.Logs) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionConnectorDataTypes. +func (m *MicrosoftPurviewInformationProtectionConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logs": + err = unpopulate(val, "Logs", &m.Logs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionConnectorDataTypesLogs. +func (m MicrosoftPurviewInformationProtectionConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", m.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionConnectorDataTypesLogs. +func (m *MicrosoftPurviewInformationProtectionConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &m.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionDataConnector. +func (m MicrosoftPurviewInformationProtectionDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = DataConnectorKindMicrosoftPurviewInformationProtection + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionDataConnector. +func (m *MicrosoftPurviewInformationProtectionDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftPurviewInformationProtectionDataConnectorProperties. +func (m MicrosoftPurviewInformationProtectionDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", m.DataTypes) + populate(objectMap, "tenantId", m.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftPurviewInformationProtectionDataConnectorProperties. +func (m *MicrosoftPurviewInformationProtectionDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &m.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &m.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRule. +func (m MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", m.Etag) + populate(objectMap, "id", m.ID) + objectMap["kind"] = AlertRuleKindMicrosoftSecurityIncidentCreation + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRule. +func (m *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &m.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleProperties. +func (m MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertRuleTemplateName", m.AlertRuleTemplateName) + populate(objectMap, "description", m.Description) + populate(objectMap, "displayName", m.DisplayName) + populate(objectMap, "displayNamesExcludeFilter", m.DisplayNamesExcludeFilter) + populate(objectMap, "displayNamesFilter", m.DisplayNamesFilter) + populate(objectMap, "enabled", m.Enabled) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", m.LastModifiedUTC) + populate(objectMap, "productFilter", m.ProductFilter) + populate(objectMap, "severitiesFilter", m.SeveritiesFilter) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleProperties. +func (m *MicrosoftSecurityIncidentCreationAlertRuleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &m.AlertRuleTemplateName) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &m.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &m.DisplayName) + delete(rawMsg, key) + case "displayNamesExcludeFilter": + err = unpopulate(val, "DisplayNamesExcludeFilter", &m.DisplayNamesExcludeFilter) + delete(rawMsg, key) + case "displayNamesFilter": + err = unpopulate(val, "DisplayNamesFilter", &m.DisplayNamesFilter) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &m.Enabled) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &m.LastModifiedUTC) + delete(rawMsg, key) + case "productFilter": + err = unpopulate(val, "ProductFilter", &m.ProductFilter) + delete(rawMsg, key) + case "severitiesFilter": + err = unpopulate(val, "SeveritiesFilter", &m.SeveritiesFilter) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (m MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", m.ID) + objectMap["kind"] = AlertRuleKindMicrosoftSecurityIncidentCreation + populate(objectMap, "name", m.Name) + populate(objectMap, "properties", m.Properties) + populate(objectMap, "systemData", m.SystemData) + populate(objectMap, "type", m.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (m *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &m.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &m.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &m.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &m.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties. +func (m MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertRulesCreatedByTemplateCount", m.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", m.CreatedDateUTC) + populate(objectMap, "description", m.Description) + populate(objectMap, "displayName", m.DisplayName) + populate(objectMap, "displayNamesExcludeFilter", m.DisplayNamesExcludeFilter) + populate(objectMap, "displayNamesFilter", m.DisplayNamesFilter) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", m.LastUpdatedDateUTC) + populate(objectMap, "productFilter", m.ProductFilter) + populate(objectMap, "requiredDataConnectors", m.RequiredDataConnectors) + populate(objectMap, "severitiesFilter", m.SeveritiesFilter) + populate(objectMap, "status", m.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties. +func (m *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &m.AlertRulesCreatedByTemplateCount) + delete(rawMsg, key) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &m.CreatedDateUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &m.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &m.DisplayName) + delete(rawMsg, key) + case "displayNamesExcludeFilter": + err = unpopulate(val, "DisplayNamesExcludeFilter", &m.DisplayNamesExcludeFilter) + delete(rawMsg, key) + case "displayNamesFilter": + err = unpopulate(val, "DisplayNamesFilter", &m.DisplayNamesFilter) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &m.LastUpdatedDateUTC) + delete(rawMsg, key) + case "productFilter": + err = unpopulate(val, "ProductFilter", &m.ProductFilter) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &m.RequiredDataConnectors) + delete(rawMsg, key) + case "severitiesFilter": + err = unpopulate(val, "SeveritiesFilter", &m.SeveritiesFilter) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &m.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MtpCheckRequirements. +func (m MtpCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindMicrosoftThreatProtection + populate(objectMap, "properties", m.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MtpCheckRequirements. +func (m *MtpCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &m.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &m.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type MtpFilteredProviders. +func (m MtpFilteredProviders) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alerts", m.Alerts) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type MtpFilteredProviders. +func (m *MtpFilteredProviders) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alerts": + err = unpopulate(val, "Alerts", &m.Alerts) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", m, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NicEntity. +func (n NicEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", n.ID) + objectMap["kind"] = EntityKindEnumNic + populate(objectMap, "name", n.Name) + populate(objectMap, "properties", n.Properties) + populate(objectMap, "systemData", n.SystemData) + populate(objectMap, "type", n.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NicEntity. +func (n *NicEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &n.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &n.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &n.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &n.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &n.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &n.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NicEntityProperties. +func (n NicEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", n.AdditionalData) + populate(objectMap, "friendlyName", n.FriendlyName) + populate(objectMap, "ipAddressEntityId", n.IPAddressEntityID) + populate(objectMap, "macAddress", n.MacAddress) + populate(objectMap, "vlans", n.Vlans) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NicEntityProperties. +func (n *NicEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &n.AdditionalData) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &n.FriendlyName) + delete(rawMsg, key) + case "ipAddressEntityId": + err = unpopulate(val, "IPAddressEntityID", &n.IPAddressEntityID) + delete(rawMsg, key) + case "macAddress": + err = unpopulate(val, "MacAddress", &n.MacAddress) + delete(rawMsg, key) + case "vlans": + err = unpopulate(val, "Vlans", &n.Vlans) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NoneAuthModel. +func (n NoneAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["type"] = CcpAuthTypeNone + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NoneAuthModel. +func (n *NoneAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "type": + err = unpopulate(val, "Type", &n.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NrtAlertRule. +func (n NrtAlertRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", n.Etag) + populate(objectMap, "id", n.ID) + objectMap["kind"] = AlertRuleKindNRT + populate(objectMap, "name", n.Name) + populate(objectMap, "properties", n.Properties) + populate(objectMap, "systemData", n.SystemData) + populate(objectMap, "type", n.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRule. +func (n *NrtAlertRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &n.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &n.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &n.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &n.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &n.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &n.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &n.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NrtAlertRuleProperties. +func (n NrtAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertDetailsOverride", n.AlertDetailsOverride) + populate(objectMap, "alertRuleTemplateName", n.AlertRuleTemplateName) + populate(objectMap, "customDetails", n.CustomDetails) + populate(objectMap, "description", n.Description) + populate(objectMap, "displayName", n.DisplayName) + populate(objectMap, "enabled", n.Enabled) + populate(objectMap, "entityMappings", n.EntityMappings) + populate(objectMap, "eventGroupingSettings", n.EventGroupingSettings) + populate(objectMap, "incidentConfiguration", n.IncidentConfiguration) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", n.LastModifiedUTC) + populate(objectMap, "query", n.Query) + populate(objectMap, "sentinelEntitiesMappings", n.SentinelEntitiesMappings) + populate(objectMap, "severity", n.Severity) + populate(objectMap, "subTechniques", n.SubTechniques) + populate(objectMap, "suppressionDuration", n.SuppressionDuration) + populate(objectMap, "suppressionEnabled", n.SuppressionEnabled) + populate(objectMap, "tactics", n.Tactics) + populate(objectMap, "techniques", n.Techniques) + populate(objectMap, "templateVersion", n.TemplateVersion) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRuleProperties. +func (n *NrtAlertRuleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertDetailsOverride": + err = unpopulate(val, "AlertDetailsOverride", &n.AlertDetailsOverride) + delete(rawMsg, key) + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &n.AlertRuleTemplateName) + delete(rawMsg, key) + case "customDetails": + err = unpopulate(val, "CustomDetails", &n.CustomDetails) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &n.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &n.DisplayName) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &n.Enabled) + delete(rawMsg, key) + case "entityMappings": + err = unpopulate(val, "EntityMappings", &n.EntityMappings) + delete(rawMsg, key) + case "eventGroupingSettings": + err = unpopulate(val, "EventGroupingSettings", &n.EventGroupingSettings) + delete(rawMsg, key) + case "incidentConfiguration": + err = unpopulate(val, "IncidentConfiguration", &n.IncidentConfiguration) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &n.LastModifiedUTC) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &n.Query) + delete(rawMsg, key) + case "sentinelEntitiesMappings": + err = unpopulate(val, "SentinelEntitiesMappings", &n.SentinelEntitiesMappings) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &n.Severity) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &n.SubTechniques) + delete(rawMsg, key) + case "suppressionDuration": + err = unpopulate(val, "SuppressionDuration", &n.SuppressionDuration) + delete(rawMsg, key) + case "suppressionEnabled": + err = unpopulate(val, "SuppressionEnabled", &n.SuppressionEnabled) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &n.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &n.Techniques) + delete(rawMsg, key) + case "templateVersion": + err = unpopulate(val, "TemplateVersion", &n.TemplateVersion) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NrtAlertRuleTemplate. +func (n NrtAlertRuleTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", n.ID) + objectMap["kind"] = AlertRuleKindNRT + populate(objectMap, "name", n.Name) + populate(objectMap, "properties", n.Properties) + populate(objectMap, "systemData", n.SystemData) + populate(objectMap, "type", n.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRuleTemplate. +func (n *NrtAlertRuleTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &n.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &n.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &n.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &n.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &n.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &n.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type NrtAlertRuleTemplateProperties. +func (n NrtAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertDetailsOverride", n.AlertDetailsOverride) + populate(objectMap, "alertRulesCreatedByTemplateCount", n.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", n.CreatedDateUTC) + populate(objectMap, "customDetails", n.CustomDetails) + populate(objectMap, "description", n.Description) + populate(objectMap, "displayName", n.DisplayName) + populate(objectMap, "entityMappings", n.EntityMappings) + populate(objectMap, "eventGroupingSettings", n.EventGroupingSettings) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", n.LastUpdatedDateUTC) + populate(objectMap, "query", n.Query) + populate(objectMap, "requiredDataConnectors", n.RequiredDataConnectors) + populate(objectMap, "sentinelEntitiesMappings", n.SentinelEntitiesMappings) + populate(objectMap, "severity", n.Severity) + populate(objectMap, "status", n.Status) + populate(objectMap, "tactics", n.Tactics) + populate(objectMap, "techniques", n.Techniques) + populate(objectMap, "version", n.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type NrtAlertRuleTemplateProperties. +func (n *NrtAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertDetailsOverride": + err = unpopulate(val, "AlertDetailsOverride", &n.AlertDetailsOverride) + delete(rawMsg, key) + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &n.AlertRulesCreatedByTemplateCount) + delete(rawMsg, key) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &n.CreatedDateUTC) + delete(rawMsg, key) + case "customDetails": + err = unpopulate(val, "CustomDetails", &n.CustomDetails) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &n.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &n.DisplayName) + delete(rawMsg, key) + case "entityMappings": + err = unpopulate(val, "EntityMappings", &n.EntityMappings) + delete(rawMsg, key) + case "eventGroupingSettings": + err = unpopulate(val, "EventGroupingSettings", &n.EventGroupingSettings) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &n.LastUpdatedDateUTC) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &n.Query) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &n.RequiredDataConnectors) + delete(rawMsg, key) + case "sentinelEntitiesMappings": + err = unpopulate(val, "SentinelEntitiesMappings", &n.SentinelEntitiesMappings) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &n.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &n.Status) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &n.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &n.Techniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &n.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", n, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OAuthModel. +func (o OAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "accessTokenPrepend", o.AccessTokenPrepend) + populate(objectMap, "authorizationCode", o.AuthorizationCode) + populate(objectMap, "authorizationEndpoint", o.AuthorizationEndpoint) + populate(objectMap, "authorizationEndpointHeaders", o.AuthorizationEndpointHeaders) + populate(objectMap, "authorizationEndpointQueryParameters", o.AuthorizationEndpointQueryParameters) + populate(objectMap, "clientId", o.ClientID) + populate(objectMap, "clientSecret", o.ClientSecret) + populate(objectMap, "grantType", o.GrantType) + populate(objectMap, "isCredentialsInHeaders", o.IsCredentialsInHeaders) + populate(objectMap, "isJwtBearerFlow", o.IsJwtBearerFlow) + populate(objectMap, "redirectUri", o.RedirectURI) + populate(objectMap, "scope", o.Scope) + populate(objectMap, "tokenEndpoint", o.TokenEndpoint) + populate(objectMap, "tokenEndpointHeaders", o.TokenEndpointHeaders) + populate(objectMap, "tokenEndpointQueryParameters", o.TokenEndpointQueryParameters) + objectMap["type"] = CcpAuthTypeOAuth2 + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OAuthModel. +func (o *OAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "accessTokenPrepend": + err = unpopulate(val, "AccessTokenPrepend", &o.AccessTokenPrepend) + delete(rawMsg, key) + case "authorizationCode": + err = unpopulate(val, "AuthorizationCode", &o.AuthorizationCode) + delete(rawMsg, key) + case "authorizationEndpoint": + err = unpopulate(val, "AuthorizationEndpoint", &o.AuthorizationEndpoint) + delete(rawMsg, key) + case "authorizationEndpointHeaders": + err = unpopulate(val, "AuthorizationEndpointHeaders", &o.AuthorizationEndpointHeaders) + delete(rawMsg, key) + case "authorizationEndpointQueryParameters": + err = unpopulate(val, "AuthorizationEndpointQueryParameters", &o.AuthorizationEndpointQueryParameters) + delete(rawMsg, key) + case "clientId": + err = unpopulate(val, "ClientID", &o.ClientID) + delete(rawMsg, key) + case "clientSecret": + err = unpopulate(val, "ClientSecret", &o.ClientSecret) + delete(rawMsg, key) + case "grantType": + err = unpopulate(val, "GrantType", &o.GrantType) + delete(rawMsg, key) + case "isCredentialsInHeaders": + err = unpopulate(val, "IsCredentialsInHeaders", &o.IsCredentialsInHeaders) + delete(rawMsg, key) + case "isJwtBearerFlow": + err = unpopulate(val, "IsJwtBearerFlow", &o.IsJwtBearerFlow) + delete(rawMsg, key) + case "redirectUri": + err = unpopulate(val, "RedirectURI", &o.RedirectURI) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &o.Scope) + delete(rawMsg, key) + case "tokenEndpoint": + err = unpopulate(val, "TokenEndpoint", &o.TokenEndpoint) + delete(rawMsg, key) + case "tokenEndpointHeaders": + err = unpopulate(val, "TokenEndpointHeaders", &o.TokenEndpointHeaders) + delete(rawMsg, key) + case "tokenEndpointQueryParameters": + err = unpopulate(val, "TokenEndpointQueryParameters", &o.TokenEndpointQueryParameters) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectCheckRequirements. +func (o Office365ProjectCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindOffice365Project + populate(objectMap, "properties", o.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectCheckRequirements. +func (o *Office365ProjectCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectCheckRequirementsProperties. +func (o Office365ProjectCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectCheckRequirementsProperties. +func (o *Office365ProjectCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectConnectorDataTypes. +func (o Office365ProjectConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logs", o.Logs) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectConnectorDataTypes. +func (o *Office365ProjectConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logs": + err = unpopulate(val, "Logs", &o.Logs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectConnectorDataTypesLogs. +func (o Office365ProjectConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", o.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectConnectorDataTypesLogs. +func (o *Office365ProjectConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &o.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectDataConnector. +func (o Office365ProjectDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", o.Etag) + populate(objectMap, "id", o.ID) + objectMap["kind"] = DataConnectorKindOffice365Project + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectDataConnector. +func (o *Office365ProjectDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &o.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Office365ProjectDataConnectorProperties. +func (o Office365ProjectDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", o.DataTypes) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Office365ProjectDataConnectorProperties. +func (o *Office365ProjectDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &o.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeATPCheckRequirements. +func (o OfficeATPCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindOfficeATP + populate(objectMap, "properties", o.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPCheckRequirements. +func (o *OfficeATPCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeATPCheckRequirementsProperties. +func (o OfficeATPCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPCheckRequirementsProperties. +func (o *OfficeATPCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeATPDataConnector. +func (o OfficeATPDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", o.Etag) + populate(objectMap, "id", o.ID) + objectMap["kind"] = DataConnectorKindOfficeATP + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPDataConnector. +func (o *OfficeATPDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &o.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeATPDataConnectorProperties. +func (o OfficeATPDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", o.DataTypes) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeATPDataConnectorProperties. +func (o *OfficeATPDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &o.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeConsent. +func (o OfficeConsent) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", o.ID) + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeConsent. +func (o *OfficeConsent) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeConsentList. +func (o OfficeConsentList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", o.NextLink) + populate(objectMap, "value", o.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeConsentList. +func (o *OfficeConsentList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &o.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &o.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeConsentProperties. +func (o OfficeConsentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "consentId", o.ConsentID) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeConsentProperties. +func (o *OfficeConsentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "consentId": + err = unpopulate(val, "ConsentID", &o.ConsentID) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnector. +func (o OfficeDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", o.Etag) + populate(objectMap, "id", o.ID) + objectMap["kind"] = DataConnectorKindOffice365 + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnector. +func (o *OfficeDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &o.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypes. +func (o OfficeDataConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "exchange", o.Exchange) + populate(objectMap, "sharePoint", o.SharePoint) + populate(objectMap, "teams", o.Teams) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypes. +func (o *OfficeDataConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "exchange": + err = unpopulate(val, "Exchange", &o.Exchange) + delete(rawMsg, key) + case "sharePoint": + err = unpopulate(val, "SharePoint", &o.SharePoint) + delete(rawMsg, key) + case "teams": + err = unpopulate(val, "Teams", &o.Teams) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesExchange. +func (o OfficeDataConnectorDataTypesExchange) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", o.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesExchange. +func (o *OfficeDataConnectorDataTypesExchange) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &o.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesSharePoint. +func (o OfficeDataConnectorDataTypesSharePoint) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", o.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesSharePoint. +func (o *OfficeDataConnectorDataTypesSharePoint) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &o.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorDataTypesTeams. +func (o OfficeDataConnectorDataTypesTeams) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", o.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorDataTypesTeams. +func (o *OfficeDataConnectorDataTypesTeams) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &o.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeDataConnectorProperties. +func (o OfficeDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", o.DataTypes) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeDataConnectorProperties. +func (o *OfficeDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &o.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeIRMCheckRequirements. +func (o OfficeIRMCheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindOfficeIRM + populate(objectMap, "properties", o.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMCheckRequirements. +func (o *OfficeIRMCheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeIRMCheckRequirementsProperties. +func (o OfficeIRMCheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMCheckRequirementsProperties. +func (o *OfficeIRMCheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeIRMDataConnector. +func (o OfficeIRMDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", o.Etag) + populate(objectMap, "id", o.ID) + objectMap["kind"] = DataConnectorKindOfficeIRM + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMDataConnector. +func (o *OfficeIRMDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &o.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficeIRMDataConnectorProperties. +func (o OfficeIRMDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", o.DataTypes) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficeIRMDataConnectorProperties. +func (o *OfficeIRMDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &o.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBICheckRequirements. +func (o OfficePowerBICheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindOfficePowerBI + populate(objectMap, "properties", o.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBICheckRequirements. +func (o *OfficePowerBICheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBICheckRequirementsProperties. +func (o OfficePowerBICheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBICheckRequirementsProperties. +func (o *OfficePowerBICheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIConnectorDataTypes. +func (o OfficePowerBIConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logs", o.Logs) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIConnectorDataTypes. +func (o *OfficePowerBIConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logs": + err = unpopulate(val, "Logs", &o.Logs) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIConnectorDataTypesLogs. +func (o OfficePowerBIConnectorDataTypesLogs) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", o.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIConnectorDataTypesLogs. +func (o *OfficePowerBIConnectorDataTypesLogs) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &o.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIDataConnector. +func (o OfficePowerBIDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", o.Etag) + populate(objectMap, "id", o.ID) + objectMap["kind"] = DataConnectorKindOfficePowerBI + populate(objectMap, "name", o.Name) + populate(objectMap, "properties", o.Properties) + populate(objectMap, "systemData", o.SystemData) + populate(objectMap, "type", o.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIDataConnector. +func (o *OfficePowerBIDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &o.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &o.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &o.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &o.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &o.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OfficePowerBIDataConnectorProperties. +func (o OfficePowerBIDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", o.DataTypes) + populate(objectMap, "tenantId", o.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OfficePowerBIDataConnectorProperties. +func (o *OfficePowerBIDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &o.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Operation. +func (o Operation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "display", o.Display) + populate(objectMap, "isDataAction", o.IsDataAction) + populate(objectMap, "name", o.Name) + populate(objectMap, "origin", o.Origin) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Operation. +func (o *Operation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "display": + err = unpopulate(val, "Display", &o.Display) + delete(rawMsg, key) + case "isDataAction": + err = unpopulate(val, "IsDataAction", &o.IsDataAction) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "origin": + err = unpopulate(val, "Origin", &o.Origin) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OperationDisplay. +func (o OperationDisplay) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", o.Description) + populate(objectMap, "operation", o.Operation) + populate(objectMap, "provider", o.Provider) + populate(objectMap, "resource", o.Resource) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OperationDisplay. +func (o *OperationDisplay) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &o.Description) + delete(rawMsg, key) + case "operation": + err = unpopulate(val, "Operation", &o.Operation) + delete(rawMsg, key) + case "provider": + err = unpopulate(val, "Provider", &o.Provider) + delete(rawMsg, key) + case "resource": + err = unpopulate(val, "Resource", &o.Resource) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OperationsList. +func (o OperationsList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", o.NextLink) + populate(objectMap, "value", o.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OperationsList. +func (o *OperationsList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &o.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &o.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OracleAuthModel. +func (o OracleAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "pemFile", o.PemFile) + populate(objectMap, "publicFingerprint", o.PublicFingerprint) + populate(objectMap, "tenantId", o.TenantID) + objectMap["type"] = CcpAuthTypeOracle + populate(objectMap, "userId", o.UserID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OracleAuthModel. +func (o *OracleAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "pemFile": + err = unpopulate(val, "PemFile", &o.PemFile) + delete(rawMsg, key) + case "publicFingerprint": + err = unpopulate(val, "PublicFingerprint", &o.PublicFingerprint) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &o.TenantID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &o.Type) + delete(rawMsg, key) + case "userId": + err = unpopulate(val, "UserID", &o.UserID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PackageList. +func (p PackageList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", p.NextLink) + populate(objectMap, "value", p.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PackageList. +func (p *PackageList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &p.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &p.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PackageModel. +func (p PackageModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", p.Etag) + populate(objectMap, "id", p.ID) + populate(objectMap, "name", p.Name) + populate(objectMap, "properties", p.Properties) + populate(objectMap, "systemData", p.SystemData) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PackageModel. +func (p *PackageModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &p.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &p.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PackageProperties. +func (p PackageProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", p.Author) + populate(objectMap, "categories", p.Categories) + populate(objectMap, "contentId", p.ContentID) + populate(objectMap, "contentKind", p.ContentKind) + populate(objectMap, "contentProductId", p.ContentProductID) + populate(objectMap, "contentSchemaVersion", p.ContentSchemaVersion) + populate(objectMap, "dependencies", p.Dependencies) + populate(objectMap, "description", p.Description) + populate(objectMap, "displayName", p.DisplayName) + populateDateType(objectMap, "firstPublishDate", p.FirstPublishDate) + populate(objectMap, "icon", p.Icon) + populate(objectMap, "isDeprecated", p.IsDeprecated) + populate(objectMap, "isFeatured", p.IsFeatured) + populate(objectMap, "isNew", p.IsNew) + populate(objectMap, "isPreview", p.IsPreview) + populateDateType(objectMap, "lastPublishDate", p.LastPublishDate) + populate(objectMap, "providers", p.Providers) + populate(objectMap, "publisherDisplayName", p.PublisherDisplayName) + populate(objectMap, "source", p.Source) + populate(objectMap, "support", p.Support) + populate(objectMap, "threatAnalysisTactics", p.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", p.ThreatAnalysisTechniques) + populate(objectMap, "version", p.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PackageProperties. +func (p *PackageProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &p.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &p.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &p.ContentID) + delete(rawMsg, key) + case "contentKind": + err = unpopulate(val, "ContentKind", &p.ContentKind) + delete(rawMsg, key) + case "contentProductId": + err = unpopulate(val, "ContentProductID", &p.ContentProductID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &p.ContentSchemaVersion) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &p.Dependencies) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &p.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &p.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &p.Icon) + delete(rawMsg, key) + case "isDeprecated": + err = unpopulate(val, "IsDeprecated", &p.IsDeprecated) + delete(rawMsg, key) + case "isFeatured": + err = unpopulate(val, "IsFeatured", &p.IsFeatured) + delete(rawMsg, key) + case "isNew": + err = unpopulate(val, "IsNew", &p.IsNew) + delete(rawMsg, key) + case "isPreview": + err = unpopulate(val, "IsPreview", &p.IsPreview) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &p.LastPublishDate) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &p.Providers) + delete(rawMsg, key) + case "publisherDisplayName": + err = unpopulate(val, "PublisherDisplayName", &p.PublisherDisplayName) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &p.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &p.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &p.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &p.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &p.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Permissions. +func (p Permissions) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "customs", p.Customs) + populate(objectMap, "resourceProvider", p.ResourceProvider) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Permissions. +func (p *Permissions) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "customs": + err = unpopulate(val, "Customs", &p.Customs) + delete(rawMsg, key) + case "resourceProvider": + err = unpopulate(val, "ResourceProvider", &p.ResourceProvider) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PermissionsCustomsItem. +func (p PermissionsCustomsItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", p.Description) + populate(objectMap, "name", p.Name) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PermissionsCustomsItem. +func (p *PermissionsCustomsItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &p.Description) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PermissionsResourceProviderItem. +func (p PermissionsResourceProviderItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "permissionsDisplayText", p.PermissionsDisplayText) + populate(objectMap, "provider", p.Provider) + populate(objectMap, "providerDisplayName", p.ProviderDisplayName) + populate(objectMap, "requiredPermissions", p.RequiredPermissions) + populate(objectMap, "scope", p.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PermissionsResourceProviderItem. +func (p *PermissionsResourceProviderItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "permissionsDisplayText": + err = unpopulate(val, "PermissionsDisplayText", &p.PermissionsDisplayText) + delete(rawMsg, key) + case "provider": + err = unpopulate(val, "Provider", &p.Provider) + delete(rawMsg, key) + case "providerDisplayName": + err = unpopulate(val, "ProviderDisplayName", &p.ProviderDisplayName) + delete(rawMsg, key) + case "requiredPermissions": + err = unpopulate(val, "RequiredPermissions", &p.RequiredPermissions) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &p.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PlaybookActionProperties. +func (p PlaybookActionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "logicAppResourceId", p.LogicAppResourceID) + populate(objectMap, "tenantId", p.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PlaybookActionProperties. +func (p *PlaybookActionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "logicAppResourceId": + err = unpopulate(val, "LogicAppResourceID", &p.LogicAppResourceID) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &p.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProcessEntity. +func (p ProcessEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", p.ID) + objectMap["kind"] = EntityKindEnumProcess + populate(objectMap, "name", p.Name) + populate(objectMap, "properties", p.Properties) + populate(objectMap, "systemData", p.SystemData) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProcessEntity. +func (p *ProcessEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &p.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &p.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProcessEntityProperties. +func (p ProcessEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "accountEntityId", p.AccountEntityID) + populate(objectMap, "additionalData", p.AdditionalData) + populate(objectMap, "commandLine", p.CommandLine) + populateDateTimeRFC3339(objectMap, "creationTimeUtc", p.CreationTimeUTC) + populate(objectMap, "elevationToken", p.ElevationToken) + populate(objectMap, "friendlyName", p.FriendlyName) + populate(objectMap, "hostEntityId", p.HostEntityID) + populate(objectMap, "hostLogonSessionEntityId", p.HostLogonSessionEntityID) + populate(objectMap, "imageFileEntityId", p.ImageFileEntityID) + populate(objectMap, "parentProcessEntityId", p.ParentProcessEntityID) + populate(objectMap, "processId", p.ProcessID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProcessEntityProperties. +func (p *ProcessEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "accountEntityId": + err = unpopulate(val, "AccountEntityID", &p.AccountEntityID) + delete(rawMsg, key) + case "additionalData": + err = unpopulate(val, "AdditionalData", &p.AdditionalData) + delete(rawMsg, key) + case "commandLine": + err = unpopulate(val, "CommandLine", &p.CommandLine) + delete(rawMsg, key) + case "creationTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreationTimeUTC", &p.CreationTimeUTC) + delete(rawMsg, key) + case "elevationToken": + err = unpopulate(val, "ElevationToken", &p.ElevationToken) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &p.FriendlyName) + delete(rawMsg, key) + case "hostEntityId": + err = unpopulate(val, "HostEntityID", &p.HostEntityID) + delete(rawMsg, key) + case "hostLogonSessionEntityId": + err = unpopulate(val, "HostLogonSessionEntityID", &p.HostLogonSessionEntityID) + delete(rawMsg, key) + case "imageFileEntityId": + err = unpopulate(val, "ImageFileEntityID", &p.ImageFileEntityID) + delete(rawMsg, key) + case "parentProcessEntityId": + err = unpopulate(val, "ParentProcessEntityID", &p.ParentProcessEntityID) + delete(rawMsg, key) + case "processId": + err = unpopulate(val, "ProcessID", &p.ProcessID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductPackageList. +func (p ProductPackageList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", p.NextLink) + populate(objectMap, "value", p.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductPackageList. +func (p *ProductPackageList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &p.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &p.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductPackageModel. +func (p ProductPackageModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", p.Etag) + populate(objectMap, "id", p.ID) + populate(objectMap, "name", p.Name) + populate(objectMap, "properties", p.Properties) + populate(objectMap, "systemData", p.SystemData) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductPackageModel. +func (p *ProductPackageModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &p.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &p.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductPackageProperties. +func (p ProductPackageProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", p.Author) + populate(objectMap, "categories", p.Categories) + populate(objectMap, "contentId", p.ContentID) + populate(objectMap, "contentKind", p.ContentKind) + populate(objectMap, "contentProductId", p.ContentProductID) + populate(objectMap, "contentSchemaVersion", p.ContentSchemaVersion) + populate(objectMap, "dependencies", p.Dependencies) + populate(objectMap, "description", p.Description) + populate(objectMap, "displayName", p.DisplayName) + populateDateType(objectMap, "firstPublishDate", p.FirstPublishDate) + populate(objectMap, "icon", p.Icon) + populate(objectMap, "installedVersion", p.InstalledVersion) + populate(objectMap, "isDeprecated", p.IsDeprecated) + populate(objectMap, "isFeatured", p.IsFeatured) + populate(objectMap, "isNew", p.IsNew) + populate(objectMap, "isPreview", p.IsPreview) + populateDateType(objectMap, "lastPublishDate", p.LastPublishDate) + populate(objectMap, "metadataResourceId", p.MetadataResourceID) + populateAny(objectMap, "packagedContent", p.PackagedContent) + populate(objectMap, "providers", p.Providers) + populate(objectMap, "publisherDisplayName", p.PublisherDisplayName) + populate(objectMap, "source", p.Source) + populate(objectMap, "support", p.Support) + populate(objectMap, "threatAnalysisTactics", p.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", p.ThreatAnalysisTechniques) + populate(objectMap, "version", p.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductPackageProperties. +func (p *ProductPackageProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &p.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &p.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &p.ContentID) + delete(rawMsg, key) + case "contentKind": + err = unpopulate(val, "ContentKind", &p.ContentKind) + delete(rawMsg, key) + case "contentProductId": + err = unpopulate(val, "ContentProductID", &p.ContentProductID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &p.ContentSchemaVersion) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &p.Dependencies) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &p.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &p.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &p.Icon) + delete(rawMsg, key) + case "installedVersion": + err = unpopulate(val, "InstalledVersion", &p.InstalledVersion) + delete(rawMsg, key) + case "isDeprecated": + err = unpopulate(val, "IsDeprecated", &p.IsDeprecated) + delete(rawMsg, key) + case "isFeatured": + err = unpopulate(val, "IsFeatured", &p.IsFeatured) + delete(rawMsg, key) + case "isNew": + err = unpopulate(val, "IsNew", &p.IsNew) + delete(rawMsg, key) + case "isPreview": + err = unpopulate(val, "IsPreview", &p.IsPreview) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &p.LastPublishDate) + delete(rawMsg, key) + case "metadataResourceId": + err = unpopulate(val, "MetadataResourceID", &p.MetadataResourceID) + delete(rawMsg, key) + case "packagedContent": + err = unpopulate(val, "PackagedContent", &p.PackagedContent) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &p.Providers) + delete(rawMsg, key) + case "publisherDisplayName": + err = unpopulate(val, "PublisherDisplayName", &p.PublisherDisplayName) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &p.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &p.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &p.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &p.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &p.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductTemplateList. +func (p ProductTemplateList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", p.NextLink) + populate(objectMap, "value", p.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductTemplateList. +func (p *ProductTemplateList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &p.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &p.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductTemplateModel. +func (p ProductTemplateModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", p.Etag) + populate(objectMap, "id", p.ID) + populate(objectMap, "name", p.Name) + populate(objectMap, "properties", p.Properties) + populate(objectMap, "systemData", p.SystemData) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductTemplateModel. +func (p *ProductTemplateModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &p.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &p.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProductTemplateProperties. +func (p ProductTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", p.Author) + populate(objectMap, "categories", p.Categories) + populate(objectMap, "contentId", p.ContentID) + populate(objectMap, "contentKind", p.ContentKind) + populate(objectMap, "contentProductId", p.ContentProductID) + populate(objectMap, "contentSchemaVersion", p.ContentSchemaVersion) + populate(objectMap, "customVersion", p.CustomVersion) + populate(objectMap, "dependencies", p.Dependencies) + populate(objectMap, "displayName", p.DisplayName) + populateDateType(objectMap, "firstPublishDate", p.FirstPublishDate) + populate(objectMap, "icon", p.Icon) + populate(objectMap, "isDeprecated", p.IsDeprecated) + populateDateType(objectMap, "lastPublishDate", p.LastPublishDate) + populate(objectMap, "packageId", p.PackageID) + populate(objectMap, "packageKind", p.PackageKind) + populate(objectMap, "packageName", p.PackageName) + populate(objectMap, "packageVersion", p.PackageVersion) + populateAny(objectMap, "packagedContent", p.PackagedContent) + populate(objectMap, "previewImages", p.PreviewImages) + populate(objectMap, "previewImagesDark", p.PreviewImagesDark) + populate(objectMap, "providers", p.Providers) + populate(objectMap, "source", p.Source) + populate(objectMap, "support", p.Support) + populate(objectMap, "threatAnalysisTactics", p.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", p.ThreatAnalysisTechniques) + populate(objectMap, "version", p.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductTemplateProperties. +func (p *ProductTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &p.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &p.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &p.ContentID) + delete(rawMsg, key) + case "contentKind": + err = unpopulate(val, "ContentKind", &p.ContentKind) + delete(rawMsg, key) + case "contentProductId": + err = unpopulate(val, "ContentProductID", &p.ContentProductID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &p.ContentSchemaVersion) + delete(rawMsg, key) + case "customVersion": + err = unpopulate(val, "CustomVersion", &p.CustomVersion) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &p.Dependencies) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &p.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &p.Icon) + delete(rawMsg, key) + case "isDeprecated": + err = unpopulate(val, "IsDeprecated", &p.IsDeprecated) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &p.LastPublishDate) + delete(rawMsg, key) + case "packageId": + err = unpopulate(val, "PackageID", &p.PackageID) + delete(rawMsg, key) + case "packageKind": + err = unpopulate(val, "PackageKind", &p.PackageKind) + delete(rawMsg, key) + case "packageName": + err = unpopulate(val, "PackageName", &p.PackageName) + delete(rawMsg, key) + case "packageVersion": + err = unpopulate(val, "PackageVersion", &p.PackageVersion) + delete(rawMsg, key) + case "packagedContent": + err = unpopulate(val, "PackagedContent", &p.PackagedContent) + delete(rawMsg, key) + case "previewImages": + err = unpopulate(val, "PreviewImages", &p.PreviewImages) + delete(rawMsg, key) + case "previewImagesDark": + err = unpopulate(val, "PreviewImagesDark", &p.PreviewImagesDark) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &p.Providers) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &p.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &p.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &p.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &p.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &p.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PropertyArrayChangedConditionProperties. +func (p PropertyArrayChangedConditionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "conditionProperties", p.ConditionProperties) + objectMap["conditionType"] = ConditionTypePropertyArrayChanged + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyArrayChangedConditionProperties. +func (p *PropertyArrayChangedConditionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "conditionProperties": + err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + delete(rawMsg, key) + case "conditionType": + err = unpopulate(val, "ConditionType", &p.ConditionType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PropertyArrayConditionProperties. +func (p PropertyArrayConditionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "conditionProperties", p.ConditionProperties) + objectMap["conditionType"] = ConditionTypePropertyArray + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyArrayConditionProperties. +func (p *PropertyArrayConditionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "conditionProperties": + err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + delete(rawMsg, key) + case "conditionType": + err = unpopulate(val, "ConditionType", &p.ConditionType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PropertyChangedConditionProperties. +func (p PropertyChangedConditionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "conditionProperties", p.ConditionProperties) + objectMap["conditionType"] = ConditionTypePropertyChanged + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyChangedConditionProperties. +func (p *PropertyChangedConditionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "conditionProperties": + err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + delete(rawMsg, key) + case "conditionType": + err = unpopulate(val, "ConditionType", &p.ConditionType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PropertyConditionProperties. +func (p PropertyConditionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "conditionProperties", p.ConditionProperties) + objectMap["conditionType"] = ConditionTypeProperty + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PropertyConditionProperties. +func (p *PropertyConditionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "conditionProperties": + err = unpopulate(val, "ConditionProperties", &p.ConditionProperties) + delete(rawMsg, key) + case "conditionType": + err = unpopulate(val, "ConditionType", &p.ConditionType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PullRequest. +func (p PullRequest) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", p.State) + populate(objectMap, "url", p.URL) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PullRequest. +func (p *PullRequest) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &p.State) + delete(rawMsg, key) + case "url": + err = unpopulate(val, "URL", &p.URL) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Query. +func (q Query) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "properties", q.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Query. +func (q *Query) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "properties": + err = unpopulate(val, "Properties", &q.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type QueryAutoGenerated. +func (q QueryAutoGenerated) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "condition", q.Condition) + populate(objectMap, "maxPageSize", q.MaxPageSize) + populate(objectMap, "minPageSize", q.MinPageSize) + populate(objectMap, "sortBy", q.SortBy) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type QueryAutoGenerated. +func (q *QueryAutoGenerated) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "condition": + err = unpopulate(val, "Condition", &q.Condition) + delete(rawMsg, key) + case "maxPageSize": + err = unpopulate(val, "MaxPageSize", &q.MaxPageSize) + delete(rawMsg, key) + case "minPageSize": + err = unpopulate(val, "MinPageSize", &q.MinPageSize) + delete(rawMsg, key) + case "sortBy": + err = unpopulate(val, "SortBy", &q.SortBy) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type QueryCondition. +func (q QueryCondition) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "clauses", q.Clauses) + populate(objectMap, "conditionConnective", q.ConditionConnective) + populate(objectMap, "stixObjectType", q.StixObjectType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type QueryCondition. +func (q *QueryCondition) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "clauses": + err = unpopulate(val, "Clauses", &q.Clauses) + delete(rawMsg, key) + case "conditionConnective": + err = unpopulate(val, "ConditionConnective", &q.ConditionConnective) + delete(rawMsg, key) + case "stixObjectType": + err = unpopulate(val, "StixObjectType", &q.StixObjectType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type QueryProperties. +func (q QueryProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "condition", q.Condition) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type QueryProperties. +func (q *QueryProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "condition": + err = unpopulate(val, "Condition", &q.Condition) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type QuerySortBy. +func (q QuerySortBy) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "direction", q.Direction) + populate(objectMap, "field", q.Field) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type QuerySortBy. +func (q *QuerySortBy) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "direction": + err = unpopulate(val, "Direction", &q.Direction) + delete(rawMsg, key) + case "field": + err = unpopulate(val, "Field", &q.Field) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", q, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Recommendation. +func (r Recommendation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", r.Etag) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Recommendation. +func (r *Recommendation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &r.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecommendationList. +func (r RecommendationList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecommendationList. +func (r *RecommendationList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecommendationPatch. +func (r RecommendationPatch) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "properties", r.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecommendationPatch. +func (r *RecommendationPatch) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecommendationPatchProperties. +func (r RecommendationPatchProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", r.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecommendationPatchProperties. +func (r *RecommendationPatchProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &r.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecommendationProperties. +func (r RecommendationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalProperties", r.AdditionalProperties) + populateDateTimeRFC3339(objectMap, "creationTimeUtc", r.CreationTimeUTC) + populate(objectMap, "description", r.Description) + populateDateTimeRFC3339(objectMap, "lastEvaluatedTimeUtc", r.LastEvaluatedTimeUTC) + populateDateTimeRFC3339(objectMap, "lastModifiedTimeUtc", r.LastModifiedTimeUTC) + populate(objectMap, "recommendationTypeId", r.RecommendationTypeID) + populate(objectMap, "resourceId", r.ResourceID) + populate(objectMap, "state", r.State) + populate(objectMap, "suggestions", r.Suggestions) + populate(objectMap, "title", r.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecommendationProperties. +func (r *RecommendationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalProperties": + err = unpopulate(val, "AdditionalProperties", &r.AdditionalProperties) + delete(rawMsg, key) + case "creationTimeUtc": + err = unpopulateDateTimeRFC3339(val, "CreationTimeUTC", &r.CreationTimeUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &r.Description) + delete(rawMsg, key) + case "lastEvaluatedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastEvaluatedTimeUTC", &r.LastEvaluatedTimeUTC) + delete(rawMsg, key) + case "lastModifiedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedTimeUTC", &r.LastModifiedTimeUTC) + delete(rawMsg, key) + case "recommendationTypeId": + err = unpopulate(val, "RecommendationTypeID", &r.RecommendationTypeID) + delete(rawMsg, key) + case "resourceId": + err = unpopulate(val, "ResourceID", &r.ResourceID) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &r.State) + delete(rawMsg, key) + case "suggestions": + err = unpopulate(val, "Suggestions", &r.Suggestions) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &r.Title) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecommendedSuggestion. +func (r RecommendedSuggestion) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "action", r.Action) + populate(objectMap, "additionalProperties", r.AdditionalProperties) + populate(objectMap, "description", r.Description) + populate(objectMap, "suggestionTypeId", r.SuggestionTypeID) + populate(objectMap, "title", r.Title) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecommendedSuggestion. +func (r *RecommendedSuggestion) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "action": + err = unpopulate(val, "Action", &r.Action) + delete(rawMsg, key) + case "additionalProperties": + err = unpopulate(val, "AdditionalProperties", &r.AdditionalProperties) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &r.Description) + delete(rawMsg, key) + case "suggestionTypeId": + err = unpopulate(val, "SuggestionTypeID", &r.SuggestionTypeID) + delete(rawMsg, key) + case "title": + err = unpopulate(val, "Title", &r.Title) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ReevaluateResponse. +func (r ReevaluateResponse) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "lastEvaluatedTimeUtc", r.LastEvaluatedTimeUTC) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ReevaluateResponse. +func (r *ReevaluateResponse) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "lastEvaluatedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastEvaluatedTimeUTC", &r.LastEvaluatedTimeUTC) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RegistryKeyEntity. +func (r RegistryKeyEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + objectMap["kind"] = EntityKindEnumRegistryKey + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryKeyEntity. +func (r *RegistryKeyEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &r.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RegistryKeyEntityProperties. +func (r RegistryKeyEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", r.AdditionalData) + populate(objectMap, "friendlyName", r.FriendlyName) + populate(objectMap, "hive", r.Hive) + populate(objectMap, "key", r.Key) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryKeyEntityProperties. +func (r *RegistryKeyEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &r.AdditionalData) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &r.FriendlyName) + delete(rawMsg, key) + case "hive": + err = unpopulate(val, "Hive", &r.Hive) + delete(rawMsg, key) + case "key": + err = unpopulate(val, "Key", &r.Key) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RegistryValueEntity. +func (r RegistryValueEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + objectMap["kind"] = EntityKindEnumRegistryValue + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryValueEntity. +func (r *RegistryValueEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &r.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RegistryValueEntityProperties. +func (r RegistryValueEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", r.AdditionalData) + populate(objectMap, "friendlyName", r.FriendlyName) + populate(objectMap, "keyEntityId", r.KeyEntityID) + populate(objectMap, "valueData", r.ValueData) + populate(objectMap, "valueName", r.ValueName) + populate(objectMap, "valueType", r.ValueType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RegistryValueEntityProperties. +func (r *RegistryValueEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &r.AdditionalData) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &r.FriendlyName) + delete(rawMsg, key) + case "keyEntityId": + err = unpopulate(val, "KeyEntityID", &r.KeyEntityID) + delete(rawMsg, key) + case "valueData": + err = unpopulate(val, "ValueData", &r.ValueData) + delete(rawMsg, key) + case "valueName": + err = unpopulate(val, "ValueName", &r.ValueName) + delete(rawMsg, key) + case "valueType": + err = unpopulate(val, "ValueType", &r.ValueType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Relation. +func (r Relation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", r.Etag) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Relation. +func (r *Relation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &r.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RelationList. +func (r RelationList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RelationList. +func (r *RelationList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RelationProperties. +func (r RelationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "relatedResourceId", r.RelatedResourceID) + populate(objectMap, "relatedResourceKind", r.RelatedResourceKind) + populate(objectMap, "relatedResourceName", r.RelatedResourceName) + populate(objectMap, "relatedResourceType", r.RelatedResourceType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RelationProperties. +func (r *RelationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "relatedResourceId": + err = unpopulate(val, "RelatedResourceID", &r.RelatedResourceID) + delete(rawMsg, key) + case "relatedResourceKind": + err = unpopulate(val, "RelatedResourceKind", &r.RelatedResourceKind) + delete(rawMsg, key) + case "relatedResourceName": + err = unpopulate(val, "RelatedResourceName", &r.RelatedResourceName) + delete(rawMsg, key) + case "relatedResourceType": + err = unpopulate(val, "RelatedResourceType", &r.RelatedResourceType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Relationship. +func (r Relationship) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + objectMap["kind"] = TIObjectKindRelationship + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Relationship. +func (r *Relationship) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &r.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RelationshipHint. +func (r RelationshipHint) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "fieldName", r.FieldName) + populate(objectMap, "source", r.Source) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RelationshipHint. +func (r *RelationshipHint) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "fieldName": + err = unpopulate(val, "FieldName", &r.FieldName) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &r.Source) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Repo. +func (r Repo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "branches", r.Branches) + populate(objectMap, "fullName", r.FullName) + populate(objectMap, "installationId", r.InstallationID) + populate(objectMap, "url", r.URL) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Repo. +func (r *Repo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "branches": + err = unpopulate(val, "Branches", &r.Branches) + delete(rawMsg, key) + case "fullName": + err = unpopulate(val, "FullName", &r.FullName) + delete(rawMsg, key) + case "installationId": + err = unpopulate(val, "InstallationID", &r.InstallationID) + delete(rawMsg, key) + case "url": + err = unpopulate(val, "URL", &r.URL) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RepoList. +func (r RepoList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RepoList. +func (r *RepoList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Repository. +func (r Repository) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "branch", r.Branch) + populate(objectMap, "deploymentLogsUrl", r.DeploymentLogsURL) + populate(objectMap, "displayUrl", r.DisplayURL) + populate(objectMap, "url", r.URL) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Repository. +func (r *Repository) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "branch": + err = unpopulate(val, "Branch", &r.Branch) + delete(rawMsg, key) + case "deploymentLogsUrl": + err = unpopulate(val, "DeploymentLogsURL", &r.DeploymentLogsURL) + delete(rawMsg, key) + case "displayUrl": + err = unpopulate(val, "DisplayURL", &r.DisplayURL) + delete(rawMsg, key) + case "url": + err = unpopulate(val, "URL", &r.URL) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RepositoryAccess. +func (r RepositoryAccess) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "clientId", r.ClientID) + populate(objectMap, "code", r.Code) + populate(objectMap, "installationId", r.InstallationID) + populate(objectMap, "kind", r.Kind) + populate(objectMap, "state", r.State) + populate(objectMap, "token", r.Token) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RepositoryAccess. +func (r *RepositoryAccess) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "clientId": + err = unpopulate(val, "ClientID", &r.ClientID) + delete(rawMsg, key) + case "code": + err = unpopulate(val, "Code", &r.Code) + delete(rawMsg, key) + case "installationId": + err = unpopulate(val, "InstallationID", &r.InstallationID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &r.Kind) + delete(rawMsg, key) + case "state": + err = unpopulate(val, "State", &r.State) + delete(rawMsg, key) + case "token": + err = unpopulate(val, "Token", &r.Token) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RepositoryAccessObject. +func (r RepositoryAccessObject) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "repositoryAccess", r.RepositoryAccess) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RepositoryAccessObject. +func (r *RepositoryAccessObject) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "repositoryAccess": + err = unpopulate(val, "RepositoryAccess", &r.RepositoryAccess) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RepositoryAccessProperties. +func (r RepositoryAccessProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "properties", r.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RepositoryAccessProperties. +func (r *RepositoryAccessProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RepositoryResourceInfo. +func (r RepositoryResourceInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "azureDevOpsResourceInfo", r.AzureDevOpsResourceInfo) + populate(objectMap, "gitHubResourceInfo", r.GitHubResourceInfo) + populate(objectMap, "webhook", r.Webhook) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RepositoryResourceInfo. +func (r *RepositoryResourceInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "azureDevOpsResourceInfo": + err = unpopulate(val, "AzureDevOpsResourceInfo", &r.AzureDevOpsResourceInfo) + delete(rawMsg, key) + case "gitHubResourceInfo": + err = unpopulate(val, "GitHubResourceInfo", &r.GitHubResourceInfo) + delete(rawMsg, key) + case "webhook": + err = unpopulate(val, "Webhook", &r.Webhook) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RequiredPermissions. +func (r RequiredPermissions) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "action", r.Action) + populate(objectMap, "delete", r.Delete) + populate(objectMap, "read", r.Read) + populate(objectMap, "write", r.Write) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RequiredPermissions. +func (r *RequiredPermissions) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "action": + err = unpopulate(val, "Action", &r.Action) + delete(rawMsg, key) + case "delete": + err = unpopulate(val, "Delete", &r.Delete) + delete(rawMsg, key) + case "read": + err = unpopulate(val, "Read", &r.Read) + delete(rawMsg, key) + case "write": + err = unpopulate(val, "Write", &r.Write) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ResourceProviderRequiredPermissions. +func (r ResourceProviderRequiredPermissions) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "action", r.Action) + populate(objectMap, "delete", r.Delete) + populate(objectMap, "read", r.Read) + populate(objectMap, "write", r.Write) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ResourceProviderRequiredPermissions. +func (r *ResourceProviderRequiredPermissions) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "action": + err = unpopulate(val, "Action", &r.Action) + delete(rawMsg, key) + case "delete": + err = unpopulate(val, "Delete", &r.Delete) + delete(rawMsg, key) + case "read": + err = unpopulate(val, "Read", &r.Read) + delete(rawMsg, key) + case "write": + err = unpopulate(val, "Write", &r.Write) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RestAPIPollerDataConnector. +func (r RestAPIPollerDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", r.Etag) + populate(objectMap, "id", r.ID) + objectMap["kind"] = DataConnectorKindRestAPIPoller + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "systemData", r.SystemData) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RestAPIPollerDataConnector. +func (r *RestAPIPollerDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &r.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &r.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &r.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RestAPIPollerDataConnectorProperties. +func (r RestAPIPollerDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "addOnAttributes", r.AddOnAttributes) + populate(objectMap, "auth", r.Auth) + populate(objectMap, "connectorDefinitionName", r.ConnectorDefinitionName) + populate(objectMap, "dataType", r.DataType) + populate(objectMap, "dcrConfig", r.DcrConfig) + populate(objectMap, "isActive", r.IsActive) + populate(objectMap, "paging", r.Paging) + populate(objectMap, "request", r.Request) + populate(objectMap, "response", r.Response) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RestAPIPollerDataConnectorProperties. +func (r *RestAPIPollerDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "addOnAttributes": + err = unpopulate(val, "AddOnAttributes", &r.AddOnAttributes) + delete(rawMsg, key) + case "auth": + r.Auth, err = unmarshalCcpAuthConfigClassification(val) + delete(rawMsg, key) + case "connectorDefinitionName": + err = unpopulate(val, "ConnectorDefinitionName", &r.ConnectorDefinitionName) + delete(rawMsg, key) + case "dataType": + err = unpopulate(val, "DataType", &r.DataType) + delete(rawMsg, key) + case "dcrConfig": + err = unpopulate(val, "DcrConfig", &r.DcrConfig) + delete(rawMsg, key) + case "isActive": + err = unpopulate(val, "IsActive", &r.IsActive) + delete(rawMsg, key) + case "paging": + err = unpopulate(val, "Paging", &r.Paging) + delete(rawMsg, key) + case "request": + err = unpopulate(val, "Request", &r.Request) + delete(rawMsg, key) + case "response": + err = unpopulate(val, "Response", &r.Response) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RestAPIPollerRequestConfig. +func (r RestAPIPollerRequestConfig) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "apiEndpoint", r.APIEndpoint) + populate(objectMap, "endTimeAttributeName", r.EndTimeAttributeName) + populate(objectMap, "httpMethod", r.HTTPMethod) + populate(objectMap, "headers", r.Headers) + populate(objectMap, "isPostPayloadJson", r.IsPostPayloadJSON) + populate(objectMap, "queryParameters", r.QueryParameters) + populate(objectMap, "queryParametersTemplate", r.QueryParametersTemplate) + populate(objectMap, "queryTimeFormat", r.QueryTimeFormat) + populate(objectMap, "queryTimeIntervalAttributeName", r.QueryTimeIntervalAttributeName) + populate(objectMap, "queryTimeIntervalDelimiter", r.QueryTimeIntervalDelimiter) + populate(objectMap, "queryTimeIntervalPrepend", r.QueryTimeIntervalPrepend) + populate(objectMap, "queryWindowInMin", r.QueryWindowInMin) + populate(objectMap, "rateLimitQPS", r.RateLimitQPS) + populate(objectMap, "retryCount", r.RetryCount) + populate(objectMap, "startTimeAttributeName", r.StartTimeAttributeName) + populate(objectMap, "timeoutInSeconds", r.TimeoutInSeconds) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RestAPIPollerRequestConfig. +func (r *RestAPIPollerRequestConfig) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "apiEndpoint": + err = unpopulate(val, "APIEndpoint", &r.APIEndpoint) + delete(rawMsg, key) + case "endTimeAttributeName": + err = unpopulate(val, "EndTimeAttributeName", &r.EndTimeAttributeName) + delete(rawMsg, key) + case "httpMethod": + err = unpopulate(val, "HTTPMethod", &r.HTTPMethod) + delete(rawMsg, key) + case "headers": + err = unpopulate(val, "Headers", &r.Headers) + delete(rawMsg, key) + case "isPostPayloadJson": + err = unpopulate(val, "IsPostPayloadJSON", &r.IsPostPayloadJSON) + delete(rawMsg, key) + case "queryParameters": + err = unpopulate(val, "QueryParameters", &r.QueryParameters) + delete(rawMsg, key) + case "queryParametersTemplate": + err = unpopulate(val, "QueryParametersTemplate", &r.QueryParametersTemplate) + delete(rawMsg, key) + case "queryTimeFormat": + err = unpopulate(val, "QueryTimeFormat", &r.QueryTimeFormat) + delete(rawMsg, key) + case "queryTimeIntervalAttributeName": + err = unpopulate(val, "QueryTimeIntervalAttributeName", &r.QueryTimeIntervalAttributeName) + delete(rawMsg, key) + case "queryTimeIntervalDelimiter": + err = unpopulate(val, "QueryTimeIntervalDelimiter", &r.QueryTimeIntervalDelimiter) + delete(rawMsg, key) + case "queryTimeIntervalPrepend": + err = unpopulate(val, "QueryTimeIntervalPrepend", &r.QueryTimeIntervalPrepend) + delete(rawMsg, key) + case "queryWindowInMin": + err = unpopulate(val, "QueryWindowInMin", &r.QueryWindowInMin) + delete(rawMsg, key) + case "rateLimitQPS": + err = unpopulate(val, "RateLimitQPS", &r.RateLimitQPS) + delete(rawMsg, key) + case "retryCount": + err = unpopulate(val, "RetryCount", &r.RetryCount) + delete(rawMsg, key) + case "startTimeAttributeName": + err = unpopulate(val, "StartTimeAttributeName", &r.StartTimeAttributeName) + delete(rawMsg, key) + case "timeoutInSeconds": + err = unpopulate(val, "TimeoutInSeconds", &r.TimeoutInSeconds) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RestAPIPollerRequestPagingConfig. +func (r RestAPIPollerRequestPagingConfig) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "pageSize", r.PageSize) + populate(objectMap, "pageSizeParameterName", r.PageSizeParameterName) + populate(objectMap, "pagingType", r.PagingType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RestAPIPollerRequestPagingConfig. +func (r *RestAPIPollerRequestPagingConfig) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "pageSize": + err = unpopulate(val, "PageSize", &r.PageSize) + delete(rawMsg, key) + case "pageSizeParameterName": + err = unpopulate(val, "PageSizeParameterName", &r.PageSizeParameterName) + delete(rawMsg, key) + case "pagingType": + err = unpopulate(val, "PagingType", &r.PagingType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SapSolutionUsageStatistic. +func (s SapSolutionUsageStatistic) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + objectMap["kind"] = BillingStatisticKindSapSolutionUsage + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SapSolutionUsageStatistic. +func (s *SapSolutionUsageStatistic) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &s.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SapSolutionUsageStatisticProperties. +func (s SapSolutionUsageStatisticProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "activeSystemIdCount", s.ActiveSystemIDCount) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SapSolutionUsageStatisticProperties. +func (s *SapSolutionUsageStatisticProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "activeSystemIdCount": + err = unpopulate(val, "ActiveSystemIDCount", &s.ActiveSystemIDCount) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRule. +func (s ScheduledAlertRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + objectMap["kind"] = AlertRuleKindScheduled + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRule. +func (s *ScheduledAlertRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &s.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleProperties. +func (s ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertDetailsOverride", s.AlertDetailsOverride) + populate(objectMap, "alertRuleTemplateName", s.AlertRuleTemplateName) + populate(objectMap, "customDetails", s.CustomDetails) + populate(objectMap, "description", s.Description) + populate(objectMap, "displayName", s.DisplayName) + populate(objectMap, "enabled", s.Enabled) + populate(objectMap, "entityMappings", s.EntityMappings) + populate(objectMap, "eventGroupingSettings", s.EventGroupingSettings) + populate(objectMap, "incidentConfiguration", s.IncidentConfiguration) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", s.LastModifiedUTC) + populate(objectMap, "query", s.Query) + populate(objectMap, "queryFrequency", s.QueryFrequency) + populate(objectMap, "queryPeriod", s.QueryPeriod) + populate(objectMap, "sentinelEntitiesMappings", s.SentinelEntitiesMappings) + populate(objectMap, "severity", s.Severity) + populate(objectMap, "subTechniques", s.SubTechniques) + populate(objectMap, "suppressionDuration", s.SuppressionDuration) + populate(objectMap, "suppressionEnabled", s.SuppressionEnabled) + populate(objectMap, "tactics", s.Tactics) + populate(objectMap, "techniques", s.Techniques) + populate(objectMap, "templateVersion", s.TemplateVersion) + populate(objectMap, "triggerOperator", s.TriggerOperator) + populate(objectMap, "triggerThreshold", s.TriggerThreshold) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleProperties. +func (s *ScheduledAlertRuleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertDetailsOverride": + err = unpopulate(val, "AlertDetailsOverride", &s.AlertDetailsOverride) + delete(rawMsg, key) + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &s.AlertRuleTemplateName) + delete(rawMsg, key) + case "customDetails": + err = unpopulate(val, "CustomDetails", &s.CustomDetails) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &s.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &s.DisplayName) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &s.Enabled) + delete(rawMsg, key) + case "entityMappings": + err = unpopulate(val, "EntityMappings", &s.EntityMappings) + delete(rawMsg, key) + case "eventGroupingSettings": + err = unpopulate(val, "EventGroupingSettings", &s.EventGroupingSettings) + delete(rawMsg, key) + case "incidentConfiguration": + err = unpopulate(val, "IncidentConfiguration", &s.IncidentConfiguration) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &s.LastModifiedUTC) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &s.Query) + delete(rawMsg, key) + case "queryFrequency": + err = unpopulate(val, "QueryFrequency", &s.QueryFrequency) + delete(rawMsg, key) + case "queryPeriod": + err = unpopulate(val, "QueryPeriod", &s.QueryPeriod) + delete(rawMsg, key) + case "sentinelEntitiesMappings": + err = unpopulate(val, "SentinelEntitiesMappings", &s.SentinelEntitiesMappings) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &s.Severity) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &s.SubTechniques) + delete(rawMsg, key) + case "suppressionDuration": + err = unpopulate(val, "SuppressionDuration", &s.SuppressionDuration) + delete(rawMsg, key) + case "suppressionEnabled": + err = unpopulate(val, "SuppressionEnabled", &s.SuppressionEnabled) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &s.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &s.Techniques) + delete(rawMsg, key) + case "templateVersion": + err = unpopulate(val, "TemplateVersion", &s.TemplateVersion) + delete(rawMsg, key) + case "triggerOperator": + err = unpopulate(val, "TriggerOperator", &s.TriggerOperator) + delete(rawMsg, key) + case "triggerThreshold": + err = unpopulate(val, "TriggerThreshold", &s.TriggerThreshold) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleTemplate. +func (s ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", s.ID) + objectMap["kind"] = AlertRuleKindScheduled + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleTemplate. +func (s *ScheduledAlertRuleTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ScheduledAlertRuleTemplateProperties. +func (s ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertDetailsOverride", s.AlertDetailsOverride) + populate(objectMap, "alertRulesCreatedByTemplateCount", s.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", s.CreatedDateUTC) + populate(objectMap, "customDetails", s.CustomDetails) + populate(objectMap, "description", s.Description) + populate(objectMap, "displayName", s.DisplayName) + populate(objectMap, "entityMappings", s.EntityMappings) + populate(objectMap, "eventGroupingSettings", s.EventGroupingSettings) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", s.LastUpdatedDateUTC) + populate(objectMap, "query", s.Query) + populate(objectMap, "queryFrequency", s.QueryFrequency) + populate(objectMap, "queryPeriod", s.QueryPeriod) + populate(objectMap, "requiredDataConnectors", s.RequiredDataConnectors) + populate(objectMap, "sentinelEntitiesMappings", s.SentinelEntitiesMappings) + populate(objectMap, "severity", s.Severity) + populate(objectMap, "status", s.Status) + populate(objectMap, "subTechniques", s.SubTechniques) + populate(objectMap, "tactics", s.Tactics) + populate(objectMap, "techniques", s.Techniques) + populate(objectMap, "triggerOperator", s.TriggerOperator) + populate(objectMap, "triggerThreshold", s.TriggerThreshold) + populate(objectMap, "version", s.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ScheduledAlertRuleTemplateProperties. +func (s *ScheduledAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertDetailsOverride": + err = unpopulate(val, "AlertDetailsOverride", &s.AlertDetailsOverride) + delete(rawMsg, key) + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &s.AlertRulesCreatedByTemplateCount) + delete(rawMsg, key) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &s.CreatedDateUTC) + delete(rawMsg, key) + case "customDetails": + err = unpopulate(val, "CustomDetails", &s.CustomDetails) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &s.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &s.DisplayName) + delete(rawMsg, key) + case "entityMappings": + err = unpopulate(val, "EntityMappings", &s.EntityMappings) + delete(rawMsg, key) + case "eventGroupingSettings": + err = unpopulate(val, "EventGroupingSettings", &s.EventGroupingSettings) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &s.LastUpdatedDateUTC) + delete(rawMsg, key) + case "query": + err = unpopulate(val, "Query", &s.Query) + delete(rawMsg, key) + case "queryFrequency": + err = unpopulate(val, "QueryFrequency", &s.QueryFrequency) + delete(rawMsg, key) + case "queryPeriod": + err = unpopulate(val, "QueryPeriod", &s.QueryPeriod) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &s.RequiredDataConnectors) + delete(rawMsg, key) + case "sentinelEntitiesMappings": + err = unpopulate(val, "SentinelEntitiesMappings", &s.SentinelEntitiesMappings) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &s.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &s.Status) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &s.SubTechniques) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &s.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &s.Techniques) + delete(rawMsg, key) + case "triggerOperator": + err = unpopulate(val, "TriggerOperator", &s.TriggerOperator) + delete(rawMsg, key) + case "triggerThreshold": + err = unpopulate(val, "TriggerThreshold", &s.TriggerThreshold) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &s.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityAlert. +func (s SecurityAlert) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", s.ID) + objectMap["kind"] = EntityKindEnumSecurityAlert + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlert. +func (s *SecurityAlert) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityAlertProperties. +func (s SecurityAlertProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", s.AdditionalData) + populate(objectMap, "alertDisplayName", s.AlertDisplayName) + populate(objectMap, "alertLink", s.AlertLink) + populate(objectMap, "alertType", s.AlertType) + populate(objectMap, "compromisedEntity", s.CompromisedEntity) + populate(objectMap, "confidenceLevel", s.ConfidenceLevel) + populate(objectMap, "confidenceReasons", s.ConfidenceReasons) + populate(objectMap, "confidenceScore", s.ConfidenceScore) + populate(objectMap, "confidenceScoreStatus", s.ConfidenceScoreStatus) + populate(objectMap, "description", s.Description) + populateDateTimeRFC3339(objectMap, "endTimeUtc", s.EndTimeUTC) + populate(objectMap, "friendlyName", s.FriendlyName) + populate(objectMap, "intent", s.Intent) + populateDateTimeRFC3339(objectMap, "processingEndTime", s.ProcessingEndTime) + populate(objectMap, "productComponentName", s.ProductComponentName) + populate(objectMap, "productName", s.ProductName) + populate(objectMap, "productVersion", s.ProductVersion) + populate(objectMap, "providerAlertId", s.ProviderAlertID) + populate(objectMap, "remediationSteps", s.RemediationSteps) + populate(objectMap, "resourceIdentifiers", s.ResourceIdentifiers) + populate(objectMap, "severity", s.Severity) + populateDateTimeRFC3339(objectMap, "startTimeUtc", s.StartTimeUTC) + populate(objectMap, "status", s.Status) + populate(objectMap, "systemAlertId", s.SystemAlertID) + populate(objectMap, "tactics", s.Tactics) + populateDateTimeRFC3339(objectMap, "timeGenerated", s.TimeGenerated) + populate(objectMap, "vendorName", s.VendorName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertProperties. +func (s *SecurityAlertProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &s.AdditionalData) + delete(rawMsg, key) + case "alertDisplayName": + err = unpopulate(val, "AlertDisplayName", &s.AlertDisplayName) + delete(rawMsg, key) + case "alertLink": + err = unpopulate(val, "AlertLink", &s.AlertLink) + delete(rawMsg, key) + case "alertType": + err = unpopulate(val, "AlertType", &s.AlertType) + delete(rawMsg, key) + case "compromisedEntity": + err = unpopulate(val, "CompromisedEntity", &s.CompromisedEntity) + delete(rawMsg, key) + case "confidenceLevel": + err = unpopulate(val, "ConfidenceLevel", &s.ConfidenceLevel) + delete(rawMsg, key) + case "confidenceReasons": + err = unpopulate(val, "ConfidenceReasons", &s.ConfidenceReasons) + delete(rawMsg, key) + case "confidenceScore": + err = unpopulate(val, "ConfidenceScore", &s.ConfidenceScore) + delete(rawMsg, key) + case "confidenceScoreStatus": + err = unpopulate(val, "ConfidenceScoreStatus", &s.ConfidenceScoreStatus) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &s.Description) + delete(rawMsg, key) + case "endTimeUtc": + err = unpopulateDateTimeRFC3339(val, "EndTimeUTC", &s.EndTimeUTC) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &s.FriendlyName) + delete(rawMsg, key) + case "intent": + err = unpopulate(val, "Intent", &s.Intent) + delete(rawMsg, key) + case "processingEndTime": + err = unpopulateDateTimeRFC3339(val, "ProcessingEndTime", &s.ProcessingEndTime) + delete(rawMsg, key) + case "productComponentName": + err = unpopulate(val, "ProductComponentName", &s.ProductComponentName) + delete(rawMsg, key) + case "productName": + err = unpopulate(val, "ProductName", &s.ProductName) + delete(rawMsg, key) + case "productVersion": + err = unpopulate(val, "ProductVersion", &s.ProductVersion) + delete(rawMsg, key) + case "providerAlertId": + err = unpopulate(val, "ProviderAlertID", &s.ProviderAlertID) + delete(rawMsg, key) + case "remediationSteps": + err = unpopulate(val, "RemediationSteps", &s.RemediationSteps) + delete(rawMsg, key) + case "resourceIdentifiers": + err = unpopulate(val, "ResourceIdentifiers", &s.ResourceIdentifiers) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &s.Severity) + delete(rawMsg, key) + case "startTimeUtc": + err = unpopulateDateTimeRFC3339(val, "StartTimeUTC", &s.StartTimeUTC) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &s.Status) + delete(rawMsg, key) + case "systemAlertId": + err = unpopulate(val, "SystemAlertID", &s.SystemAlertID) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &s.Tactics) + delete(rawMsg, key) + case "timeGenerated": + err = unpopulateDateTimeRFC3339(val, "TimeGenerated", &s.TimeGenerated) + delete(rawMsg, key) + case "vendorName": + err = unpopulate(val, "VendorName", &s.VendorName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityAlertPropertiesConfidenceReasonsItem. +func (s SecurityAlertPropertiesConfidenceReasonsItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "reason", s.Reason) + populate(objectMap, "reasonType", s.ReasonType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertPropertiesConfidenceReasonsItem. +func (s *SecurityAlertPropertiesConfidenceReasonsItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "reason": + err = unpopulate(val, "Reason", &s.Reason) + delete(rawMsg, key) + case "reasonType": + err = unpopulate(val, "ReasonType", &s.ReasonType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityAlertTimelineItem. +func (s SecurityAlertTimelineItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertType", s.AlertType) + populate(objectMap, "azureResourceId", s.AzureResourceID) + populate(objectMap, "description", s.Description) + populate(objectMap, "displayName", s.DisplayName) + populateDateTimeRFC3339(objectMap, "endTimeUtc", s.EndTimeUTC) + populate(objectMap, "intent", s.Intent) + objectMap["kind"] = EntityTimelineKindSecurityAlert + populate(objectMap, "productName", s.ProductName) + populate(objectMap, "severity", s.Severity) + populateDateTimeRFC3339(objectMap, "startTimeUtc", s.StartTimeUTC) + populate(objectMap, "techniques", s.Techniques) + populateDateTimeRFC3339(objectMap, "timeGenerated", s.TimeGenerated) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityAlertTimelineItem. +func (s *SecurityAlertTimelineItem) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertType": + err = unpopulate(val, "AlertType", &s.AlertType) + delete(rawMsg, key) + case "azureResourceId": + err = unpopulate(val, "AzureResourceID", &s.AzureResourceID) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &s.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &s.DisplayName) + delete(rawMsg, key) + case "endTimeUtc": + err = unpopulateDateTimeRFC3339(val, "EndTimeUTC", &s.EndTimeUTC) + delete(rawMsg, key) + case "intent": + err = unpopulate(val, "Intent", &s.Intent) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "productName": + err = unpopulate(val, "ProductName", &s.ProductName) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &s.Severity) + delete(rawMsg, key) + case "startTimeUtc": + err = unpopulateDateTimeRFC3339(val, "StartTimeUTC", &s.StartTimeUTC) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &s.Techniques) + delete(rawMsg, key) + case "timeGenerated": + err = unpopulateDateTimeRFC3339(val, "TimeGenerated", &s.TimeGenerated) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityGroupEntity. +func (s SecurityGroupEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", s.ID) + objectMap["kind"] = EntityKindEnumSecurityGroup + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityGroupEntity. +func (s *SecurityGroupEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityGroupEntityProperties. +func (s SecurityGroupEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", s.AdditionalData) + populate(objectMap, "distinguishedName", s.DistinguishedName) + populate(objectMap, "friendlyName", s.FriendlyName) + populate(objectMap, "objectGuid", s.ObjectGUID) + populate(objectMap, "sid", s.Sid) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityGroupEntityProperties. +func (s *SecurityGroupEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &s.AdditionalData) + delete(rawMsg, key) + case "distinguishedName": + err = unpopulate(val, "DistinguishedName", &s.DistinguishedName) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &s.FriendlyName) + delete(rawMsg, key) + case "objectGuid": + err = unpopulate(val, "ObjectGUID", &s.ObjectGUID) + delete(rawMsg, key) + case "sid": + err = unpopulate(val, "Sid", &s.Sid) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityMLAnalyticsSetting. +func (s SecurityMLAnalyticsSetting) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + objectMap["kind"] = s.Kind + populate(objectMap, "name", s.Name) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSetting. +func (s *SecurityMLAnalyticsSetting) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &s.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityMLAnalyticsSettingsDataSource. +func (s SecurityMLAnalyticsSettingsDataSource) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "connectorId", s.ConnectorID) + populate(objectMap, "dataTypes", s.DataTypes) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsDataSource. +func (s *SecurityMLAnalyticsSettingsDataSource) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "connectorId": + err = unpopulate(val, "ConnectorID", &s.ConnectorID) + delete(rawMsg, key) + case "dataTypes": + err = unpopulate(val, "DataTypes", &s.DataTypes) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SecurityMLAnalyticsSettingsList. +func (s SecurityMLAnalyticsSettingsList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", s.NextLink) + populate(objectMap, "value", s.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsList. +func (s *SecurityMLAnalyticsSettingsList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &s.NextLink) + delete(rawMsg, key) + case "value": + s.Value, err = unmarshalSecurityMLAnalyticsSettingClassificationArray(val) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SentinelEntityMapping. +func (s SentinelEntityMapping) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "columnName", s.ColumnName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelEntityMapping. +func (s *SentinelEntityMapping) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "columnName": + err = unpopulate(val, "ColumnName", &s.ColumnName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingState. +func (s SentinelOnboardingState) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingState. +func (s *SentinelOnboardingState) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &s.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingStateProperties. +func (s SentinelOnboardingStateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "customerManagedKey", s.CustomerManagedKey) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingStateProperties. +func (s *SentinelOnboardingStateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "customerManagedKey": + err = unpopulate(val, "CustomerManagedKey", &s.CustomerManagedKey) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingStatesList. +func (s SentinelOnboardingStatesList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "value", s.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingStatesList. +func (s *SentinelOnboardingStatesList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "value": + err = unpopulate(val, "Value", &s.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ServicePrincipal. +func (s ServicePrincipal) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "appId", s.AppID) + populateDateTimeRFC3339(objectMap, "credentialsExpireOn", s.CredentialsExpireOn) + populate(objectMap, "id", s.ID) + populate(objectMap, "tenantId", s.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ServicePrincipal. +func (s *ServicePrincipal) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "appId": + err = unpopulate(val, "AppID", &s.AppID) + delete(rawMsg, key) + case "credentialsExpireOn": + err = unpopulateDateTimeRFC3339(val, "CredentialsExpireOn", &s.CredentialsExpireOn) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &s.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SessionAuthModel. +func (s SessionAuthModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "headers", s.Headers) + populate(objectMap, "isPostPayloadJson", s.IsPostPayloadJSON) + populate(objectMap, "password", s.Password) + populate(objectMap, "queryParameters", s.QueryParameters) + populate(objectMap, "sessionIdName", s.SessionIDName) + populate(objectMap, "sessionLoginRequestUri", s.SessionLoginRequestURI) + populate(objectMap, "sessionTimeoutInMinutes", s.SessionTimeoutInMinutes) + objectMap["type"] = CcpAuthTypeSession + populate(objectMap, "userName", s.UserName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SessionAuthModel. +func (s *SessionAuthModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "headers": + err = unpopulate(val, "Headers", &s.Headers) + delete(rawMsg, key) + case "isPostPayloadJson": + err = unpopulate(val, "IsPostPayloadJSON", &s.IsPostPayloadJSON) + delete(rawMsg, key) + case "password": + err = unpopulate(val, "Password", &s.Password) + delete(rawMsg, key) + case "queryParameters": + err = unpopulate(val, "QueryParameters", &s.QueryParameters) + delete(rawMsg, key) + case "sessionIdName": + err = unpopulate(val, "SessionIDName", &s.SessionIDName) + delete(rawMsg, key) + case "sessionLoginRequestUri": + err = unpopulate(val, "SessionLoginRequestURI", &s.SessionLoginRequestURI) + delete(rawMsg, key) + case "sessionTimeoutInMinutes": + err = unpopulate(val, "SessionTimeoutInMinutes", &s.SessionTimeoutInMinutes) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + case "userName": + err = unpopulate(val, "UserName", &s.UserName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SettingList. +func (s SettingList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "value", s.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SettingList. +func (s *SettingList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "value": + s.Value, err = unmarshalSettingsClassificationArray(val) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Settings. +func (s Settings) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + objectMap["kind"] = s.Kind + populate(objectMap, "name", s.Name) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Settings. +func (s *Settings) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &s.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SourceControl. +func (s SourceControl) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", s.Etag) + populate(objectMap, "id", s.ID) + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SourceControl. +func (s *SourceControl) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &s.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SourceControlList. +func (s SourceControlList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", s.NextLink) + populate(objectMap, "value", s.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SourceControlList. +func (s *SourceControlList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &s.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &s.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SourceControlProperties. +func (s SourceControlProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "contentTypes", s.ContentTypes) + populate(objectMap, "description", s.Description) + populate(objectMap, "displayName", s.DisplayName) + populate(objectMap, "id", s.ID) + populate(objectMap, "lastDeploymentInfo", s.LastDeploymentInfo) + populate(objectMap, "pullRequest", s.PullRequest) + populate(objectMap, "repoType", s.RepoType) + populate(objectMap, "repository", s.Repository) + populate(objectMap, "repositoryAccess", s.RepositoryAccess) + populate(objectMap, "repositoryResourceInfo", s.RepositoryResourceInfo) + populate(objectMap, "servicePrincipal", s.ServicePrincipal) + populate(objectMap, "version", s.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SourceControlProperties. +func (s *SourceControlProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "contentTypes": + err = unpopulate(val, "ContentTypes", &s.ContentTypes) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &s.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &s.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "lastDeploymentInfo": + err = unpopulate(val, "LastDeploymentInfo", &s.LastDeploymentInfo) + delete(rawMsg, key) + case "pullRequest": + err = unpopulate(val, "PullRequest", &s.PullRequest) + delete(rawMsg, key) + case "repoType": + err = unpopulate(val, "RepoType", &s.RepoType) + delete(rawMsg, key) + case "repository": + err = unpopulate(val, "Repository", &s.Repository) + delete(rawMsg, key) + case "repositoryAccess": + err = unpopulate(val, "RepositoryAccess", &s.RepositoryAccess) + delete(rawMsg, key) + case "repositoryResourceInfo": + err = unpopulate(val, "RepositoryResourceInfo", &s.RepositoryResourceInfo) + delete(rawMsg, key) + case "servicePrincipal": + err = unpopulate(val, "ServicePrincipal", &s.ServicePrincipal) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &s.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SubmissionMailEntity. +func (s SubmissionMailEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", s.ID) + objectMap["kind"] = EntityKindEnumSubmissionMail + populate(objectMap, "name", s.Name) + populate(objectMap, "properties", s.Properties) + populate(objectMap, "systemData", s.SystemData) + populate(objectMap, "type", s.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SubmissionMailEntity. +func (s *SubmissionMailEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &s.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &s.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &s.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &s.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &s.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &s.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SubmissionMailEntityProperties. +func (s SubmissionMailEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", s.AdditionalData) + populate(objectMap, "friendlyName", s.FriendlyName) + populate(objectMap, "networkMessageId", s.NetworkMessageID) + populate(objectMap, "recipient", s.Recipient) + populate(objectMap, "reportType", s.ReportType) + populate(objectMap, "sender", s.Sender) + populate(objectMap, "senderIp", s.SenderIP) + populate(objectMap, "subject", s.Subject) + populateDateTimeRFC3339(objectMap, "submissionDate", s.SubmissionDate) + populate(objectMap, "submissionId", s.SubmissionID) + populate(objectMap, "submitter", s.Submitter) + populateDateTimeRFC3339(objectMap, "timestamp", s.Timestamp) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SubmissionMailEntityProperties. +func (s *SubmissionMailEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &s.AdditionalData) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &s.FriendlyName) + delete(rawMsg, key) + case "networkMessageId": + err = unpopulate(val, "NetworkMessageID", &s.NetworkMessageID) + delete(rawMsg, key) + case "recipient": + err = unpopulate(val, "Recipient", &s.Recipient) + delete(rawMsg, key) + case "reportType": + err = unpopulate(val, "ReportType", &s.ReportType) + delete(rawMsg, key) + case "sender": + err = unpopulate(val, "Sender", &s.Sender) + delete(rawMsg, key) + case "senderIp": + err = unpopulate(val, "SenderIP", &s.SenderIP) + delete(rawMsg, key) + case "subject": + err = unpopulate(val, "Subject", &s.Subject) + delete(rawMsg, key) + case "submissionDate": + err = unpopulateDateTimeRFC3339(val, "SubmissionDate", &s.SubmissionDate) + delete(rawMsg, key) + case "submissionId": + err = unpopulate(val, "SubmissionID", &s.SubmissionID) + delete(rawMsg, key) + case "submitter": + err = unpopulate(val, "Submitter", &s.Submitter) + delete(rawMsg, key) + case "timestamp": + err = unpopulateDateTimeRFC3339(val, "Timestamp", &s.Timestamp) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type SystemData. +func (s SystemData) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "createdAt", s.CreatedAt) + populate(objectMap, "createdBy", s.CreatedBy) + populate(objectMap, "createdByType", s.CreatedByType) + populateDateTimeRFC3339(objectMap, "lastModifiedAt", s.LastModifiedAt) + populate(objectMap, "lastModifiedBy", s.LastModifiedBy) + populate(objectMap, "lastModifiedByType", s.LastModifiedByType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SystemData. +func (s *SystemData) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "createdAt": + err = unpopulateDateTimeRFC3339(val, "CreatedAt", &s.CreatedAt) + delete(rawMsg, key) + case "createdBy": + err = unpopulate(val, "CreatedBy", &s.CreatedBy) + delete(rawMsg, key) + case "createdByType": + err = unpopulate(val, "CreatedByType", &s.CreatedByType) + delete(rawMsg, key) + case "lastModifiedAt": + err = unpopulateDateTimeRFC3339(val, "LastModifiedAt", &s.LastModifiedAt) + delete(rawMsg, key) + case "lastModifiedBy": + err = unpopulate(val, "LastModifiedBy", &s.LastModifiedBy) + delete(rawMsg, key) + case "lastModifiedByType": + err = unpopulate(val, "LastModifiedByType", &s.LastModifiedByType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", s, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TICheckRequirements. +func (t TICheckRequirements) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["kind"] = DataConnectorKindThreatIntelligence + populate(objectMap, "properties", t.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TICheckRequirements. +func (t *TICheckRequirements) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "kind": + err = unpopulate(val, "Kind", &t.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TICheckRequirementsProperties. +func (t TICheckRequirementsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "tenantId", t.TenantID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TICheckRequirementsProperties. +func (t *TICheckRequirementsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "tenantId": + err = unpopulate(val, "TenantID", &t.TenantID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TIDataConnector. +func (t TIDataConnector) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + objectMap["kind"] = DataConnectorKindThreatIntelligence + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnector. +func (t *TIDataConnector) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &t.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &t.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &t.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorDataTypes. +func (t TIDataConnectorDataTypes) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "indicators", t.Indicators) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorDataTypes. +func (t *TIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "indicators": + err = unpopulate(val, "Indicators", &t.Indicators) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorDataTypesIndicators. +func (t TIDataConnectorDataTypesIndicators) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "state", t.State) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorDataTypesIndicators. +func (t *TIDataConnectorDataTypesIndicators) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "state": + err = unpopulate(val, "State", &t.State) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorProperties. +func (t TIDataConnectorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataTypes", t.DataTypes) + populate(objectMap, "tenantId", t.TenantID) + populateDateTimeRFC3339(objectMap, "tipLookbackPeriod", t.TipLookbackPeriod) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorProperties. +func (t *TIDataConnectorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataTypes": + err = unpopulate(val, "DataTypes", &t.DataTypes) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &t.TenantID) + delete(rawMsg, key) + case "tipLookbackPeriod": + err = unpopulateDateTimeRFC3339(val, "TipLookbackPeriod", &t.TipLookbackPeriod) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TIObject. +func (t TIObject) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", t.ID) + objectMap["kind"] = t.Kind + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TIObject. +func (t *TIObject) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &t.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &t.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TIObjectCommonProperties. +func (t TIObjectCommonProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "createdBy", t.CreatedBy) + populate(objectMap, "data", t.Data) + populateDateTimeRFC3339(objectMap, "firstIngestedTimeUtc", t.FirstIngestedTimeUTC) + populate(objectMap, "ingestionRulesVersion", t.IngestionRulesVersion) + populateDateTimeRFC3339(objectMap, "lastIngestedTimeUtc", t.LastIngestedTimeUTC) + populate(objectMap, "lastModifiedBy", t.LastModifiedBy) + populate(objectMap, "lastUpdateMethod", t.LastUpdateMethod) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateTimeUtc", t.LastUpdatedDateTimeUTC) + populate(objectMap, "relationshipHints", t.RelationshipHints) + populate(objectMap, "source", t.Source) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TIObjectCommonProperties. +func (t *TIObjectCommonProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "createdBy": + err = unpopulate(val, "CreatedBy", &t.CreatedBy) + delete(rawMsg, key) + case "data": + err = unpopulate(val, "Data", &t.Data) + delete(rawMsg, key) + case "firstIngestedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "FirstIngestedTimeUTC", &t.FirstIngestedTimeUTC) + delete(rawMsg, key) + case "ingestionRulesVersion": + err = unpopulate(val, "IngestionRulesVersion", &t.IngestionRulesVersion) + delete(rawMsg, key) + case "lastIngestedTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastIngestedTimeUTC", &t.LastIngestedTimeUTC) + delete(rawMsg, key) + case "lastModifiedBy": + err = unpopulate(val, "LastModifiedBy", &t.LastModifiedBy) + delete(rawMsg, key) + case "lastUpdateMethod": + err = unpopulate(val, "LastUpdateMethod", &t.LastUpdateMethod) + delete(rawMsg, key) + case "lastUpdatedDateTimeUtc": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateTimeUTC", &t.LastUpdatedDateTimeUTC) + delete(rawMsg, key) + case "relationshipHints": + err = unpopulate(val, "RelationshipHints", &t.RelationshipHints) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &t.Source) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TeamInformation. +func (t TeamInformation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", t.Description) + populate(objectMap, "name", t.Name) + populate(objectMap, "primaryChannelUrl", t.PrimaryChannelURL) + populateDateTimeRFC3339(objectMap, "teamCreationTimeUtc", t.TeamCreationTimeUTC) + populate(objectMap, "teamId", t.TeamID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TeamInformation. +func (t *TeamInformation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &t.Description) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "primaryChannelUrl": + err = unpopulate(val, "PrimaryChannelURL", &t.PrimaryChannelURL) + delete(rawMsg, key) + case "teamCreationTimeUtc": + err = unpopulateDateTimeRFC3339(val, "TeamCreationTimeUTC", &t.TeamCreationTimeUTC) + delete(rawMsg, key) + case "teamId": + err = unpopulate(val, "TeamID", &t.TeamID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TemplateList. +func (t TemplateList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", t.NextLink) + populate(objectMap, "value", t.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TemplateList. +func (t *TemplateList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &t.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &t.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TemplateModel. +func (t TemplateModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TemplateModel. +func (t *TemplateModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &t.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &t.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &t.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TemplateProperties. +func (t TemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "author", t.Author) + populate(objectMap, "categories", t.Categories) + populate(objectMap, "contentId", t.ContentID) + populate(objectMap, "contentKind", t.ContentKind) + populate(objectMap, "contentProductId", t.ContentProductID) + populate(objectMap, "contentSchemaVersion", t.ContentSchemaVersion) + populate(objectMap, "customVersion", t.CustomVersion) + populate(objectMap, "dependantTemplates", t.DependantTemplates) + populate(objectMap, "dependencies", t.Dependencies) + populate(objectMap, "displayName", t.DisplayName) + populateDateType(objectMap, "firstPublishDate", t.FirstPublishDate) + populate(objectMap, "icon", t.Icon) + populate(objectMap, "isDeprecated", t.IsDeprecated) + populateDateType(objectMap, "lastPublishDate", t.LastPublishDate) + populateAny(objectMap, "mainTemplate", t.MainTemplate) + populate(objectMap, "packageId", t.PackageID) + populate(objectMap, "packageKind", t.PackageKind) + populate(objectMap, "packageName", t.PackageName) + populate(objectMap, "packageVersion", t.PackageVersion) + populate(objectMap, "previewImages", t.PreviewImages) + populate(objectMap, "previewImagesDark", t.PreviewImagesDark) + populate(objectMap, "providers", t.Providers) + populate(objectMap, "source", t.Source) + populate(objectMap, "support", t.Support) + populate(objectMap, "threatAnalysisTactics", t.ThreatAnalysisTactics) + populate(objectMap, "threatAnalysisTechniques", t.ThreatAnalysisTechniques) + populate(objectMap, "version", t.Version) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TemplateProperties. +func (t *TemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "author": + err = unpopulate(val, "Author", &t.Author) + delete(rawMsg, key) + case "categories": + err = unpopulate(val, "Categories", &t.Categories) + delete(rawMsg, key) + case "contentId": + err = unpopulate(val, "ContentID", &t.ContentID) + delete(rawMsg, key) + case "contentKind": + err = unpopulate(val, "ContentKind", &t.ContentKind) + delete(rawMsg, key) + case "contentProductId": + err = unpopulate(val, "ContentProductID", &t.ContentProductID) + delete(rawMsg, key) + case "contentSchemaVersion": + err = unpopulate(val, "ContentSchemaVersion", &t.ContentSchemaVersion) + delete(rawMsg, key) + case "customVersion": + err = unpopulate(val, "CustomVersion", &t.CustomVersion) + delete(rawMsg, key) + case "dependantTemplates": + err = unpopulate(val, "DependantTemplates", &t.DependantTemplates) + delete(rawMsg, key) + case "dependencies": + err = unpopulate(val, "Dependencies", &t.Dependencies) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &t.DisplayName) + delete(rawMsg, key) + case "firstPublishDate": + err = unpopulateDateType(val, "FirstPublishDate", &t.FirstPublishDate) + delete(rawMsg, key) + case "icon": + err = unpopulate(val, "Icon", &t.Icon) + delete(rawMsg, key) + case "isDeprecated": + err = unpopulate(val, "IsDeprecated", &t.IsDeprecated) + delete(rawMsg, key) + case "lastPublishDate": + err = unpopulateDateType(val, "LastPublishDate", &t.LastPublishDate) + delete(rawMsg, key) + case "mainTemplate": + err = unpopulate(val, "MainTemplate", &t.MainTemplate) + delete(rawMsg, key) + case "packageId": + err = unpopulate(val, "PackageID", &t.PackageID) + delete(rawMsg, key) + case "packageKind": + err = unpopulate(val, "PackageKind", &t.PackageKind) + delete(rawMsg, key) + case "packageName": + err = unpopulate(val, "PackageName", &t.PackageName) + delete(rawMsg, key) + case "packageVersion": + err = unpopulate(val, "PackageVersion", &t.PackageVersion) + delete(rawMsg, key) + case "previewImages": + err = unpopulate(val, "PreviewImages", &t.PreviewImages) + delete(rawMsg, key) + case "previewImagesDark": + err = unpopulate(val, "PreviewImagesDark", &t.PreviewImagesDark) + delete(rawMsg, key) + case "providers": + err = unpopulate(val, "Providers", &t.Providers) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &t.Source) + delete(rawMsg, key) + case "support": + err = unpopulate(val, "Support", &t.Support) + delete(rawMsg, key) + case "threatAnalysisTactics": + err = unpopulate(val, "ThreatAnalysisTactics", &t.ThreatAnalysisTactics) + delete(rawMsg, key) + case "threatAnalysisTechniques": + err = unpopulate(val, "ThreatAnalysisTechniques", &t.ThreatAnalysisTechniques) + delete(rawMsg, key) + case "version": + err = unpopulate(val, "Version", &t.Version) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatActor. +func (t ThreatActor) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", t.ID) + objectMap["kind"] = TIObjectKindThreatActor + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatActor. +func (t *ThreatActor) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &t.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &t.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligence. +func (t ThreatIntelligence) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "confidence", t.Confidence) + populate(objectMap, "providerName", t.ProviderName) + populate(objectMap, "reportLink", t.ReportLink) + populate(objectMap, "threatDescription", t.ThreatDescription) + populate(objectMap, "threatName", t.ThreatName) + populate(objectMap, "threatType", t.ThreatType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligence. +func (t *ThreatIntelligence) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "confidence": + err = unpopulate(val, "Confidence", &t.Confidence) + delete(rawMsg, key) + case "providerName": + err = unpopulate(val, "ProviderName", &t.ProviderName) + delete(rawMsg, key) + case "reportLink": + err = unpopulate(val, "ReportLink", &t.ReportLink) + delete(rawMsg, key) + case "threatDescription": + err = unpopulate(val, "ThreatDescription", &t.ThreatDescription) + delete(rawMsg, key) + case "threatName": + err = unpopulate(val, "ThreatName", &t.ThreatName) + delete(rawMsg, key) + case "threatType": + err = unpopulate(val, "ThreatType", &t.ThreatType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRule. +func (t ThreatIntelligenceAlertRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + objectMap["kind"] = AlertRuleKindThreatIntelligence + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRule. +func (t *ThreatIntelligenceAlertRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &t.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &t.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &t.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRuleProperties. +func (t ThreatIntelligenceAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertRuleTemplateName", t.AlertRuleTemplateName) + populate(objectMap, "description", t.Description) + populate(objectMap, "displayName", t.DisplayName) + populate(objectMap, "enabled", t.Enabled) + populateDateTimeRFC3339(objectMap, "lastModifiedUtc", t.LastModifiedUTC) + populate(objectMap, "severity", t.Severity) + populate(objectMap, "subTechniques", t.SubTechniques) + populate(objectMap, "tactics", t.Tactics) + populate(objectMap, "techniques", t.Techniques) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRuleProperties. +func (t *ThreatIntelligenceAlertRuleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertRuleTemplateName": + err = unpopulate(val, "AlertRuleTemplateName", &t.AlertRuleTemplateName) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &t.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &t.DisplayName) + delete(rawMsg, key) + case "enabled": + err = unpopulate(val, "Enabled", &t.Enabled) + delete(rawMsg, key) + case "lastModifiedUtc": + err = unpopulateDateTimeRFC3339(val, "LastModifiedUTC", &t.LastModifiedUTC) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &t.Severity) + delete(rawMsg, key) + case "subTechniques": + err = unpopulate(val, "SubTechniques", &t.SubTechniques) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &t.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &t.Techniques) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRuleTemplate. +func (t ThreatIntelligenceAlertRuleTemplate) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", t.ID) + objectMap["kind"] = AlertRuleKindThreatIntelligence + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRuleTemplate. +func (t *ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &t.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &t.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAlertRuleTemplateProperties. +func (t ThreatIntelligenceAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertRulesCreatedByTemplateCount", t.AlertRulesCreatedByTemplateCount) + populateDateTimeRFC3339(objectMap, "createdDateUTC", t.CreatedDateUTC) + populate(objectMap, "description", t.Description) + populate(objectMap, "displayName", t.DisplayName) + populateDateTimeRFC3339(objectMap, "lastUpdatedDateUTC", t.LastUpdatedDateUTC) + populate(objectMap, "requiredDataConnectors", t.RequiredDataConnectors) + populate(objectMap, "severity", t.Severity) + populate(objectMap, "status", t.Status) + populate(objectMap, "tactics", t.Tactics) + populate(objectMap, "techniques", t.Techniques) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAlertRuleTemplateProperties. +func (t *ThreatIntelligenceAlertRuleTemplateProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertRulesCreatedByTemplateCount": + err = unpopulate(val, "AlertRulesCreatedByTemplateCount", &t.AlertRulesCreatedByTemplateCount) + delete(rawMsg, key) + case "createdDateUTC": + err = unpopulateDateTimeRFC3339(val, "CreatedDateUTC", &t.CreatedDateUTC) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &t.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &t.DisplayName) + delete(rawMsg, key) + case "lastUpdatedDateUTC": + err = unpopulateDateTimeRFC3339(val, "LastUpdatedDateUTC", &t.LastUpdatedDateUTC) + delete(rawMsg, key) + case "requiredDataConnectors": + err = unpopulate(val, "RequiredDataConnectors", &t.RequiredDataConnectors) + delete(rawMsg, key) + case "severity": + err = unpopulate(val, "Severity", &t.Severity) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &t.Status) + delete(rawMsg, key) + case "tactics": + err = unpopulate(val, "Tactics", &t.Tactics) + delete(rawMsg, key) + case "techniques": + err = unpopulate(val, "Techniques", &t.Techniques) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAppendTags. +func (t ThreatIntelligenceAppendTags) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "threatIntelligenceTags", t.ThreatIntelligenceTags) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAppendTags. +func (t *ThreatIntelligenceAppendTags) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "threatIntelligenceTags": + err = unpopulate(val, "ThreatIntelligenceTags", &t.ThreatIntelligenceTags) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceCount. +func (t ThreatIntelligenceCount) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "count", t.Count) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceCount. +func (t *ThreatIntelligenceCount) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "count": + err = unpopulate(val, "Count", &t.Count) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceExternalReference. +func (t ThreatIntelligenceExternalReference) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", t.Description) + populate(objectMap, "externalId", t.ExternalID) + populate(objectMap, "hashes", t.Hashes) + populate(objectMap, "sourceName", t.SourceName) + populate(objectMap, "url", t.URL) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceExternalReference. +func (t *ThreatIntelligenceExternalReference) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &t.Description) + delete(rawMsg, key) + case "externalId": + err = unpopulate(val, "ExternalID", &t.ExternalID) + delete(rawMsg, key) + case "hashes": + err = unpopulate(val, "Hashes", &t.Hashes) + delete(rawMsg, key) + case "sourceName": + err = unpopulate(val, "SourceName", &t.SourceName) + delete(rawMsg, key) + case "url": + err = unpopulate(val, "URL", &t.URL) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceFilteringCriteria. +func (t ThreatIntelligenceFilteringCriteria) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "ids", t.IDs) + populate(objectMap, "includeDisabled", t.IncludeDisabled) + populate(objectMap, "keywords", t.Keywords) + populate(objectMap, "maxConfidence", t.MaxConfidence) + populate(objectMap, "maxValidUntil", t.MaxValidUntil) + populate(objectMap, "minConfidence", t.MinConfidence) + populate(objectMap, "minValidUntil", t.MinValidUntil) + populate(objectMap, "pageSize", t.PageSize) + populate(objectMap, "patternTypes", t.PatternTypes) + populate(objectMap, "skipToken", t.SkipToken) + populate(objectMap, "sortBy", t.SortBy) + populate(objectMap, "sources", t.Sources) + populate(objectMap, "threatTypes", t.ThreatTypes) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceFilteringCriteria. +func (t *ThreatIntelligenceFilteringCriteria) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "ids": + err = unpopulate(val, "IDs", &t.IDs) + delete(rawMsg, key) + case "includeDisabled": + err = unpopulate(val, "IncludeDisabled", &t.IncludeDisabled) + delete(rawMsg, key) + case "keywords": + err = unpopulate(val, "Keywords", &t.Keywords) + delete(rawMsg, key) + case "maxConfidence": + err = unpopulate(val, "MaxConfidence", &t.MaxConfidence) + delete(rawMsg, key) + case "maxValidUntil": + err = unpopulate(val, "MaxValidUntil", &t.MaxValidUntil) + delete(rawMsg, key) + case "minConfidence": + err = unpopulate(val, "MinConfidence", &t.MinConfidence) + delete(rawMsg, key) + case "minValidUntil": + err = unpopulate(val, "MinValidUntil", &t.MinValidUntil) + delete(rawMsg, key) + case "pageSize": + err = unpopulate(val, "PageSize", &t.PageSize) + delete(rawMsg, key) + case "patternTypes": + err = unpopulate(val, "PatternTypes", &t.PatternTypes) + delete(rawMsg, key) + case "skipToken": + err = unpopulate(val, "SkipToken", &t.SkipToken) + delete(rawMsg, key) + case "sortBy": + err = unpopulate(val, "SortBy", &t.SortBy) + delete(rawMsg, key) + case "sources": + err = unpopulate(val, "Sources", &t.Sources) + delete(rawMsg, key) + case "threatTypes": + err = unpopulate(val, "ThreatTypes", &t.ThreatTypes) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceGranularMarkingModel. +func (t ThreatIntelligenceGranularMarkingModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "language", t.Language) + populate(objectMap, "markingRef", t.MarkingRef) + populate(objectMap, "selectors", t.Selectors) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceGranularMarkingModel. +func (t *ThreatIntelligenceGranularMarkingModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "language": + err = unpopulate(val, "Language", &t.Language) + delete(rawMsg, key) + case "markingRef": + err = unpopulate(val, "MarkingRef", &t.MarkingRef) + delete(rawMsg, key) + case "selectors": + err = unpopulate(val, "Selectors", &t.Selectors) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceIndicatorModel. +func (t ThreatIntelligenceIndicatorModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + objectMap["kind"] = ThreatIntelligenceResourceInnerKindIndicator + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorModel. +func (t *ThreatIntelligenceIndicatorModel) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &t.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &t.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &t.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceIndicatorProperties. +func (t ThreatIntelligenceIndicatorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", t.AdditionalData) + populate(objectMap, "confidence", t.Confidence) + populate(objectMap, "created", t.Created) + populate(objectMap, "createdByRef", t.CreatedByRef) + populate(objectMap, "defanged", t.Defanged) + populate(objectMap, "description", t.Description) + populate(objectMap, "displayName", t.DisplayName) + populate(objectMap, "extensions", t.Extensions) + populate(objectMap, "externalId", t.ExternalID) + populate(objectMap, "externalLastUpdatedTimeUtc", t.ExternalLastUpdatedTimeUTC) + populate(objectMap, "externalReferences", t.ExternalReferences) + populate(objectMap, "friendlyName", t.FriendlyName) + populate(objectMap, "granularMarkings", t.GranularMarkings) + populate(objectMap, "indicatorTypes", t.IndicatorTypes) + populate(objectMap, "killChainPhases", t.KillChainPhases) + populate(objectMap, "labels", t.Labels) + populate(objectMap, "language", t.Language) + populate(objectMap, "lastUpdatedTimeUtc", t.LastUpdatedTimeUTC) + populate(objectMap, "modified", t.Modified) + populate(objectMap, "objectMarkingRefs", t.ObjectMarkingRefs) + populate(objectMap, "parsedPattern", t.ParsedPattern) + populate(objectMap, "pattern", t.Pattern) + populate(objectMap, "patternType", t.PatternType) + populate(objectMap, "patternVersion", t.PatternVersion) + populate(objectMap, "revoked", t.Revoked) + populate(objectMap, "source", t.Source) + populate(objectMap, "threatIntelligenceTags", t.ThreatIntelligenceTags) + populate(objectMap, "threatTypes", t.ThreatTypes) + populate(objectMap, "validFrom", t.ValidFrom) + populate(objectMap, "validUntil", t.ValidUntil) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorProperties. +func (t *ThreatIntelligenceIndicatorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &t.AdditionalData) + delete(rawMsg, key) + case "confidence": + err = unpopulate(val, "Confidence", &t.Confidence) + delete(rawMsg, key) + case "created": + err = unpopulate(val, "Created", &t.Created) + delete(rawMsg, key) + case "createdByRef": + err = unpopulate(val, "CreatedByRef", &t.CreatedByRef) + delete(rawMsg, key) + case "defanged": + err = unpopulate(val, "Defanged", &t.Defanged) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &t.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &t.DisplayName) + delete(rawMsg, key) + case "extensions": + err = unpopulate(val, "Extensions", &t.Extensions) + delete(rawMsg, key) + case "externalId": + err = unpopulate(val, "ExternalID", &t.ExternalID) + delete(rawMsg, key) + case "externalLastUpdatedTimeUtc": + err = unpopulate(val, "ExternalLastUpdatedTimeUTC", &t.ExternalLastUpdatedTimeUTC) + delete(rawMsg, key) + case "externalReferences": + err = unpopulate(val, "ExternalReferences", &t.ExternalReferences) + delete(rawMsg, key) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &t.FriendlyName) + delete(rawMsg, key) + case "granularMarkings": + err = unpopulate(val, "GranularMarkings", &t.GranularMarkings) + delete(rawMsg, key) + case "indicatorTypes": + err = unpopulate(val, "IndicatorTypes", &t.IndicatorTypes) + delete(rawMsg, key) + case "killChainPhases": + err = unpopulate(val, "KillChainPhases", &t.KillChainPhases) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &t.Labels) + delete(rawMsg, key) + case "language": + err = unpopulate(val, "Language", &t.Language) + delete(rawMsg, key) + case "lastUpdatedTimeUtc": + err = unpopulate(val, "LastUpdatedTimeUTC", &t.LastUpdatedTimeUTC) + delete(rawMsg, key) + case "modified": + err = unpopulate(val, "Modified", &t.Modified) + delete(rawMsg, key) + case "objectMarkingRefs": + err = unpopulate(val, "ObjectMarkingRefs", &t.ObjectMarkingRefs) + delete(rawMsg, key) + case "parsedPattern": + err = unpopulate(val, "ParsedPattern", &t.ParsedPattern) + delete(rawMsg, key) + case "pattern": + err = unpopulate(val, "Pattern", &t.Pattern) + delete(rawMsg, key) + case "patternType": + err = unpopulate(val, "PatternType", &t.PatternType) + delete(rawMsg, key) + case "patternVersion": + err = unpopulate(val, "PatternVersion", &t.PatternVersion) + delete(rawMsg, key) + case "revoked": + err = unpopulate(val, "Revoked", &t.Revoked) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &t.Source) + delete(rawMsg, key) + case "threatIntelligenceTags": + err = unpopulate(val, "ThreatIntelligenceTags", &t.ThreatIntelligenceTags) + delete(rawMsg, key) + case "threatTypes": + err = unpopulate(val, "ThreatTypes", &t.ThreatTypes) + delete(rawMsg, key) + case "validFrom": + err = unpopulate(val, "ValidFrom", &t.ValidFrom) + delete(rawMsg, key) + case "validUntil": + err = unpopulate(val, "ValidUntil", &t.ValidUntil) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceInformation. +func (t ThreatIntelligenceInformation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + objectMap["kind"] = t.Kind + populate(objectMap, "name", t.Name) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceInformation. +func (t *ThreatIntelligenceInformation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &t.Etag) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &t.ID) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &t.Name) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &t.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceInformationList. +func (t ThreatIntelligenceInformationList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", t.NextLink) + populate(objectMap, "value", t.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceInformationList. +func (t *ThreatIntelligenceInformationList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &t.NextLink) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &s.Type) + case "value": + t.Value, err = unmarshalThreatIntelligenceInformationClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SecurityGroupEntityProperties. -func (s SecurityGroupEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceKillChainPhase. +func (t ThreatIntelligenceKillChainPhase) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", s.AdditionalData) - populate(objectMap, "distinguishedName", s.DistinguishedName) - populate(objectMap, "friendlyName", s.FriendlyName) - populate(objectMap, "objectGuid", s.ObjectGUID) - populate(objectMap, "sid", s.Sid) + populate(objectMap, "killChainName", t.KillChainName) + populate(objectMap, "phaseName", t.PhaseName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityGroupEntityProperties. -func (s *SecurityGroupEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceKillChainPhase. +func (t *ThreatIntelligenceKillChainPhase) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &s.AdditionalData) - delete(rawMsg, key) - case "distinguishedName": - err = unpopulate(val, "DistinguishedName", &s.DistinguishedName) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &s.FriendlyName) - delete(rawMsg, key) - case "objectGuid": - err = unpopulate(val, "ObjectGUID", &s.ObjectGUID) + case "killChainName": + err = unpopulate(val, "KillChainName", &t.KillChainName) delete(rawMsg, key) - case "sid": - err = unpopulate(val, "Sid", &s.Sid) + case "phaseName": + err = unpopulate(val, "PhaseName", &t.PhaseName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingState. -func (s SentinelOnboardingState) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceList. +func (t ThreatIntelligenceList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", s.Etag) - populate(objectMap, "id", s.ID) - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "nextLink", t.NextLink) + populate(objectMap, "value", t.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingState. -func (s *SentinelOnboardingState) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceList. +func (t *ThreatIntelligenceList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &s.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &s.ID) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &s.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &s.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) + case "nextLink": + err = unpopulate(val, "NextLink", &t.NextLink) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &s.Type) + case "value": + t.Value, err = unmarshalTIObjectClassificationArray(val) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingStateProperties. -func (s SentinelOnboardingStateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetric. +func (t ThreatIntelligenceMetric) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "customerManagedKey", s.CustomerManagedKey) + populate(objectMap, "lastUpdatedTimeUtc", t.LastUpdatedTimeUTC) + populate(objectMap, "patternTypeMetrics", t.PatternTypeMetrics) + populate(objectMap, "sourceMetrics", t.SourceMetrics) + populate(objectMap, "threatTypeMetrics", t.ThreatTypeMetrics) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingStateProperties. -func (s *SentinelOnboardingStateProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetric. +func (t *ThreatIntelligenceMetric) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "customerManagedKey": - err = unpopulate(val, "CustomerManagedKey", &s.CustomerManagedKey) + case "lastUpdatedTimeUtc": + err = unpopulate(val, "LastUpdatedTimeUTC", &t.LastUpdatedTimeUTC) + delete(rawMsg, key) + case "patternTypeMetrics": + err = unpopulate(val, "PatternTypeMetrics", &t.PatternTypeMetrics) + delete(rawMsg, key) + case "sourceMetrics": + err = unpopulate(val, "SourceMetrics", &t.SourceMetrics) + delete(rawMsg, key) + case "threatTypeMetrics": + err = unpopulate(val, "ThreatTypeMetrics", &t.ThreatTypeMetrics) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SentinelOnboardingStatesList. -func (s SentinelOnboardingStatesList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetricEntity. +func (t ThreatIntelligenceMetricEntity) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "value", s.Value) + populate(objectMap, "metricName", t.MetricName) + populate(objectMap, "metricValue", t.MetricValue) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SentinelOnboardingStatesList. -func (s *SentinelOnboardingStatesList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetricEntity. +func (t *ThreatIntelligenceMetricEntity) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "value": - err = unpopulate(val, "Value", &s.Value) + case "metricName": + err = unpopulate(val, "MetricName", &t.MetricName) + delete(rawMsg, key) + case "metricValue": + err = unpopulate(val, "MetricValue", &t.MetricValue) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SubmissionMailEntity. -func (s SubmissionMailEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetrics. +func (t ThreatIntelligenceMetrics) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", s.ID) - objectMap["kind"] = EntityKindEnumSubmissionMail - populate(objectMap, "name", s.Name) - populate(objectMap, "properties", s.Properties) - populate(objectMap, "systemData", s.SystemData) - populate(objectMap, "type", s.Type) + populate(objectMap, "properties", t.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SubmissionMailEntity. -func (s *SubmissionMailEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetrics. +func (t *ThreatIntelligenceMetrics) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &s.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &s.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &s.Name) - delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &s.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &s.SystemData) - delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &s.Type) + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SubmissionMailEntityProperties. -func (s SubmissionMailEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetricsList. +func (t ThreatIntelligenceMetricsList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", s.AdditionalData) - populate(objectMap, "friendlyName", s.FriendlyName) - populate(objectMap, "networkMessageId", s.NetworkMessageID) - populate(objectMap, "recipient", s.Recipient) - populate(objectMap, "reportType", s.ReportType) - populate(objectMap, "sender", s.Sender) - populate(objectMap, "senderIp", s.SenderIP) - populate(objectMap, "subject", s.Subject) - populateDateTimeRFC3339(objectMap, "submissionDate", s.SubmissionDate) - populate(objectMap, "submissionId", s.SubmissionID) - populate(objectMap, "submitter", s.Submitter) - populateDateTimeRFC3339(objectMap, "timestamp", s.Timestamp) + populate(objectMap, "value", t.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SubmissionMailEntityProperties. -func (s *SubmissionMailEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetricsList. +func (t *ThreatIntelligenceMetricsList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &s.AdditionalData) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &s.FriendlyName) - delete(rawMsg, key) - case "networkMessageId": - err = unpopulate(val, "NetworkMessageID", &s.NetworkMessageID) - delete(rawMsg, key) - case "recipient": - err = unpopulate(val, "Recipient", &s.Recipient) - delete(rawMsg, key) - case "reportType": - err = unpopulate(val, "ReportType", &s.ReportType) - delete(rawMsg, key) - case "sender": - err = unpopulate(val, "Sender", &s.Sender) - delete(rawMsg, key) - case "senderIp": - err = unpopulate(val, "SenderIP", &s.SenderIP) - delete(rawMsg, key) - case "subject": - err = unpopulate(val, "Subject", &s.Subject) - delete(rawMsg, key) - case "submissionDate": - err = unpopulateDateTimeRFC3339(val, "SubmissionDate", &s.SubmissionDate) - delete(rawMsg, key) - case "submissionId": - err = unpopulate(val, "SubmissionID", &s.SubmissionID) - delete(rawMsg, key) - case "submitter": - err = unpopulate(val, "Submitter", &s.Submitter) - delete(rawMsg, key) - case "timestamp": - err = unpopulateDateTimeRFC3339(val, "Timestamp", &s.Timestamp) + case "value": + err = unpopulate(val, "Value", &t.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type SystemData. -func (s SystemData) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceParsedPattern. +func (t ThreatIntelligenceParsedPattern) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateDateTimeRFC3339(objectMap, "createdAt", s.CreatedAt) - populate(objectMap, "createdBy", s.CreatedBy) - populate(objectMap, "createdByType", s.CreatedByType) - populateDateTimeRFC3339(objectMap, "lastModifiedAt", s.LastModifiedAt) - populate(objectMap, "lastModifiedBy", s.LastModifiedBy) - populate(objectMap, "lastModifiedByType", s.LastModifiedByType) + populate(objectMap, "patternTypeKey", t.PatternTypeKey) + populate(objectMap, "patternTypeValues", t.PatternTypeValues) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type SystemData. -func (s *SystemData) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceParsedPattern. +func (t *ThreatIntelligenceParsedPattern) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } for key, val := range rawMsg { var err error switch key { - case "createdAt": - err = unpopulateDateTimeRFC3339(val, "CreatedAt", &s.CreatedAt) - delete(rawMsg, key) - case "createdBy": - err = unpopulate(val, "CreatedBy", &s.CreatedBy) - delete(rawMsg, key) - case "createdByType": - err = unpopulate(val, "CreatedByType", &s.CreatedByType) - delete(rawMsg, key) - case "lastModifiedAt": - err = unpopulateDateTimeRFC3339(val, "LastModifiedAt", &s.LastModifiedAt) - delete(rawMsg, key) - case "lastModifiedBy": - err = unpopulate(val, "LastModifiedBy", &s.LastModifiedBy) + case "patternTypeKey": + err = unpopulate(val, "PatternTypeKey", &t.PatternTypeKey) delete(rawMsg, key) - case "lastModifiedByType": - err = unpopulate(val, "LastModifiedByType", &s.LastModifiedByType) + case "patternTypeValues": + err = unpopulate(val, "PatternTypeValues", &t.PatternTypeValues) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", s, err) + return fmt.Errorf("unmarshalling type %T: %v", t, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type TIDataConnector. -func (t TIDataConnector) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceParsedPatternTypeValue. +func (t ThreatIntelligenceParsedPatternTypeValue) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", t.Etag) - populate(objectMap, "id", t.ID) - objectMap["kind"] = DataConnectorKindThreatIntelligence - populate(objectMap, "name", t.Name) - populate(objectMap, "properties", t.Properties) - populate(objectMap, "systemData", t.SystemData) - populate(objectMap, "type", t.Type) + populate(objectMap, "value", t.Value) + populate(objectMap, "valueType", t.ValueType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnector. -func (t *TIDataConnector) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceParsedPatternTypeValue. +func (t *ThreatIntelligenceParsedPatternTypeValue) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6228,26 +20834,11 @@ func (t *TIDataConnector) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &t.Etag) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &t.ID) - delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &t.Kind) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &t.Name) - delete(rawMsg, key) - case "properties": - err = unpopulate(val, "Properties", &t.Properties) - delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &t.SystemData) + case "value": + err = unpopulate(val, "Value", &t.Value) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &t.Type) + case "valueType": + err = unpopulate(val, "ValueType", &t.ValueType) delete(rawMsg, key) } if err != nil { @@ -6257,15 +20848,16 @@ func (t *TIDataConnector) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorDataTypes. -func (t TIDataConnectorDataTypes) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceSortingCriteria. +func (t ThreatIntelligenceSortingCriteria) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "indicators", t.Indicators) + populate(objectMap, "itemKey", t.ItemKey) + populate(objectMap, "sortOrder", t.SortOrder) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorDataTypes. -func (t *TIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceSortingCriteria. +func (t *ThreatIntelligenceSortingCriteria) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6273,8 +20865,11 @@ func (t *TIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "indicators": - err = unpopulate(val, "Indicators", &t.Indicators) + case "itemKey": + err = unpopulate(val, "ItemKey", &t.ItemKey) + delete(rawMsg, key) + case "sortOrder": + err = unpopulate(val, "SortOrder", &t.SortOrder) delete(rawMsg, key) } if err != nil { @@ -6284,15 +20879,16 @@ func (t *TIDataConnectorDataTypes) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorDataTypesIndicators. -func (t TIDataConnectorDataTypesIndicators) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiCheckRequirements. +func (t TiTaxiiCheckRequirements) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "state", t.State) + objectMap["kind"] = DataConnectorKindThreatIntelligenceTaxii + populate(objectMap, "properties", t.Properties) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorDataTypesIndicators. -func (t *TIDataConnectorDataTypesIndicators) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiCheckRequirements. +func (t *TiTaxiiCheckRequirements) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6300,8 +20896,11 @@ func (t *TIDataConnectorDataTypesIndicators) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "state": - err = unpopulate(val, "State", &t.State) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) } if err != nil { @@ -6311,17 +20910,15 @@ func (t *TIDataConnectorDataTypesIndicators) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TIDataConnectorProperties. -func (t TIDataConnectorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiCheckRequirementsProperties. +func (t TiTaxiiCheckRequirementsProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "dataTypes", t.DataTypes) populate(objectMap, "tenantId", t.TenantID) - populateDateTimeRFC3339(objectMap, "tipLookbackPeriod", t.TipLookbackPeriod) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type TIDataConnectorProperties. -func (t *TIDataConnectorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiCheckRequirementsProperties. +func (t *TiTaxiiCheckRequirementsProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6329,15 +20926,9 @@ func (t *TIDataConnectorProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "dataTypes": - err = unpopulate(val, "DataTypes", &t.DataTypes) - delete(rawMsg, key) case "tenantId": err = unpopulate(val, "TenantID", &t.TenantID) delete(rawMsg, key) - case "tipLookbackPeriod": - err = unpopulateDateTimeRFC3339(val, "TipLookbackPeriod", &t.TipLookbackPeriod) - delete(rawMsg, key) } if err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6346,20 +20937,21 @@ func (t *TIDataConnectorProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligence. -func (t ThreatIntelligence) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnector. +func (t TiTaxiiDataConnector) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "confidence", t.Confidence) - populate(objectMap, "providerName", t.ProviderName) - populate(objectMap, "reportLink", t.ReportLink) - populate(objectMap, "threatDescription", t.ThreatDescription) - populate(objectMap, "threatName", t.ThreatName) - populate(objectMap, "threatType", t.ThreatType) + populate(objectMap, "etag", t.Etag) + populate(objectMap, "id", t.ID) + objectMap["kind"] = DataConnectorKindThreatIntelligenceTaxii + populate(objectMap, "name", t.Name) + populate(objectMap, "properties", t.Properties) + populate(objectMap, "systemData", t.SystemData) + populate(objectMap, "type", t.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligence. -func (t *ThreatIntelligence) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnector. +func (t *TiTaxiiDataConnector) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6367,23 +20959,26 @@ func (t *ThreatIntelligence) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "confidence": - err = unpopulate(val, "Confidence", &t.Confidence) + case "etag": + err = unpopulate(val, "Etag", &t.Etag) delete(rawMsg, key) - case "providerName": - err = unpopulate(val, "ProviderName", &t.ProviderName) + case "id": + err = unpopulate(val, "ID", &t.ID) delete(rawMsg, key) - case "reportLink": - err = unpopulate(val, "ReportLink", &t.ReportLink) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) - case "threatDescription": - err = unpopulate(val, "ThreatDescription", &t.ThreatDescription) + case "name": + err = unpopulate(val, "Name", &t.Name) delete(rawMsg, key) - case "threatName": - err = unpopulate(val, "ThreatName", &t.ThreatName) + case "properties": + err = unpopulate(val, "Properties", &t.Properties) delete(rawMsg, key) - case "threatType": - err = unpopulate(val, "ThreatType", &t.ThreatType) + case "systemData": + err = unpopulate(val, "SystemData", &t.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &t.Type) delete(rawMsg, key) } if err != nil { @@ -6393,15 +20988,15 @@ func (t *ThreatIntelligence) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceAppendTags. -func (t ThreatIntelligenceAppendTags) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnectorDataTypes. +func (t TiTaxiiDataConnectorDataTypes) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "threatIntelligenceTags", t.ThreatIntelligenceTags) + populate(objectMap, "taxiiClient", t.TaxiiClient) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceAppendTags. -func (t *ThreatIntelligenceAppendTags) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnectorDataTypes. +func (t *TiTaxiiDataConnectorDataTypes) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6409,8 +21004,8 @@ func (t *ThreatIntelligenceAppendTags) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "threatIntelligenceTags": - err = unpopulate(val, "ThreatIntelligenceTags", &t.ThreatIntelligenceTags) + case "taxiiClient": + err = unpopulate(val, "TaxiiClient", &t.TaxiiClient) delete(rawMsg, key) } if err != nil { @@ -6420,19 +21015,15 @@ func (t *ThreatIntelligenceAppendTags) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceExternalReference. -func (t ThreatIntelligenceExternalReference) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnectorDataTypesTaxiiClient. +func (t TiTaxiiDataConnectorDataTypesTaxiiClient) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "description", t.Description) - populate(objectMap, "externalId", t.ExternalID) - populate(objectMap, "hashes", t.Hashes) - populate(objectMap, "sourceName", t.SourceName) - populate(objectMap, "url", t.URL) + populate(objectMap, "state", t.State) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceExternalReference. -func (t *ThreatIntelligenceExternalReference) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnectorDataTypesTaxiiClient. +func (t *TiTaxiiDataConnectorDataTypesTaxiiClient) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6440,20 +21031,8 @@ func (t *ThreatIntelligenceExternalReference) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "description": - err = unpopulate(val, "Description", &t.Description) - delete(rawMsg, key) - case "externalId": - err = unpopulate(val, "ExternalID", &t.ExternalID) - delete(rawMsg, key) - case "hashes": - err = unpopulate(val, "Hashes", &t.Hashes) - delete(rawMsg, key) - case "sourceName": - err = unpopulate(val, "SourceName", &t.SourceName) - delete(rawMsg, key) - case "url": - err = unpopulate(val, "URL", &t.URL) + case "state": + err = unpopulate(val, "State", &t.State) delete(rawMsg, key) } if err != nil { @@ -6463,27 +21042,24 @@ func (t *ThreatIntelligenceExternalReference) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceFilteringCriteria. -func (t ThreatIntelligenceFilteringCriteria) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TiTaxiiDataConnectorProperties. +func (t TiTaxiiDataConnectorProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "ids", t.IDs) - populate(objectMap, "includeDisabled", t.IncludeDisabled) - populate(objectMap, "keywords", t.Keywords) - populate(objectMap, "maxConfidence", t.MaxConfidence) - populate(objectMap, "maxValidUntil", t.MaxValidUntil) - populate(objectMap, "minConfidence", t.MinConfidence) - populate(objectMap, "minValidUntil", t.MinValidUntil) - populate(objectMap, "pageSize", t.PageSize) - populate(objectMap, "patternTypes", t.PatternTypes) - populate(objectMap, "skipToken", t.SkipToken) - populate(objectMap, "sortBy", t.SortBy) - populate(objectMap, "sources", t.Sources) - populate(objectMap, "threatTypes", t.ThreatTypes) + populate(objectMap, "collectionId", t.CollectionID) + populate(objectMap, "dataTypes", t.DataTypes) + populate(objectMap, "friendlyName", t.FriendlyName) + populate(objectMap, "password", t.Password) + populate(objectMap, "pollingFrequency", t.PollingFrequency) + populateDateTimeRFC3339(objectMap, "taxiiLookbackPeriod", t.TaxiiLookbackPeriod) + populate(objectMap, "taxiiServer", t.TaxiiServer) + populate(objectMap, "tenantId", t.TenantID) + populate(objectMap, "userName", t.UserName) + populate(objectMap, "workspaceId", t.WorkspaceID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceFilteringCriteria. -func (t *ThreatIntelligenceFilteringCriteria) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TiTaxiiDataConnectorProperties. +func (t *TiTaxiiDataConnectorProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6491,44 +21067,101 @@ func (t *ThreatIntelligenceFilteringCriteria) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "ids": - err = unpopulate(val, "IDs", &t.IDs) + case "collectionId": + err = unpopulate(val, "CollectionID", &t.CollectionID) delete(rawMsg, key) - case "includeDisabled": - err = unpopulate(val, "IncludeDisabled", &t.IncludeDisabled) + case "dataTypes": + err = unpopulate(val, "DataTypes", &t.DataTypes) delete(rawMsg, key) - case "keywords": - err = unpopulate(val, "Keywords", &t.Keywords) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &t.FriendlyName) delete(rawMsg, key) - case "maxConfidence": - err = unpopulate(val, "MaxConfidence", &t.MaxConfidence) + case "password": + err = unpopulate(val, "Password", &t.Password) delete(rawMsg, key) - case "maxValidUntil": - err = unpopulate(val, "MaxValidUntil", &t.MaxValidUntil) + case "pollingFrequency": + err = unpopulate(val, "PollingFrequency", &t.PollingFrequency) delete(rawMsg, key) - case "minConfidence": - err = unpopulate(val, "MinConfidence", &t.MinConfidence) + case "taxiiLookbackPeriod": + err = unpopulateDateTimeRFC3339(val, "TaxiiLookbackPeriod", &t.TaxiiLookbackPeriod) delete(rawMsg, key) - case "minValidUntil": - err = unpopulate(val, "MinValidUntil", &t.MinValidUntil) + case "taxiiServer": + err = unpopulate(val, "TaxiiServer", &t.TaxiiServer) delete(rawMsg, key) - case "pageSize": - err = unpopulate(val, "PageSize", &t.PageSize) + case "tenantId": + err = unpopulate(val, "TenantID", &t.TenantID) delete(rawMsg, key) - case "patternTypes": - err = unpopulate(val, "PatternTypes", &t.PatternTypes) + case "userName": + err = unpopulate(val, "UserName", &t.UserName) delete(rawMsg, key) - case "skipToken": - err = unpopulate(val, "SkipToken", &t.SkipToken) + case "workspaceId": + err = unpopulate(val, "WorkspaceID", &t.WorkspaceID) delete(rawMsg, key) - case "sortBy": - err = unpopulate(val, "SortBy", &t.SortBy) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TimelineAggregation. +func (t TimelineAggregation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "count", t.Count) + populate(objectMap, "kind", t.Kind) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TimelineAggregation. +func (t *TimelineAggregation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "count": + err = unpopulate(val, "Count", &t.Count) + delete(rawMsg, key) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TimelineError. +func (t TimelineError) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "errorMessage", t.ErrorMessage) + populate(objectMap, "kind", t.Kind) + populate(objectMap, "queryId", t.QueryID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TimelineError. +func (t *TimelineError) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "errorMessage": + err = unpopulate(val, "ErrorMessage", &t.ErrorMessage) delete(rawMsg, key) - case "sources": - err = unpopulate(val, "Sources", &t.Sources) + case "kind": + err = unpopulate(val, "Kind", &t.Kind) delete(rawMsg, key) - case "threatTypes": - err = unpopulate(val, "ThreatTypes", &t.ThreatTypes) + case "queryId": + err = unpopulate(val, "QueryID", &t.QueryID) delete(rawMsg, key) } if err != nil { @@ -6538,17 +21171,17 @@ func (t *ThreatIntelligenceFilteringCriteria) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceGranularMarkingModel. -func (t ThreatIntelligenceGranularMarkingModel) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TimelineResultsMetadata. +func (t TimelineResultsMetadata) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "language", t.Language) - populate(objectMap, "markingRef", t.MarkingRef) - populate(objectMap, "selectors", t.Selectors) + populate(objectMap, "aggregations", t.Aggregations) + populate(objectMap, "errors", t.Errors) + populate(objectMap, "totalCount", t.TotalCount) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceGranularMarkingModel. -func (t *ThreatIntelligenceGranularMarkingModel) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TimelineResultsMetadata. +func (t *TimelineResultsMetadata) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6556,14 +21189,14 @@ func (t *ThreatIntelligenceGranularMarkingModel) UnmarshalJSON(data []byte) erro for key, val := range rawMsg { var err error switch key { - case "language": - err = unpopulate(val, "Language", &t.Language) + case "aggregations": + err = unpopulate(val, "Aggregations", &t.Aggregations) delete(rawMsg, key) - case "markingRef": - err = unpopulate(val, "MarkingRef", &t.MarkingRef) + case "errors": + err = unpopulate(val, "Errors", &t.Errors) delete(rawMsg, key) - case "selectors": - err = unpopulate(val, "Selectors", &t.Selectors) + case "totalCount": + err = unpopulate(val, "TotalCount", &t.TotalCount) delete(rawMsg, key) } if err != nil { @@ -6573,12 +21206,11 @@ func (t *ThreatIntelligenceGranularMarkingModel) UnmarshalJSON(data []byte) erro return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceIndicatorModel. -func (t ThreatIntelligenceIndicatorModel) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TriggeredAnalyticsRuleRun. +func (t TriggeredAnalyticsRuleRun) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "etag", t.Etag) populate(objectMap, "id", t.ID) - objectMap["kind"] = ThreatIntelligenceResourceInnerKindIndicator populate(objectMap, "name", t.Name) populate(objectMap, "properties", t.Properties) populate(objectMap, "systemData", t.SystemData) @@ -6586,8 +21218,8 @@ func (t ThreatIntelligenceIndicatorModel) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorModel. -func (t *ThreatIntelligenceIndicatorModel) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TriggeredAnalyticsRuleRun. +func (t *TriggeredAnalyticsRuleRun) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6601,9 +21233,6 @@ func (t *ThreatIntelligenceIndicatorModel) UnmarshalJSON(data []byte) error { case "id": err = unpopulate(val, "ID", &t.ID) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &t.Kind) - delete(rawMsg, key) case "name": err = unpopulate(val, "Name", &t.Name) delete(rawMsg, key) @@ -6624,44 +21253,19 @@ func (t *ThreatIntelligenceIndicatorModel) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceIndicatorProperties. -func (t ThreatIntelligenceIndicatorProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type TriggeredAnalyticsRuleRunProperties. +func (t TriggeredAnalyticsRuleRunProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", t.AdditionalData) - populate(objectMap, "confidence", t.Confidence) - populate(objectMap, "created", t.Created) - populate(objectMap, "createdByRef", t.CreatedByRef) - populate(objectMap, "defanged", t.Defanged) - populate(objectMap, "description", t.Description) - populate(objectMap, "displayName", t.DisplayName) - populate(objectMap, "extensions", t.Extensions) - populate(objectMap, "externalId", t.ExternalID) - populate(objectMap, "externalLastUpdatedTimeUtc", t.ExternalLastUpdatedTimeUTC) - populate(objectMap, "externalReferences", t.ExternalReferences) - populate(objectMap, "friendlyName", t.FriendlyName) - populate(objectMap, "granularMarkings", t.GranularMarkings) - populate(objectMap, "indicatorTypes", t.IndicatorTypes) - populate(objectMap, "killChainPhases", t.KillChainPhases) - populate(objectMap, "labels", t.Labels) - populate(objectMap, "language", t.Language) - populate(objectMap, "lastUpdatedTimeUtc", t.LastUpdatedTimeUTC) - populate(objectMap, "modified", t.Modified) - populate(objectMap, "objectMarkingRefs", t.ObjectMarkingRefs) - populate(objectMap, "parsedPattern", t.ParsedPattern) - populate(objectMap, "pattern", t.Pattern) - populate(objectMap, "patternType", t.PatternType) - populate(objectMap, "patternVersion", t.PatternVersion) - populate(objectMap, "revoked", t.Revoked) - populate(objectMap, "source", t.Source) - populate(objectMap, "threatIntelligenceTags", t.ThreatIntelligenceTags) - populate(objectMap, "threatTypes", t.ThreatTypes) - populate(objectMap, "validFrom", t.ValidFrom) - populate(objectMap, "validUntil", t.ValidUntil) + populateDateTimeRFC3339(objectMap, "executionTimeUtc", t.ExecutionTimeUTC) + populate(objectMap, "provisioningState", t.ProvisioningState) + populate(objectMap, "ruleId", t.RuleID) + populate(objectMap, "ruleRunAdditionalData", t.RuleRunAdditionalData) + populate(objectMap, "triggeredAnalyticsRuleRunId", t.TriggeredAnalyticsRuleRunID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorProperties. -func (t *ThreatIntelligenceIndicatorProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type TriggeredAnalyticsRuleRunProperties. +func (t *TriggeredAnalyticsRuleRunProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", t, err) @@ -6669,549 +21273,867 @@ func (t *ThreatIntelligenceIndicatorProperties) UnmarshalJSON(data []byte) error for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &t.AdditionalData) - delete(rawMsg, key) - case "confidence": - err = unpopulate(val, "Confidence", &t.Confidence) - delete(rawMsg, key) - case "created": - err = unpopulate(val, "Created", &t.Created) - delete(rawMsg, key) - case "createdByRef": - err = unpopulate(val, "CreatedByRef", &t.CreatedByRef) - delete(rawMsg, key) - case "defanged": - err = unpopulate(val, "Defanged", &t.Defanged) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &t.Description) + case "executionTimeUtc": + err = unpopulateDateTimeRFC3339(val, "ExecutionTimeUTC", &t.ExecutionTimeUTC) delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &t.DisplayName) - delete(rawMsg, key) - case "extensions": - err = unpopulate(val, "Extensions", &t.Extensions) + case "provisioningState": + err = unpopulate(val, "ProvisioningState", &t.ProvisioningState) delete(rawMsg, key) - case "externalId": - err = unpopulate(val, "ExternalID", &t.ExternalID) + case "ruleId": + err = unpopulate(val, "RuleID", &t.RuleID) delete(rawMsg, key) - case "externalLastUpdatedTimeUtc": - err = unpopulate(val, "ExternalLastUpdatedTimeUTC", &t.ExternalLastUpdatedTimeUTC) + case "ruleRunAdditionalData": + err = unpopulate(val, "RuleRunAdditionalData", &t.RuleRunAdditionalData) delete(rawMsg, key) - case "externalReferences": - err = unpopulate(val, "ExternalReferences", &t.ExternalReferences) + case "triggeredAnalyticsRuleRunId": + err = unpopulate(val, "TriggeredAnalyticsRuleRunID", &t.TriggeredAnalyticsRuleRunID) delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &t.FriendlyName) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TriggeredAnalyticsRuleRuns. +func (t TriggeredAnalyticsRuleRuns) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", t.NextLink) + populate(objectMap, "value", t.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TriggeredAnalyticsRuleRuns. +func (t *TriggeredAnalyticsRuleRuns) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &t.NextLink) delete(rawMsg, key) - case "granularMarkings": - err = unpopulate(val, "GranularMarkings", &t.GranularMarkings) + case "value": + err = unpopulate(val, "Value", &t.Value) delete(rawMsg, key) - case "indicatorTypes": - err = unpopulate(val, "IndicatorTypes", &t.IndicatorTypes) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type URLEntity. +func (u URLEntity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", u.ID) + objectMap["kind"] = EntityKindEnumURL + populate(objectMap, "name", u.Name) + populate(objectMap, "properties", u.Properties) + populate(objectMap, "systemData", u.SystemData) + populate(objectMap, "type", u.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type URLEntity. +func (u *URLEntity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &u.ID) delete(rawMsg, key) - case "killChainPhases": - err = unpopulate(val, "KillChainPhases", &t.KillChainPhases) + case "kind": + err = unpopulate(val, "Kind", &u.Kind) delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &t.Labels) + case "name": + err = unpopulate(val, "Name", &u.Name) delete(rawMsg, key) - case "language": - err = unpopulate(val, "Language", &t.Language) + case "properties": + err = unpopulate(val, "Properties", &u.Properties) delete(rawMsg, key) - case "lastUpdatedTimeUtc": - err = unpopulate(val, "LastUpdatedTimeUTC", &t.LastUpdatedTimeUTC) + case "systemData": + err = unpopulate(val, "SystemData", &u.SystemData) delete(rawMsg, key) - case "modified": - err = unpopulate(val, "Modified", &t.Modified) + case "type": + err = unpopulate(val, "Type", &u.Type) delete(rawMsg, key) - case "objectMarkingRefs": - err = unpopulate(val, "ObjectMarkingRefs", &t.ObjectMarkingRefs) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type URLEntityProperties. +func (u URLEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalData", u.AdditionalData) + populate(objectMap, "friendlyName", u.FriendlyName) + populate(objectMap, "url", u.URL) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type URLEntityProperties. +func (u *URLEntityProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalData": + err = unpopulate(val, "AdditionalData", &u.AdditionalData) delete(rawMsg, key) - case "parsedPattern": - err = unpopulate(val, "ParsedPattern", &t.ParsedPattern) + case "friendlyName": + err = unpopulate(val, "FriendlyName", &u.FriendlyName) delete(rawMsg, key) - case "pattern": - err = unpopulate(val, "Pattern", &t.Pattern) + case "url": + err = unpopulate(val, "URL", &u.URL) delete(rawMsg, key) - case "patternType": - err = unpopulate(val, "PatternType", &t.PatternType) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Ueba. +func (u Ueba) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", u.Etag) + populate(objectMap, "id", u.ID) + objectMap["kind"] = SettingKindUeba + populate(objectMap, "name", u.Name) + populate(objectMap, "properties", u.Properties) + populate(objectMap, "systemData", u.SystemData) + populate(objectMap, "type", u.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Ueba. +func (u *Ueba) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &u.Etag) delete(rawMsg, key) - case "patternVersion": - err = unpopulate(val, "PatternVersion", &t.PatternVersion) + case "id": + err = unpopulate(val, "ID", &u.ID) delete(rawMsg, key) - case "revoked": - err = unpopulate(val, "Revoked", &t.Revoked) + case "kind": + err = unpopulate(val, "Kind", &u.Kind) delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &t.Source) + case "name": + err = unpopulate(val, "Name", &u.Name) delete(rawMsg, key) - case "threatIntelligenceTags": - err = unpopulate(val, "ThreatIntelligenceTags", &t.ThreatIntelligenceTags) + case "properties": + err = unpopulate(val, "Properties", &u.Properties) delete(rawMsg, key) - case "threatTypes": - err = unpopulate(val, "ThreatTypes", &t.ThreatTypes) + case "systemData": + err = unpopulate(val, "SystemData", &u.SystemData) delete(rawMsg, key) - case "validFrom": - err = unpopulate(val, "ValidFrom", &t.ValidFrom) + case "type": + err = unpopulate(val, "Type", &u.Type) delete(rawMsg, key) - case "validUntil": - err = unpopulate(val, "ValidUntil", &t.ValidUntil) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type UebaProperties. +func (u UebaProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "dataSources", u.DataSources) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type UebaProperties. +func (u *UebaProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "dataSources": + err = unpopulate(val, "DataSources", &u.DataSources) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceInformation. -func (t ThreatIntelligenceInformation) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type UserInfo. +func (u UserInfo) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "etag", t.Etag) - populate(objectMap, "id", t.ID) - objectMap["kind"] = t.Kind - populate(objectMap, "name", t.Name) - populate(objectMap, "systemData", t.SystemData) - populate(objectMap, "type", t.Type) + populate(objectMap, "email", u.Email) + populate(objectMap, "name", u.Name) + populate(objectMap, "objectId", u.ObjectID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceInformation. -func (t *ThreatIntelligenceInformation) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type UserInfo. +func (u *UserInfo) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } for key, val := range rawMsg { var err error switch key { - case "etag": - err = unpopulate(val, "Etag", &t.Etag) + case "email": + err = unpopulate(val, "Email", &u.Email) delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &t.ID) + case "name": + err = unpopulate(val, "Name", &u.Name) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &t.Kind) + case "objectId": + err = unpopulate(val, "ObjectID", &u.ObjectID) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &t.Name) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type UserInfoAutoGenerated. +func (u UserInfoAutoGenerated) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "email", u.Email) + populate(objectMap, "name", u.Name) + populate(objectMap, "objectId", u.ObjectID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type UserInfoAutoGenerated. +func (u *UserInfoAutoGenerated) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "email": + err = unpopulate(val, "Email", &u.Email) delete(rawMsg, key) - case "systemData": - err = unpopulate(val, "SystemData", &t.SystemData) + case "name": + err = unpopulate(val, "Name", &u.Name) delete(rawMsg, key) - case "type": - err = unpopulate(val, "Type", &t.Type) + case "objectId": + err = unpopulate(val, "ObjectID", &u.ObjectID) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", u, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceInformationList. -func (t ThreatIntelligenceInformationList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type ValidationError. +func (v ValidationError) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", t.NextLink) - populate(objectMap, "value", t.Value) + populate(objectMap, "errorMessages", v.ErrorMessages) + populate(objectMap, "recordIndex", v.RecordIndex) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceInformationList. -func (t *ThreatIntelligenceInformationList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type ValidationError. +func (v *ValidationError) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", v, err) } for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &t.NextLink) + case "errorMessages": + err = unpopulate(val, "ErrorMessages", &v.ErrorMessages) delete(rawMsg, key) - case "value": - t.Value, err = unmarshalThreatIntelligenceInformationClassificationArray(val) + case "recordIndex": + err = unpopulate(val, "RecordIndex", &v.RecordIndex) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", v, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceKillChainPhase. -func (t ThreatIntelligenceKillChainPhase) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Warning. +func (w Warning) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "killChainName", t.KillChainName) - populate(objectMap, "phaseName", t.PhaseName) + populate(objectMap, "warning", w.Warning) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceKillChainPhase. -func (t *ThreatIntelligenceKillChainPhase) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Warning. +func (w *Warning) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "killChainName": - err = unpopulate(val, "KillChainName", &t.KillChainName) + case "warning": + err = unpopulate(val, "Warning", &w.Warning) delete(rawMsg, key) - case "phaseName": - err = unpopulate(val, "PhaseName", &t.PhaseName) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type WarningBody. +func (w WarningBody) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "code", w.Code) + populate(objectMap, "details", w.Details) + populate(objectMap, "message", w.Message) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type WarningBody. +func (w *WarningBody) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "code": + err = unpopulate(val, "Code", &w.Code) + delete(rawMsg, key) + case "details": + err = unpopulate(val, "Details", &w.Details) + delete(rawMsg, key) + case "message": + err = unpopulate(val, "Message", &w.Message) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetric. -func (t ThreatIntelligenceMetric) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Watchlist. +func (w Watchlist) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "lastUpdatedTimeUtc", t.LastUpdatedTimeUTC) - populate(objectMap, "patternTypeMetrics", t.PatternTypeMetrics) - populate(objectMap, "sourceMetrics", t.SourceMetrics) - populate(objectMap, "threatTypeMetrics", t.ThreatTypeMetrics) + populate(objectMap, "etag", w.Etag) + populate(objectMap, "id", w.ID) + populate(objectMap, "name", w.Name) + populate(objectMap, "properties", w.Properties) + populate(objectMap, "systemData", w.SystemData) + populate(objectMap, "type", w.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetric. -func (t *ThreatIntelligenceMetric) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Watchlist. +func (w *Watchlist) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "lastUpdatedTimeUtc": - err = unpopulate(val, "LastUpdatedTimeUTC", &t.LastUpdatedTimeUTC) + case "etag": + err = unpopulate(val, "Etag", &w.Etag) delete(rawMsg, key) - case "patternTypeMetrics": - err = unpopulate(val, "PatternTypeMetrics", &t.PatternTypeMetrics) + case "id": + err = unpopulate(val, "ID", &w.ID) delete(rawMsg, key) - case "sourceMetrics": - err = unpopulate(val, "SourceMetrics", &t.SourceMetrics) + case "name": + err = unpopulate(val, "Name", &w.Name) delete(rawMsg, key) - case "threatTypeMetrics": - err = unpopulate(val, "ThreatTypeMetrics", &t.ThreatTypeMetrics) + case "properties": + err = unpopulate(val, "Properties", &w.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &w.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &w.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetricEntity. -func (t ThreatIntelligenceMetricEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WatchlistItem. +func (w WatchlistItem) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "metricName", t.MetricName) - populate(objectMap, "metricValue", t.MetricValue) + populate(objectMap, "etag", w.Etag) + populate(objectMap, "id", w.ID) + populate(objectMap, "name", w.Name) + populate(objectMap, "properties", w.Properties) + populate(objectMap, "systemData", w.SystemData) + populate(objectMap, "type", w.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetricEntity. -func (t *ThreatIntelligenceMetricEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItem. +func (w *WatchlistItem) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "metricName": - err = unpopulate(val, "MetricName", &t.MetricName) + case "etag": + err = unpopulate(val, "Etag", &w.Etag) delete(rawMsg, key) - case "metricValue": - err = unpopulate(val, "MetricValue", &t.MetricValue) + case "id": + err = unpopulate(val, "ID", &w.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &w.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &w.Properties) + delete(rawMsg, key) + case "systemData": + err = unpopulate(val, "SystemData", &w.SystemData) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &w.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetrics. -func (t ThreatIntelligenceMetrics) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WatchlistItemList. +func (w WatchlistItemList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "properties", t.Properties) + populate(objectMap, "nextLink", w.NextLink) + populate(objectMap, "value", w.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetrics. -func (t *ThreatIntelligenceMetrics) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItemList. +func (w *WatchlistItemList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "properties": - err = unpopulate(val, "Properties", &t.Properties) + case "nextLink": + err = unpopulate(val, "NextLink", &w.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &w.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceMetricsList. -func (t ThreatIntelligenceMetricsList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WatchlistItemProperties. +func (w WatchlistItemProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "value", t.Value) + populateDateTimeRFC3339(objectMap, "created", w.Created) + populate(objectMap, "createdBy", w.CreatedBy) + populate(objectMap, "entityMapping", w.EntityMapping) + populate(objectMap, "isDeleted", w.IsDeleted) + populate(objectMap, "itemsKeyValue", w.ItemsKeyValue) + populate(objectMap, "tenantId", w.TenantID) + populateDateTimeRFC3339(objectMap, "updated", w.Updated) + populate(objectMap, "updatedBy", w.UpdatedBy) + populate(objectMap, "watchlistItemId", w.WatchlistItemID) + populate(objectMap, "watchlistItemType", w.WatchlistItemType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceMetricsList. -func (t *ThreatIntelligenceMetricsList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItemProperties. +func (w *WatchlistItemProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "value": - err = unpopulate(val, "Value", &t.Value) + case "created": + err = unpopulateDateTimeRFC3339(val, "Created", &w.Created) + delete(rawMsg, key) + case "createdBy": + err = unpopulate(val, "CreatedBy", &w.CreatedBy) + delete(rawMsg, key) + case "entityMapping": + err = unpopulate(val, "EntityMapping", &w.EntityMapping) + delete(rawMsg, key) + case "isDeleted": + err = unpopulate(val, "IsDeleted", &w.IsDeleted) + delete(rawMsg, key) + case "itemsKeyValue": + err = unpopulate(val, "ItemsKeyValue", &w.ItemsKeyValue) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &w.TenantID) + delete(rawMsg, key) + case "updated": + err = unpopulateDateTimeRFC3339(val, "Updated", &w.Updated) + delete(rawMsg, key) + case "updatedBy": + err = unpopulate(val, "UpdatedBy", &w.UpdatedBy) + delete(rawMsg, key) + case "watchlistItemId": + err = unpopulate(val, "WatchlistItemID", &w.WatchlistItemID) + delete(rawMsg, key) + case "watchlistItemType": + err = unpopulate(val, "WatchlistItemType", &w.WatchlistItemType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceParsedPattern. -func (t ThreatIntelligenceParsedPattern) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WatchlistList. +func (w WatchlistList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "patternTypeKey", t.PatternTypeKey) - populate(objectMap, "patternTypeValues", t.PatternTypeValues) + populate(objectMap, "nextLink", w.NextLink) + populate(objectMap, "value", w.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceParsedPattern. -func (t *ThreatIntelligenceParsedPattern) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistList. +func (w *WatchlistList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "patternTypeKey": - err = unpopulate(val, "PatternTypeKey", &t.PatternTypeKey) + case "nextLink": + err = unpopulate(val, "NextLink", &w.NextLink) delete(rawMsg, key) - case "patternTypeValues": - err = unpopulate(val, "PatternTypeValues", &t.PatternTypeValues) + case "value": + err = unpopulate(val, "Value", &w.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceParsedPatternTypeValue. -func (t ThreatIntelligenceParsedPatternTypeValue) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WatchlistProperties. +func (w WatchlistProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "value", t.Value) - populate(objectMap, "valueType", t.ValueType) + populate(objectMap, "contentType", w.ContentType) + populateDateTimeRFC3339(objectMap, "created", w.Created) + populate(objectMap, "createdBy", w.CreatedBy) + populate(objectMap, "defaultDuration", w.DefaultDuration) + populate(objectMap, "description", w.Description) + populate(objectMap, "displayName", w.DisplayName) + populate(objectMap, "isDeleted", w.IsDeleted) + populate(objectMap, "itemsSearchKey", w.ItemsSearchKey) + populate(objectMap, "labels", w.Labels) + populate(objectMap, "numberOfLinesToSkip", w.NumberOfLinesToSkip) + populate(objectMap, "provider", w.Provider) + populate(objectMap, "rawContent", w.RawContent) + populate(objectMap, "source", w.Source) + populate(objectMap, "sourceType", w.SourceType) + populate(objectMap, "tenantId", w.TenantID) + populateDateTimeRFC3339(objectMap, "updated", w.Updated) + populate(objectMap, "updatedBy", w.UpdatedBy) + populate(objectMap, "uploadStatus", w.UploadStatus) + populate(objectMap, "watchlistAlias", w.WatchlistAlias) + populate(objectMap, "watchlistId", w.WatchlistID) + populate(objectMap, "watchlistType", w.WatchlistType) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceParsedPatternTypeValue. -func (t *ThreatIntelligenceParsedPatternTypeValue) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistProperties. +func (w *WatchlistProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "value": - err = unpopulate(val, "Value", &t.Value) + case "contentType": + err = unpopulate(val, "ContentType", &w.ContentType) delete(rawMsg, key) - case "valueType": - err = unpopulate(val, "ValueType", &t.ValueType) + case "created": + err = unpopulateDateTimeRFC3339(val, "Created", &w.Created) + delete(rawMsg, key) + case "createdBy": + err = unpopulate(val, "CreatedBy", &w.CreatedBy) + delete(rawMsg, key) + case "defaultDuration": + err = unpopulate(val, "DefaultDuration", &w.DefaultDuration) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &w.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &w.DisplayName) + delete(rawMsg, key) + case "isDeleted": + err = unpopulate(val, "IsDeleted", &w.IsDeleted) + delete(rawMsg, key) + case "itemsSearchKey": + err = unpopulate(val, "ItemsSearchKey", &w.ItemsSearchKey) + delete(rawMsg, key) + case "labels": + err = unpopulate(val, "Labels", &w.Labels) + delete(rawMsg, key) + case "numberOfLinesToSkip": + err = unpopulate(val, "NumberOfLinesToSkip", &w.NumberOfLinesToSkip) + delete(rawMsg, key) + case "provider": + err = unpopulate(val, "Provider", &w.Provider) + delete(rawMsg, key) + case "rawContent": + err = unpopulate(val, "RawContent", &w.RawContent) + delete(rawMsg, key) + case "source": + err = unpopulate(val, "Source", &w.Source) + delete(rawMsg, key) + case "sourceType": + err = unpopulate(val, "SourceType", &w.SourceType) + delete(rawMsg, key) + case "tenantId": + err = unpopulate(val, "TenantID", &w.TenantID) + delete(rawMsg, key) + case "updated": + err = unpopulateDateTimeRFC3339(val, "Updated", &w.Updated) + delete(rawMsg, key) + case "updatedBy": + err = unpopulate(val, "UpdatedBy", &w.UpdatedBy) + delete(rawMsg, key) + case "uploadStatus": + err = unpopulate(val, "UploadStatus", &w.UploadStatus) + delete(rawMsg, key) + case "watchlistAlias": + err = unpopulate(val, "WatchlistAlias", &w.WatchlistAlias) + delete(rawMsg, key) + case "watchlistId": + err = unpopulate(val, "WatchlistID", &w.WatchlistID) + delete(rawMsg, key) + case "watchlistType": + err = unpopulate(val, "WatchlistType", &w.WatchlistType) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type ThreatIntelligenceSortingCriteria. -func (t ThreatIntelligenceSortingCriteria) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type Webhook. +func (w Webhook) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "itemKey", t.ItemKey) - populate(objectMap, "sortOrder", t.SortOrder) + populate(objectMap, "rotateWebhookSecret", w.RotateWebhookSecret) + populate(objectMap, "webhookId", w.WebhookID) + populateDateTimeRFC3339(objectMap, "webhookSecretUpdateTime", w.WebhookSecretUpdateTime) + populate(objectMap, "webhookUrl", w.WebhookURL) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceSortingCriteria. -func (t *ThreatIntelligenceSortingCriteria) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type Webhook. +func (w *Webhook) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "itemKey": - err = unpopulate(val, "ItemKey", &t.ItemKey) + case "rotateWebhookSecret": + err = unpopulate(val, "RotateWebhookSecret", &w.RotateWebhookSecret) delete(rawMsg, key) - case "sortOrder": - err = unpopulate(val, "SortOrder", &t.SortOrder) + case "webhookId": + err = unpopulate(val, "WebhookID", &w.WebhookID) + delete(rawMsg, key) + case "webhookSecretUpdateTime": + err = unpopulateDateTimeRFC3339(val, "WebhookSecretUpdateTime", &w.WebhookSecretUpdateTime) + delete(rawMsg, key) + case "webhookUrl": + err = unpopulate(val, "WebhookURL", &w.WebhookURL) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type URLEntity. -func (u URLEntity) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerAssignment. +func (w WorkspaceManagerAssignment) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "id", u.ID) - objectMap["kind"] = EntityKindEnumURL - populate(objectMap, "name", u.Name) - populate(objectMap, "properties", u.Properties) - populate(objectMap, "systemData", u.SystemData) - populate(objectMap, "type", u.Type) + populate(objectMap, "etag", w.Etag) + populate(objectMap, "id", w.ID) + populate(objectMap, "name", w.Name) + populate(objectMap, "properties", w.Properties) + populate(objectMap, "systemData", w.SystemData) + populate(objectMap, "type", w.Type) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type URLEntity. -func (u *URLEntity) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerAssignment. +func (w *WorkspaceManagerAssignment) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "id": - err = unpopulate(val, "ID", &u.ID) + case "etag": + err = unpopulate(val, "Etag", &w.Etag) delete(rawMsg, key) - case "kind": - err = unpopulate(val, "Kind", &u.Kind) + case "id": + err = unpopulate(val, "ID", &w.ID) delete(rawMsg, key) case "name": - err = unpopulate(val, "Name", &u.Name) + err = unpopulate(val, "Name", &w.Name) delete(rawMsg, key) case "properties": - err = unpopulate(val, "Properties", &u.Properties) + err = unpopulate(val, "Properties", &w.Properties) delete(rawMsg, key) case "systemData": - err = unpopulate(val, "SystemData", &u.SystemData) + err = unpopulate(val, "SystemData", &w.SystemData) delete(rawMsg, key) case "type": - err = unpopulate(val, "Type", &u.Type) + err = unpopulate(val, "Type", &w.Type) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type URLEntityProperties. -func (u URLEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerAssignmentList. +func (w WorkspaceManagerAssignmentList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "additionalData", u.AdditionalData) - populate(objectMap, "friendlyName", u.FriendlyName) - populate(objectMap, "url", u.URL) + populate(objectMap, "nextLink", w.NextLink) + populate(objectMap, "value", w.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type URLEntityProperties. -func (u *URLEntityProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerAssignmentList. +func (w *WorkspaceManagerAssignmentList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "additionalData": - err = unpopulate(val, "AdditionalData", &u.AdditionalData) - delete(rawMsg, key) - case "friendlyName": - err = unpopulate(val, "FriendlyName", &u.FriendlyName) - delete(rawMsg, key) - case "url": - err = unpopulate(val, "URL", &u.URL) + case "nextLink": + err = unpopulate(val, "NextLink", &w.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &w.Value) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type UserInfo. -func (u UserInfo) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerAssignmentProperties. +func (w WorkspaceManagerAssignmentProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "email", u.Email) - populate(objectMap, "name", u.Name) - populate(objectMap, "objectId", u.ObjectID) + populate(objectMap, "items", w.Items) + populateDateTimeRFC3339(objectMap, "lastJobEndTime", w.LastJobEndTime) + populate(objectMap, "lastJobProvisioningState", w.LastJobProvisioningState) + populate(objectMap, "targetResourceName", w.TargetResourceName) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type UserInfo. -func (u *UserInfo) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerAssignmentProperties. +func (w *WorkspaceManagerAssignmentProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } for key, val := range rawMsg { var err error switch key { - case "email": - err = unpopulate(val, "Email", &u.Email) + case "items": + err = unpopulate(val, "Items", &w.Items) delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &u.Name) + case "lastJobEndTime": + err = unpopulateDateTimeRFC3339(val, "LastJobEndTime", &w.LastJobEndTime) delete(rawMsg, key) - case "objectId": - err = unpopulate(val, "ObjectID", &u.ObjectID) + case "lastJobProvisioningState": + err = unpopulate(val, "LastJobProvisioningState", &w.LastJobProvisioningState) + delete(rawMsg, key) + case "targetResourceName": + err = unpopulate(val, "TargetResourceName", &w.TargetResourceName) delete(rawMsg, key) } if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", u, err) + return fmt.Errorf("unmarshalling type %T: %v", w, err) } } return nil } -// MarshalJSON implements the json.Marshaller interface for type Watchlist. -func (w Watchlist) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerConfiguration. +func (w WorkspaceManagerConfiguration) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "etag", w.Etag) populate(objectMap, "id", w.ID) @@ -7222,8 +22144,8 @@ func (w Watchlist) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type Watchlist. -func (w *Watchlist) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerConfiguration. +func (w *WorkspaceManagerConfiguration) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -7257,8 +22179,66 @@ func (w *Watchlist) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type WatchlistItem. -func (w WatchlistItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerConfigurationList. +func (w WorkspaceManagerConfigurationList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", w.NextLink) + populate(objectMap, "value", w.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerConfigurationList. +func (w *WorkspaceManagerConfigurationList) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &w.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &w.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerConfigurationProperties. +func (w WorkspaceManagerConfigurationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "mode", w.Mode) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerConfigurationProperties. +func (w *WorkspaceManagerConfigurationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "mode": + err = unpopulate(val, "Mode", &w.Mode) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerGroup. +func (w WorkspaceManagerGroup) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "etag", w.Etag) populate(objectMap, "id", w.ID) @@ -7269,8 +22249,8 @@ func (w WatchlistItem) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItem. -func (w *WatchlistItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerGroup. +func (w *WorkspaceManagerGroup) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -7304,16 +22284,16 @@ func (w *WatchlistItem) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type WatchlistItemList. -func (w WatchlistItemList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerGroupList. +func (w WorkspaceManagerGroupList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "nextLink", w.NextLink) populate(objectMap, "value", w.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItemList. -func (w *WatchlistItemList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerGroupList. +func (w *WorkspaceManagerGroupList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -7335,24 +22315,17 @@ func (w *WatchlistItemList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type WatchlistItemProperties. -func (w WatchlistItemProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerGroupProperties. +func (w WorkspaceManagerGroupProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateDateTimeRFC3339(objectMap, "created", w.Created) - populate(objectMap, "createdBy", w.CreatedBy) - populateAny(objectMap, "entityMapping", w.EntityMapping) - populate(objectMap, "isDeleted", w.IsDeleted) - populateAny(objectMap, "itemsKeyValue", w.ItemsKeyValue) - populate(objectMap, "tenantId", w.TenantID) - populateDateTimeRFC3339(objectMap, "updated", w.Updated) - populate(objectMap, "updatedBy", w.UpdatedBy) - populate(objectMap, "watchlistItemId", w.WatchlistItemID) - populate(objectMap, "watchlistItemType", w.WatchlistItemType) + populate(objectMap, "description", w.Description) + populate(objectMap, "displayName", w.DisplayName) + populate(objectMap, "memberResourceNames", w.MemberResourceNames) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistItemProperties. -func (w *WatchlistItemProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerGroupProperties. +func (w *WorkspaceManagerGroupProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -7360,35 +22333,61 @@ func (w *WatchlistItemProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "created": - err = unpopulateDateTimeRFC3339(val, "Created", &w.Created) - delete(rawMsg, key) - case "createdBy": - err = unpopulate(val, "CreatedBy", &w.CreatedBy) + case "description": + err = unpopulate(val, "Description", &w.Description) delete(rawMsg, key) - case "entityMapping": - err = unpopulate(val, "EntityMapping", &w.EntityMapping) + case "displayName": + err = unpopulate(val, "DisplayName", &w.DisplayName) delete(rawMsg, key) - case "isDeleted": - err = unpopulate(val, "IsDeleted", &w.IsDeleted) + case "memberResourceNames": + err = unpopulate(val, "MemberResourceNames", &w.MemberResourceNames) delete(rawMsg, key) - case "itemsKeyValue": - err = unpopulate(val, "ItemsKeyValue", &w.ItemsKeyValue) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerMember. +func (w WorkspaceManagerMember) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "etag", w.Etag) + populate(objectMap, "id", w.ID) + populate(objectMap, "name", w.Name) + populate(objectMap, "properties", w.Properties) + populate(objectMap, "systemData", w.SystemData) + populate(objectMap, "type", w.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerMember. +func (w *WorkspaceManagerMember) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", w, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "etag": + err = unpopulate(val, "Etag", &w.Etag) delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &w.TenantID) + case "id": + err = unpopulate(val, "ID", &w.ID) delete(rawMsg, key) - case "updated": - err = unpopulateDateTimeRFC3339(val, "Updated", &w.Updated) + case "name": + err = unpopulate(val, "Name", &w.Name) delete(rawMsg, key) - case "updatedBy": - err = unpopulate(val, "UpdatedBy", &w.UpdatedBy) + case "properties": + err = unpopulate(val, "Properties", &w.Properties) delete(rawMsg, key) - case "watchlistItemId": - err = unpopulate(val, "WatchlistItemID", &w.WatchlistItemID) + case "systemData": + err = unpopulate(val, "SystemData", &w.SystemData) delete(rawMsg, key) - case "watchlistItemType": - err = unpopulate(val, "WatchlistItemType", &w.WatchlistItemType) + case "type": + err = unpopulate(val, "Type", &w.Type) delete(rawMsg, key) } if err != nil { @@ -7398,16 +22397,16 @@ func (w *WatchlistItemProperties) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type WatchlistList. -func (w WatchlistList) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerMemberProperties. +func (w WorkspaceManagerMemberProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "nextLink", w.NextLink) - populate(objectMap, "value", w.Value) + populate(objectMap, "targetWorkspaceResourceId", w.TargetWorkspaceResourceID) + populate(objectMap, "targetWorkspaceTenantId", w.TargetWorkspaceTenantID) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistList. -func (w *WatchlistList) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerMemberProperties. +func (w *WorkspaceManagerMemberProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -7415,11 +22414,11 @@ func (w *WatchlistList) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &w.NextLink) + case "targetWorkspaceResourceId": + err = unpopulate(val, "TargetWorkspaceResourceID", &w.TargetWorkspaceResourceID) delete(rawMsg, key) - case "value": - err = unpopulate(val, "Value", &w.Value) + case "targetWorkspaceTenantId": + err = unpopulate(val, "TargetWorkspaceTenantID", &w.TargetWorkspaceTenantID) delete(rawMsg, key) } if err != nil { @@ -7429,34 +22428,16 @@ func (w *WatchlistList) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type WatchlistProperties. -func (w WatchlistProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type WorkspaceManagerMembersList. +func (w WorkspaceManagerMembersList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "contentType", w.ContentType) - populateDateTimeRFC3339(objectMap, "created", w.Created) - populate(objectMap, "createdBy", w.CreatedBy) - populate(objectMap, "defaultDuration", w.DefaultDuration) - populate(objectMap, "description", w.Description) - populate(objectMap, "displayName", w.DisplayName) - populate(objectMap, "isDeleted", w.IsDeleted) - populate(objectMap, "itemsSearchKey", w.ItemsSearchKey) - populate(objectMap, "labels", w.Labels) - populate(objectMap, "numberOfLinesToSkip", w.NumberOfLinesToSkip) - populate(objectMap, "provider", w.Provider) - populate(objectMap, "rawContent", w.RawContent) - populate(objectMap, "source", w.Source) - populate(objectMap, "tenantId", w.TenantID) - populateDateTimeRFC3339(objectMap, "updated", w.Updated) - populate(objectMap, "updatedBy", w.UpdatedBy) - populate(objectMap, "uploadStatus", w.UploadStatus) - populate(objectMap, "watchlistAlias", w.WatchlistAlias) - populate(objectMap, "watchlistId", w.WatchlistID) - populate(objectMap, "watchlistType", w.WatchlistType) + populate(objectMap, "nextLink", w.NextLink) + populate(objectMap, "value", w.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type WatchlistProperties. -func (w *WatchlistProperties) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type WorkspaceManagerMembersList. +func (w *WorkspaceManagerMembersList) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", w, err) @@ -7464,65 +22445,11 @@ func (w *WatchlistProperties) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "contentType": - err = unpopulate(val, "ContentType", &w.ContentType) - delete(rawMsg, key) - case "created": - err = unpopulateDateTimeRFC3339(val, "Created", &w.Created) - delete(rawMsg, key) - case "createdBy": - err = unpopulate(val, "CreatedBy", &w.CreatedBy) - delete(rawMsg, key) - case "defaultDuration": - err = unpopulate(val, "DefaultDuration", &w.DefaultDuration) - delete(rawMsg, key) - case "description": - err = unpopulate(val, "Description", &w.Description) - delete(rawMsg, key) - case "displayName": - err = unpopulate(val, "DisplayName", &w.DisplayName) - delete(rawMsg, key) - case "isDeleted": - err = unpopulate(val, "IsDeleted", &w.IsDeleted) - delete(rawMsg, key) - case "itemsSearchKey": - err = unpopulate(val, "ItemsSearchKey", &w.ItemsSearchKey) - delete(rawMsg, key) - case "labels": - err = unpopulate(val, "Labels", &w.Labels) - delete(rawMsg, key) - case "numberOfLinesToSkip": - err = unpopulate(val, "NumberOfLinesToSkip", &w.NumberOfLinesToSkip) - delete(rawMsg, key) - case "provider": - err = unpopulate(val, "Provider", &w.Provider) - delete(rawMsg, key) - case "rawContent": - err = unpopulate(val, "RawContent", &w.RawContent) - delete(rawMsg, key) - case "source": - err = unpopulate(val, "Source", &w.Source) - delete(rawMsg, key) - case "tenantId": - err = unpopulate(val, "TenantID", &w.TenantID) - delete(rawMsg, key) - case "updated": - err = unpopulateDateTimeRFC3339(val, "Updated", &w.Updated) - delete(rawMsg, key) - case "updatedBy": - err = unpopulate(val, "UpdatedBy", &w.UpdatedBy) - delete(rawMsg, key) - case "uploadStatus": - err = unpopulate(val, "UploadStatus", &w.UploadStatus) - delete(rawMsg, key) - case "watchlistAlias": - err = unpopulate(val, "WatchlistAlias", &w.WatchlistAlias) - delete(rawMsg, key) - case "watchlistId": - err = unpopulate(val, "WatchlistID", &w.WatchlistID) + case "nextLink": + err = unpopulate(val, "NextLink", &w.NextLink) delete(rawMsg, key) - case "watchlistType": - err = unpopulate(val, "WatchlistType", &w.WatchlistType) + case "value": + err = unpopulate(val, "Value", &w.Value) delete(rawMsg, key) } if err != nil { @@ -7553,7 +22480,7 @@ func populateAny(m map[string]any, k string, v any) { } func unpopulate(data json.RawMessage, fn string, v any) error { - if data == nil { + if data == nil || string(data) == "null" { return nil } if err := json.Unmarshal(data, v); err != nil { diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client.go new file mode 100644 index 000000000000..c1a2dfe41770 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/officeconsents_client.go @@ -0,0 +1,236 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// OfficeConsentsClient contains the methods for the OfficeConsents group. +// Don't use this type directly, use NewOfficeConsentsClient() instead. +type OfficeConsentsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewOfficeConsentsClient creates a new instance of OfficeConsentsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewOfficeConsentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*OfficeConsentsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &OfficeConsentsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Delete - Delete the office365 consent. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - consentID - consent ID +// - options - OfficeConsentsClientDeleteOptions contains the optional parameters for the OfficeConsentsClient.Delete method. +func (client *OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, consentID string, options *OfficeConsentsClientDeleteOptions) (OfficeConsentsClientDeleteResponse, error) { + var err error + const operationName = "OfficeConsentsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, consentID, options) + if err != nil { + return OfficeConsentsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return OfficeConsentsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return OfficeConsentsClientDeleteResponse{}, err + } + return OfficeConsentsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *OfficeConsentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, consentID string, options *OfficeConsentsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if consentID == "" { + return nil, errors.New("parameter consentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{consentId}", url.PathEscape(consentID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets an office365 consent. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - consentID - consent ID +// - options - OfficeConsentsClientGetOptions contains the optional parameters for the OfficeConsentsClient.Get method. +func (client *OfficeConsentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, consentID string, options *OfficeConsentsClientGetOptions) (OfficeConsentsClientGetResponse, error) { + var err error + const operationName = "OfficeConsentsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, consentID, options) + if err != nil { + return OfficeConsentsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return OfficeConsentsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return OfficeConsentsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *OfficeConsentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, consentID string, options *OfficeConsentsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if consentID == "" { + return nil, errors.New("parameter consentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{consentId}", url.PathEscape(consentID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *OfficeConsentsClient) getHandleResponse(resp *http.Response) (OfficeConsentsClientGetResponse, error) { + result := OfficeConsentsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.OfficeConsent); err != nil { + return OfficeConsentsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all office365 consents. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - OfficeConsentsClientListOptions contains the optional parameters for the OfficeConsentsClient.NewListPager method. +func (client *OfficeConsentsClient) NewListPager(resourceGroupName string, workspaceName string, options *OfficeConsentsClientListOptions) *runtime.Pager[OfficeConsentsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[OfficeConsentsClientListResponse]{ + More: func(page OfficeConsentsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *OfficeConsentsClientListResponse) (OfficeConsentsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "OfficeConsentsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return OfficeConsentsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *OfficeConsentsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *OfficeConsentsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *OfficeConsentsClient) listHandleResponse(resp *http.Response) (OfficeConsentsClientListResponse, error) { + result := OfficeConsentsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.OfficeConsentList); err != nil { + return OfficeConsentsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client.go index ff76ba0ae629..2b092566b8fb 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client.go @@ -39,7 +39,7 @@ func NewOperationsClient(credential azcore.TokenCredential, options *arm.ClientO // NewListPager - Lists all operations available Azure Security Insights Resource Provider. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - options - OperationsClientListOptions contains the optional parameters for the OperationsClient.NewListPager method. func (client *OperationsClient) NewListPager(options *OperationsClientListOptions) *runtime.Pager[OperationsClientListResponse] { return runtime.NewPager(runtime.PagingHandler[OperationsClientListResponse]{ @@ -72,7 +72,7 @@ func (client *OperationsClient) listCreateRequest(ctx context.Context, options * return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client_example_test.go deleted file mode 100644 index 74b9d12ca31e..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/operations_client_example_test.go +++ /dev/null @@ -1,596 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/operations/ListOperations.json -func ExampleOperationsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewOperationsClient().NewListPager(nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.OperationsList = armsecurityinsights.OperationsList{ - // Value: []*armsecurityinsights.Operation{ - // { - // Name: to.Ptr("Microsoft.SecurityInsights/operations/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets operations"), - // Operation: to.Ptr("Get Operations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Operations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/automationRules/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets an automation rule"), - // Operation: to.Ptr("Get Automation Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("AutomationRules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/automationRules/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates an automation rule"), - // Operation: to.Ptr("Update Automation Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("AutomationRules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/automationRules/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes an automation rule"), - // Operation: to.Ptr("Delete Automation Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("AutomationRules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Bookmarks/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets bookmarks"), - // Operation: to.Ptr("Get Bookmarks"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmarks"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Bookmarks/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates bookmarks"), - // Operation: to.Ptr("Update Bookmarks"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmarks"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Bookmarks/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes bookmarks"), - // Operation: to.Ptr("Delete Bookmarks"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmarks"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Bookmarks/expand/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets related entities of an entity by a specific expansion"), - // Operation: to.Ptr("Expand on entity"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmarks"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/bookmarks/relations/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets a bookmark relation"), - // Operation: to.Ptr("Get Bookmark Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmark Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/bookmarks/relations/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates a bookmark relation"), - // Operation: to.Ptr("Update Bookmark Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmark Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/bookmarks/relations/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes a bookmark relation"), - // Operation: to.Ptr("Delete Bookmark Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Bookmark Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets the alert rules"), - // Operation: to.Ptr("Get Alert Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates alert rules"), - // Operation: to.Ptr("Update Alert Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes alert rules"), - // Operation: to.Ptr("Delete Alert Rules"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/actions/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets the response actions of an alert rule"), - // Operation: to.Ptr("Get Alert Rule Response Actions"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules Actions"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/actions/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates the response actions of an alert rule"), - // Operation: to.Ptr("Update Alert Rule Response Actions"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules Actions"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/alertRules/actions/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes the response actions of an alert rule"), - // Operation: to.Ptr("Delete Alert Rule Response Actions"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Alert Rules Actions"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/dataConnectors/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets the data connectors"), - // Operation: to.Ptr("Get Data Connectors"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("DataConnectors"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/dataConnectors/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates a data connector"), - // Operation: to.Ptr("Update Data Connectors"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("DataConnectors"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/dataConnectors/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes a data connector"), - // Operation: to.Ptr("Delete a Data Connector"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("DataConnectors"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Check user authorization and license"), - // Operation: to.Ptr("Check user authorization and license"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("DataConnectorsCheckRequirements"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets an incident"), - // Operation: to.Ptr("Get Incidents"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incidents"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates an incident"), - // Operation: to.Ptr("Update Incidents"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incidents"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes an incident"), - // Operation: to.Ptr("Delete Incidents"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incidents"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/comments/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets the incident comments"), - // Operation: to.Ptr("Get Incident Comments"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Comments"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/comments/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Creates a comment on the incident"), - // Operation: to.Ptr("Create Incident Comments"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Comments"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/comments/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes a comment on the incident"), - // Operation: to.Ptr("Delete Incident Comment"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Comments"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/relations/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets a relation between the incident and related resources"), - // Operation: to.Ptr("Get Incident Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/relations/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates a relation between the incident and related resources"), - // Operation: to.Ptr("Update Incident Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/incidents/relations/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes a relation between the incident and related resources"), - // Operation: to.Ptr("Delete Incident Relations"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Incident Relations"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets Threat Intelligence"), - // Operation: to.Ptr("Get Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates Threat Intelligence"), - // Operation: to.Ptr("Update Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes Threat Intelligence"), - // Operation: to.Ptr("Delete Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/query/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Query Threat Intelligence"), - // Operation: to.Ptr("Query Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/metrics/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Collect Threat Intelligence Metrics"), - // Operation: to.Ptr("Collect Threat Intelligence Metrics"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/bulkDelete/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Bulk Delete Threat Intelligence"), - // Operation: to.Ptr("Bulk Delete Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/bulkTag/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Bulk Tags Threat Intelligence"), - // Operation: to.Ptr("Bulk Tags Threat Intelligence"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates Threat Intelligence Indicators"), - // Operation: to.Ptr("Update Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes Threat Intelligence Indicators"), - // Operation: to.Ptr("Delete Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/query/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Query Threat Intelligence Indicators"), - // Operation: to.Ptr("Query Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/metrics/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Get Threat Intelligence Indicator Metrics"), - // Operation: to.Ptr("Get Threat Intelligence Indicator Metrics"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/bulkDelete/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Bulk Delete Threat Intelligence Indicators"), - // Operation: to.Ptr("Bulk Delete Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/bulkTag/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Bulk Tags Threat Intelligence Indicators"), - // Operation: to.Ptr("Bulk Tags Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets Threat Intelligence Indicators"), - // Operation: to.Ptr("Get Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/metrics/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Collect Threat Intelligence Metrics"), - // Operation: to.Ptr("Collect Threat Intelligence Metrics"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/createIndicator/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Create Threat Intelligence Indicator"), - // Operation: to.Ptr("Create Threat Intelligence Indicator"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/appendTags/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Append tags to Threat Intelligence Indicator"), - // Operation: to.Ptr("Append tags to Threat Intelligence Indicator"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/indicators/replaceTags/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Replace Tags of Threat Intelligence Indicator"), - // Operation: to.Ptr("Replace Tags of Threat Intelligence Indicator"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/threatintelligence/queryIndicators/action"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Query Threat Intelligence Indicators"), - // Operation: to.Ptr("Query Threat Intelligence Indicators"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("ThreatIntelligence"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Watchlists/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets Watchlists"), - // Operation: to.Ptr("Get Watchlists"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Watchlists"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Watchlists/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Create Watchlists"), - // Operation: to.Ptr("Create Watchlists"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Watchlists"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/Watchlists/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes Watchlists"), - // Operation: to.Ptr("Delete Watchlists"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Watchlists"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/onboardingStates/read"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Gets an onboarding state"), - // Operation: to.Ptr("Get Onboarding States"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Onboarding States"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/onboardingStates/write"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Updates an onboarding state"), - // Operation: to.Ptr("Update Onboarding States"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Onboarding States"), - // }, - // Origin: to.Ptr("user"), - // }, - // { - // Name: to.Ptr("Microsoft.SecurityInsights/onboardingStates/delete"), - // Display: &armsecurityinsights.OperationDisplay{ - // Description: to.Ptr("Deletes an onboarding state"), - // Operation: to.Ptr("Delete Onboarding States"), - // Provider: to.Ptr("Microsoft Security Insights"), - // Resource: to.Ptr("Onboarding States"), - // }, - // Origin: to.Ptr("user"), - // }}, - // } - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/options.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/options.go index 6eb4ae99efa3..db5ebe02a3ad 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/options.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/options.go @@ -28,6 +28,13 @@ type ActionsClientListByAlertRuleOptions struct { // placeholder for future optional parameters } +// AlertRuleClientBeginTriggerRuleRunOptions contains the optional parameters for the AlertRuleClient.BeginTriggerRuleRun +// method. +type AlertRuleClientBeginTriggerRuleRunOptions struct { + // Resumes the LRO from the provided token. + ResumeToken string +} + // AlertRuleTemplatesClientGetOptions contains the optional parameters for the AlertRuleTemplatesClient.Get method. type AlertRuleTemplatesClientGetOptions struct { // placeholder for future optional parameters @@ -80,6 +87,54 @@ type AutomationRulesClientListOptions struct { // placeholder for future optional parameters } +// BillingStatisticsClientGetOptions contains the optional parameters for the BillingStatisticsClient.Get method. +type BillingStatisticsClientGetOptions struct { + // placeholder for future optional parameters +} + +// BillingStatisticsClientListOptions contains the optional parameters for the BillingStatisticsClient.NewListPager method. +type BillingStatisticsClientListOptions struct { + // placeholder for future optional parameters +} + +// BookmarkClientExpandOptions contains the optional parameters for the BookmarkClient.Expand method. +type BookmarkClientExpandOptions struct { + // placeholder for future optional parameters +} + +// BookmarkRelationsClientCreateOrUpdateOptions contains the optional parameters for the BookmarkRelationsClient.CreateOrUpdate +// method. +type BookmarkRelationsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// BookmarkRelationsClientDeleteOptions contains the optional parameters for the BookmarkRelationsClient.Delete method. +type BookmarkRelationsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// BookmarkRelationsClientGetOptions contains the optional parameters for the BookmarkRelationsClient.Get method. +type BookmarkRelationsClientGetOptions struct { + // placeholder for future optional parameters +} + +// BookmarkRelationsClientListOptions contains the optional parameters for the BookmarkRelationsClient.NewListPager method. +type BookmarkRelationsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + // BookmarksClientCreateOrUpdateOptions contains the optional parameters for the BookmarksClient.CreateOrUpdate method. type BookmarksClientCreateOrUpdateOptions struct { // placeholder for future optional parameters @@ -100,51 +155,48 @@ type BookmarksClientListOptions struct { // placeholder for future optional parameters } -// DataConnectorsClientCreateOrUpdateOptions contains the optional parameters for the DataConnectorsClient.CreateOrUpdate -// method. -type DataConnectorsClientCreateOrUpdateOptions struct { - // placeholder for future optional parameters -} - -// DataConnectorsClientDeleteOptions contains the optional parameters for the DataConnectorsClient.Delete method. -type DataConnectorsClientDeleteOptions struct { +// ClientListGeodataByIPOptions contains the optional parameters for the Client.ListGeodataByIP method. +type ClientListGeodataByIPOptions struct { // placeholder for future optional parameters } -// DataConnectorsClientGetOptions contains the optional parameters for the DataConnectorsClient.Get method. -type DataConnectorsClientGetOptions struct { +// ClientListWhoisByDomainOptions contains the optional parameters for the Client.ListWhoisByDomain method. +type ClientListWhoisByDomainOptions struct { // placeholder for future optional parameters } -// DataConnectorsClientListOptions contains the optional parameters for the DataConnectorsClient.NewListPager method. -type DataConnectorsClientListOptions struct { +// ContentPackageClientInstallOptions contains the optional parameters for the ContentPackageClient.Install method. +type ContentPackageClientInstallOptions struct { // placeholder for future optional parameters } -// IncidentCommentsClientCreateOrUpdateOptions contains the optional parameters for the IncidentCommentsClient.CreateOrUpdate -// method. -type IncidentCommentsClientCreateOrUpdateOptions struct { +// ContentPackageClientUninstallOptions contains the optional parameters for the ContentPackageClient.Uninstall method. +type ContentPackageClientUninstallOptions struct { // placeholder for future optional parameters } -// IncidentCommentsClientDeleteOptions contains the optional parameters for the IncidentCommentsClient.Delete method. -type IncidentCommentsClientDeleteOptions struct { +// ContentPackagesClientGetOptions contains the optional parameters for the ContentPackagesClient.Get method. +type ContentPackagesClientGetOptions struct { // placeholder for future optional parameters } -// IncidentCommentsClientGetOptions contains the optional parameters for the IncidentCommentsClient.Get method. -type IncidentCommentsClientGetOptions struct { - // placeholder for future optional parameters -} +// ContentPackagesClientListOptions contains the optional parameters for the ContentPackagesClient.NewListPager method. +type ContentPackagesClientListOptions struct { + // Instructs the server to return only object count without actual body. Optional. + Count *bool -// IncidentCommentsClientListOptions contains the optional parameters for the IncidentCommentsClient.NewListPager method. -type IncidentCommentsClientListOptions struct { // Filters the results, based on a Boolean condition. Optional. Filter *string // Sorts the results. Optional. Orderby *string + // Searches for a substring in the response. Optional. + Search *string + + // Used to skip n elements in the OData query (offset). Returns a nextLink to the next page of results if there are any left. + Skip *int32 + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, // the value of the nextLink element will include a skiptoken parameter that // specifies a starting point to use for subsequent calls. Optional. @@ -154,30 +206,41 @@ type IncidentCommentsClientListOptions struct { Top *int32 } -// IncidentRelationsClientCreateOrUpdateOptions contains the optional parameters for the IncidentRelationsClient.CreateOrUpdate -// method. -type IncidentRelationsClientCreateOrUpdateOptions struct { +// ContentTemplateClientDeleteOptions contains the optional parameters for the ContentTemplateClient.Delete method. +type ContentTemplateClientDeleteOptions struct { // placeholder for future optional parameters } -// IncidentRelationsClientDeleteOptions contains the optional parameters for the IncidentRelationsClient.Delete method. -type IncidentRelationsClientDeleteOptions struct { +// ContentTemplateClientGetOptions contains the optional parameters for the ContentTemplateClient.Get method. +type ContentTemplateClientGetOptions struct { // placeholder for future optional parameters } -// IncidentRelationsClientGetOptions contains the optional parameters for the IncidentRelationsClient.Get method. -type IncidentRelationsClientGetOptions struct { +// ContentTemplateClientInstallOptions contains the optional parameters for the ContentTemplateClient.Install method. +type ContentTemplateClientInstallOptions struct { // placeholder for future optional parameters } -// IncidentRelationsClientListOptions contains the optional parameters for the IncidentRelationsClient.NewListPager method. -type IncidentRelationsClientListOptions struct { +// ContentTemplatesClientListOptions contains the optional parameters for the ContentTemplatesClient.NewListPager method. +type ContentTemplatesClientListOptions struct { + // Instructs the server to return only object count without actual body. Optional. + Count *bool + + // Expands the object with optional fiends that are not included by default. Optional. + Expand *string + // Filters the results, based on a Boolean condition. Optional. Filter *string // Sorts the results. Optional. Orderby *string + // Searches for a substring in the response. Optional. + Search *string + + // Used to skip n elements in the OData query (offset). Returns a nextLink to the next page of results if there are any left. + Skip *int32 + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, // the value of the nextLink element will include a skiptoken parameter that // specifies a starting point to use for subsequent calls. Optional. @@ -187,38 +250,109 @@ type IncidentRelationsClientListOptions struct { Top *int32 } -// IncidentsClientCreateOrUpdateOptions contains the optional parameters for the IncidentsClient.CreateOrUpdate method. -type IncidentsClientCreateOrUpdateOptions struct { +// DataConnectorDefinitionsClientCreateOrUpdateOptions contains the optional parameters for the DataConnectorDefinitionsClient.CreateOrUpdate +// method. +type DataConnectorDefinitionsClientCreateOrUpdateOptions struct { // placeholder for future optional parameters } -// IncidentsClientDeleteOptions contains the optional parameters for the IncidentsClient.Delete method. -type IncidentsClientDeleteOptions struct { +// DataConnectorDefinitionsClientDeleteOptions contains the optional parameters for the DataConnectorDefinitionsClient.Delete +// method. +type DataConnectorDefinitionsClientDeleteOptions struct { // placeholder for future optional parameters } -// IncidentsClientGetOptions contains the optional parameters for the IncidentsClient.Get method. -type IncidentsClientGetOptions struct { +// DataConnectorDefinitionsClientGetOptions contains the optional parameters for the DataConnectorDefinitionsClient.Get method. +type DataConnectorDefinitionsClientGetOptions struct { // placeholder for future optional parameters } -// IncidentsClientListAlertsOptions contains the optional parameters for the IncidentsClient.ListAlerts method. -type IncidentsClientListAlertsOptions struct { +// DataConnectorDefinitionsClientListOptions contains the optional parameters for the DataConnectorDefinitionsClient.NewListPager +// method. +type DataConnectorDefinitionsClientListOptions struct { // placeholder for future optional parameters } -// IncidentsClientListBookmarksOptions contains the optional parameters for the IncidentsClient.ListBookmarks method. -type IncidentsClientListBookmarksOptions struct { +// DataConnectorsCheckRequirementsClientPostOptions contains the optional parameters for the DataConnectorsCheckRequirementsClient.Post +// method. +type DataConnectorsCheckRequirementsClientPostOptions struct { // placeholder for future optional parameters } -// IncidentsClientListEntitiesOptions contains the optional parameters for the IncidentsClient.ListEntities method. -type IncidentsClientListEntitiesOptions struct { +// DataConnectorsClientConnectOptions contains the optional parameters for the DataConnectorsClient.Connect method. +type DataConnectorsClientConnectOptions struct { // placeholder for future optional parameters } -// IncidentsClientListOptions contains the optional parameters for the IncidentsClient.NewListPager method. -type IncidentsClientListOptions struct { +// DataConnectorsClientCreateOrUpdateOptions contains the optional parameters for the DataConnectorsClient.CreateOrUpdate +// method. +type DataConnectorsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// DataConnectorsClientDeleteOptions contains the optional parameters for the DataConnectorsClient.Delete method. +type DataConnectorsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// DataConnectorsClientDisconnectOptions contains the optional parameters for the DataConnectorsClient.Disconnect method. +type DataConnectorsClientDisconnectOptions struct { + // placeholder for future optional parameters +} + +// DataConnectorsClientGetOptions contains the optional parameters for the DataConnectorsClient.Get method. +type DataConnectorsClientGetOptions struct { + // placeholder for future optional parameters +} + +// DataConnectorsClientListOptions contains the optional parameters for the DataConnectorsClient.NewListPager method. +type DataConnectorsClientListOptions struct { + // placeholder for future optional parameters +} + +// DomainWhoisClientGetOptions contains the optional parameters for the DomainWhoisClient.Get method. +type DomainWhoisClientGetOptions struct { + // placeholder for future optional parameters +} + +// EntitiesClientExpandOptions contains the optional parameters for the EntitiesClient.Expand method. +type EntitiesClientExpandOptions struct { + // placeholder for future optional parameters +} + +// EntitiesClientGetInsightsOptions contains the optional parameters for the EntitiesClient.GetInsights method. +type EntitiesClientGetInsightsOptions struct { + // placeholder for future optional parameters +} + +// EntitiesClientGetOptions contains the optional parameters for the EntitiesClient.Get method. +type EntitiesClientGetOptions struct { + // placeholder for future optional parameters +} + +// EntitiesClientListOptions contains the optional parameters for the EntitiesClient.NewListPager method. +type EntitiesClientListOptions struct { + // placeholder for future optional parameters +} + +// EntitiesClientQueriesOptions contains the optional parameters for the EntitiesClient.Queries method. +type EntitiesClientQueriesOptions struct { + // placeholder for future optional parameters +} + +// EntitiesClientRunPlaybookOptions contains the optional parameters for the EntitiesClient.RunPlaybook method. +type EntitiesClientRunPlaybookOptions struct { + // Describes the request body for triggering a playbook on an entity. + RequestBody *EntityManualTriggerRequestBody +} + +// EntitiesGetTimelineClientListOptions contains the optional parameters for the EntitiesGetTimelineClient.List method. +type EntitiesGetTimelineClientListOptions struct { + // placeholder for future optional parameters +} + +// EntitiesRelationsClientListOptions contains the optional parameters for the EntitiesRelationsClient.NewListPager method. +type EntitiesRelationsClientListOptions struct { // Filters the results, based on a Boolean condition. Optional. Filter *string @@ -234,86 +368,110 @@ type IncidentsClientListOptions struct { Top *int32 } -// OperationsClientListOptions contains the optional parameters for the OperationsClient.NewListPager method. -type OperationsClientListOptions struct { +// EntityQueriesClientCreateOrUpdateOptions contains the optional parameters for the EntityQueriesClient.CreateOrUpdate method. +type EntityQueriesClientCreateOrUpdateOptions struct { // placeholder for future optional parameters } -// SentinelOnboardingStatesClientCreateOptions contains the optional parameters for the SentinelOnboardingStatesClient.Create -// method. -type SentinelOnboardingStatesClientCreateOptions struct { - // The Sentinel onboarding state parameter - SentinelOnboardingStateParameter *SentinelOnboardingState +// EntityQueriesClientDeleteOptions contains the optional parameters for the EntityQueriesClient.Delete method. +type EntityQueriesClientDeleteOptions struct { + // placeholder for future optional parameters } -// SentinelOnboardingStatesClientDeleteOptions contains the optional parameters for the SentinelOnboardingStatesClient.Delete -// method. -type SentinelOnboardingStatesClientDeleteOptions struct { +// EntityQueriesClientGetOptions contains the optional parameters for the EntityQueriesClient.Get method. +type EntityQueriesClientGetOptions struct { // placeholder for future optional parameters } -// SentinelOnboardingStatesClientGetOptions contains the optional parameters for the SentinelOnboardingStatesClient.Get method. -type SentinelOnboardingStatesClientGetOptions struct { +// EntityQueriesClientListOptions contains the optional parameters for the EntityQueriesClient.NewListPager method. +type EntityQueriesClientListOptions struct { + // The entity query kind we want to fetch + Kind *Enum21 +} + +// EntityQueryTemplatesClientGetOptions contains the optional parameters for the EntityQueryTemplatesClient.Get method. +type EntityQueryTemplatesClientGetOptions struct { // placeholder for future optional parameters } -// SentinelOnboardingStatesClientListOptions contains the optional parameters for the SentinelOnboardingStatesClient.List +// EntityQueryTemplatesClientListOptions contains the optional parameters for the EntityQueryTemplatesClient.NewListPager // method. -type SentinelOnboardingStatesClientListOptions struct { +type EntityQueryTemplatesClientListOptions struct { + // The entity template query kind we want to fetch + Kind *Enum23 +} + +// EntityRelationsClientGetRelationOptions contains the optional parameters for the EntityRelationsClient.GetRelation method. +type EntityRelationsClientGetRelationOptions struct { // placeholder for future optional parameters } -// ThreatIntelligenceIndicatorClientAppendTagsOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.AppendTags -// method. -type ThreatIntelligenceIndicatorClientAppendTagsOptions struct { +// FileImportsClientBeginDeleteOptions contains the optional parameters for the FileImportsClient.BeginDelete method. +type FileImportsClientBeginDeleteOptions struct { + // Resumes the LRO from the provided token. + ResumeToken string +} + +// FileImportsClientCreateOptions contains the optional parameters for the FileImportsClient.Create method. +type FileImportsClientCreateOptions struct { // placeholder for future optional parameters } -// ThreatIntelligenceIndicatorClientCreateIndicatorOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.CreateIndicator -// method. -type ThreatIntelligenceIndicatorClientCreateIndicatorOptions struct { +// FileImportsClientGetOptions contains the optional parameters for the FileImportsClient.Get method. +type FileImportsClientGetOptions struct { // placeholder for future optional parameters } -// ThreatIntelligenceIndicatorClientCreateOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.Create -// method. -type ThreatIntelligenceIndicatorClientCreateOptions struct { +// FileImportsClientListOptions contains the optional parameters for the FileImportsClient.NewListPager method. +type FileImportsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// GetClientSingleRecommendationOptions contains the optional parameters for the GetClient.SingleRecommendation method. +type GetClientSingleRecommendationOptions struct { // placeholder for future optional parameters } -// ThreatIntelligenceIndicatorClientDeleteOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.Delete -// method. -type ThreatIntelligenceIndicatorClientDeleteOptions struct { +// GetRecommendationsClientListOptions contains the optional parameters for the GetRecommendationsClient.List method. +type GetRecommendationsClientListOptions struct { // placeholder for future optional parameters } -// ThreatIntelligenceIndicatorClientGetOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.Get +// GetTriggeredAnalyticsRuleRunsClientListOptions contains the optional parameters for the GetTriggeredAnalyticsRuleRunsClient.NewListPager // method. -type ThreatIntelligenceIndicatorClientGetOptions struct { +type GetTriggeredAnalyticsRuleRunsClientListOptions struct { // placeholder for future optional parameters } -// ThreatIntelligenceIndicatorClientQueryIndicatorsOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.NewQueryIndicatorsPager -// method. -type ThreatIntelligenceIndicatorClientQueryIndicatorsOptions struct { +// HuntCommentsClientCreateOrUpdateOptions contains the optional parameters for the HuntCommentsClient.CreateOrUpdate method. +type HuntCommentsClientCreateOrUpdateOptions struct { // placeholder for future optional parameters } -// ThreatIntelligenceIndicatorClientReplaceTagsOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.ReplaceTags -// method. -type ThreatIntelligenceIndicatorClientReplaceTagsOptions struct { +// HuntCommentsClientDeleteOptions contains the optional parameters for the HuntCommentsClient.Delete method. +type HuntCommentsClientDeleteOptions struct { // placeholder for future optional parameters } -// ThreatIntelligenceIndicatorMetricsClientListOptions contains the optional parameters for the ThreatIntelligenceIndicatorMetricsClient.List -// method. -type ThreatIntelligenceIndicatorMetricsClientListOptions struct { +// HuntCommentsClientGetOptions contains the optional parameters for the HuntCommentsClient.Get method. +type HuntCommentsClientGetOptions struct { // placeholder for future optional parameters } -// ThreatIntelligenceIndicatorsClientListOptions contains the optional parameters for the ThreatIntelligenceIndicatorsClient.NewListPager -// method. -type ThreatIntelligenceIndicatorsClientListOptions struct { +// HuntCommentsClientListOptions contains the optional parameters for the HuntCommentsClient.NewListPager method. +type HuntCommentsClientListOptions struct { // Filters the results, based on a Boolean condition. Optional. Filter *string @@ -329,49 +487,720 @@ type ThreatIntelligenceIndicatorsClientListOptions struct { Top *int32 } -// WatchlistItemsClientCreateOrUpdateOptions contains the optional parameters for the WatchlistItemsClient.CreateOrUpdate -// method. -type WatchlistItemsClientCreateOrUpdateOptions struct { +// HuntRelationsClientCreateOrUpdateOptions contains the optional parameters for the HuntRelationsClient.CreateOrUpdate method. +type HuntRelationsClientCreateOrUpdateOptions struct { // placeholder for future optional parameters } -// WatchlistItemsClientDeleteOptions contains the optional parameters for the WatchlistItemsClient.Delete method. -type WatchlistItemsClientDeleteOptions struct { +// HuntRelationsClientDeleteOptions contains the optional parameters for the HuntRelationsClient.Delete method. +type HuntRelationsClientDeleteOptions struct { // placeholder for future optional parameters } -// WatchlistItemsClientGetOptions contains the optional parameters for the WatchlistItemsClient.Get method. -type WatchlistItemsClientGetOptions struct { +// HuntRelationsClientGetOptions contains the optional parameters for the HuntRelationsClient.Get method. +type HuntRelationsClientGetOptions struct { // placeholder for future optional parameters } -// WatchlistItemsClientListOptions contains the optional parameters for the WatchlistItemsClient.NewListPager method. -type WatchlistItemsClientListOptions struct { +// HuntRelationsClientListOptions contains the optional parameters for the HuntRelationsClient.NewListPager method. +type HuntRelationsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, // the value of the nextLink element will include a skiptoken parameter that // specifies a starting point to use for subsequent calls. Optional. SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 } -// WatchlistsClientCreateOrUpdateOptions contains the optional parameters for the WatchlistsClient.CreateOrUpdate method. -type WatchlistsClientCreateOrUpdateOptions struct { +// HuntsClientCreateOrUpdateOptions contains the optional parameters for the HuntsClient.CreateOrUpdate method. +type HuntsClientCreateOrUpdateOptions struct { // placeholder for future optional parameters } -// WatchlistsClientDeleteOptions contains the optional parameters for the WatchlistsClient.Delete method. -type WatchlistsClientDeleteOptions struct { +// HuntsClientDeleteOptions contains the optional parameters for the HuntsClient.Delete method. +type HuntsClientDeleteOptions struct { // placeholder for future optional parameters } -// WatchlistsClientGetOptions contains the optional parameters for the WatchlistsClient.Get method. -type WatchlistsClientGetOptions struct { +// HuntsClientGetOptions contains the optional parameters for the HuntsClient.Get method. +type HuntsClientGetOptions struct { // placeholder for future optional parameters } -// WatchlistsClientListOptions contains the optional parameters for the WatchlistsClient.NewListPager method. -type WatchlistsClientListOptions struct { +// HuntsClientListOptions contains the optional parameters for the HuntsClient.NewListPager method. +type HuntsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, // the value of the nextLink element will include a skiptoken parameter that // specifies a starting point to use for subsequent calls. Optional. SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// IPGeodataClientGetOptions contains the optional parameters for the IPGeodataClient.Get method. +type IPGeodataClientGetOptions struct { + // placeholder for future optional parameters +} + +// IncidentCommentsClientCreateOrUpdateOptions contains the optional parameters for the IncidentCommentsClient.CreateOrUpdate +// method. +type IncidentCommentsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// IncidentCommentsClientDeleteOptions contains the optional parameters for the IncidentCommentsClient.Delete method. +type IncidentCommentsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// IncidentCommentsClientGetOptions contains the optional parameters for the IncidentCommentsClient.Get method. +type IncidentCommentsClientGetOptions struct { + // placeholder for future optional parameters +} + +// IncidentCommentsClientListOptions contains the optional parameters for the IncidentCommentsClient.NewListPager method. +type IncidentCommentsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// IncidentRelationsClientCreateOrUpdateOptions contains the optional parameters for the IncidentRelationsClient.CreateOrUpdate +// method. +type IncidentRelationsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// IncidentRelationsClientDeleteOptions contains the optional parameters for the IncidentRelationsClient.Delete method. +type IncidentRelationsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// IncidentRelationsClientGetOptions contains the optional parameters for the IncidentRelationsClient.Get method. +type IncidentRelationsClientGetOptions struct { + // placeholder for future optional parameters +} + +// IncidentRelationsClientListOptions contains the optional parameters for the IncidentRelationsClient.NewListPager method. +type IncidentRelationsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// IncidentTasksClientCreateOrUpdateOptions contains the optional parameters for the IncidentTasksClient.CreateOrUpdate method. +type IncidentTasksClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// IncidentTasksClientDeleteOptions contains the optional parameters for the IncidentTasksClient.Delete method. +type IncidentTasksClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// IncidentTasksClientGetOptions contains the optional parameters for the IncidentTasksClient.Get method. +type IncidentTasksClientGetOptions struct { + // placeholder for future optional parameters +} + +// IncidentTasksClientListOptions contains the optional parameters for the IncidentTasksClient.NewListPager method. +type IncidentTasksClientListOptions struct { + // placeholder for future optional parameters +} + +// IncidentsClientCreateOrUpdateOptions contains the optional parameters for the IncidentsClient.CreateOrUpdate method. +type IncidentsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// IncidentsClientCreateTeamOptions contains the optional parameters for the IncidentsClient.CreateTeam method. +type IncidentsClientCreateTeamOptions struct { + // placeholder for future optional parameters +} + +// IncidentsClientDeleteOptions contains the optional parameters for the IncidentsClient.Delete method. +type IncidentsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// IncidentsClientGetOptions contains the optional parameters for the IncidentsClient.Get method. +type IncidentsClientGetOptions struct { + // placeholder for future optional parameters +} + +// IncidentsClientListAlertsOptions contains the optional parameters for the IncidentsClient.ListAlerts method. +type IncidentsClientListAlertsOptions struct { + // placeholder for future optional parameters +} + +// IncidentsClientListBookmarksOptions contains the optional parameters for the IncidentsClient.ListBookmarks method. +type IncidentsClientListBookmarksOptions struct { + // placeholder for future optional parameters +} + +// IncidentsClientListEntitiesOptions contains the optional parameters for the IncidentsClient.ListEntities method. +type IncidentsClientListEntitiesOptions struct { + // placeholder for future optional parameters +} + +// IncidentsClientListOptions contains the optional parameters for the IncidentsClient.NewListPager method. +type IncidentsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// IncidentsClientRunPlaybookOptions contains the optional parameters for the IncidentsClient.RunPlaybook method. +type IncidentsClientRunPlaybookOptions struct { + RequestBody *ManualTriggerRequestBody +} + +// MetadataClientCreateOptions contains the optional parameters for the MetadataClient.Create method. +type MetadataClientCreateOptions struct { + // placeholder for future optional parameters +} + +// MetadataClientDeleteOptions contains the optional parameters for the MetadataClient.Delete method. +type MetadataClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// MetadataClientGetOptions contains the optional parameters for the MetadataClient.Get method. +type MetadataClientGetOptions struct { + // placeholder for future optional parameters +} + +// MetadataClientListOptions contains the optional parameters for the MetadataClient.NewListPager method. +type MetadataClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Used to skip n elements in the OData query (offset). Returns a nextLink to the next page of results if there are any left. + Skip *int32 + + // Returns only the first n results. Optional. + Top *int32 +} + +// MetadataClientUpdateOptions contains the optional parameters for the MetadataClient.Update method. +type MetadataClientUpdateOptions struct { + // placeholder for future optional parameters +} + +// OfficeConsentsClientDeleteOptions contains the optional parameters for the OfficeConsentsClient.Delete method. +type OfficeConsentsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// OfficeConsentsClientGetOptions contains the optional parameters for the OfficeConsentsClient.Get method. +type OfficeConsentsClientGetOptions struct { + // placeholder for future optional parameters +} + +// OfficeConsentsClientListOptions contains the optional parameters for the OfficeConsentsClient.NewListPager method. +type OfficeConsentsClientListOptions struct { + // placeholder for future optional parameters +} + +// OperationsClientListOptions contains the optional parameters for the OperationsClient.NewListPager method. +type OperationsClientListOptions struct { + // placeholder for future optional parameters +} + +// ProductPackageClientGetOptions contains the optional parameters for the ProductPackageClient.Get method. +type ProductPackageClientGetOptions struct { + // placeholder for future optional parameters +} + +// ProductPackagesClientListOptions contains the optional parameters for the ProductPackagesClient.NewListPager method. +type ProductPackagesClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// ProductSettingsClientDeleteOptions contains the optional parameters for the ProductSettingsClient.Delete method. +type ProductSettingsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// ProductSettingsClientGetOptions contains the optional parameters for the ProductSettingsClient.Get method. +type ProductSettingsClientGetOptions struct { + // placeholder for future optional parameters +} + +// ProductSettingsClientListOptions contains the optional parameters for the ProductSettingsClient.List method. +type ProductSettingsClientListOptions struct { + // placeholder for future optional parameters +} + +// ProductSettingsClientUpdateOptions contains the optional parameters for the ProductSettingsClient.Update method. +type ProductSettingsClientUpdateOptions struct { + // placeholder for future optional parameters +} + +// ProductTemplateClientGetOptions contains the optional parameters for the ProductTemplateClient.Get method. +type ProductTemplateClientGetOptions struct { + // placeholder for future optional parameters +} + +// ProductTemplatesClientListOptions contains the optional parameters for the ProductTemplatesClient.NewListPager method. +type ProductTemplatesClientListOptions struct { + // Instructs the server to return only object count without actual body. Optional. + Count *bool + + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Searches for a substring in the response. Optional. + Search *string + + // Used to skip n elements in the OData query (offset). Returns a nextLink to the next page of results if there are any left. + Skip *int32 + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// ReevaluateClientRecommendationOptions contains the optional parameters for the ReevaluateClient.Recommendation method. +type ReevaluateClientRecommendationOptions struct { + // placeholder for future optional parameters +} + +// SecurityMLAnalyticsSettingsClientCreateOrUpdateOptions contains the optional parameters for the SecurityMLAnalyticsSettingsClient.CreateOrUpdate +// method. +type SecurityMLAnalyticsSettingsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// SecurityMLAnalyticsSettingsClientDeleteOptions contains the optional parameters for the SecurityMLAnalyticsSettingsClient.Delete +// method. +type SecurityMLAnalyticsSettingsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// SecurityMLAnalyticsSettingsClientGetOptions contains the optional parameters for the SecurityMLAnalyticsSettingsClient.Get +// method. +type SecurityMLAnalyticsSettingsClientGetOptions struct { + // placeholder for future optional parameters +} + +// SecurityMLAnalyticsSettingsClientListOptions contains the optional parameters for the SecurityMLAnalyticsSettingsClient.NewListPager +// method. +type SecurityMLAnalyticsSettingsClientListOptions struct { + // placeholder for future optional parameters +} + +// SentinelOnboardingStatesClientCreateOptions contains the optional parameters for the SentinelOnboardingStatesClient.Create +// method. +type SentinelOnboardingStatesClientCreateOptions struct { + // The Sentinel onboarding state parameter + SentinelOnboardingStateParameter *SentinelOnboardingState +} + +// SentinelOnboardingStatesClientDeleteOptions contains the optional parameters for the SentinelOnboardingStatesClient.Delete +// method. +type SentinelOnboardingStatesClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// SentinelOnboardingStatesClientGetOptions contains the optional parameters for the SentinelOnboardingStatesClient.Get method. +type SentinelOnboardingStatesClientGetOptions struct { + // placeholder for future optional parameters +} + +// SentinelOnboardingStatesClientListOptions contains the optional parameters for the SentinelOnboardingStatesClient.List +// method. +type SentinelOnboardingStatesClientListOptions struct { + // placeholder for future optional parameters +} + +// SourceControlClientListRepositoriesOptions contains the optional parameters for the SourceControlClient.NewListRepositoriesPager +// method. +type SourceControlClientListRepositoriesOptions struct { + // placeholder for future optional parameters +} + +// SourceControlsClientCreateOptions contains the optional parameters for the SourceControlsClient.Create method. +type SourceControlsClientCreateOptions struct { + // placeholder for future optional parameters +} + +// SourceControlsClientDeleteOptions contains the optional parameters for the SourceControlsClient.Delete method. +type SourceControlsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// SourceControlsClientGetOptions contains the optional parameters for the SourceControlsClient.Get method. +type SourceControlsClientGetOptions struct { + // placeholder for future optional parameters +} + +// SourceControlsClientListOptions contains the optional parameters for the SourceControlsClient.NewListPager method. +type SourceControlsClientListOptions struct { + // placeholder for future optional parameters +} + +// ThreatIntelligenceClientCountOptions contains the optional parameters for the ThreatIntelligenceClient.Count method. +type ThreatIntelligenceClientCountOptions struct { + // The query to run on the TI objects in the workspace. + Query *Query +} + +// ThreatIntelligenceClientQueryOptions contains the optional parameters for the ThreatIntelligenceClient.NewQueryPager method. +type ThreatIntelligenceClientQueryOptions struct { + // The query to run on the TI objects in the workspace. + Query *QueryAutoGenerated +} + +// ThreatIntelligenceIndicatorClientAppendTagsOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.AppendTags +// method. +type ThreatIntelligenceIndicatorClientAppendTagsOptions struct { + // placeholder for future optional parameters +} + +// ThreatIntelligenceIndicatorClientCreateIndicatorOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.CreateIndicator +// method. +type ThreatIntelligenceIndicatorClientCreateIndicatorOptions struct { + // placeholder for future optional parameters +} + +// ThreatIntelligenceIndicatorClientCreateOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.Create +// method. +type ThreatIntelligenceIndicatorClientCreateOptions struct { + // placeholder for future optional parameters +} + +// ThreatIntelligenceIndicatorClientDeleteOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.Delete +// method. +type ThreatIntelligenceIndicatorClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// ThreatIntelligenceIndicatorClientGetOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.Get +// method. +type ThreatIntelligenceIndicatorClientGetOptions struct { + // placeholder for future optional parameters +} + +// ThreatIntelligenceIndicatorClientQueryIndicatorsOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.NewQueryIndicatorsPager +// method. +type ThreatIntelligenceIndicatorClientQueryIndicatorsOptions struct { + // placeholder for future optional parameters +} + +// ThreatIntelligenceIndicatorClientReplaceTagsOptions contains the optional parameters for the ThreatIntelligenceIndicatorClient.ReplaceTags +// method. +type ThreatIntelligenceIndicatorClientReplaceTagsOptions struct { + // placeholder for future optional parameters +} + +// ThreatIntelligenceIndicatorMetricsClientListOptions contains the optional parameters for the ThreatIntelligenceIndicatorMetricsClient.List +// method. +type ThreatIntelligenceIndicatorMetricsClientListOptions struct { + // placeholder for future optional parameters +} + +// ThreatIntelligenceIndicatorsClientListOptions contains the optional parameters for the ThreatIntelligenceIndicatorsClient.NewListPager +// method. +type ThreatIntelligenceIndicatorsClientListOptions struct { + // Filters the results, based on a Boolean condition. Optional. + Filter *string + + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// TriggeredAnalyticsRuleRunClientGetOptions contains the optional parameters for the TriggeredAnalyticsRuleRunClient.Get +// method. +type TriggeredAnalyticsRuleRunClientGetOptions struct { + // placeholder for future optional parameters +} + +// UpdateClientRecommendationOptions contains the optional parameters for the UpdateClient.Recommendation method. +type UpdateClientRecommendationOptions struct { + // placeholder for future optional parameters +} + +// WatchlistItemsClientCreateOrUpdateOptions contains the optional parameters for the WatchlistItemsClient.CreateOrUpdate +// method. +type WatchlistItemsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// WatchlistItemsClientDeleteOptions contains the optional parameters for the WatchlistItemsClient.Delete method. +type WatchlistItemsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WatchlistItemsClientGetOptions contains the optional parameters for the WatchlistItemsClient.Get method. +type WatchlistItemsClientGetOptions struct { + // placeholder for future optional parameters +} + +// WatchlistItemsClientListOptions contains the optional parameters for the WatchlistItemsClient.NewListPager method. +type WatchlistItemsClientListOptions struct { + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string +} + +// WatchlistsClientCreateOrUpdateOptions contains the optional parameters for the WatchlistsClient.CreateOrUpdate method. +type WatchlistsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// WatchlistsClientDeleteOptions contains the optional parameters for the WatchlistsClient.Delete method. +type WatchlistsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WatchlistsClientGetOptions contains the optional parameters for the WatchlistsClient.Get method. +type WatchlistsClientGetOptions struct { + // placeholder for future optional parameters +} + +// WatchlistsClientListOptions contains the optional parameters for the WatchlistsClient.NewListPager method. +type WatchlistsClientListOptions struct { + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string +} + +// WorkspaceManagerAssignmentJobsClientCreateOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Create +// method. +type WorkspaceManagerAssignmentJobsClientCreateOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentJobsClientDeleteOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Delete +// method. +type WorkspaceManagerAssignmentJobsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentJobsClientGetOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Get +// method. +type WorkspaceManagerAssignmentJobsClientGetOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentJobsClientListOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.NewListPager +// method. +type WorkspaceManagerAssignmentJobsClientListOptions struct { + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// WorkspaceManagerAssignmentsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.CreateOrUpdate +// method. +type WorkspaceManagerAssignmentsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentsClientDeleteOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.Delete +// method. +type WorkspaceManagerAssignmentsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentsClientGetOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.Get +// method. +type WorkspaceManagerAssignmentsClientGetOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerAssignmentsClientListOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.NewListPager +// method. +type WorkspaceManagerAssignmentsClientListOptions struct { + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// WorkspaceManagerConfigurationsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.CreateOrUpdate +// method. +type WorkspaceManagerConfigurationsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerConfigurationsClientDeleteOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.Delete +// method. +type WorkspaceManagerConfigurationsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerConfigurationsClientGetOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.Get +// method. +type WorkspaceManagerConfigurationsClientGetOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerConfigurationsClientListOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.NewListPager +// method. +type WorkspaceManagerConfigurationsClientListOptions struct { + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// WorkspaceManagerGroupsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerGroupsClient.CreateOrUpdate +// method. +type WorkspaceManagerGroupsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerGroupsClientDeleteOptions contains the optional parameters for the WorkspaceManagerGroupsClient.Delete +// method. +type WorkspaceManagerGroupsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerGroupsClientGetOptions contains the optional parameters for the WorkspaceManagerGroupsClient.Get method. +type WorkspaceManagerGroupsClientGetOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerGroupsClientListOptions contains the optional parameters for the WorkspaceManagerGroupsClient.NewListPager +// method. +type WorkspaceManagerGroupsClientListOptions struct { + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 +} + +// WorkspaceManagerMembersClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerMembersClient.CreateOrUpdate +// method. +type WorkspaceManagerMembersClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerMembersClientDeleteOptions contains the optional parameters for the WorkspaceManagerMembersClient.Delete +// method. +type WorkspaceManagerMembersClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerMembersClientGetOptions contains the optional parameters for the WorkspaceManagerMembersClient.Get method. +type WorkspaceManagerMembersClientGetOptions struct { + // placeholder for future optional parameters +} + +// WorkspaceManagerMembersClientListOptions contains the optional parameters for the WorkspaceManagerMembersClient.NewListPager +// method. +type WorkspaceManagerMembersClientListOptions struct { + // Sorts the results. Optional. + Orderby *string + + // Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, + // the value of the nextLink element will include a skiptoken parameter that + // specifies a starting point to use for subsequent calls. Optional. + SkipToken *string + + // Returns only the first n results. Optional. + Top *int32 } diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/polymorphic_helpers.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/polymorphic_helpers.go index 43f6a5c636d9..8d06e7b468c9 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/polymorphic_helpers.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/polymorphic_helpers.go @@ -11,7 +11,7 @@ package armsecurityinsights import "encoding/json" func unmarshalAlertRuleClassification(rawMsg json.RawMessage) (AlertRuleClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var m map[string]any @@ -22,10 +22,16 @@ func unmarshalAlertRuleClassification(rawMsg json.RawMessage) (AlertRuleClassifi switch m["kind"] { case string(AlertRuleKindFusion): b = &FusionAlertRule{} + case string(AlertRuleKindMLBehaviorAnalytics): + b = &MLBehaviorAnalyticsAlertRule{} case string(AlertRuleKindMicrosoftSecurityIncidentCreation): b = &MicrosoftSecurityIncidentCreationAlertRule{} + case string(AlertRuleKindNRT): + b = &NrtAlertRule{} case string(AlertRuleKindScheduled): b = &ScheduledAlertRule{} + case string(AlertRuleKindThreatIntelligence): + b = &ThreatIntelligenceAlertRule{} default: b = &AlertRule{} } @@ -36,7 +42,7 @@ func unmarshalAlertRuleClassification(rawMsg json.RawMessage) (AlertRuleClassifi } func unmarshalAlertRuleClassificationArray(rawMsg json.RawMessage) ([]AlertRuleClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var rawMessages []json.RawMessage @@ -55,7 +61,7 @@ func unmarshalAlertRuleClassificationArray(rawMsg json.RawMessage) ([]AlertRuleC } func unmarshalAlertRuleTemplateClassification(rawMsg json.RawMessage) (AlertRuleTemplateClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var m map[string]any @@ -66,10 +72,16 @@ func unmarshalAlertRuleTemplateClassification(rawMsg json.RawMessage) (AlertRule switch m["kind"] { case string(AlertRuleKindFusion): b = &FusionAlertRuleTemplate{} + case string(AlertRuleKindMLBehaviorAnalytics): + b = &MLBehaviorAnalyticsAlertRuleTemplate{} case string(AlertRuleKindMicrosoftSecurityIncidentCreation): b = &MicrosoftSecurityIncidentCreationAlertRuleTemplate{} + case string(AlertRuleKindNRT): + b = &NrtAlertRuleTemplate{} case string(AlertRuleKindScheduled): b = &ScheduledAlertRuleTemplate{} + case string(AlertRuleKindThreatIntelligence): + b = &ThreatIntelligenceAlertRuleTemplate{} default: b = &AlertRuleTemplate{} } @@ -80,7 +92,7 @@ func unmarshalAlertRuleTemplateClassification(rawMsg json.RawMessage) (AlertRule } func unmarshalAlertRuleTemplateClassificationArray(rawMsg json.RawMessage) ([]AlertRuleTemplateClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var rawMessages []json.RawMessage @@ -99,7 +111,7 @@ func unmarshalAlertRuleTemplateClassificationArray(rawMsg json.RawMessage) ([]Al } func unmarshalAutomationRuleActionClassification(rawMsg json.RawMessage) (AutomationRuleActionClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var m map[string]any @@ -108,6 +120,8 @@ func unmarshalAutomationRuleActionClassification(rawMsg json.RawMessage) (Automa } var b AutomationRuleActionClassification switch m["actionType"] { + case string(ActionTypeAddIncidentTask): + b = &AutomationRuleAddIncidentTaskAction{} case string(ActionTypeModifyProperties): b = &AutomationRuleModifyPropertiesAction{} case string(ActionTypeRunPlaybook): @@ -122,7 +136,7 @@ func unmarshalAutomationRuleActionClassification(rawMsg json.RawMessage) (Automa } func unmarshalAutomationRuleActionClassificationArray(rawMsg json.RawMessage) ([]AutomationRuleActionClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var rawMessages []json.RawMessage @@ -141,7 +155,7 @@ func unmarshalAutomationRuleActionClassificationArray(rawMsg json.RawMessage) ([ } func unmarshalAutomationRuleConditionClassification(rawMsg json.RawMessage) (AutomationRuleConditionClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var m map[string]any @@ -150,8 +164,16 @@ func unmarshalAutomationRuleConditionClassification(rawMsg json.RawMessage) (Aut } var b AutomationRuleConditionClassification switch m["conditionType"] { + case string(ConditionTypeBoolean): + b = &BooleanConditionProperties{} case string(ConditionTypeProperty): b = &PropertyConditionProperties{} + case string(ConditionTypePropertyArray): + b = &PropertyArrayConditionProperties{} + case string(ConditionTypePropertyArrayChanged): + b = &PropertyArrayChangedConditionProperties{} + case string(ConditionTypePropertyChanged): + b = &PropertyChangedConditionProperties{} default: b = &AutomationRuleCondition{} } @@ -162,7 +184,7 @@ func unmarshalAutomationRuleConditionClassification(rawMsg json.RawMessage) (Aut } func unmarshalAutomationRuleConditionClassificationArray(rawMsg json.RawMessage) ([]AutomationRuleConditionClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var rawMessages []json.RawMessage @@ -180,8 +202,89 @@ func unmarshalAutomationRuleConditionClassificationArray(rawMsg json.RawMessage) return fArray, nil } +func unmarshalBillingStatisticClassification(rawMsg json.RawMessage) (BillingStatisticClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b BillingStatisticClassification + switch m["kind"] { + case string(BillingStatisticKindSapSolutionUsage): + b = &SapSolutionUsageStatistic{} + default: + b = &BillingStatistic{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalBillingStatisticClassificationArray(rawMsg json.RawMessage) ([]BillingStatisticClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]BillingStatisticClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalBillingStatisticClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + +func unmarshalCcpAuthConfigClassification(rawMsg json.RawMessage) (CcpAuthConfigClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b CcpAuthConfigClassification + switch m["type"] { + case string(CcpAuthTypeAPIKey): + b = &APIKeyAuthModel{} + case string(CcpAuthTypeAWS): + b = &AWSAuthModel{} + case string(CcpAuthTypeBasic): + b = &BasicAuthModel{} + case string(CcpAuthTypeGCP): + b = &GCPAuthModel{} + case string(CcpAuthTypeGitHub): + b = &GitHubAuthModel{} + case string(CcpAuthTypeJwtToken): + b = &JwtAuthModel{} + case string(CcpAuthTypeNone): + b = &NoneAuthModel{} + case string(CcpAuthTypeOAuth2): + b = &OAuthModel{} + case string(CcpAuthTypeOracle): + b = &OracleAuthModel{} + case string(CcpAuthTypeServiceBus): + b = &GenericBlobSbsAuthModel{} + case string(CcpAuthTypeSession): + b = &SessionAuthModel{} + default: + b = &CcpAuthConfig{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (DataConnectorClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var m map[string]any @@ -190,22 +293,52 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (DataConnector } var b DataConnectorClassification switch m["kind"] { + case string(DataConnectorKindAPIPolling): + b = &CodelessAPIPollingDataConnector{} case string(DataConnectorKindAmazonWebServicesCloudTrail): b = &AwsCloudTrailDataConnector{} + case string(DataConnectorKindAmazonWebServicesS3): + b = &AwsS3DataConnector{} case string(DataConnectorKindAzureActiveDirectory): b = &AADDataConnector{} case string(DataConnectorKindAzureAdvancedThreatProtection): b = &AATPDataConnector{} case string(DataConnectorKindAzureSecurityCenter): b = &ASCDataConnector{} + case string(DataConnectorKindDynamics365): + b = &Dynamics365DataConnector{} + case string(DataConnectorKindGCP): + b = &GCPDataConnector{} + case string(DataConnectorKindGenericUI): + b = &CodelessUIDataConnector{} + case string(DataConnectorKindIOT): + b = &IoTDataConnector{} case string(DataConnectorKindMicrosoftCloudAppSecurity): b = &MCASDataConnector{} case string(DataConnectorKindMicrosoftDefenderAdvancedThreatProtection): b = &MDATPDataConnector{} + case string(DataConnectorKindMicrosoftPurviewInformationProtection): + b = &MicrosoftPurviewInformationProtectionDataConnector{} + case string(DataConnectorKindMicrosoftThreatIntelligence): + b = &MSTIDataConnector{} + case string(DataConnectorKindMicrosoftThreatProtection): + b = &MTPDataConnector{} case string(DataConnectorKindOffice365): b = &OfficeDataConnector{} + case string(DataConnectorKindOffice365Project): + b = &Office365ProjectDataConnector{} + case string(DataConnectorKindOfficeATP): + b = &OfficeATPDataConnector{} + case string(DataConnectorKindOfficeIRM): + b = &OfficeIRMDataConnector{} + case string(DataConnectorKindOfficePowerBI): + b = &OfficePowerBIDataConnector{} + case string(DataConnectorKindRestAPIPoller): + b = &RestAPIPollerDataConnector{} case string(DataConnectorKindThreatIntelligence): b = &TIDataConnector{} + case string(DataConnectorKindThreatIntelligenceTaxii): + b = &TiTaxiiDataConnector{} default: b = &DataConnector{} } @@ -216,7 +349,7 @@ func unmarshalDataConnectorClassification(rawMsg json.RawMessage) (DataConnector } func unmarshalDataConnectorClassificationArray(rawMsg json.RawMessage) ([]DataConnectorClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var rawMessages []json.RawMessage @@ -234,8 +367,48 @@ func unmarshalDataConnectorClassificationArray(rawMsg json.RawMessage) ([]DataCo return fArray, nil } +func unmarshalDataConnectorDefinitionClassification(rawMsg json.RawMessage) (DataConnectorDefinitionClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b DataConnectorDefinitionClassification + switch m["kind"] { + case string(DataConnectorDefinitionKindCustomizable): + b = &CustomizableConnectorDefinition{} + default: + b = &DataConnectorDefinition{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalDataConnectorDefinitionClassificationArray(rawMsg json.RawMessage) ([]DataConnectorDefinitionClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]DataConnectorDefinitionClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalDataConnectorDefinitionClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + func unmarshalEntityClassification(rawMsg json.RawMessage) (EntityClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var m map[string]any @@ -260,10 +433,10 @@ func unmarshalEntityClassification(rawMsg json.RawMessage) (EntityClassification b = &FileHashEntity{} case string(EntityKindEnumHost): b = &HostEntity{} - case string(EntityKindEnumIP): - b = &IPEntity{} case string(EntityKindEnumIoTDevice): b = &IoTDeviceEntity{} + case string(EntityKindEnumIP): + b = &IPEntity{} case string(EntityKindEnumMailCluster): b = &MailClusterEntity{} case string(EntityKindEnumMailMessage): @@ -272,6 +445,8 @@ func unmarshalEntityClassification(rawMsg json.RawMessage) (EntityClassification b = &MailboxEntity{} case string(EntityKindEnumMalware): b = &MalwareEntity{} + case string(EntityKindEnumNic): + b = &NicEntity{} case string(EntityKindEnumProcess): b = &ProcessEntity{} case string(EntityKindEnumRegistryKey): @@ -296,7 +471,7 @@ func unmarshalEntityClassification(rawMsg json.RawMessage) (EntityClassification } func unmarshalEntityClassificationArray(rawMsg json.RawMessage) ([]EntityClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var rawMessages []json.RawMessage @@ -314,8 +489,310 @@ func unmarshalEntityClassificationArray(rawMsg json.RawMessage) ([]EntityClassif return fArray, nil } +func unmarshalEntityQueryClassification(rawMsg json.RawMessage) (EntityQueryClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b EntityQueryClassification + switch m["kind"] { + case string(EntityQueryKindActivity): + b = &ActivityEntityQuery{} + case string(EntityQueryKindExpansion): + b = &ExpansionEntityQuery{} + default: + b = &EntityQuery{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalEntityQueryClassificationArray(rawMsg json.RawMessage) ([]EntityQueryClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]EntityQueryClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalEntityQueryClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + +func unmarshalEntityQueryItemClassification(rawMsg json.RawMessage) (EntityQueryItemClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b EntityQueryItemClassification + switch m["kind"] { + case string(EntityQueryKindInsight): + b = &InsightQueryItem{} + default: + b = &EntityQueryItem{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalEntityQueryItemClassificationArray(rawMsg json.RawMessage) ([]EntityQueryItemClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]EntityQueryItemClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalEntityQueryItemClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + +func unmarshalEntityQueryTemplateClassification(rawMsg json.RawMessage) (EntityQueryTemplateClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b EntityQueryTemplateClassification + switch m["kind"] { + case string(EntityQueryTemplateKindActivity): + b = &ActivityEntityQueryTemplate{} + default: + b = &EntityQueryTemplate{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalEntityQueryTemplateClassificationArray(rawMsg json.RawMessage) ([]EntityQueryTemplateClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]EntityQueryTemplateClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalEntityQueryTemplateClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + +func unmarshalEntityTimelineItemClassification(rawMsg json.RawMessage) (EntityTimelineItemClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b EntityTimelineItemClassification + switch m["kind"] { + case string(EntityTimelineKindActivity): + b = &ActivityTimelineItem{} + case string(EntityTimelineKindAnomaly): + b = &AnomalyTimelineItem{} + case string(EntityTimelineKindBookmark): + b = &BookmarkTimelineItem{} + case string(EntityTimelineKindSecurityAlert): + b = &SecurityAlertTimelineItem{} + default: + b = &EntityTimelineItem{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalEntityTimelineItemClassificationArray(rawMsg json.RawMessage) ([]EntityTimelineItemClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]EntityTimelineItemClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalEntityTimelineItemClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + +func unmarshalSecurityMLAnalyticsSettingClassification(rawMsg json.RawMessage) (SecurityMLAnalyticsSettingClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b SecurityMLAnalyticsSettingClassification + switch m["kind"] { + case string(SecurityMLAnalyticsSettingsKindAnomaly): + b = &AnomalySecurityMLAnalyticsSettings{} + default: + b = &SecurityMLAnalyticsSetting{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalSecurityMLAnalyticsSettingClassificationArray(rawMsg json.RawMessage) ([]SecurityMLAnalyticsSettingClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]SecurityMLAnalyticsSettingClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalSecurityMLAnalyticsSettingClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + +func unmarshalSettingsClassification(rawMsg json.RawMessage) (SettingsClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b SettingsClassification + switch m["kind"] { + case string(SettingKindAnomalies): + b = &Anomalies{} + case string(SettingKindEntityAnalytics): + b = &EntityAnalytics{} + case string(SettingKindEyesOn): + b = &EyesOn{} + case string(SettingKindUeba): + b = &Ueba{} + default: + b = &Settings{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalSettingsClassificationArray(rawMsg json.RawMessage) ([]SettingsClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]SettingsClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalSettingsClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + +func unmarshalTIObjectClassification(rawMsg json.RawMessage) (TIObjectClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b TIObjectClassification + switch m["kind"] { + case string(TIObjectKindAttackPattern): + b = &AttackPattern{} + case string(TIObjectKindIdentity): + b = &Identity{} + case string(TIObjectKindIndicator): + b = &Indicator{} + case string(TIObjectKindRelationship): + b = &Relationship{} + case string(TIObjectKindThreatActor): + b = &ThreatActor{} + default: + b = &TIObject{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalTIObjectClassificationArray(rawMsg json.RawMessage) ([]TIObjectClassification, error) { + if rawMsg == nil || string(rawMsg) == "null" { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]TIObjectClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalTIObjectClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} + func unmarshalThreatIntelligenceInformationClassification(rawMsg json.RawMessage) (ThreatIntelligenceInformationClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var m map[string]any @@ -336,7 +813,7 @@ func unmarshalThreatIntelligenceInformationClassification(rawMsg json.RawMessage } func unmarshalThreatIntelligenceInformationClassificationArray(rawMsg json.RawMessage) ([]ThreatIntelligenceInformationClassification, error) { - if rawMsg == nil { + if rawMsg == nil || string(rawMsg) == "null" { return nil, nil } var rawMessages []json.RawMessage diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackage_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackage_client.go new file mode 100644 index 000000000000..fba6a82b51a3 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackage_client.go @@ -0,0 +1,113 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ProductPackageClient contains the methods for the ProductPackage group. +// Don't use this type directly, use NewProductPackageClient() instead. +type ProductPackageClient struct { + internal *arm.Client + subscriptionID string +} + +// NewProductPackageClient creates a new instance of ProductPackageClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewProductPackageClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ProductPackageClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ProductPackageClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Gets a package by its identifier from the catalog. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - packageID - package Id +// - options - ProductPackageClientGetOptions contains the optional parameters for the ProductPackageClient.Get method. +func (client *ProductPackageClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *ProductPackageClientGetOptions) (ProductPackageClientGetResponse, error) { + var err error + const operationName = "ProductPackageClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, packageID, options) + if err != nil { + return ProductPackageClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ProductPackageClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ProductPackageClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *ProductPackageClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, packageID string, options *ProductPackageClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages/{packageId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if packageID == "" { + return nil, errors.New("parameter packageID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{packageId}", url.PathEscape(packageID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *ProductPackageClient) getHandleResponse(resp *http.Response) (ProductPackageClientGetResponse, error) { + result := ProductPackageClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ProductPackageModel); err != nil { + return ProductPackageClientGetResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackages_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackages_client.go new file mode 100644 index 000000000000..3d748bdddb9e --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/productpackages_client.go @@ -0,0 +1,124 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// ProductPackagesClient contains the methods for the ProductPackages group. +// Don't use this type directly, use NewProductPackagesClient() instead. +type ProductPackagesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewProductPackagesClient creates a new instance of ProductPackagesClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewProductPackagesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ProductPackagesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ProductPackagesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets all packages from the catalog. Expandable properties: +// * properties/installed +// * properties/packagedContent +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - ProductPackagesClientListOptions contains the optional parameters for the ProductPackagesClient.NewListPager +// method. +func (client *ProductPackagesClient) NewListPager(resourceGroupName string, workspaceName string, options *ProductPackagesClientListOptions) *runtime.Pager[ProductPackagesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ProductPackagesClientListResponse]{ + More: func(page ProductPackagesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ProductPackagesClientListResponse) (ProductPackagesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ProductPackagesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return ProductPackagesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ProductPackagesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ProductPackagesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ProductPackagesClient) listHandleResponse(resp *http.Response) (ProductPackagesClientListResponse, error) { + result := ProductPackagesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ProductPackageList); err != nil { + return ProductPackagesClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client.go new file mode 100644 index 000000000000..b7488a4eff85 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/productsettings_client.go @@ -0,0 +1,309 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ProductSettingsClient contains the methods for the ProductSettings group. +// Don't use this type directly, use NewProductSettingsClient() instead. +type ProductSettingsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewProductSettingsClient creates a new instance of ProductSettingsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewProductSettingsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ProductSettingsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ProductSettingsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Delete - Delete setting of the product. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - settingsName - The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba +// - options - ProductSettingsClientDeleteOptions contains the optional parameters for the ProductSettingsClient.Delete method. +func (client *ProductSettingsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, options *ProductSettingsClientDeleteOptions) (ProductSettingsClientDeleteResponse, error) { + var err error + const operationName = "ProductSettingsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, settingsName, options) + if err != nil { + return ProductSettingsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ProductSettingsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ProductSettingsClientDeleteResponse{}, err + } + return ProductSettingsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *ProductSettingsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, options *ProductSettingsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if settingsName == "" { + return nil, errors.New("parameter settingsName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{settingsName}", url.PathEscape(settingsName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a setting. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - settingsName - The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba +// - options - ProductSettingsClientGetOptions contains the optional parameters for the ProductSettingsClient.Get method. +func (client *ProductSettingsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, options *ProductSettingsClientGetOptions) (ProductSettingsClientGetResponse, error) { + var err error + const operationName = "ProductSettingsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, settingsName, options) + if err != nil { + return ProductSettingsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ProductSettingsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ProductSettingsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *ProductSettingsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, options *ProductSettingsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if settingsName == "" { + return nil, errors.New("parameter settingsName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{settingsName}", url.PathEscape(settingsName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *ProductSettingsClient) getHandleResponse(resp *http.Response) (ProductSettingsClientGetResponse, error) { + result := ProductSettingsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return ProductSettingsClientGetResponse{}, err + } + return result, nil +} + +// List - List of all the settings +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - ProductSettingsClientListOptions contains the optional parameters for the ProductSettingsClient.List method. +func (client *ProductSettingsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, options *ProductSettingsClientListOptions) (ProductSettingsClientListResponse, error) { + var err error + const operationName = "ProductSettingsClient.List" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + if err != nil { + return ProductSettingsClientListResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ProductSettingsClientListResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ProductSettingsClientListResponse{}, err + } + resp, err := client.listHandleResponse(httpResp) + return resp, err +} + +// listCreateRequest creates the List request. +func (client *ProductSettingsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ProductSettingsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ProductSettingsClient) listHandleResponse(resp *http.Response) (ProductSettingsClientListResponse, error) { + result := ProductSettingsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.SettingList); err != nil { + return ProductSettingsClientListResponse{}, err + } + return result, nil +} + +// Update - Updates setting. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - settingsName - The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba +// - settings - The setting +// - options - ProductSettingsClientUpdateOptions contains the optional parameters for the ProductSettingsClient.Update method. +func (client *ProductSettingsClient) Update(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, settings SettingsClassification, options *ProductSettingsClientUpdateOptions) (ProductSettingsClientUpdateResponse, error) { + var err error + const operationName = "ProductSettingsClient.Update" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.updateCreateRequest(ctx, resourceGroupName, workspaceName, settingsName, settings, options) + if err != nil { + return ProductSettingsClientUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ProductSettingsClientUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ProductSettingsClientUpdateResponse{}, err + } + resp, err := client.updateHandleResponse(httpResp) + return resp, err +} + +// updateCreateRequest creates the Update request. +func (client *ProductSettingsClient) updateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, settings SettingsClassification, options *ProductSettingsClientUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if settingsName == "" { + return nil, errors.New("parameter settingsName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{settingsName}", url.PathEscape(settingsName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, settings); err != nil { + return nil, err + } + return req, nil +} + +// updateHandleResponse handles the Update response. +func (client *ProductSettingsClient) updateHandleResponse(resp *http.Response) (ProductSettingsClientUpdateResponse, error) { + result := ProductSettingsClientUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return ProductSettingsClientUpdateResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplate_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplate_client.go new file mode 100644 index 000000000000..58518b18b539 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplate_client.go @@ -0,0 +1,113 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ProductTemplateClient contains the methods for the ProductTemplate group. +// Don't use this type directly, use NewProductTemplateClient() instead. +type ProductTemplateClient struct { + internal *arm.Client + subscriptionID string +} + +// NewProductTemplateClient creates a new instance of ProductTemplateClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewProductTemplateClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ProductTemplateClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ProductTemplateClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Gets a template by its identifier. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - templateID - template Id +// - options - ProductTemplateClientGetOptions contains the optional parameters for the ProductTemplateClient.Get method. +func (client *ProductTemplateClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *ProductTemplateClientGetOptions) (ProductTemplateClientGetResponse, error) { + var err error + const operationName = "ProductTemplateClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, templateID, options) + if err != nil { + return ProductTemplateClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ProductTemplateClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ProductTemplateClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *ProductTemplateClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, templateID string, options *ProductTemplateClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentproducttemplates/{templateId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if templateID == "" { + return nil, errors.New("parameter templateID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{templateId}", url.PathEscape(templateID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *ProductTemplateClient) getHandleResponse(resp *http.Response) (ProductTemplateClientGetResponse, error) { + result := ProductTemplateClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ProductTemplateModel); err != nil { + return ProductTemplateClientGetResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplates_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplates_client.go new file mode 100644 index 000000000000..947e3e0306f1 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/producttemplates_client.go @@ -0,0 +1,131 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// ProductTemplatesClient contains the methods for the ProductTemplates group. +// Don't use this type directly, use NewProductTemplatesClient() instead. +type ProductTemplatesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewProductTemplatesClient creates a new instance of ProductTemplatesClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewProductTemplatesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ProductTemplatesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ProductTemplatesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets all templates in the catalog. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - ProductTemplatesClientListOptions contains the optional parameters for the ProductTemplatesClient.NewListPager +// method. +func (client *ProductTemplatesClient) NewListPager(resourceGroupName string, workspaceName string, options *ProductTemplatesClientListOptions) *runtime.Pager[ProductTemplatesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ProductTemplatesClientListResponse]{ + More: func(page ProductTemplatesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ProductTemplatesClientListResponse) (ProductTemplatesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ProductTemplatesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return ProductTemplatesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ProductTemplatesClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *ProductTemplatesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductTemplates" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Count != nil { + reqQP.Set("$count", strconv.FormatBool(*options.Count)) + } + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.Search != nil { + reqQP.Set("$search", *options.Search) + } + if options != nil && options.Skip != nil { + reqQP.Set("$skip", strconv.FormatInt(int64(*options.Skip), 10)) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ProductTemplatesClient) listHandleResponse(resp *http.Response) (ProductTemplatesClientListResponse, error) { + result := ProductTemplatesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ProductTemplateList); err != nil { + return ProductTemplatesClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/reevaluate_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/reevaluate_client.go new file mode 100644 index 000000000000..1774acfa8104 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/reevaluate_client.go @@ -0,0 +1,114 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ReevaluateClient contains the methods for the Reevaluate group. +// Don't use this type directly, use NewReevaluateClient() instead. +type ReevaluateClient struct { + internal *arm.Client + subscriptionID string +} + +// NewReevaluateClient creates a new instance of ReevaluateClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewReevaluateClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ReevaluateClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ReevaluateClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Recommendation - Reevaluate a recommendation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - recommendationID - Recommendation Id. +// - options - ReevaluateClientRecommendationOptions contains the optional parameters for the ReevaluateClient.Recommendation +// method. +func (client *ReevaluateClient) Recommendation(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, options *ReevaluateClientRecommendationOptions) (ReevaluateClientRecommendationResponse, error) { + var err error + const operationName = "ReevaluateClient.Recommendation" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.recommendationCreateRequest(ctx, resourceGroupName, workspaceName, recommendationID, options) + if err != nil { + return ReevaluateClientRecommendationResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ReevaluateClientRecommendationResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ReevaluateClientRecommendationResponse{}, err + } + resp, err := client.recommendationHandleResponse(httpResp) + return resp, err +} + +// recommendationCreateRequest creates the Recommendation request. +func (client *ReevaluateClient) recommendationCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, options *ReevaluateClientRecommendationOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId}/triggerEvaluation" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if recommendationID == "" { + return nil, errors.New("parameter recommendationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{recommendationId}", url.PathEscape(recommendationID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// recommendationHandleResponse handles the Recommendation response. +func (client *ReevaluateClient) recommendationHandleResponse(resp *http.Response) (ReevaluateClientRecommendationResponse, error) { + result := ReevaluateClientRecommendationResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ReevaluateResponse); err != nil { + return ReevaluateClientRecommendationResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/response_types.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/response_types.go deleted file mode 100644 index cbd9de53030e..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/response_types.go +++ /dev/null @@ -1,438 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -package armsecurityinsights - -// ActionsClientCreateOrUpdateResponse contains the response from method ActionsClient.CreateOrUpdate. -type ActionsClientCreateOrUpdateResponse struct { - // Action for alert rule. - ActionResponse -} - -// ActionsClientDeleteResponse contains the response from method ActionsClient.Delete. -type ActionsClientDeleteResponse struct { - // placeholder for future response values -} - -// ActionsClientGetResponse contains the response from method ActionsClient.Get. -type ActionsClientGetResponse struct { - // Action for alert rule. - ActionResponse -} - -// ActionsClientListByAlertRuleResponse contains the response from method ActionsClient.NewListByAlertRulePager. -type ActionsClientListByAlertRuleResponse struct { - // List all the actions. - ActionsList -} - -// AlertRuleTemplatesClientGetResponse contains the response from method AlertRuleTemplatesClient.Get. -type AlertRuleTemplatesClientGetResponse struct { - // Alert rule template. - AlertRuleTemplateClassification -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRuleTemplatesClientGetResponse. -func (a *AlertRuleTemplatesClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalAlertRuleTemplateClassification(data) - if err != nil { - return err - } - a.AlertRuleTemplateClassification = res - return nil -} - -// AlertRuleTemplatesClientListResponse contains the response from method AlertRuleTemplatesClient.NewListPager. -type AlertRuleTemplatesClientListResponse struct { - // List all the alert rule templates. - AlertRuleTemplatesList -} - -// AlertRulesClientCreateOrUpdateResponse contains the response from method AlertRulesClient.CreateOrUpdate. -type AlertRulesClientCreateOrUpdateResponse struct { - // Alert rule. - AlertRuleClassification -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRulesClientCreateOrUpdateResponse. -func (a *AlertRulesClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalAlertRuleClassification(data) - if err != nil { - return err - } - a.AlertRuleClassification = res - return nil -} - -// AlertRulesClientDeleteResponse contains the response from method AlertRulesClient.Delete. -type AlertRulesClientDeleteResponse struct { - // placeholder for future response values -} - -// AlertRulesClientGetResponse contains the response from method AlertRulesClient.Get. -type AlertRulesClientGetResponse struct { - // Alert rule. - AlertRuleClassification -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRulesClientGetResponse. -func (a *AlertRulesClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalAlertRuleClassification(data) - if err != nil { - return err - } - a.AlertRuleClassification = res - return nil -} - -// AlertRulesClientListResponse contains the response from method AlertRulesClient.NewListPager. -type AlertRulesClientListResponse struct { - // List all the alert rules. - AlertRulesList -} - -// AutomationRulesClientCreateOrUpdateResponse contains the response from method AutomationRulesClient.CreateOrUpdate. -type AutomationRulesClientCreateOrUpdateResponse struct { - AutomationRule -} - -// AutomationRulesClientDeleteResponse contains the response from method AutomationRulesClient.Delete. -type AutomationRulesClientDeleteResponse struct { - // Anything - Interface any -} - -// AutomationRulesClientGetResponse contains the response from method AutomationRulesClient.Get. -type AutomationRulesClientGetResponse struct { - AutomationRule -} - -// AutomationRulesClientListResponse contains the response from method AutomationRulesClient.NewListPager. -type AutomationRulesClientListResponse struct { - AutomationRulesList -} - -// BookmarksClientCreateOrUpdateResponse contains the response from method BookmarksClient.CreateOrUpdate. -type BookmarksClientCreateOrUpdateResponse struct { - // Represents a bookmark in Azure Security Insights. - Bookmark -} - -// BookmarksClientDeleteResponse contains the response from method BookmarksClient.Delete. -type BookmarksClientDeleteResponse struct { - // placeholder for future response values -} - -// BookmarksClientGetResponse contains the response from method BookmarksClient.Get. -type BookmarksClientGetResponse struct { - // Represents a bookmark in Azure Security Insights. - Bookmark -} - -// BookmarksClientListResponse contains the response from method BookmarksClient.NewListPager. -type BookmarksClientListResponse struct { - // List all the bookmarks. - BookmarkList -} - -// DataConnectorsClientCreateOrUpdateResponse contains the response from method DataConnectorsClient.CreateOrUpdate. -type DataConnectorsClientCreateOrUpdateResponse struct { - // Data connector. - DataConnectorClassification -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsClientCreateOrUpdateResponse. -func (d *DataConnectorsClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalDataConnectorClassification(data) - if err != nil { - return err - } - d.DataConnectorClassification = res - return nil -} - -// DataConnectorsClientDeleteResponse contains the response from method DataConnectorsClient.Delete. -type DataConnectorsClientDeleteResponse struct { - // placeholder for future response values -} - -// DataConnectorsClientGetResponse contains the response from method DataConnectorsClient.Get. -type DataConnectorsClientGetResponse struct { - // Data connector. - DataConnectorClassification -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsClientGetResponse. -func (d *DataConnectorsClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalDataConnectorClassification(data) - if err != nil { - return err - } - d.DataConnectorClassification = res - return nil -} - -// DataConnectorsClientListResponse contains the response from method DataConnectorsClient.NewListPager. -type DataConnectorsClientListResponse struct { - // List all the data connectors. - DataConnectorList -} - -// IncidentCommentsClientCreateOrUpdateResponse contains the response from method IncidentCommentsClient.CreateOrUpdate. -type IncidentCommentsClientCreateOrUpdateResponse struct { - // Represents an incident comment - IncidentComment -} - -// IncidentCommentsClientDeleteResponse contains the response from method IncidentCommentsClient.Delete. -type IncidentCommentsClientDeleteResponse struct { - // placeholder for future response values -} - -// IncidentCommentsClientGetResponse contains the response from method IncidentCommentsClient.Get. -type IncidentCommentsClientGetResponse struct { - // Represents an incident comment - IncidentComment -} - -// IncidentCommentsClientListResponse contains the response from method IncidentCommentsClient.NewListPager. -type IncidentCommentsClientListResponse struct { - // List of incident comments. - IncidentCommentList -} - -// IncidentRelationsClientCreateOrUpdateResponse contains the response from method IncidentRelationsClient.CreateOrUpdate. -type IncidentRelationsClientCreateOrUpdateResponse struct { - // Represents a relation between two resources - Relation -} - -// IncidentRelationsClientDeleteResponse contains the response from method IncidentRelationsClient.Delete. -type IncidentRelationsClientDeleteResponse struct { - // placeholder for future response values -} - -// IncidentRelationsClientGetResponse contains the response from method IncidentRelationsClient.Get. -type IncidentRelationsClientGetResponse struct { - // Represents a relation between two resources - Relation -} - -// IncidentRelationsClientListResponse contains the response from method IncidentRelationsClient.NewListPager. -type IncidentRelationsClientListResponse struct { - // List of relations. - RelationList -} - -// IncidentsClientCreateOrUpdateResponse contains the response from method IncidentsClient.CreateOrUpdate. -type IncidentsClientCreateOrUpdateResponse struct { - // Represents an incident in Azure Security Insights. - Incident -} - -// IncidentsClientDeleteResponse contains the response from method IncidentsClient.Delete. -type IncidentsClientDeleteResponse struct { - // placeholder for future response values -} - -// IncidentsClientGetResponse contains the response from method IncidentsClient.Get. -type IncidentsClientGetResponse struct { - // Represents an incident in Azure Security Insights. - Incident -} - -// IncidentsClientListAlertsResponse contains the response from method IncidentsClient.ListAlerts. -type IncidentsClientListAlertsResponse struct { - // List of incident alerts. - IncidentAlertList -} - -// IncidentsClientListBookmarksResponse contains the response from method IncidentsClient.ListBookmarks. -type IncidentsClientListBookmarksResponse struct { - // List of incident bookmarks. - IncidentBookmarkList -} - -// IncidentsClientListEntitiesResponse contains the response from method IncidentsClient.ListEntities. -type IncidentsClientListEntitiesResponse struct { - // The incident related entities response. - IncidentEntitiesResponse -} - -// IncidentsClientListResponse contains the response from method IncidentsClient.NewListPager. -type IncidentsClientListResponse struct { - // List all the incidents. - IncidentList -} - -// OperationsClientListResponse contains the response from method OperationsClient.NewListPager. -type OperationsClientListResponse struct { - // Lists the operations available in the SecurityInsights RP. - OperationsList -} - -// SentinelOnboardingStatesClientCreateResponse contains the response from method SentinelOnboardingStatesClient.Create. -type SentinelOnboardingStatesClientCreateResponse struct { - // Sentinel onboarding state - SentinelOnboardingState -} - -// SentinelOnboardingStatesClientDeleteResponse contains the response from method SentinelOnboardingStatesClient.Delete. -type SentinelOnboardingStatesClientDeleteResponse struct { - // placeholder for future response values -} - -// SentinelOnboardingStatesClientGetResponse contains the response from method SentinelOnboardingStatesClient.Get. -type SentinelOnboardingStatesClientGetResponse struct { - // Sentinel onboarding state - SentinelOnboardingState -} - -// SentinelOnboardingStatesClientListResponse contains the response from method SentinelOnboardingStatesClient.List. -type SentinelOnboardingStatesClientListResponse struct { - // List of the Sentinel onboarding states - SentinelOnboardingStatesList -} - -// ThreatIntelligenceIndicatorClientAppendTagsResponse contains the response from method ThreatIntelligenceIndicatorClient.AppendTags. -type ThreatIntelligenceIndicatorClientAppendTagsResponse struct { - // placeholder for future response values -} - -// ThreatIntelligenceIndicatorClientCreateIndicatorResponse contains the response from method ThreatIntelligenceIndicatorClient.CreateIndicator. -type ThreatIntelligenceIndicatorClientCreateIndicatorResponse struct { - // Threat intelligence information object. - ThreatIntelligenceInformationClassification -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientCreateIndicatorResponse. -func (t *ThreatIntelligenceIndicatorClientCreateIndicatorResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalThreatIntelligenceInformationClassification(data) - if err != nil { - return err - } - t.ThreatIntelligenceInformationClassification = res - return nil -} - -// ThreatIntelligenceIndicatorClientCreateResponse contains the response from method ThreatIntelligenceIndicatorClient.Create. -type ThreatIntelligenceIndicatorClientCreateResponse struct { - // Threat intelligence information object. - ThreatIntelligenceInformationClassification -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientCreateResponse. -func (t *ThreatIntelligenceIndicatorClientCreateResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalThreatIntelligenceInformationClassification(data) - if err != nil { - return err - } - t.ThreatIntelligenceInformationClassification = res - return nil -} - -// ThreatIntelligenceIndicatorClientDeleteResponse contains the response from method ThreatIntelligenceIndicatorClient.Delete. -type ThreatIntelligenceIndicatorClientDeleteResponse struct { - // placeholder for future response values -} - -// ThreatIntelligenceIndicatorClientGetResponse contains the response from method ThreatIntelligenceIndicatorClient.Get. -type ThreatIntelligenceIndicatorClientGetResponse struct { - // Threat intelligence information object. - ThreatIntelligenceInformationClassification -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientGetResponse. -func (t *ThreatIntelligenceIndicatorClientGetResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalThreatIntelligenceInformationClassification(data) - if err != nil { - return err - } - t.ThreatIntelligenceInformationClassification = res - return nil -} - -// ThreatIntelligenceIndicatorClientQueryIndicatorsResponse contains the response from method ThreatIntelligenceIndicatorClient.NewQueryIndicatorsPager. -type ThreatIntelligenceIndicatorClientQueryIndicatorsResponse struct { - // List of all the threat intelligence information objects. - ThreatIntelligenceInformationList -} - -// ThreatIntelligenceIndicatorClientReplaceTagsResponse contains the response from method ThreatIntelligenceIndicatorClient.ReplaceTags. -type ThreatIntelligenceIndicatorClientReplaceTagsResponse struct { - // Threat intelligence information object. - ThreatIntelligenceInformationClassification -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientReplaceTagsResponse. -func (t *ThreatIntelligenceIndicatorClientReplaceTagsResponse) UnmarshalJSON(data []byte) error { - res, err := unmarshalThreatIntelligenceInformationClassification(data) - if err != nil { - return err - } - t.ThreatIntelligenceInformationClassification = res - return nil -} - -// ThreatIntelligenceIndicatorMetricsClientListResponse contains the response from method ThreatIntelligenceIndicatorMetricsClient.List. -type ThreatIntelligenceIndicatorMetricsClientListResponse struct { - // List of all the threat intelligence metric fields (type/threat type/source). - ThreatIntelligenceMetricsList -} - -// ThreatIntelligenceIndicatorsClientListResponse contains the response from method ThreatIntelligenceIndicatorsClient.NewListPager. -type ThreatIntelligenceIndicatorsClientListResponse struct { - // List of all the threat intelligence information objects. - ThreatIntelligenceInformationList -} - -// WatchlistItemsClientCreateOrUpdateResponse contains the response from method WatchlistItemsClient.CreateOrUpdate. -type WatchlistItemsClientCreateOrUpdateResponse struct { - // Represents a Watchlist Item in Azure Security Insights. - WatchlistItem -} - -// WatchlistItemsClientDeleteResponse contains the response from method WatchlistItemsClient.Delete. -type WatchlistItemsClientDeleteResponse struct { - // placeholder for future response values -} - -// WatchlistItemsClientGetResponse contains the response from method WatchlistItemsClient.Get. -type WatchlistItemsClientGetResponse struct { - // Represents a Watchlist Item in Azure Security Insights. - WatchlistItem -} - -// WatchlistItemsClientListResponse contains the response from method WatchlistItemsClient.NewListPager. -type WatchlistItemsClientListResponse struct { - // List all the watchlist items. - WatchlistItemList -} - -// WatchlistsClientCreateOrUpdateResponse contains the response from method WatchlistsClient.CreateOrUpdate. -type WatchlistsClientCreateOrUpdateResponse struct { - // Represents a Watchlist in Azure Security Insights. - Watchlist -} - -// WatchlistsClientDeleteResponse contains the response from method WatchlistsClient.Delete. -type WatchlistsClientDeleteResponse struct { - // placeholder for future response values -} - -// WatchlistsClientGetResponse contains the response from method WatchlistsClient.Get. -type WatchlistsClientGetResponse struct { - // Represents a Watchlist in Azure Security Insights. - Watchlist -} - -// WatchlistsClientListResponse contains the response from method WatchlistsClient.NewListPager. -type WatchlistsClientListResponse struct { - // List all the watchlists. - WatchlistList -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/responses.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/responses.go new file mode 100644 index 000000000000..a73680013e04 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/responses.go @@ -0,0 +1,1228 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +// ActionsClientCreateOrUpdateResponse contains the response from method ActionsClient.CreateOrUpdate. +type ActionsClientCreateOrUpdateResponse struct { + // Action for alert rule. + ActionResponse +} + +// ActionsClientDeleteResponse contains the response from method ActionsClient.Delete. +type ActionsClientDeleteResponse struct { + // placeholder for future response values +} + +// ActionsClientGetResponse contains the response from method ActionsClient.Get. +type ActionsClientGetResponse struct { + // Action for alert rule. + ActionResponse +} + +// ActionsClientListByAlertRuleResponse contains the response from method ActionsClient.NewListByAlertRulePager. +type ActionsClientListByAlertRuleResponse struct { + // List all the actions. + ActionsList +} + +// AlertRuleClientTriggerRuleRunResponse contains the response from method AlertRuleClient.BeginTriggerRuleRun. +type AlertRuleClientTriggerRuleRunResponse struct { + // placeholder for future response values +} + +// AlertRuleTemplatesClientGetResponse contains the response from method AlertRuleTemplatesClient.Get. +type AlertRuleTemplatesClientGetResponse struct { + // Alert rule template. + AlertRuleTemplateClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRuleTemplatesClientGetResponse. +func (a *AlertRuleTemplatesClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalAlertRuleTemplateClassification(data) + if err != nil { + return err + } + a.AlertRuleTemplateClassification = res + return nil +} + +// AlertRuleTemplatesClientListResponse contains the response from method AlertRuleTemplatesClient.NewListPager. +type AlertRuleTemplatesClientListResponse struct { + // List all the alert rule templates. + AlertRuleTemplatesList +} + +// AlertRulesClientCreateOrUpdateResponse contains the response from method AlertRulesClient.CreateOrUpdate. +type AlertRulesClientCreateOrUpdateResponse struct { + // Alert rule. + AlertRuleClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRulesClientCreateOrUpdateResponse. +func (a *AlertRulesClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalAlertRuleClassification(data) + if err != nil { + return err + } + a.AlertRuleClassification = res + return nil +} + +// AlertRulesClientDeleteResponse contains the response from method AlertRulesClient.Delete. +type AlertRulesClientDeleteResponse struct { + // placeholder for future response values +} + +// AlertRulesClientGetResponse contains the response from method AlertRulesClient.Get. +type AlertRulesClientGetResponse struct { + // Alert rule. + AlertRuleClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertRulesClientGetResponse. +func (a *AlertRulesClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalAlertRuleClassification(data) + if err != nil { + return err + } + a.AlertRuleClassification = res + return nil +} + +// AlertRulesClientListResponse contains the response from method AlertRulesClient.NewListPager. +type AlertRulesClientListResponse struct { + // List all the alert rules. + AlertRulesList +} + +// AutomationRulesClientCreateOrUpdateResponse contains the response from method AutomationRulesClient.CreateOrUpdate. +type AutomationRulesClientCreateOrUpdateResponse struct { + AutomationRule +} + +// AutomationRulesClientDeleteResponse contains the response from method AutomationRulesClient.Delete. +type AutomationRulesClientDeleteResponse struct { + // Anything + Interface any +} + +// AutomationRulesClientGetResponse contains the response from method AutomationRulesClient.Get. +type AutomationRulesClientGetResponse struct { + AutomationRule +} + +// AutomationRulesClientListResponse contains the response from method AutomationRulesClient.NewListPager. +type AutomationRulesClientListResponse struct { + AutomationRulesList +} + +// BillingStatisticsClientGetResponse contains the response from method BillingStatisticsClient.Get. +type BillingStatisticsClientGetResponse struct { + // Billing statistic + BillingStatisticClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type BillingStatisticsClientGetResponse. +func (b *BillingStatisticsClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalBillingStatisticClassification(data) + if err != nil { + return err + } + b.BillingStatisticClassification = res + return nil +} + +// BillingStatisticsClientListResponse contains the response from method BillingStatisticsClient.NewListPager. +type BillingStatisticsClientListResponse struct { + // List of all Microsoft Sentinel billing statistics. + BillingStatisticList +} + +// BookmarkClientExpandResponse contains the response from method BookmarkClient.Expand. +type BookmarkClientExpandResponse struct { + // The entity expansion result operation response. + BookmarkExpandResponse +} + +// BookmarkRelationsClientCreateOrUpdateResponse contains the response from method BookmarkRelationsClient.CreateOrUpdate. +type BookmarkRelationsClientCreateOrUpdateResponse struct { + // Represents a relation between two resources + Relation +} + +// BookmarkRelationsClientDeleteResponse contains the response from method BookmarkRelationsClient.Delete. +type BookmarkRelationsClientDeleteResponse struct { + // placeholder for future response values +} + +// BookmarkRelationsClientGetResponse contains the response from method BookmarkRelationsClient.Get. +type BookmarkRelationsClientGetResponse struct { + // Represents a relation between two resources + Relation +} + +// BookmarkRelationsClientListResponse contains the response from method BookmarkRelationsClient.NewListPager. +type BookmarkRelationsClientListResponse struct { + // List of relations. + RelationList +} + +// BookmarksClientCreateOrUpdateResponse contains the response from method BookmarksClient.CreateOrUpdate. +type BookmarksClientCreateOrUpdateResponse struct { + // Represents a bookmark in Azure Security Insights. + Bookmark +} + +// BookmarksClientDeleteResponse contains the response from method BookmarksClient.Delete. +type BookmarksClientDeleteResponse struct { + // placeholder for future response values +} + +// BookmarksClientGetResponse contains the response from method BookmarksClient.Get. +type BookmarksClientGetResponse struct { + // Represents a bookmark in Azure Security Insights. + Bookmark +} + +// BookmarksClientListResponse contains the response from method BookmarksClient.NewListPager. +type BookmarksClientListResponse struct { + // List all the bookmarks. + BookmarkList +} + +// ClientListGeodataByIPResponse contains the response from method Client.ListGeodataByIP. +type ClientListGeodataByIPResponse struct { + // Geodata information for a given IP address + EnrichmentIPGeodataAutoGenerated +} + +// ClientListWhoisByDomainResponse contains the response from method Client.ListWhoisByDomain. +type ClientListWhoisByDomainResponse struct { + // Whois information for a given domain and associated metadata + EnrichmentDomainWhois +} + +// ContentPackageClientInstallResponse contains the response from method ContentPackageClient.Install. +type ContentPackageClientInstallResponse struct { + // Represents a Package in Azure Security Insights. + PackageModel +} + +// ContentPackageClientUninstallResponse contains the response from method ContentPackageClient.Uninstall. +type ContentPackageClientUninstallResponse struct { + // placeholder for future response values +} + +// ContentPackagesClientGetResponse contains the response from method ContentPackagesClient.Get. +type ContentPackagesClientGetResponse struct { + // Represents a Package in Azure Security Insights. + PackageModel +} + +// ContentPackagesClientListResponse contains the response from method ContentPackagesClient.NewListPager. +type ContentPackagesClientListResponse struct { + // List available packages. + PackageList +} + +// ContentTemplateClientDeleteResponse contains the response from method ContentTemplateClient.Delete. +type ContentTemplateClientDeleteResponse struct { + // placeholder for future response values +} + +// ContentTemplateClientGetResponse contains the response from method ContentTemplateClient.Get. +type ContentTemplateClientGetResponse struct { + // Template resource definition. + TemplateModel +} + +// ContentTemplateClientInstallResponse contains the response from method ContentTemplateClient.Install. +type ContentTemplateClientInstallResponse struct { + // Template resource definition. + TemplateModel +} + +// ContentTemplatesClientListResponse contains the response from method ContentTemplatesClient.NewListPager. +type ContentTemplatesClientListResponse struct { + // List of all the template. + TemplateList +} + +// DataConnectorDefinitionsClientCreateOrUpdateResponse contains the response from method DataConnectorDefinitionsClient.CreateOrUpdate. +type DataConnectorDefinitionsClientCreateOrUpdateResponse struct { + // An Azure resource, which encapsulate the entire info requires to display a data connector page in Azure portal, + // and the info required to define data connections. + DataConnectorDefinitionClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDefinitionsClientCreateOrUpdateResponse. +func (d *DataConnectorDefinitionsClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalDataConnectorDefinitionClassification(data) + if err != nil { + return err + } + d.DataConnectorDefinitionClassification = res + return nil +} + +// DataConnectorDefinitionsClientDeleteResponse contains the response from method DataConnectorDefinitionsClient.Delete. +type DataConnectorDefinitionsClientDeleteResponse struct { + // placeholder for future response values +} + +// DataConnectorDefinitionsClientGetResponse contains the response from method DataConnectorDefinitionsClient.Get. +type DataConnectorDefinitionsClientGetResponse struct { + // An Azure resource, which encapsulate the entire info requires to display a data connector page in Azure portal, + // and the info required to define data connections. + DataConnectorDefinitionClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorDefinitionsClientGetResponse. +func (d *DataConnectorDefinitionsClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalDataConnectorDefinitionClassification(data) + if err != nil { + return err + } + d.DataConnectorDefinitionClassification = res + return nil +} + +// DataConnectorDefinitionsClientListResponse contains the response from method DataConnectorDefinitionsClient.NewListPager. +type DataConnectorDefinitionsClientListResponse struct { + // Encapsulate the data connector definition object + DataConnectorDefinitionArmCollectionWrapper +} + +// DataConnectorsCheckRequirementsClientPostResponse contains the response from method DataConnectorsCheckRequirementsClient.Post. +type DataConnectorsCheckRequirementsClientPostResponse struct { + // Data connector requirements status. + DataConnectorRequirementsState +} + +// DataConnectorsClientConnectResponse contains the response from method DataConnectorsClient.Connect. +type DataConnectorsClientConnectResponse struct { + // placeholder for future response values +} + +// DataConnectorsClientCreateOrUpdateResponse contains the response from method DataConnectorsClient.CreateOrUpdate. +type DataConnectorsClientCreateOrUpdateResponse struct { + // Data connector + DataConnectorClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsClientCreateOrUpdateResponse. +func (d *DataConnectorsClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalDataConnectorClassification(data) + if err != nil { + return err + } + d.DataConnectorClassification = res + return nil +} + +// DataConnectorsClientDeleteResponse contains the response from method DataConnectorsClient.Delete. +type DataConnectorsClientDeleteResponse struct { + // placeholder for future response values +} + +// DataConnectorsClientDisconnectResponse contains the response from method DataConnectorsClient.Disconnect. +type DataConnectorsClientDisconnectResponse struct { + // placeholder for future response values +} + +// DataConnectorsClientGetResponse contains the response from method DataConnectorsClient.Get. +type DataConnectorsClientGetResponse struct { + // Data connector + DataConnectorClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DataConnectorsClientGetResponse. +func (d *DataConnectorsClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalDataConnectorClassification(data) + if err != nil { + return err + } + d.DataConnectorClassification = res + return nil +} + +// DataConnectorsClientListResponse contains the response from method DataConnectorsClient.NewListPager. +type DataConnectorsClientListResponse struct { + // List all the data connectors. + DataConnectorList +} + +// DomainWhoisClientGetResponse contains the response from method DomainWhoisClient.Get. +type DomainWhoisClientGetResponse struct { + // Whois information for a given domain and associated metadata + EnrichmentDomainWhois +} + +// EntitiesClientExpandResponse contains the response from method EntitiesClient.Expand. +type EntitiesClientExpandResponse struct { + // The entity expansion result operation response. + EntityExpandResponse +} + +// EntitiesClientGetInsightsResponse contains the response from method EntitiesClient.GetInsights. +type EntitiesClientGetInsightsResponse struct { + // The Get Insights result operation response. + EntityGetInsightsResponse +} + +// EntitiesClientGetResponse contains the response from method EntitiesClient.Get. +type EntitiesClientGetResponse struct { + // Specific entity. + EntityClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntitiesClientGetResponse. +func (e *EntitiesClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalEntityClassification(data) + if err != nil { + return err + } + e.EntityClassification = res + return nil +} + +// EntitiesClientListResponse contains the response from method EntitiesClient.NewListPager. +type EntitiesClientListResponse struct { + // List of all the entities. + EntityList +} + +// EntitiesClientQueriesResponse contains the response from method EntitiesClient.Queries. +type EntitiesClientQueriesResponse struct { + // Retrieve queries for entity result operation response. + GetQueriesResponse +} + +// EntitiesClientRunPlaybookResponse contains the response from method EntitiesClient.RunPlaybook. +type EntitiesClientRunPlaybookResponse struct { + // placeholder for future response values +} + +// EntitiesGetTimelineClientListResponse contains the response from method EntitiesGetTimelineClient.List. +type EntitiesGetTimelineClientListResponse struct { + // The entity timeline result operation response. + EntityTimelineResponse +} + +// EntitiesRelationsClientListResponse contains the response from method EntitiesRelationsClient.NewListPager. +type EntitiesRelationsClientListResponse struct { + // List of relations. + RelationList +} + +// EntityQueriesClientCreateOrUpdateResponse contains the response from method EntityQueriesClient.CreateOrUpdate. +type EntityQueriesClientCreateOrUpdateResponse struct { + // Specific entity query. + EntityQueryClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueriesClientCreateOrUpdateResponse. +func (e *EntityQueriesClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalEntityQueryClassification(data) + if err != nil { + return err + } + e.EntityQueryClassification = res + return nil +} + +// EntityQueriesClientDeleteResponse contains the response from method EntityQueriesClient.Delete. +type EntityQueriesClientDeleteResponse struct { + // placeholder for future response values +} + +// EntityQueriesClientGetResponse contains the response from method EntityQueriesClient.Get. +type EntityQueriesClientGetResponse struct { + // Specific entity query. + EntityQueryClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueriesClientGetResponse. +func (e *EntityQueriesClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalEntityQueryClassification(data) + if err != nil { + return err + } + e.EntityQueryClassification = res + return nil +} + +// EntityQueriesClientListResponse contains the response from method EntityQueriesClient.NewListPager. +type EntityQueriesClientListResponse struct { + // List of all the entity queries. + EntityQueryList +} + +// EntityQueryTemplatesClientGetResponse contains the response from method EntityQueryTemplatesClient.Get. +type EntityQueryTemplatesClientGetResponse struct { + // Specific entity query template. + EntityQueryTemplateClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EntityQueryTemplatesClientGetResponse. +func (e *EntityQueryTemplatesClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalEntityQueryTemplateClassification(data) + if err != nil { + return err + } + e.EntityQueryTemplateClassification = res + return nil +} + +// EntityQueryTemplatesClientListResponse contains the response from method EntityQueryTemplatesClient.NewListPager. +type EntityQueryTemplatesClientListResponse struct { + // List of all the entity query templates. + EntityQueryTemplateList +} + +// EntityRelationsClientGetRelationResponse contains the response from method EntityRelationsClient.GetRelation. +type EntityRelationsClientGetRelationResponse struct { + // Represents a relation between two resources + Relation +} + +// FileImportsClientCreateResponse contains the response from method FileImportsClient.Create. +type FileImportsClientCreateResponse struct { + // Represents a file import in Azure Security Insights. + FileImport +} + +// FileImportsClientDeleteResponse contains the response from method FileImportsClient.BeginDelete. +type FileImportsClientDeleteResponse struct { + // Represents a file import in Azure Security Insights. + FileImport +} + +// FileImportsClientGetResponse contains the response from method FileImportsClient.Get. +type FileImportsClientGetResponse struct { + // Represents a file import in Azure Security Insights. + FileImport +} + +// FileImportsClientListResponse contains the response from method FileImportsClient.NewListPager. +type FileImportsClientListResponse struct { + // List all the file imports. + FileImportList +} + +// GetClientSingleRecommendationResponse contains the response from method GetClient.SingleRecommendation. +type GetClientSingleRecommendationResponse struct { + // Recommendation object. + Recommendation +} + +// GetRecommendationsClientListResponse contains the response from method GetRecommendationsClient.List. +type GetRecommendationsClientListResponse struct { + // A list of recommendations + RecommendationList +} + +// GetTriggeredAnalyticsRuleRunsClientListResponse contains the response from method GetTriggeredAnalyticsRuleRunsClient.NewListPager. +type GetTriggeredAnalyticsRuleRunsClientListResponse struct { + // The triggered analytics rule run array + TriggeredAnalyticsRuleRuns +} + +// HuntCommentsClientCreateOrUpdateResponse contains the response from method HuntCommentsClient.CreateOrUpdate. +type HuntCommentsClientCreateOrUpdateResponse struct { + // Represents a Hunt Comment in Azure Security Insights + HuntComment +} + +// HuntCommentsClientDeleteResponse contains the response from method HuntCommentsClient.Delete. +type HuntCommentsClientDeleteResponse struct { + // placeholder for future response values +} + +// HuntCommentsClientGetResponse contains the response from method HuntCommentsClient.Get. +type HuntCommentsClientGetResponse struct { + // Represents a Hunt Comment in Azure Security Insights + HuntComment +} + +// HuntCommentsClientListResponse contains the response from method HuntCommentsClient.NewListPager. +type HuntCommentsClientListResponse struct { + // List of all hunt comments + HuntCommentList +} + +// HuntRelationsClientCreateOrUpdateResponse contains the response from method HuntRelationsClient.CreateOrUpdate. +type HuntRelationsClientCreateOrUpdateResponse struct { + // Represents a Hunt Relation in Azure Security Insights. + HuntRelation +} + +// HuntRelationsClientDeleteResponse contains the response from method HuntRelationsClient.Delete. +type HuntRelationsClientDeleteResponse struct { + // placeholder for future response values +} + +// HuntRelationsClientGetResponse contains the response from method HuntRelationsClient.Get. +type HuntRelationsClientGetResponse struct { + // Represents a Hunt Relation in Azure Security Insights. + HuntRelation +} + +// HuntRelationsClientListResponse contains the response from method HuntRelationsClient.NewListPager. +type HuntRelationsClientListResponse struct { + // List of all the hunt relations + HuntRelationList +} + +// HuntsClientCreateOrUpdateResponse contains the response from method HuntsClient.CreateOrUpdate. +type HuntsClientCreateOrUpdateResponse struct { + // Represents a Hunt in Azure Security Insights. + Hunt +} + +// HuntsClientDeleteResponse contains the response from method HuntsClient.Delete. +type HuntsClientDeleteResponse struct { + // placeholder for future response values +} + +// HuntsClientGetResponse contains the response from method HuntsClient.Get. +type HuntsClientGetResponse struct { + // Represents a Hunt in Azure Security Insights. + Hunt +} + +// HuntsClientListResponse contains the response from method HuntsClient.NewListPager. +type HuntsClientListResponse struct { + // List all the hunts. + HuntList +} + +// IPGeodataClientGetResponse contains the response from method IPGeodataClient.Get. +type IPGeodataClientGetResponse struct { + // Geodata information for a given IP address + EnrichmentIPGeodata +} + +// IncidentCommentsClientCreateOrUpdateResponse contains the response from method IncidentCommentsClient.CreateOrUpdate. +type IncidentCommentsClientCreateOrUpdateResponse struct { + // Represents an incident comment + IncidentComment +} + +// IncidentCommentsClientDeleteResponse contains the response from method IncidentCommentsClient.Delete. +type IncidentCommentsClientDeleteResponse struct { + // placeholder for future response values +} + +// IncidentCommentsClientGetResponse contains the response from method IncidentCommentsClient.Get. +type IncidentCommentsClientGetResponse struct { + // Represents an incident comment + IncidentComment +} + +// IncidentCommentsClientListResponse contains the response from method IncidentCommentsClient.NewListPager. +type IncidentCommentsClientListResponse struct { + IncidentCommentList +} + +// IncidentRelationsClientCreateOrUpdateResponse contains the response from method IncidentRelationsClient.CreateOrUpdate. +type IncidentRelationsClientCreateOrUpdateResponse struct { + // Represents a relation between two resources + Relation +} + +// IncidentRelationsClientDeleteResponse contains the response from method IncidentRelationsClient.Delete. +type IncidentRelationsClientDeleteResponse struct { + // placeholder for future response values +} + +// IncidentRelationsClientGetResponse contains the response from method IncidentRelationsClient.Get. +type IncidentRelationsClientGetResponse struct { + // Represents a relation between two resources + Relation +} + +// IncidentRelationsClientListResponse contains the response from method IncidentRelationsClient.NewListPager. +type IncidentRelationsClientListResponse struct { + // List of relations. + RelationList +} + +// IncidentTasksClientCreateOrUpdateResponse contains the response from method IncidentTasksClient.CreateOrUpdate. +type IncidentTasksClientCreateOrUpdateResponse struct { + IncidentTask +} + +// IncidentTasksClientDeleteResponse contains the response from method IncidentTasksClient.Delete. +type IncidentTasksClientDeleteResponse struct { + // placeholder for future response values +} + +// IncidentTasksClientGetResponse contains the response from method IncidentTasksClient.Get. +type IncidentTasksClientGetResponse struct { + IncidentTask +} + +// IncidentTasksClientListResponse contains the response from method IncidentTasksClient.NewListPager. +type IncidentTasksClientListResponse struct { + IncidentTaskList +} + +// IncidentsClientCreateOrUpdateResponse contains the response from method IncidentsClient.CreateOrUpdate. +type IncidentsClientCreateOrUpdateResponse struct { + Incident +} + +// IncidentsClientCreateTeamResponse contains the response from method IncidentsClient.CreateTeam. +type IncidentsClientCreateTeamResponse struct { + // Describes team information + TeamInformation +} + +// IncidentsClientDeleteResponse contains the response from method IncidentsClient.Delete. +type IncidentsClientDeleteResponse struct { + // placeholder for future response values +} + +// IncidentsClientGetResponse contains the response from method IncidentsClient.Get. +type IncidentsClientGetResponse struct { + Incident +} + +// IncidentsClientListAlertsResponse contains the response from method IncidentsClient.ListAlerts. +type IncidentsClientListAlertsResponse struct { + // List of incident alerts. + IncidentAlertList +} + +// IncidentsClientListBookmarksResponse contains the response from method IncidentsClient.ListBookmarks. +type IncidentsClientListBookmarksResponse struct { + // List of incident bookmarks. + IncidentBookmarkList +} + +// IncidentsClientListEntitiesResponse contains the response from method IncidentsClient.ListEntities. +type IncidentsClientListEntitiesResponse struct { + // The incident related entities response. + IncidentEntitiesResponse +} + +// IncidentsClientListResponse contains the response from method IncidentsClient.NewListPager. +type IncidentsClientListResponse struct { + // List all the incidents. + IncidentList +} + +// IncidentsClientRunPlaybookResponse contains the response from method IncidentsClient.RunPlaybook. +type IncidentsClientRunPlaybookResponse struct { + // Anything + Interface any +} + +// MetadataClientCreateResponse contains the response from method MetadataClient.Create. +type MetadataClientCreateResponse struct { + // Metadata resource definition. + MetadataModel +} + +// MetadataClientDeleteResponse contains the response from method MetadataClient.Delete. +type MetadataClientDeleteResponse struct { + // placeholder for future response values +} + +// MetadataClientGetResponse contains the response from method MetadataClient.Get. +type MetadataClientGetResponse struct { + // Metadata resource definition. + MetadataModel +} + +// MetadataClientListResponse contains the response from method MetadataClient.NewListPager. +type MetadataClientListResponse struct { + // List of all the metadata. + MetadataList +} + +// MetadataClientUpdateResponse contains the response from method MetadataClient.Update. +type MetadataClientUpdateResponse struct { + // Metadata resource definition. + MetadataModel +} + +// OfficeConsentsClientDeleteResponse contains the response from method OfficeConsentsClient.Delete. +type OfficeConsentsClientDeleteResponse struct { + // placeholder for future response values +} + +// OfficeConsentsClientGetResponse contains the response from method OfficeConsentsClient.Get. +type OfficeConsentsClientGetResponse struct { + // Consent for Office365 tenant that already made. + OfficeConsent +} + +// OfficeConsentsClientListResponse contains the response from method OfficeConsentsClient.NewListPager. +type OfficeConsentsClientListResponse struct { + // List of all the office365 consents. + OfficeConsentList +} + +// OperationsClientListResponse contains the response from method OperationsClient.NewListPager. +type OperationsClientListResponse struct { + // Lists the operations available in the SecurityInsights RP. + OperationsList +} + +// ProductPackageClientGetResponse contains the response from method ProductPackageClient.Get. +type ProductPackageClientGetResponse struct { + // Represents a Package in Azure Security Insights. + ProductPackageModel +} + +// ProductPackagesClientListResponse contains the response from method ProductPackagesClient.NewListPager. +type ProductPackagesClientListResponse struct { + // List available packages. + ProductPackageList +} + +// ProductSettingsClientDeleteResponse contains the response from method ProductSettingsClient.Delete. +type ProductSettingsClientDeleteResponse struct { + // placeholder for future response values +} + +// ProductSettingsClientGetResponse contains the response from method ProductSettingsClient.Get. +type ProductSettingsClientGetResponse struct { + // The Setting. + SettingsClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductSettingsClientGetResponse. +func (p *ProductSettingsClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalSettingsClassification(data) + if err != nil { + return err + } + p.SettingsClassification = res + return nil +} + +// ProductSettingsClientListResponse contains the response from method ProductSettingsClient.List. +type ProductSettingsClientListResponse struct { + // List of all the settings. + SettingList +} + +// ProductSettingsClientUpdateResponse contains the response from method ProductSettingsClient.Update. +type ProductSettingsClientUpdateResponse struct { + // The Setting. + SettingsClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProductSettingsClientUpdateResponse. +func (p *ProductSettingsClientUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalSettingsClassification(data) + if err != nil { + return err + } + p.SettingsClassification = res + return nil +} + +// ProductTemplateClientGetResponse contains the response from method ProductTemplateClient.Get. +type ProductTemplateClientGetResponse struct { + // Template resource definition. + ProductTemplateModel +} + +// ProductTemplatesClientListResponse contains the response from method ProductTemplatesClient.NewListPager. +type ProductTemplatesClientListResponse struct { + // List of all the template. + ProductTemplateList +} + +// ReevaluateClientRecommendationResponse contains the response from method ReevaluateClient.Recommendation. +type ReevaluateClientRecommendationResponse struct { + // Reevaluate response object. + ReevaluateResponse +} + +// SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse contains the response from method SecurityMLAnalyticsSettingsClient.CreateOrUpdate. +type SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse struct { + // Security ML Analytics Setting + SecurityMLAnalyticsSettingClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse. +func (s *SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalSecurityMLAnalyticsSettingClassification(data) + if err != nil { + return err + } + s.SecurityMLAnalyticsSettingClassification = res + return nil +} + +// SecurityMLAnalyticsSettingsClientDeleteResponse contains the response from method SecurityMLAnalyticsSettingsClient.Delete. +type SecurityMLAnalyticsSettingsClientDeleteResponse struct { + // placeholder for future response values +} + +// SecurityMLAnalyticsSettingsClientGetResponse contains the response from method SecurityMLAnalyticsSettingsClient.Get. +type SecurityMLAnalyticsSettingsClientGetResponse struct { + // Security ML Analytics Setting + SecurityMLAnalyticsSettingClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type SecurityMLAnalyticsSettingsClientGetResponse. +func (s *SecurityMLAnalyticsSettingsClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalSecurityMLAnalyticsSettingClassification(data) + if err != nil { + return err + } + s.SecurityMLAnalyticsSettingClassification = res + return nil +} + +// SecurityMLAnalyticsSettingsClientListResponse contains the response from method SecurityMLAnalyticsSettingsClient.NewListPager. +type SecurityMLAnalyticsSettingsClientListResponse struct { + // List all the SecurityMLAnalyticsSettings + SecurityMLAnalyticsSettingsList +} + +// SentinelOnboardingStatesClientCreateResponse contains the response from method SentinelOnboardingStatesClient.Create. +type SentinelOnboardingStatesClientCreateResponse struct { + // Sentinel onboarding state + SentinelOnboardingState +} + +// SentinelOnboardingStatesClientDeleteResponse contains the response from method SentinelOnboardingStatesClient.Delete. +type SentinelOnboardingStatesClientDeleteResponse struct { + // placeholder for future response values +} + +// SentinelOnboardingStatesClientGetResponse contains the response from method SentinelOnboardingStatesClient.Get. +type SentinelOnboardingStatesClientGetResponse struct { + // Sentinel onboarding state + SentinelOnboardingState +} + +// SentinelOnboardingStatesClientListResponse contains the response from method SentinelOnboardingStatesClient.List. +type SentinelOnboardingStatesClientListResponse struct { + // List of the Sentinel onboarding states + SentinelOnboardingStatesList +} + +// SourceControlClientListRepositoriesResponse contains the response from method SourceControlClient.NewListRepositoriesPager. +type SourceControlClientListRepositoriesResponse struct { + // List all the source controls. + RepoList +} + +// SourceControlsClientCreateResponse contains the response from method SourceControlsClient.Create. +type SourceControlsClientCreateResponse struct { + // Represents a SourceControl in Azure Security Insights. + SourceControl +} + +// SourceControlsClientDeleteResponse contains the response from method SourceControlsClient.Delete. +type SourceControlsClientDeleteResponse struct { + // Warning response structure. + Warning +} + +// SourceControlsClientGetResponse contains the response from method SourceControlsClient.Get. +type SourceControlsClientGetResponse struct { + // Represents a SourceControl in Azure Security Insights. + SourceControl +} + +// SourceControlsClientListResponse contains the response from method SourceControlsClient.NewListPager. +type SourceControlsClientListResponse struct { + // List all the source controls. + SourceControlList +} + +// ThreatIntelligenceClientCountResponse contains the response from method ThreatIntelligenceClient.Count. +type ThreatIntelligenceClientCountResponse struct { + // Count of all the threat intelligence objects on the workspace that match the provided query. + ThreatIntelligenceCount +} + +// ThreatIntelligenceClientQueryResponse contains the response from method ThreatIntelligenceClient.NewQueryPager. +type ThreatIntelligenceClientQueryResponse struct { + // List all the threat intelligence objects on the workspace that match the provided query. + ThreatIntelligenceList +} + +// ThreatIntelligenceIndicatorClientAppendTagsResponse contains the response from method ThreatIntelligenceIndicatorClient.AppendTags. +type ThreatIntelligenceIndicatorClientAppendTagsResponse struct { + // placeholder for future response values +} + +// ThreatIntelligenceIndicatorClientCreateIndicatorResponse contains the response from method ThreatIntelligenceIndicatorClient.CreateIndicator. +type ThreatIntelligenceIndicatorClientCreateIndicatorResponse struct { + // Threat intelligence information object. + ThreatIntelligenceInformationClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientCreateIndicatorResponse. +func (t *ThreatIntelligenceIndicatorClientCreateIndicatorResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalThreatIntelligenceInformationClassification(data) + if err != nil { + return err + } + t.ThreatIntelligenceInformationClassification = res + return nil +} + +// ThreatIntelligenceIndicatorClientCreateResponse contains the response from method ThreatIntelligenceIndicatorClient.Create. +type ThreatIntelligenceIndicatorClientCreateResponse struct { + // Threat intelligence information object. + ThreatIntelligenceInformationClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientCreateResponse. +func (t *ThreatIntelligenceIndicatorClientCreateResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalThreatIntelligenceInformationClassification(data) + if err != nil { + return err + } + t.ThreatIntelligenceInformationClassification = res + return nil +} + +// ThreatIntelligenceIndicatorClientDeleteResponse contains the response from method ThreatIntelligenceIndicatorClient.Delete. +type ThreatIntelligenceIndicatorClientDeleteResponse struct { + // placeholder for future response values +} + +// ThreatIntelligenceIndicatorClientGetResponse contains the response from method ThreatIntelligenceIndicatorClient.Get. +type ThreatIntelligenceIndicatorClientGetResponse struct { + // Threat intelligence information object. + ThreatIntelligenceInformationClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientGetResponse. +func (t *ThreatIntelligenceIndicatorClientGetResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalThreatIntelligenceInformationClassification(data) + if err != nil { + return err + } + t.ThreatIntelligenceInformationClassification = res + return nil +} + +// ThreatIntelligenceIndicatorClientQueryIndicatorsResponse contains the response from method ThreatIntelligenceIndicatorClient.NewQueryIndicatorsPager. +type ThreatIntelligenceIndicatorClientQueryIndicatorsResponse struct { + // List of all the threat intelligence information objects. + ThreatIntelligenceInformationList +} + +// ThreatIntelligenceIndicatorClientReplaceTagsResponse contains the response from method ThreatIntelligenceIndicatorClient.ReplaceTags. +type ThreatIntelligenceIndicatorClientReplaceTagsResponse struct { + // Threat intelligence information object. + ThreatIntelligenceInformationClassification +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ThreatIntelligenceIndicatorClientReplaceTagsResponse. +func (t *ThreatIntelligenceIndicatorClientReplaceTagsResponse) UnmarshalJSON(data []byte) error { + res, err := unmarshalThreatIntelligenceInformationClassification(data) + if err != nil { + return err + } + t.ThreatIntelligenceInformationClassification = res + return nil +} + +// ThreatIntelligenceIndicatorMetricsClientListResponse contains the response from method ThreatIntelligenceIndicatorMetricsClient.List. +type ThreatIntelligenceIndicatorMetricsClientListResponse struct { + // List of all the threat intelligence metric fields (type/threat type/source). + ThreatIntelligenceMetricsList +} + +// ThreatIntelligenceIndicatorsClientListResponse contains the response from method ThreatIntelligenceIndicatorsClient.NewListPager. +type ThreatIntelligenceIndicatorsClientListResponse struct { + // List of all the threat intelligence information objects. + ThreatIntelligenceInformationList +} + +// TriggeredAnalyticsRuleRunClientGetResponse contains the response from method TriggeredAnalyticsRuleRunClient.Get. +type TriggeredAnalyticsRuleRunClientGetResponse struct { + // The triggered analytics rule run + TriggeredAnalyticsRuleRun +} + +// UpdateClientRecommendationResponse contains the response from method UpdateClient.Recommendation. +type UpdateClientRecommendationResponse struct { + // Recommendation object. + Recommendation +} + +// WatchlistItemsClientCreateOrUpdateResponse contains the response from method WatchlistItemsClient.CreateOrUpdate. +type WatchlistItemsClientCreateOrUpdateResponse struct { + // Represents a Watchlist item in Azure Security Insights. + WatchlistItem +} + +// WatchlistItemsClientDeleteResponse contains the response from method WatchlistItemsClient.Delete. +type WatchlistItemsClientDeleteResponse struct { + // placeholder for future response values +} + +// WatchlistItemsClientGetResponse contains the response from method WatchlistItemsClient.Get. +type WatchlistItemsClientGetResponse struct { + // Represents a Watchlist item in Azure Security Insights. + WatchlistItem +} + +// WatchlistItemsClientListResponse contains the response from method WatchlistItemsClient.NewListPager. +type WatchlistItemsClientListResponse struct { + // List all the watchlist items. + WatchlistItemList +} + +// WatchlistsClientCreateOrUpdateResponse contains the response from method WatchlistsClient.CreateOrUpdate. +type WatchlistsClientCreateOrUpdateResponse struct { + // Represents a Watchlist in Azure Security Insights. + Watchlist + + // AzureAsyncOperation contains the information returned from the Azure-AsyncOperation header response. + AzureAsyncOperation *string +} + +// WatchlistsClientDeleteResponse contains the response from method WatchlistsClient.Delete. +type WatchlistsClientDeleteResponse struct { + // AzureAsyncOperation contains the information returned from the Azure-AsyncOperation header response. + AzureAsyncOperation *string +} + +// WatchlistsClientGetResponse contains the response from method WatchlistsClient.Get. +type WatchlistsClientGetResponse struct { + // Represents a Watchlist in Azure Security Insights. + Watchlist +} + +// WatchlistsClientListResponse contains the response from method WatchlistsClient.NewListPager. +type WatchlistsClientListResponse struct { + // List all the watchlists. + WatchlistList +} + +// WorkspaceManagerAssignmentJobsClientCreateResponse contains the response from method WorkspaceManagerAssignmentJobsClient.Create. +type WorkspaceManagerAssignmentJobsClientCreateResponse struct { + // The assignment job + Job +} + +// WorkspaceManagerAssignmentJobsClientDeleteResponse contains the response from method WorkspaceManagerAssignmentJobsClient.Delete. +type WorkspaceManagerAssignmentJobsClientDeleteResponse struct { + // placeholder for future response values +} + +// WorkspaceManagerAssignmentJobsClientGetResponse contains the response from method WorkspaceManagerAssignmentJobsClient.Get. +type WorkspaceManagerAssignmentJobsClientGetResponse struct { + // The assignment job + Job +} + +// WorkspaceManagerAssignmentJobsClientListResponse contains the response from method WorkspaceManagerAssignmentJobsClient.NewListPager. +type WorkspaceManagerAssignmentJobsClientListResponse struct { + // List of all the jobs + JobList +} + +// WorkspaceManagerAssignmentsClientCreateOrUpdateResponse contains the response from method WorkspaceManagerAssignmentsClient.CreateOrUpdate. +type WorkspaceManagerAssignmentsClientCreateOrUpdateResponse struct { + // The workspace manager assignment + WorkspaceManagerAssignment +} + +// WorkspaceManagerAssignmentsClientDeleteResponse contains the response from method WorkspaceManagerAssignmentsClient.Delete. +type WorkspaceManagerAssignmentsClientDeleteResponse struct { + // placeholder for future response values +} + +// WorkspaceManagerAssignmentsClientGetResponse contains the response from method WorkspaceManagerAssignmentsClient.Get. +type WorkspaceManagerAssignmentsClientGetResponse struct { + // The workspace manager assignment + WorkspaceManagerAssignment +} + +// WorkspaceManagerAssignmentsClientListResponse contains the response from method WorkspaceManagerAssignmentsClient.NewListPager. +type WorkspaceManagerAssignmentsClientListResponse struct { + // List of all the workspace manager assignments. + WorkspaceManagerAssignmentList +} + +// WorkspaceManagerConfigurationsClientCreateOrUpdateResponse contains the response from method WorkspaceManagerConfigurationsClient.CreateOrUpdate. +type WorkspaceManagerConfigurationsClientCreateOrUpdateResponse struct { + // The workspace manager configuration + WorkspaceManagerConfiguration +} + +// WorkspaceManagerConfigurationsClientDeleteResponse contains the response from method WorkspaceManagerConfigurationsClient.Delete. +type WorkspaceManagerConfigurationsClientDeleteResponse struct { + // placeholder for future response values +} + +// WorkspaceManagerConfigurationsClientGetResponse contains the response from method WorkspaceManagerConfigurationsClient.Get. +type WorkspaceManagerConfigurationsClientGetResponse struct { + // The workspace manager configuration + WorkspaceManagerConfiguration +} + +// WorkspaceManagerConfigurationsClientListResponse contains the response from method WorkspaceManagerConfigurationsClient.NewListPager. +type WorkspaceManagerConfigurationsClientListResponse struct { + // List all the workspace manager configurations for the workspace. + WorkspaceManagerConfigurationList +} + +// WorkspaceManagerGroupsClientCreateOrUpdateResponse contains the response from method WorkspaceManagerGroupsClient.CreateOrUpdate. +type WorkspaceManagerGroupsClientCreateOrUpdateResponse struct { + // The workspace manager group + WorkspaceManagerGroup +} + +// WorkspaceManagerGroupsClientDeleteResponse contains the response from method WorkspaceManagerGroupsClient.Delete. +type WorkspaceManagerGroupsClientDeleteResponse struct { + // placeholder for future response values +} + +// WorkspaceManagerGroupsClientGetResponse contains the response from method WorkspaceManagerGroupsClient.Get. +type WorkspaceManagerGroupsClientGetResponse struct { + // The workspace manager group + WorkspaceManagerGroup +} + +// WorkspaceManagerGroupsClientListResponse contains the response from method WorkspaceManagerGroupsClient.NewListPager. +type WorkspaceManagerGroupsClientListResponse struct { + // List of all the workspace manager groups. + WorkspaceManagerGroupList +} + +// WorkspaceManagerMembersClientCreateOrUpdateResponse contains the response from method WorkspaceManagerMembersClient.CreateOrUpdate. +type WorkspaceManagerMembersClientCreateOrUpdateResponse struct { + // The workspace manager member + WorkspaceManagerMember +} + +// WorkspaceManagerMembersClientDeleteResponse contains the response from method WorkspaceManagerMembersClient.Delete. +type WorkspaceManagerMembersClientDeleteResponse struct { + // placeholder for future response values +} + +// WorkspaceManagerMembersClientGetResponse contains the response from method WorkspaceManagerMembersClient.Get. +type WorkspaceManagerMembersClientGetResponse struct { + // The workspace manager member + WorkspaceManagerMember +} + +// WorkspaceManagerMembersClientListResponse contains the response from method WorkspaceManagerMembersClient.NewListPager. +type WorkspaceManagerMembersClientListResponse struct { + // List of workspace manager members + WorkspaceManagerMembersList +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client.go new file mode 100644 index 000000000000..4aec464a1b59 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/securitymlanalyticssettings_client.go @@ -0,0 +1,313 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// SecurityMLAnalyticsSettingsClient contains the methods for the SecurityMLAnalyticsSettings group. +// Don't use this type directly, use NewSecurityMLAnalyticsSettingsClient() instead. +type SecurityMLAnalyticsSettingsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewSecurityMLAnalyticsSettingsClient creates a new instance of SecurityMLAnalyticsSettingsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewSecurityMLAnalyticsSettingsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*SecurityMLAnalyticsSettingsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &SecurityMLAnalyticsSettingsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates the Security ML Analytics Settings. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - settingsResourceName - Security ML Analytics Settings resource name +// - securityMLAnalyticsSetting - The security ML Analytics setting +// - options - SecurityMLAnalyticsSettingsClientCreateOrUpdateOptions contains the optional parameters for the SecurityMLAnalyticsSettingsClient.CreateOrUpdate +// method. +func (client *SecurityMLAnalyticsSettingsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, securityMLAnalyticsSetting SecurityMLAnalyticsSettingClassification, options *SecurityMLAnalyticsSettingsClientCreateOrUpdateOptions) (SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "SecurityMLAnalyticsSettingsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, settingsResourceName, securityMLAnalyticsSetting, options) + if err != nil { + return SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *SecurityMLAnalyticsSettingsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, securityMLAnalyticsSetting SecurityMLAnalyticsSettingClassification, options *SecurityMLAnalyticsSettingsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/{settingsResourceName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if settingsResourceName == "" { + return nil, errors.New("parameter settingsResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{settingsResourceName}", url.PathEscape(settingsResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, securityMLAnalyticsSetting); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *SecurityMLAnalyticsSettingsClient) createOrUpdateHandleResponse(resp *http.Response) (SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse, error) { + result := SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return SecurityMLAnalyticsSettingsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Delete the Security ML Analytics Settings. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - settingsResourceName - Security ML Analytics Settings resource name +// - options - SecurityMLAnalyticsSettingsClientDeleteOptions contains the optional parameters for the SecurityMLAnalyticsSettingsClient.Delete +// method. +func (client *SecurityMLAnalyticsSettingsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, options *SecurityMLAnalyticsSettingsClientDeleteOptions) (SecurityMLAnalyticsSettingsClientDeleteResponse, error) { + var err error + const operationName = "SecurityMLAnalyticsSettingsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, settingsResourceName, options) + if err != nil { + return SecurityMLAnalyticsSettingsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SecurityMLAnalyticsSettingsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return SecurityMLAnalyticsSettingsClientDeleteResponse{}, err + } + return SecurityMLAnalyticsSettingsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *SecurityMLAnalyticsSettingsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, options *SecurityMLAnalyticsSettingsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/{settingsResourceName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if settingsResourceName == "" { + return nil, errors.New("parameter settingsResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{settingsResourceName}", url.PathEscape(settingsResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets the Security ML Analytics Settings. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - settingsResourceName - Security ML Analytics Settings resource name +// - options - SecurityMLAnalyticsSettingsClientGetOptions contains the optional parameters for the SecurityMLAnalyticsSettingsClient.Get +// method. +func (client *SecurityMLAnalyticsSettingsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, options *SecurityMLAnalyticsSettingsClientGetOptions) (SecurityMLAnalyticsSettingsClientGetResponse, error) { + var err error + const operationName = "SecurityMLAnalyticsSettingsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, settingsResourceName, options) + if err != nil { + return SecurityMLAnalyticsSettingsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SecurityMLAnalyticsSettingsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return SecurityMLAnalyticsSettingsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *SecurityMLAnalyticsSettingsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, settingsResourceName string, options *SecurityMLAnalyticsSettingsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/{settingsResourceName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if settingsResourceName == "" { + return nil, errors.New("parameter settingsResourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{settingsResourceName}", url.PathEscape(settingsResourceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *SecurityMLAnalyticsSettingsClient) getHandleResponse(resp *http.Response) (SecurityMLAnalyticsSettingsClientGetResponse, error) { + result := SecurityMLAnalyticsSettingsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result); err != nil { + return SecurityMLAnalyticsSettingsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all Security ML Analytics Settings. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - SecurityMLAnalyticsSettingsClientListOptions contains the optional parameters for the SecurityMLAnalyticsSettingsClient.NewListPager +// method. +func (client *SecurityMLAnalyticsSettingsClient) NewListPager(resourceGroupName string, workspaceName string, options *SecurityMLAnalyticsSettingsClientListOptions) *runtime.Pager[SecurityMLAnalyticsSettingsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[SecurityMLAnalyticsSettingsClientListResponse]{ + More: func(page SecurityMLAnalyticsSettingsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *SecurityMLAnalyticsSettingsClientListResponse) (SecurityMLAnalyticsSettingsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "SecurityMLAnalyticsSettingsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return SecurityMLAnalyticsSettingsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *SecurityMLAnalyticsSettingsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *SecurityMLAnalyticsSettingsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *SecurityMLAnalyticsSettingsClient) listHandleResponse(resp *http.Response) (SecurityMLAnalyticsSettingsClientListResponse, error) { + result := SecurityMLAnalyticsSettingsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.SecurityMLAnalyticsSettingsList); err != nil { + return SecurityMLAnalyticsSettingsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client.go index 249ca7924fcc..454bf74d533e 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client.go @@ -46,7 +46,7 @@ func NewSentinelOnboardingStatesClient(subscriptionID string, credential azcore. // Create - Create Sentinel onboarding state // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - sentinelOnboardingStateName - The Sentinel onboarding state name. Supports - default @@ -98,7 +98,7 @@ func (client *SentinelOnboardingStatesClient) createCreateRequest(ctx context.Co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if options != nil && options.SentinelOnboardingStateParameter != nil { @@ -122,7 +122,7 @@ func (client *SentinelOnboardingStatesClient) createHandleResponse(resp *http.Re // Delete - Delete Sentinel onboarding state // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - sentinelOnboardingStateName - The Sentinel onboarding state name. Supports - default @@ -173,7 +173,7 @@ func (client *SentinelOnboardingStatesClient) deleteCreateRequest(ctx context.Co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -182,7 +182,7 @@ func (client *SentinelOnboardingStatesClient) deleteCreateRequest(ctx context.Co // Get - Get Sentinel onboarding state // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - sentinelOnboardingStateName - The Sentinel onboarding state name. Supports - default @@ -234,7 +234,7 @@ func (client *SentinelOnboardingStatesClient) getCreateRequest(ctx context.Conte return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -252,7 +252,7 @@ func (client *SentinelOnboardingStatesClient) getHandleResponse(resp *http.Respo // List - Gets all Sentinel onboarding states // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - SentinelOnboardingStatesClientListOptions contains the optional parameters for the SentinelOnboardingStatesClient.List @@ -299,7 +299,7 @@ func (client *SentinelOnboardingStatesClient) listCreateRequest(ctx context.Cont return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client_example_test.go deleted file mode 100644 index f9e5695bde6d..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/sentinelonboardingstates_client_example_test.go +++ /dev/null @@ -1,128 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/onboardingStates/GetSentinelOnboardingState.json -func ExampleSentinelOnboardingStatesClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewSentinelOnboardingStatesClient().Get(ctx, "myRg", "myWorkspace", "default", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.SentinelOnboardingState = armsecurityinsights.SentinelOnboardingState{ - // Name: to.Ptr("default"), - // Type: to.Ptr("Microsoft.SecurityInsights/onboardingStates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/onboardingStates/default"), - // Properties: &armsecurityinsights.SentinelOnboardingStateProperties{ - // CustomerManagedKey: to.Ptr(false), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/onboardingStates/CreateSentinelOnboardingState.json -func ExampleSentinelOnboardingStatesClient_Create() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewSentinelOnboardingStatesClient().Create(ctx, "myRg", "myWorkspace", "default", &armsecurityinsights.SentinelOnboardingStatesClientCreateOptions{SentinelOnboardingStateParameter: &armsecurityinsights.SentinelOnboardingState{ - Properties: &armsecurityinsights.SentinelOnboardingStateProperties{ - CustomerManagedKey: to.Ptr(false), - }, - }, - }) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.SentinelOnboardingState = armsecurityinsights.SentinelOnboardingState{ - // Name: to.Ptr("default"), - // Type: to.Ptr("Microsoft.SecurityInsights/onboardingStates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/onboardingStates/default"), - // Properties: &armsecurityinsights.SentinelOnboardingStateProperties{ - // CustomerManagedKey: to.Ptr(false), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/onboardingStates/DeleteSentinelOnboardingState.json -func ExampleSentinelOnboardingStatesClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewSentinelOnboardingStatesClient().Delete(ctx, "myRg", "myWorkspace", "default", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/onboardingStates/GetAllSentinelOnboardingStates.json -func ExampleSentinelOnboardingStatesClient_List() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewSentinelOnboardingStatesClient().List(ctx, "myRg", "myWorkspace", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.SentinelOnboardingStatesList = armsecurityinsights.SentinelOnboardingStatesList{ - // Value: []*armsecurityinsights.SentinelOnboardingState{ - // { - // Name: to.Ptr("default"), - // Type: to.Ptr("Microsoft.SecurityInsights/onboardingStates"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/onboardingStates/default"), - // Properties: &armsecurityinsights.SentinelOnboardingStateProperties{ - // CustomerManagedKey: to.Ptr(false), - // }, - // }}, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client.go new file mode 100644 index 000000000000..2680fc98d321 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrol_client.go @@ -0,0 +1,113 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// SourceControlClient contains the methods for the SourceControl group. +// Don't use this type directly, use NewSourceControlClient() instead. +type SourceControlClient struct { + internal *arm.Client + subscriptionID string +} + +// NewSourceControlClient creates a new instance of SourceControlClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewSourceControlClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*SourceControlClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &SourceControlClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListRepositoriesPager - Gets a list of repositories metadata. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - repositoryAccess - The repository access credentials. +// - options - SourceControlClientListRepositoriesOptions contains the optional parameters for the SourceControlClient.NewListRepositoriesPager +// method. +func (client *SourceControlClient) NewListRepositoriesPager(resourceGroupName string, workspaceName string, repositoryAccess RepositoryAccessProperties, options *SourceControlClientListRepositoriesOptions) *runtime.Pager[SourceControlClientListRepositoriesResponse] { + return runtime.NewPager(runtime.PagingHandler[SourceControlClientListRepositoriesResponse]{ + More: func(page SourceControlClientListRepositoriesResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *SourceControlClientListRepositoriesResponse) (SourceControlClientListRepositoriesResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "SourceControlClient.NewListRepositoriesPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listRepositoriesCreateRequest(ctx, resourceGroupName, workspaceName, repositoryAccess, options) + }, nil) + if err != nil { + return SourceControlClientListRepositoriesResponse{}, err + } + return client.listRepositoriesHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listRepositoriesCreateRequest creates the ListRepositories request. +func (client *SourceControlClient) listRepositoriesCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, repositoryAccess RepositoryAccessProperties, options *SourceControlClientListRepositoriesOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/listRepositories" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, repositoryAccess); err != nil { + return nil, err + } + return req, nil +} + +// listRepositoriesHandleResponse handles the ListRepositories response. +func (client *SourceControlClient) listRepositoriesHandleResponse(resp *http.Response) (SourceControlClientListRepositoriesResponse, error) { + result := SourceControlClientListRepositoriesResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RepoList); err != nil { + return SourceControlClientListRepositoriesResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client.go new file mode 100644 index 000000000000..559b077435dd --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/sourcecontrols_client.go @@ -0,0 +1,323 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// SourceControlsClient contains the methods for the SourceControls group. +// Don't use this type directly, use NewSourceControlsClient() instead. +type SourceControlsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewSourceControlsClient creates a new instance of SourceControlsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewSourceControlsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*SourceControlsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &SourceControlsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Create - Creates a source control. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - sourceControlID - Source control Id +// - sourceControl - The SourceControl +// - options - SourceControlsClientCreateOptions contains the optional parameters for the SourceControlsClient.Create method. +func (client *SourceControlsClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, sourceControl SourceControl, options *SourceControlsClientCreateOptions) (SourceControlsClientCreateResponse, error) { + var err error + const operationName = "SourceControlsClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, resourceGroupName, workspaceName, sourceControlID, sourceControl, options) + if err != nil { + return SourceControlsClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SourceControlsClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return SourceControlsClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *SourceControlsClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, sourceControl SourceControl, options *SourceControlsClientCreateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if sourceControlID == "" { + return nil, errors.New("parameter sourceControlID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{sourceControlId}", url.PathEscape(sourceControlID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, sourceControl); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *SourceControlsClient) createHandleResponse(resp *http.Response) (SourceControlsClientCreateResponse, error) { + result := SourceControlsClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.SourceControl); err != nil { + return SourceControlsClientCreateResponse{}, err + } + return result, nil +} + +// Delete - Delete a source control. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - sourceControlID - Source control Id +// - repositoryAccess - The repository access credentials. +// - options - SourceControlsClientDeleteOptions contains the optional parameters for the SourceControlsClient.Delete method. +func (client *SourceControlsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, repositoryAccess RepositoryAccessProperties, options *SourceControlsClientDeleteOptions) (SourceControlsClientDeleteResponse, error) { + var err error + const operationName = "SourceControlsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, sourceControlID, repositoryAccess, options) + if err != nil { + return SourceControlsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SourceControlsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return SourceControlsClientDeleteResponse{}, err + } + resp, err := client.deleteHandleResponse(httpResp) + return resp, err +} + +// deleteCreateRequest creates the Delete request. +func (client *SourceControlsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, repositoryAccess RepositoryAccessProperties, options *SourceControlsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}/delete" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if sourceControlID == "" { + return nil, errors.New("parameter sourceControlID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{sourceControlId}", url.PathEscape(sourceControlID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, repositoryAccess); err != nil { + return nil, err + } + return req, nil +} + +// deleteHandleResponse handles the Delete response. +func (client *SourceControlsClient) deleteHandleResponse(resp *http.Response) (SourceControlsClientDeleteResponse, error) { + result := SourceControlsClientDeleteResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Warning); err != nil { + return SourceControlsClientDeleteResponse{}, err + } + return result, nil +} + +// Get - Gets a source control byt its identifier. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - sourceControlID - Source control Id +// - options - SourceControlsClientGetOptions contains the optional parameters for the SourceControlsClient.Get method. +func (client *SourceControlsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, options *SourceControlsClientGetOptions) (SourceControlsClientGetResponse, error) { + var err error + const operationName = "SourceControlsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, sourceControlID, options) + if err != nil { + return SourceControlsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return SourceControlsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return SourceControlsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *SourceControlsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, options *SourceControlsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if sourceControlID == "" { + return nil, errors.New("parameter sourceControlID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{sourceControlId}", url.PathEscape(sourceControlID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *SourceControlsClient) getHandleResponse(resp *http.Response) (SourceControlsClientGetResponse, error) { + result := SourceControlsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.SourceControl); err != nil { + return SourceControlsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all source controls, without source control items. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - SourceControlsClientListOptions contains the optional parameters for the SourceControlsClient.NewListPager method. +func (client *SourceControlsClient) NewListPager(resourceGroupName string, workspaceName string, options *SourceControlsClientListOptions) *runtime.Pager[SourceControlsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[SourceControlsClientListResponse]{ + More: func(page SourceControlsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *SourceControlsClientListResponse) (SourceControlsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "SourceControlsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return SourceControlsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *SourceControlsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *SourceControlsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *SourceControlsClient) listHandleResponse(resp *http.Response) (SourceControlsClientListResponse, error) { + result := SourceControlsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.SourceControlList); err != nil { + return SourceControlsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligence_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligence_client.go new file mode 100644 index 000000000000..dd002f982e3b --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligence_client.go @@ -0,0 +1,196 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ThreatIntelligenceClient contains the methods for the ThreatIntelligence group. +// Don't use this type directly, use NewThreatIntelligenceClient() instead. +type ThreatIntelligenceClient struct { + internal *arm.Client + subscriptionID string +} + +// NewThreatIntelligenceClient creates a new instance of ThreatIntelligenceClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewThreatIntelligenceClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ThreatIntelligenceClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ThreatIntelligenceClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Count - Gets the count of all TI objects for the workspace. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - tiType - TI type +// - options - ThreatIntelligenceClientCountOptions contains the optional parameters for the ThreatIntelligenceClient.Count +// method. +func (client *ThreatIntelligenceClient) Count(ctx context.Context, resourceGroupName string, workspaceName string, tiType TiType, options *ThreatIntelligenceClientCountOptions) (ThreatIntelligenceClientCountResponse, error) { + var err error + const operationName = "ThreatIntelligenceClient.Count" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.countCreateRequest(ctx, resourceGroupName, workspaceName, tiType, options) + if err != nil { + return ThreatIntelligenceClientCountResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ThreatIntelligenceClientCountResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ThreatIntelligenceClientCountResponse{}, err + } + resp, err := client.countHandleResponse(httpResp) + return resp, err +} + +// countCreateRequest creates the Count request. +func (client *ThreatIntelligenceClient) countCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, tiType TiType, options *ThreatIntelligenceClientCountOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/{tiType}/count" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if tiType == "" { + return nil, errors.New("parameter tiType cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{tiType}", url.PathEscape(string(tiType))) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.Query != nil { + if err := runtime.MarshalAsJSON(req, *options.Query); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} + +// countHandleResponse handles the Count response. +func (client *ThreatIntelligenceClient) countHandleResponse(resp *http.Response) (ThreatIntelligenceClientCountResponse, error) { + result := ThreatIntelligenceClientCountResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ThreatIntelligenceCount); err != nil { + return ThreatIntelligenceClientCountResponse{}, err + } + return result, nil +} + +// NewQueryPager - Gets all TI objects for the workspace. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - tiType - TI type +// - options - ThreatIntelligenceClientQueryOptions contains the optional parameters for the ThreatIntelligenceClient.NewQueryPager +// method. +func (client *ThreatIntelligenceClient) NewQueryPager(resourceGroupName string, workspaceName string, tiType TiType, options *ThreatIntelligenceClientQueryOptions) *runtime.Pager[ThreatIntelligenceClientQueryResponse] { + return runtime.NewPager(runtime.PagingHandler[ThreatIntelligenceClientQueryResponse]{ + More: func(page ThreatIntelligenceClientQueryResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ThreatIntelligenceClientQueryResponse) (ThreatIntelligenceClientQueryResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ThreatIntelligenceClient.NewQueryPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.queryCreateRequest(ctx, resourceGroupName, workspaceName, tiType, options) + }, nil) + if err != nil { + return ThreatIntelligenceClientQueryResponse{}, err + } + return client.queryHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// queryCreateRequest creates the Query request. +func (client *ThreatIntelligenceClient) queryCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, tiType TiType, options *ThreatIntelligenceClientQueryOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/{tiType}/query" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if tiType == "" { + return nil, errors.New("parameter tiType cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{tiType}", url.PathEscape(string(tiType))) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if options != nil && options.Query != nil { + if err := runtime.MarshalAsJSON(req, *options.Query); err != nil { + return nil, err + } + return req, nil + } + return req, nil +} + +// queryHandleResponse handles the Query response. +func (client *ThreatIntelligenceClient) queryHandleResponse(resp *http.Response) (ThreatIntelligenceClientQueryResponse, error) { + result := ThreatIntelligenceClientQueryResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ThreatIntelligenceList); err != nil { + return ThreatIntelligenceClientQueryResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client.go index c85cb12b04a9..a22720158e4e 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client.go @@ -46,7 +46,7 @@ func NewThreatIntelligenceIndicatorClient(subscriptionID string, credential azco // AppendTags - Append tags to a threat intelligence indicator. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - name - Threat intelligence indicator name field. @@ -98,7 +98,7 @@ func (client *ThreatIntelligenceIndicatorClient) appendTagsCreateRequest(ctx con return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, threatIntelligenceAppendTags); err != nil { @@ -110,7 +110,7 @@ func (client *ThreatIntelligenceIndicatorClient) appendTagsCreateRequest(ctx con // Create - Update a threat Intelligence indicator. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - name - Threat intelligence indicator name field. @@ -163,7 +163,7 @@ func (client *ThreatIntelligenceIndicatorClient) createCreateRequest(ctx context return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, threatIntelligenceProperties); err != nil { @@ -184,7 +184,7 @@ func (client *ThreatIntelligenceIndicatorClient) createHandleResponse(resp *http // CreateIndicator - Create a new threat intelligence indicator. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - threatIntelligenceProperties - Properties of threat intelligence indicators to create and update. @@ -232,7 +232,7 @@ func (client *ThreatIntelligenceIndicatorClient) createIndicatorCreateRequest(ct return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, threatIntelligenceProperties); err != nil { @@ -253,7 +253,7 @@ func (client *ThreatIntelligenceIndicatorClient) createIndicatorHandleResponse(r // Delete - Delete a threat intelligence indicator. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - name - Threat intelligence indicator name field. @@ -304,7 +304,7 @@ func (client *ThreatIntelligenceIndicatorClient) deleteCreateRequest(ctx context return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -313,7 +313,7 @@ func (client *ThreatIntelligenceIndicatorClient) deleteCreateRequest(ctx context // Get - View a threat intelligence indicator by name. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - name - Threat intelligence indicator name field. @@ -365,7 +365,7 @@ func (client *ThreatIntelligenceIndicatorClient) getCreateRequest(ctx context.Co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -382,7 +382,7 @@ func (client *ThreatIntelligenceIndicatorClient) getHandleResponse(resp *http.Re // NewQueryIndicatorsPager - Query threat intelligence indicators as per filtering criteria. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - threatIntelligenceFilteringCriteria - Filtering criteria for querying threat intelligence indicators. @@ -431,7 +431,7 @@ func (client *ThreatIntelligenceIndicatorClient) queryIndicatorsCreateRequest(ct return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, threatIntelligenceFilteringCriteria); err != nil { @@ -452,7 +452,7 @@ func (client *ThreatIntelligenceIndicatorClient) queryIndicatorsHandleResponse(r // ReplaceTags - Replace tags added to a threat intelligence indicator. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - name - Threat intelligence indicator name field. @@ -505,7 +505,7 @@ func (client *ThreatIntelligenceIndicatorClient) replaceTagsCreateRequest(ctx co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, threatIntelligenceReplaceTags); err != nil { diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client_example_test.go deleted file mode 100644 index 8a3034824832..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicator_client_example_test.go +++ /dev/null @@ -1,438 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/threatintelligence/CreateThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_CreateIndicator() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewThreatIntelligenceIndicatorClient().CreateIndicator(ctx, "myRg", "myWorkspace", armsecurityinsights.ThreatIntelligenceIndicatorModel{ - Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - Description: to.Ptr("debugging indicators"), - Confidence: to.Ptr[int32](78), - CreatedByRef: to.Ptr("contoso@contoso.com"), - DisplayName: to.Ptr("new schema"), - ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{}, - GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{}, - KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{}, - Labels: []*string{}, - Modified: to.Ptr(""), - Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - PatternType: to.Ptr("url"), - Revoked: to.Ptr(false), - Source: to.Ptr("Azure Sentinel"), - ThreatIntelligenceTags: []*string{ - to.Ptr("new schema")}, - ThreatTypes: []*string{ - to.Ptr("compromised")}, - ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - ValidUntil: to.Ptr(""), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.ThreatIntelligenceIndicatorClientCreateIndicatorResponse{ - // ThreatIntelligenceInformationClassification: &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("180105c7-a28d-b1a2-4a78-234f6ec80fd6"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/180105c7-a28d-b1a2-4a78-234f6ec80fd6"), - // Etag: to.Ptr("\"0000322c-0000-0800-0000-5e976c960000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2020-04-15T20:20:38.6160949Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("new schema"), - // ExternalID: to.Ptr("indicator--a2b6a95e-2108-4a38-bd49-ef95811bbcd7"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T20:20:38.6161887Z"), - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("new schema")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/threatintelligence/GetThreatIntelligenceById.json -func ExampleThreatIntelligenceIndicatorClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewThreatIntelligenceIndicatorClient().Get(ctx, "myRg", "myWorkspace", "e16ef847-962e-d7b6-9c8b-a33e4bd30e47", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.ThreatIntelligenceIndicatorClientGetResponse{ - // ThreatIntelligenceInformationClassification: &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Etag: to.Ptr("\"00002a2c-0000-0800-0000-5e97683b0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2020-04-15T19:51:17.1050923Z"), - // CreatedByRef: to.Ptr("aztestConnectors@dataconnector.ccsctp.net"), - // DisplayName: to.Ptr("updated indicator"), - // ExternalID: to.Ptr("indicator--73be1729-babb-4348-a6c4-94621cae2530"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T20:18:49.2259902Z"), - // Pattern: to.Ptr("[url:value = 'https://abc.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("patching tags")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/threatintelligence/UpdateThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_Create() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewThreatIntelligenceIndicatorClient().Create(ctx, "myRg", "myWorkspace", "d9cd6f0b-96b9-3984-17cd-a779d1e15a93", armsecurityinsights.ThreatIntelligenceIndicatorModel{ - Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - Description: to.Ptr("debugging indicators"), - Confidence: to.Ptr[int32](78), - CreatedByRef: to.Ptr("contoso@contoso.com"), - DisplayName: to.Ptr("new schema"), - ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{}, - GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{}, - KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{}, - Labels: []*string{}, - Modified: to.Ptr(""), - Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - PatternType: to.Ptr("url"), - Revoked: to.Ptr(false), - Source: to.Ptr("Azure Sentinel"), - ThreatIntelligenceTags: []*string{ - to.Ptr("new schema")}, - ThreatTypes: []*string{ - to.Ptr("compromised")}, - ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - ValidUntil: to.Ptr(""), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.ThreatIntelligenceIndicatorClientCreateResponse{ - // ThreatIntelligenceInformationClassification: &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("180105c7-a28d-b1a2-4a78-234f6ec80fd6"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/180105c7-a28d-b1a2-4a78-234f6ec80fd6"), - // Etag: to.Ptr("\"0000322c-0000-0800-0000-5e976c960000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2020-04-15T20:20:38.6160949Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("new schema"), - // ExternalID: to.Ptr("indicator--a2b6a95e-2108-4a38-bd49-ef95811bbcd7"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T20:20:38.6161887Z"), - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("new schema")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - // }, - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/threatintelligence/DeleteThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewThreatIntelligenceIndicatorClient().Delete(ctx, "myRg", "myWorkspace", "d9cd6f0b-96b9-3984-17cd-a779d1e15a93", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/threatintelligence/QueryThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_NewQueryIndicatorsPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewThreatIntelligenceIndicatorClient().NewQueryIndicatorsPager("myRg", "myWorkspace", armsecurityinsights.ThreatIntelligenceFilteringCriteria{ - MaxConfidence: to.Ptr[int32](80), - MaxValidUntil: to.Ptr("2020-04-25T17:44:00.114052Z"), - MinConfidence: to.Ptr[int32](25), - MinValidUntil: to.Ptr("2020-04-05T17:44:00.114052Z"), - PageSize: to.Ptr[int32](100), - SortBy: []*armsecurityinsights.ThreatIntelligenceSortingCriteria{ - { - ItemKey: to.Ptr("lastUpdatedTimeUtc"), - SortOrder: to.Ptr(armsecurityinsights.ThreatIntelligenceSortingOrderDescending), - }}, - Sources: []*string{ - to.Ptr("Azure Sentinel")}, - }, nil) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.ThreatIntelligenceInformationList = armsecurityinsights.ThreatIntelligenceInformationList{ - // Value: []armsecurityinsights.ThreatIntelligenceInformationClassification{ - // &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("27d963e6-e6e4-e0f9-e9d7-c53985b3bbe8"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/27d963e6-e6e4-e0f9-e9d7-c53985b3bbe8"), - // Etag: to.Ptr("\"00002f2c-0000-0800-0000-5e976a8e0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators 2"), - // Confidence: to.Ptr[int32](90), - // Created: to.Ptr("2020-04-15T20:11:57.9666134Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("new schema 2"), - // ExternalID: to.Ptr("indicator--8516d567-0daa-4614-8745-e3591e1b48cf"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T20:15:11.0746926Z"), - // ParsedPattern: []*armsecurityinsights.ThreatIntelligenceParsedPattern{ - // { - // PatternTypeKey: to.Ptr("network-traffic"), - // PatternTypeValues: []*armsecurityinsights.ThreatIntelligenceParsedPatternTypeValue{ - // { - // Value: to.Ptr("SSH-2.0-PuTTY_Release_0.64"), - // ValueType: to.Ptr("0"), - // }, - // { - // Value: to.Ptr("194.88.106.146"), - // ValueType: to.Ptr("1"), - // }}, - // }}, - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("new schema")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - // }, - // }, - // &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Etag: to.Ptr("\"00002a2c-0000-0800-0000-5e97683b0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2020-04-15T19:51:17.1050923Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("updated indicator"), - // ExternalID: to.Ptr("indicator--73be1729-babb-4348-a6c4-94621cae2530"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T20:15:11.074903Z"), - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("patching tags")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/threatintelligence/AppendTagsThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_AppendTags() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewThreatIntelligenceIndicatorClient().AppendTags(ctx, "myRg", "myWorkspace", "d9cd6f0b-96b9-3984-17cd-a779d1e15a93", armsecurityinsights.ThreatIntelligenceAppendTags{ - ThreatIntelligenceTags: []*string{ - to.Ptr("tag1"), - to.Ptr("tag2")}, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/threatintelligence/ReplaceTagsThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorClient_ReplaceTags() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewThreatIntelligenceIndicatorClient().ReplaceTags(ctx, "myRg", "myWorkspace", "d9cd6f0b-96b9-3984-17cd-a779d1e15a93", armsecurityinsights.ThreatIntelligenceIndicatorModel{ - Etag: to.Ptr("\"0000262c-0000-0800-0000-5e9767060000\""), - Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - ThreatIntelligenceTags: []*string{ - to.Ptr("patching tags")}, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res = armsecurityinsights.ThreatIntelligenceIndicatorClientReplaceTagsResponse{ - // ThreatIntelligenceInformationClassification: &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Etag: to.Ptr("\"00002a2c-0000-0800-0000-5e97683b0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2020-04-15T19:51:17.1050923Z"), - // CreatedByRef: to.Ptr("aztestConnectors@dataconnector.ccsctp.net"), - // DisplayName: to.Ptr("updated indicator"), - // ExternalID: to.Ptr("indicator--73be1729-babb-4348-a6c4-94621cae2530"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T19:56:08.828946Z"), - // Pattern: to.Ptr("[url:value = 'https://abc.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("patching tags")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - // }, - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client.go index 7e15d26ced3a..ed628c96e49b 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client.go @@ -46,7 +46,7 @@ func NewThreatIntelligenceIndicatorMetricsClient(subscriptionID string, credenti // List - Get threat intelligence indicators metrics (Indicators counts by Type, Threat Type, Source). // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - ThreatIntelligenceIndicatorMetricsClientListOptions contains the optional parameters for the ThreatIntelligenceIndicatorMetricsClient.List @@ -93,7 +93,7 @@ func (client *ThreatIntelligenceIndicatorMetricsClient) listCreateRequest(ctx co return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client_example_test.go deleted file mode 100644 index 67c81c4435a9..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicatormetrics_client_example_test.go +++ /dev/null @@ -1,65 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/threatintelligence/CollectThreatIntelligenceMetrics.json -func ExampleThreatIntelligenceIndicatorMetricsClient_List() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewThreatIntelligenceIndicatorMetricsClient().List(ctx, "myRg", "myWorkspace", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.ThreatIntelligenceMetricsList = armsecurityinsights.ThreatIntelligenceMetricsList{ - // Value: []*armsecurityinsights.ThreatIntelligenceMetrics{ - // { - // Properties: &armsecurityinsights.ThreatIntelligenceMetric{ - // LastUpdatedTimeUTC: to.Ptr("2020-09-01T19:44:44.117403Z"), - // PatternTypeMetrics: []*armsecurityinsights.ThreatIntelligenceMetricEntity{ - // { - // MetricName: to.Ptr("url"), - // MetricValue: to.Ptr[int32](20), - // }}, - // SourceMetrics: []*armsecurityinsights.ThreatIntelligenceMetricEntity{ - // { - // MetricName: to.Ptr("Azure Sentinel"), - // MetricValue: to.Ptr[int32](10315), - // }, - // { - // MetricName: to.Ptr("zinga"), - // MetricValue: to.Ptr[int32](2), - // }}, - // ThreatTypeMetrics: []*armsecurityinsights.ThreatIntelligenceMetricEntity{ - // { - // MetricName: to.Ptr("compromised"), - // MetricValue: to.Ptr[int32](20), - // }}, - // }, - // }}, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client.go index 8fecdcebb0b1..a1c2d5bebba1 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client.go @@ -46,7 +46,7 @@ func NewThreatIntelligenceIndicatorsClient(subscriptionID string, credential azc // NewListPager - Get all threat intelligence indicators. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - ThreatIntelligenceIndicatorsClientListOptions contains the optional parameters for the ThreatIntelligenceIndicatorsClient.NewListPager @@ -94,19 +94,19 @@ func (client *ThreatIntelligenceIndicatorsClient) listCreateRequest(ctx context. return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") if options != nil && options.Filter != nil { reqQP.Set("$filter", *options.Filter) } - if options != nil && options.Top != nil { - reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) } if options != nil && options.SkipToken != nil { reqQP.Set("$skipToken", *options.SkipToken) } - if options != nil && options.Orderby != nil { - reqQP.Set("$orderby", *options.Orderby) + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) } + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client_example_test.go deleted file mode 100644 index dad987e73ae2..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/threatintelligenceindicators_client_example_test.go +++ /dev/null @@ -1,112 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/threatintelligence/GetThreatIntelligence.json -func ExampleThreatIntelligenceIndicatorsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewThreatIntelligenceIndicatorsClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.ThreatIntelligenceIndicatorsClientListOptions{Filter: nil, - Top: nil, - SkipToken: nil, - Orderby: nil, - }) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.ThreatIntelligenceInformationList = armsecurityinsights.ThreatIntelligenceInformationList{ - // Value: []armsecurityinsights.ThreatIntelligenceInformationClassification{ - // &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("27d963e6-e6e4-e0f9-e9d7-c53985b3bbe8"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/27d963e6-e6e4-e0f9-e9d7-c53985b3bbe8"), - // Etag: to.Ptr("\"00002f2c-0000-0800-0000-5e976a8e0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](90), - // Created: to.Ptr("2020-04-15T20:11:57.9666134Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("new schema 2"), - // ExternalID: to.Ptr("indicator--8516d567-0daa-4614-8745-e3591e1b48cf"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T20:15:11.0746926Z"), - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("new schema")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - // }, - // }, - // &armsecurityinsights.ThreatIntelligenceIndicatorModel{ - // Name: to.Ptr("e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Type: to.Ptr("Microsoft.SecurityInsights/ThreatIntelligence"), - // ID: to.Ptr("/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/e16ef847-962e-d7b6-9c8b-a33e4bd30e47"), - // Etag: to.Ptr("\"00002a2c-0000-0800-0000-5e97683b0000\""), - // Kind: to.Ptr(armsecurityinsights.ThreatIntelligenceResourceInnerKindIndicator), - // Properties: &armsecurityinsights.ThreatIntelligenceIndicatorProperties{ - // Description: to.Ptr("debugging indicators"), - // Confidence: to.Ptr[int32](78), - // Created: to.Ptr("2020-04-15T19:51:17.1050923Z"), - // CreatedByRef: to.Ptr("contoso@contoso.com"), - // DisplayName: to.Ptr("updated indicator"), - // ExternalID: to.Ptr("indicator--73be1729-babb-4348-a6c4-94621cae2530"), - // ExternalReferences: []*armsecurityinsights.ThreatIntelligenceExternalReference{ - // }, - // GranularMarkings: []*armsecurityinsights.ThreatIntelligenceGranularMarkingModel{ - // }, - // KillChainPhases: []*armsecurityinsights.ThreatIntelligenceKillChainPhase{ - // }, - // LastUpdatedTimeUTC: to.Ptr("2020-04-15T20:15:11.074903Z"), - // Pattern: to.Ptr("[url:value = 'https://www.contoso.com']"), - // PatternType: to.Ptr("url"), - // Revoked: to.Ptr(false), - // Source: to.Ptr("Azure Sentinel"), - // ThreatIntelligenceTags: []*string{ - // to.Ptr("patching tags")}, - // ThreatTypes: []*string{ - // to.Ptr("compromised")}, - // ValidFrom: to.Ptr("2020-04-15T17:44:00.114052Z"), - // }, - // }}, - // } - } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/time_rfc3339.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/time_rfc3339.go index 636e808d142e..0cbb5478f4b6 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/time_rfc3339.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/time_rfc3339.go @@ -19,12 +19,16 @@ import ( ) // Azure reports time in UTC but it doesn't include the 'Z' time zone suffix in some cases. -var tzOffsetRegex = regexp.MustCompile(`(Z|z|\+|-)(\d+:\d+)*"*$`) +var tzOffsetRegex = regexp.MustCompile(`(?:Z|z|\+|-)(?:\d+:\d+)*"*$`) const ( - utcDateTimeJSON = `"2006-01-02T15:04:05.999999999"` - utcDateTime = "2006-01-02T15:04:05.999999999" - dateTimeJSON = `"` + time.RFC3339Nano + `"` + utcDateTime = "2006-01-02T15:04:05.999999999" + utcDateTimeJSON = `"` + utcDateTime + `"` + utcDateTimeNoT = "2006-01-02 15:04:05.999999999" + utcDateTimeJSONNoT = `"` + utcDateTimeNoT + `"` + dateTimeNoT = `2006-01-02 15:04:05.999999999Z07:00` + dateTimeJSON = `"` + time.RFC3339Nano + `"` + dateTimeJSONNoT = `"` + dateTimeNoT + `"` ) type dateTimeRFC3339 time.Time @@ -40,17 +44,33 @@ func (t dateTimeRFC3339) MarshalText() ([]byte, error) { } func (t *dateTimeRFC3339) UnmarshalJSON(data []byte) error { - layout := utcDateTimeJSON - if tzOffsetRegex.Match(data) { + tzOffset := tzOffsetRegex.Match(data) + hasT := strings.Contains(string(data), "T") || strings.Contains(string(data), "t") + var layout string + if tzOffset && hasT { layout = dateTimeJSON + } else if tzOffset { + layout = dateTimeJSONNoT + } else if hasT { + layout = utcDateTimeJSON + } else { + layout = utcDateTimeJSONNoT } return t.Parse(layout, string(data)) } func (t *dateTimeRFC3339) UnmarshalText(data []byte) error { - layout := utcDateTime - if tzOffsetRegex.Match(data) { + tzOffset := tzOffsetRegex.Match(data) + hasT := strings.Contains(string(data), "T") || strings.Contains(string(data), "t") + var layout string + if tzOffset && hasT { layout = time.RFC3339Nano + } else if tzOffset { + layout = dateTimeNoT + } else if hasT { + layout = utcDateTime + } else { + layout = utcDateTimeNoT } return t.Parse(layout, string(data)) } @@ -61,6 +81,10 @@ func (t *dateTimeRFC3339) Parse(layout, value string) error { return err } +func (t dateTimeRFC3339) String() string { + return time.Time(t).Format(time.RFC3339Nano) +} + func populateDateTimeRFC3339(m map[string]any, k string, t *time.Time) { if t == nil { return @@ -74,7 +98,7 @@ func populateDateTimeRFC3339(m map[string]any, k string, t *time.Time) { } func unpopulateDateTimeRFC3339(data json.RawMessage, fn string, t **time.Time) error { - if data == nil || strings.EqualFold(string(data), "null") { + if data == nil || string(data) == "null" { return nil } var aux dateTimeRFC3339 diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/triggeredanalyticsrulerun_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/triggeredanalyticsrulerun_client.go new file mode 100644 index 000000000000..8e61843b5c72 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/triggeredanalyticsrulerun_client.go @@ -0,0 +1,114 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// TriggeredAnalyticsRuleRunClient contains the methods for the TriggeredAnalyticsRuleRun group. +// Don't use this type directly, use NewTriggeredAnalyticsRuleRunClient() instead. +type TriggeredAnalyticsRuleRunClient struct { + internal *arm.Client + subscriptionID string +} + +// NewTriggeredAnalyticsRuleRunClient creates a new instance of TriggeredAnalyticsRuleRunClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewTriggeredAnalyticsRuleRunClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*TriggeredAnalyticsRuleRunClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &TriggeredAnalyticsRuleRunClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Gets the triggered analytics rule run. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - ruleRunID - the triggered rule id +// - options - TriggeredAnalyticsRuleRunClientGetOptions contains the optional parameters for the TriggeredAnalyticsRuleRunClient.Get +// method. +func (client *TriggeredAnalyticsRuleRunClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ruleRunID string, options *TriggeredAnalyticsRuleRunClientGetOptions) (TriggeredAnalyticsRuleRunClientGetResponse, error) { + var err error + const operationName = "TriggeredAnalyticsRuleRunClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, ruleRunID, options) + if err != nil { + return TriggeredAnalyticsRuleRunClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return TriggeredAnalyticsRuleRunClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return TriggeredAnalyticsRuleRunClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *TriggeredAnalyticsRuleRunClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, ruleRunID string, options *TriggeredAnalyticsRuleRunClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns/{ruleRunId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if ruleRunID == "" { + return nil, errors.New("parameter ruleRunID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{ruleRunId}", url.PathEscape(ruleRunID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *TriggeredAnalyticsRuleRunClient) getHandleResponse(resp *http.Response) (TriggeredAnalyticsRuleRunClientGetResponse, error) { + result := TriggeredAnalyticsRuleRunClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.TriggeredAnalyticsRuleRun); err != nil { + return TriggeredAnalyticsRuleRunClientGetResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/update_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/update_client.go new file mode 100644 index 000000000000..60d86d18e849 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/update_client.go @@ -0,0 +1,117 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// UpdateClient contains the methods for the Update group. +// Don't use this type directly, use NewUpdateClient() instead. +type UpdateClient struct { + internal *arm.Client + subscriptionID string +} + +// NewUpdateClient creates a new instance of UpdateClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewUpdateClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*UpdateClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &UpdateClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Recommendation - Patch a recommendation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - recommendationID - Recommendation Id. +// - recommendationPatch - Recommendation Fields to Update. +// - options - UpdateClientRecommendationOptions contains the optional parameters for the UpdateClient.Recommendation method. +func (client *UpdateClient) Recommendation(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, recommendationPatch RecommendationPatch, options *UpdateClientRecommendationOptions) (UpdateClientRecommendationResponse, error) { + var err error + const operationName = "UpdateClient.Recommendation" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.recommendationCreateRequest(ctx, resourceGroupName, workspaceName, recommendationID, recommendationPatch, options) + if err != nil { + return UpdateClientRecommendationResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return UpdateClientRecommendationResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return UpdateClientRecommendationResponse{}, err + } + resp, err := client.recommendationHandleResponse(httpResp) + return resp, err +} + +// recommendationCreateRequest creates the Recommendation request. +func (client *UpdateClient) recommendationCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, recommendationID string, recommendationPatch RecommendationPatch, options *UpdateClientRecommendationOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if recommendationID == "" { + return nil, errors.New("parameter recommendationID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{recommendationId}", url.PathEscape(recommendationID)) + req, err := runtime.NewRequest(ctx, http.MethodPatch, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, recommendationPatch); err != nil { + return nil, err + } + return req, nil +} + +// recommendationHandleResponse handles the Recommendation response. +func (client *UpdateClient) recommendationHandleResponse(resp *http.Response) (UpdateClientRecommendationResponse, error) { + result := UpdateClientRecommendationResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Recommendation); err != nil { + return UpdateClientRecommendationResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client.go index ef295ace02fd..a43254354537 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client.go @@ -43,14 +43,14 @@ func NewWatchlistItemsClient(subscriptionID string, credential azcore.TokenCrede return client, nil } -// CreateOrUpdate - Create or update a watchlist item. +// CreateOrUpdate - Creates or updates a watchlist item. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. -// - watchlistAlias - The watchlist alias -// - watchlistItemID - The watchlist item id (GUID) +// - watchlistAlias - Watchlist Alias +// - watchlistItemID - Watchlist Item Id (GUID) // - watchlistItem - The watchlist item // - options - WatchlistItemsClientCreateOrUpdateOptions contains the optional parameters for the WatchlistItemsClient.CreateOrUpdate // method. @@ -104,7 +104,7 @@ func (client *WatchlistItemsClient) createOrUpdateCreateRequest(ctx context.Cont return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, watchlistItem); err != nil { @@ -125,11 +125,11 @@ func (client *WatchlistItemsClient) createOrUpdateHandleResponse(resp *http.Resp // Delete - Delete a watchlist item. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. -// - watchlistAlias - The watchlist alias -// - watchlistItemID - The watchlist item id (GUID) +// - watchlistAlias - Watchlist Alias +// - watchlistItemID - Watchlist Item Id (GUID) // - options - WatchlistItemsClientDeleteOptions contains the optional parameters for the WatchlistItemsClient.Delete method. func (client *WatchlistItemsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, options *WatchlistItemsClientDeleteOptions) (WatchlistItemsClientDeleteResponse, error) { var err error @@ -180,20 +180,20 @@ func (client *WatchlistItemsClient) deleteCreateRequest(ctx context.Context, res return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } -// Get - Get a watchlist item. +// Get - Gets a watchlist, without its watchlist items. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. -// - watchlistAlias - The watchlist alias -// - watchlistItemID - The watchlist item id (GUID) +// - watchlistAlias - Watchlist Alias +// - watchlistItemID - Watchlist Item Id (GUID) // - options - WatchlistItemsClientGetOptions contains the optional parameters for the WatchlistItemsClient.Get method. func (client *WatchlistItemsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, options *WatchlistItemsClientGetOptions) (WatchlistItemsClientGetResponse, error) { var err error @@ -245,7 +245,7 @@ func (client *WatchlistItemsClient) getCreateRequest(ctx context.Context, resour return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -260,12 +260,12 @@ func (client *WatchlistItemsClient) getHandleResponse(resp *http.Response) (Watc return result, nil } -// NewListPager - Get all watchlist Items. +// NewListPager - Gets all watchlist Items. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. -// - watchlistAlias - The watchlist alias +// - watchlistAlias - Watchlist Alias // - options - WatchlistItemsClientListOptions contains the optional parameters for the WatchlistItemsClient.NewListPager method. func (client *WatchlistItemsClient) NewListPager(resourceGroupName string, workspaceName string, watchlistAlias string, options *WatchlistItemsClientListOptions) *runtime.Pager[WatchlistItemsClientListResponse] { return runtime.NewPager(runtime.PagingHandler[WatchlistItemsClientListResponse]{ @@ -314,10 +314,10 @@ func (client *WatchlistItemsClient) listCreateRequest(ctx context.Context, resou return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") if options != nil && options.SkipToken != nil { reqQP.Set("$skipToken", *options.SkipToken) } + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client_example_test.go deleted file mode 100644 index 8bfc645ec9af..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlistitems_client_example_test.go +++ /dev/null @@ -1,213 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/watchlists/GetWatchlistItems.json -func ExampleWatchlistItemsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewWatchlistItemsClient().NewListPager("myRg", "myWorkspace", "highValueAsset", &armsecurityinsights.WatchlistItemsClientListOptions{SkipToken: nil}) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.WatchlistItemList = armsecurityinsights.WatchlistItemList{ - // Value: []*armsecurityinsights.WatchlistItem{ - // { - // Name: to.Ptr("fd37d325-7090-47fe-851a-5b5a00c3f576"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists/WatchlistItems"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/Watchlists/highValueAsset/WatchlistItems/fd37d325-7090-47fe-851a-5b5a00c3f576"), - // Etag: to.Ptr("\"f2089bfa-0000-0d00-0000-601c58b42021\""), - // Properties: &armsecurityinsights.WatchlistItemProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-02-04T20:27:32.378Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // EntityMapping: map[string]any{ - // }, - // IsDeleted: to.Ptr(false), - // ItemsKeyValue: map[string]any{ - // "Header-1": "v1_1", - // "Header-2": "v1_2", - // "Header-3": "v1_3", - // "Header-4": "v1_4", - // "Header-5": "v1_5", - // }, - // TenantID: to.Ptr("3f8901fe-63d9-4875-9ad5-9fb3b8105797"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-02-04T20:27:32.378Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistItemID: to.Ptr("fd37d325-7090-47fe-851a-5b5a00c3f576"), - // WatchlistItemType: to.Ptr("watchlist-item"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/watchlists/GetWatchlistItemById.json -func ExampleWatchlistItemsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewWatchlistItemsClient().Get(ctx, "myRg", "myWorkspace", "highValueAsset", "3f8901fe-63d9-4875-9ad5-9fb3b8105797", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.WatchlistItem = armsecurityinsights.WatchlistItem{ - // Name: to.Ptr("fd37d325-7090-47fe-851a-5b5a00c3f576"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists/WatchlistItems"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/Watchlists/highValueAsset/WatchlistItems/fd37d325-7090-47fe-851a-5b5a00c3f576"), - // Etag: to.Ptr("\"f2089bfa-0000-0d00-0000-601c58b42021\""), - // Properties: &armsecurityinsights.WatchlistItemProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-02-04T20:27:32.378Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // EntityMapping: map[string]any{ - // }, - // IsDeleted: to.Ptr(false), - // ItemsKeyValue: map[string]any{ - // "Header-1": "v1_1", - // "Header-2": "v1_2", - // "Header-3": "v1_3", - // "Header-4": "v1_4", - // "Header-5": "v1_5", - // }, - // TenantID: to.Ptr("3f8901fe-63d9-4875-9ad5-9fb3b8105797"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-02-04T20:27:32.378Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistItemID: to.Ptr("fd37d325-7090-47fe-851a-5b5a00c3f576"), - // WatchlistItemType: to.Ptr("watchlist-item"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/watchlists/DeleteWatchlistItem.json -func ExampleWatchlistItemsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewWatchlistItemsClient().Delete(ctx, "myRg", "myWorkspace", "highValueAsset", "4008512e-1d30-48b2-9ee2-d3612ed9d3ea", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/watchlists/CreateWatchlistItem.json -func ExampleWatchlistItemsClient_CreateOrUpdate() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewWatchlistItemsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "highValueAsset", "82ba292c-dc97-4dfc-969d-d4dd9e666842", armsecurityinsights.WatchlistItem{ - Etag: to.Ptr("0300bf09-0000-0000-0000-5c37296e0000"), - Properties: &armsecurityinsights.WatchlistItemProperties{ - ItemsKeyValue: map[string]any{ - "Business tier": "10.0.2.0/24", - "Data tier": "10.0.2.0/24", - "Gateway subnet": "10.0.255.224/27", - "Private DMZ in": "10.0.0.0/27", - "Public DMZ out": "10.0.0.96/27", - "Web Tier": "10.0.1.0/24", - }, - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.WatchlistItem = armsecurityinsights.WatchlistItem{ - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists/WatchlistItems"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/Watchlists/highValueAsset/WatchlistItems/82ba292c-dc97-4dfc-969d-d4dd9e666842"), - // Etag: to.Ptr("0300bf09-0000-0000-0000-5c37296e0000"), - // Properties: &armsecurityinsights.WatchlistItemProperties{ - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-11-15T04:58:56.074Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // IsDeleted: to.Ptr(false), - // ItemsKeyValue: map[string]any{ - // "Business tier": "10.0.2.0/24", - // "Data tier": "10.0.2.0/24", - // "Gateway subnet": "10.0.255.224/27", - // "Private DMZ in": "10.0.0.0/27", - // "Public DMZ out": "10.0.0.96/27", - // "Web Tier": "10.0.1.0/24", - // }, - // TenantID: to.Ptr("4008512e-1d30-48b2-9ee2-d3612ed9d3ea"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-11-16T16:05:20.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistItemID: to.Ptr("82ba292c-dc97-4dfc-969d-d4dd9e666842"), - // WatchlistItemType: to.Ptr("watchlist-item"), - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client.go index 55f28756eaa3..9dbebe9ff0a7 100644 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client.go +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client.go @@ -44,14 +44,17 @@ func NewWatchlistsClient(subscriptionID string, credential azcore.TokenCredentia } // CreateOrUpdate - Create or update a Watchlist and its Watchlist Items (bulk creation, e.g. through text/csv content type). -// To create a Watchlist and its Items, we should call this endpoint with rawContent and -// contentType properties. +// To create a Watchlist and its Items, we should call this endpoint with either rawContent or a +// valid SAR URI and contentType properties. The rawContent is mainly used for small watchlist (content size below 3.8 MB). +// The SAS URI enables the creation of large watchlist, where the content size can +// go up to 500 MB. The status of processing such large file can be polled through the URL returned in Azure-AsyncOperation +// header. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. -// - watchlistAlias - The watchlist alias +// - watchlistAlias - Watchlist Alias // - watchlist - The watchlist // - options - WatchlistsClientCreateOrUpdateOptions contains the optional parameters for the WatchlistsClient.CreateOrUpdate // method. @@ -101,7 +104,7 @@ func (client *WatchlistsClient) createOrUpdateCreateRequest(ctx context.Context, return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} if err := runtime.MarshalAsJSON(req, watchlist); err != nil { @@ -113,6 +116,9 @@ func (client *WatchlistsClient) createOrUpdateCreateRequest(ctx context.Context, // createOrUpdateHandleResponse handles the CreateOrUpdate response. func (client *WatchlistsClient) createOrUpdateHandleResponse(resp *http.Response) (WatchlistsClientCreateOrUpdateResponse, error) { result := WatchlistsClientCreateOrUpdateResponse{} + if val := resp.Header.Get("Azure-AsyncOperation"); val != "" { + result.AzureAsyncOperation = &val + } if err := runtime.UnmarshalAsJSON(resp, &result.Watchlist); err != nil { return WatchlistsClientCreateOrUpdateResponse{}, err } @@ -122,10 +128,10 @@ func (client *WatchlistsClient) createOrUpdateHandleResponse(resp *http.Response // Delete - Delete a watchlist. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. -// - watchlistAlias - The watchlist alias +// - watchlistAlias - Watchlist Alias // - options - WatchlistsClientDeleteOptions contains the optional parameters for the WatchlistsClient.Delete method. func (client *WatchlistsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, options *WatchlistsClientDeleteOptions) (WatchlistsClientDeleteResponse, error) { var err error @@ -145,7 +151,8 @@ func (client *WatchlistsClient) Delete(ctx context.Context, resourceGroupName st err = runtime.NewResponseError(httpResp) return WatchlistsClientDeleteResponse{}, err } - return WatchlistsClientDeleteResponse{}, nil + resp, err := client.deleteHandleResponse(httpResp) + return resp, err } // deleteCreateRequest creates the Delete request. @@ -172,19 +179,28 @@ func (client *WatchlistsClient) deleteCreateRequest(ctx context.Context, resourc return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } -// Get - Get a watchlist, without its watchlist items. +// deleteHandleResponse handles the Delete response. +func (client *WatchlistsClient) deleteHandleResponse(resp *http.Response) (WatchlistsClientDeleteResponse, error) { + result := WatchlistsClientDeleteResponse{} + if val := resp.Header.Get("Azure-AsyncOperation"); val != "" { + result.AzureAsyncOperation = &val + } + return result, nil +} + +// Get - Gets a watchlist, without its watchlist items. // If the operation fails it returns an *azcore.ResponseError type. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. -// - watchlistAlias - The watchlist alias +// - watchlistAlias - Watchlist Alias // - options - WatchlistsClientGetOptions contains the optional parameters for the WatchlistsClient.Get method. func (client *WatchlistsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, options *WatchlistsClientGetOptions) (WatchlistsClientGetResponse, error) { var err error @@ -232,7 +248,7 @@ func (client *WatchlistsClient) getCreateRequest(ctx context.Context, resourceGr return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -247,9 +263,9 @@ func (client *WatchlistsClient) getHandleResponse(resp *http.Response) (Watchlis return result, nil } -// NewListPager - Get all watchlists, without watchlist items. +// NewListPager - Gets all watchlists, without watchlist items. // -// Generated from API version 2021-10-01 +// Generated from API version 2024-01-01-preview // - resourceGroupName - The name of the resource group. The name is case insensitive. // - workspaceName - The name of the workspace. // - options - WatchlistsClientListOptions contains the optional parameters for the WatchlistsClient.NewListPager method. @@ -296,10 +312,10 @@ func (client *WatchlistsClient) listCreateRequest(ctx context.Context, resourceG return nil, err } reqQP := req.Raw().URL.Query() - reqQP.Set("api-version", "2021-10-01") if options != nil && options.SkipToken != nil { reqQP.Set("$skipToken", *options.SkipToken) } + reqQP.Set("api-version", "2024-01-01-preview") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client_example_test.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client_example_test.go deleted file mode 100644 index 365b2ba860b0..000000000000 --- a/sdk/resourcemanager/securityinsights/armsecurityinsights/watchlists_client_example_test.go +++ /dev/null @@ -1,273 +0,0 @@ -//go:build go1.18 -// +build go1.18 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. -// DO NOT EDIT. - -package armsecurityinsights_test - -import ( - "context" - "log" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore/to" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights" -) - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/watchlists/GetWatchlists.json -func ExampleWatchlistsClient_NewListPager() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - pager := clientFactory.NewWatchlistsClient().NewListPager("myRg", "myWorkspace", &armsecurityinsights.WatchlistsClientListOptions{SkipToken: nil}) - for pager.More() { - page, err := pager.NextPage(ctx) - if err != nil { - log.Fatalf("failed to advance page: %v", err) - } - for _, v := range page.Value { - // You could use page here. We use blank identifier for just demo purposes. - _ = v - } - // If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // page.WatchlistList = armsecurityinsights.WatchlistList{ - // Value: []*armsecurityinsights.Watchlist{ - // { - // Name: to.Ptr("highValueAsset"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/watchlists/highValueAsset"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.WatchlistProperties{ - // Description: to.Ptr("Watchlist from CSV content"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:54.774Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DefaultDuration: to.Ptr("P1279DT12H30M5S"), - // DisplayName: to.Ptr("High Value Assets Watchlist"), - // IsDeleted: to.Ptr(false), - // ItemsSearchKey: to.Ptr("header1"), - // Labels: []*string{ - // to.Ptr("Tag1"), - // to.Ptr("Tag2")}, - // Provider: to.Ptr("Microsoft"), - // Source: to.Ptr(armsecurityinsights.SourceLocalFile), - // TenantID: to.Ptr("f686d426-8d16-42db-81b7-ab578e110ccd"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:57.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistAlias: to.Ptr("highValueAsset"), - // WatchlistID: to.Ptr("76d5a51f-ba1f-4038-9d22-59fda38dc017"), - // WatchlistType: to.Ptr("watchlist"), - // }, - // }}, - // } - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/watchlists/GetWatchlistByAlias.json -func ExampleWatchlistsClient_Get() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewWatchlistsClient().Get(ctx, "myRg", "myWorkspace", "highValueAsset", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Watchlist = armsecurityinsights.Watchlist{ - // Name: to.Ptr("highValueAsset"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/watchlists/highValueAsset"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.WatchlistProperties{ - // Description: to.Ptr("Watchlist from CSV content"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:54.774Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DefaultDuration: to.Ptr("P1279DT12H30M5S"), - // DisplayName: to.Ptr("High Value Assets Watchlist"), - // IsDeleted: to.Ptr(false), - // ItemsSearchKey: to.Ptr("header1"), - // Labels: []*string{ - // to.Ptr("Tag1"), - // to.Ptr("Tag2")}, - // Provider: to.Ptr("Microsoft"), - // Source: to.Ptr(armsecurityinsights.SourceLocalFile), - // TenantID: to.Ptr("f686d426-8d16-42db-81b7-ab578e110ccd"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:57.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistAlias: to.Ptr("highValueAsset"), - // WatchlistID: to.Ptr("76d5a51f-ba1f-4038-9d22-59fda38dc017"), - // WatchlistType: to.Ptr("watchlist"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/watchlists/DeleteWatchlist.json -func ExampleWatchlistsClient_Delete() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - _, err = clientFactory.NewWatchlistsClient().Delete(ctx, "myRg", "myWorkspace", "highValueAsset", nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/watchlists/CreateWatchlistAndWatchlistItems.json -func ExampleWatchlistsClient_CreateOrUpdate_createOrUpdateAWatchlistAndBulkCreatesWatchlistItems() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewWatchlistsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "highValueAsset", armsecurityinsights.Watchlist{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.WatchlistProperties{ - Description: to.Ptr("Watchlist from CSV content"), - ContentType: to.Ptr("text/csv"), - DisplayName: to.Ptr("High Value Assets Watchlist"), - ItemsSearchKey: to.Ptr("header1"), - NumberOfLinesToSkip: to.Ptr[int32](1), - Provider: to.Ptr("Microsoft"), - RawContent: to.Ptr("This line will be skipped\nheader1,header2\nvalue1,value2"), - Source: to.Ptr(armsecurityinsights.SourceLocalFile), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Watchlist = armsecurityinsights.Watchlist{ - // Name: to.Ptr("highValueAsset"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/watchlists/highValueAsset"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.WatchlistProperties{ - // Description: to.Ptr("Watchlist from CSV content"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:54.774Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DisplayName: to.Ptr("High Value Assets Watchlist"), - // IsDeleted: to.Ptr(false), - // ItemsSearchKey: to.Ptr("header1"), - // Provider: to.Ptr("Microsoft"), - // Source: to.Ptr(armsecurityinsights.SourceLocalFile), - // TenantID: to.Ptr("f686d426-8d16-42db-81b7-ab578e110ccd"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:57.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistAlias: to.Ptr("highValueAsset"), - // WatchlistID: to.Ptr("76d5a51f-ba1f-4038-9d22-59fda38dc017"), - // WatchlistType: to.Ptr("watchlist"), - // }, - // } -} - -// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/watchlists/CreateWatchlist.json -func ExampleWatchlistsClient_CreateOrUpdate_createOrUpdateAWatchlist() { - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - log.Fatalf("failed to obtain a credential: %v", err) - } - ctx := context.Background() - clientFactory, err := armsecurityinsights.NewClientFactory("", cred, nil) - if err != nil { - log.Fatalf("failed to create client: %v", err) - } - res, err := clientFactory.NewWatchlistsClient().CreateOrUpdate(ctx, "myRg", "myWorkspace", "highValueAsset", armsecurityinsights.Watchlist{ - Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - Properties: &armsecurityinsights.WatchlistProperties{ - Description: to.Ptr("Watchlist from CSV content"), - DisplayName: to.Ptr("High Value Assets Watchlist"), - ItemsSearchKey: to.Ptr("header1"), - Provider: to.Ptr("Microsoft"), - Source: to.Ptr(armsecurityinsights.SourceLocalFile), - }, - }, nil) - if err != nil { - log.Fatalf("failed to finish the request: %v", err) - } - // You could use response here. We use blank identifier for just demo purposes. - _ = res - // If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes. - // res.Watchlist = armsecurityinsights.Watchlist{ - // Name: to.Ptr("highValueAsset"), - // Type: to.Ptr("Microsoft.SecurityInsights/Watchlists"), - // ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/watchlists/highValueAsset"), - // Etag: to.Ptr("\"0300bf09-0000-0000-0000-5c37296e0000\""), - // Properties: &armsecurityinsights.WatchlistProperties{ - // Description: to.Ptr("Watchlist from CSV content"), - // Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:54.774Z"); return t}()), - // CreatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // DisplayName: to.Ptr("High Value Assets Watchlist"), - // IsDeleted: to.Ptr(false), - // ItemsSearchKey: to.Ptr("header1"), - // Provider: to.Ptr("Microsoft"), - // Source: to.Ptr(armsecurityinsights.SourceLocalFile), - // TenantID: to.Ptr("f686d426-8d16-42db-81b7-ab578e110ccd"), - // Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-28T00:26:57.000Z"); return t}()), - // UpdatedBy: &armsecurityinsights.UserInfo{ - // Name: to.Ptr("john doe"), - // Email: to.Ptr("john@contoso.com"), - // ObjectID: to.Ptr("2046feea-040d-4a46-9e2b-91c2941bfa70"), - // }, - // WatchlistAlias: to.Ptr("highValueAsset"), - // WatchlistID: to.Ptr("76d5a51f-ba1f-4038-9d22-59fda38dc017"), - // WatchlistType: to.Ptr("watchlist"), - // }, - // } -} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignmentjobs_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignmentjobs_client.go new file mode 100644 index 000000000000..a02c5e501ae3 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignmentjobs_client.go @@ -0,0 +1,334 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// WorkspaceManagerAssignmentJobsClient contains the methods for the WorkspaceManagerAssignmentJobs group. +// Don't use this type directly, use NewWorkspaceManagerAssignmentJobsClient() instead. +type WorkspaceManagerAssignmentJobsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewWorkspaceManagerAssignmentJobsClient creates a new instance of WorkspaceManagerAssignmentJobsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewWorkspaceManagerAssignmentJobsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WorkspaceManagerAssignmentJobsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &WorkspaceManagerAssignmentJobsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Create - Create a job for the specified workspace manager assignment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - options - WorkspaceManagerAssignmentJobsClientCreateOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Create +// method. +func (client *WorkspaceManagerAssignmentJobsClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentJobsClientCreateOptions) (WorkspaceManagerAssignmentJobsClientCreateResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentJobsClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, options) + if err != nil { + return WorkspaceManagerAssignmentJobsClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentJobsClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentJobsClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *WorkspaceManagerAssignmentJobsClient) createCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentJobsClientCreateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *WorkspaceManagerAssignmentJobsClient) createHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentJobsClientCreateResponse, error) { + result := WorkspaceManagerAssignmentJobsClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Job); err != nil { + return WorkspaceManagerAssignmentJobsClientCreateResponse{}, err + } + return result, nil +} + +// Delete - Deletes the specified job from the specified workspace manager assignment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - jobName - The job name +// - options - WorkspaceManagerAssignmentJobsClientDeleteOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Delete +// method. +func (client *WorkspaceManagerAssignmentJobsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, options *WorkspaceManagerAssignmentJobsClientDeleteOptions) (WorkspaceManagerAssignmentJobsClientDeleteResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentJobsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, jobName, options) + if err != nil { + return WorkspaceManagerAssignmentJobsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentJobsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentJobsClientDeleteResponse{}, err + } + return WorkspaceManagerAssignmentJobsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *WorkspaceManagerAssignmentJobsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, options *WorkspaceManagerAssignmentJobsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + if jobName == "" { + return nil, errors.New("parameter jobName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{jobName}", url.PathEscape(jobName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a job +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - jobName - The job name +// - options - WorkspaceManagerAssignmentJobsClientGetOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.Get +// method. +func (client *WorkspaceManagerAssignmentJobsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, options *WorkspaceManagerAssignmentJobsClientGetOptions) (WorkspaceManagerAssignmentJobsClientGetResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentJobsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, jobName, options) + if err != nil { + return WorkspaceManagerAssignmentJobsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentJobsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentJobsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *WorkspaceManagerAssignmentJobsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, jobName string, options *WorkspaceManagerAssignmentJobsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + if jobName == "" { + return nil, errors.New("parameter jobName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{jobName}", url.PathEscape(jobName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *WorkspaceManagerAssignmentJobsClient) getHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentJobsClientGetResponse, error) { + result := WorkspaceManagerAssignmentJobsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Job); err != nil { + return WorkspaceManagerAssignmentJobsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Get all jobs for the specified workspace manager assignment +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - options - WorkspaceManagerAssignmentJobsClientListOptions contains the optional parameters for the WorkspaceManagerAssignmentJobsClient.NewListPager +// method. +func (client *WorkspaceManagerAssignmentJobsClient) NewListPager(resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentJobsClientListOptions) *runtime.Pager[WorkspaceManagerAssignmentJobsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[WorkspaceManagerAssignmentJobsClientListResponse]{ + More: func(page WorkspaceManagerAssignmentJobsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *WorkspaceManagerAssignmentJobsClientListResponse) (WorkspaceManagerAssignmentJobsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "WorkspaceManagerAssignmentJobsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, options) + }, nil) + if err != nil { + return WorkspaceManagerAssignmentJobsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *WorkspaceManagerAssignmentJobsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentJobsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *WorkspaceManagerAssignmentJobsClient) listHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentJobsClientListResponse, error) { + result := WorkspaceManagerAssignmentJobsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.JobList); err != nil { + return WorkspaceManagerAssignmentJobsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignments_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignments_client.go new file mode 100644 index 000000000000..9b7bef051519 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerassignments_client.go @@ -0,0 +1,323 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// WorkspaceManagerAssignmentsClient contains the methods for the WorkspaceManagerAssignments group. +// Don't use this type directly, use NewWorkspaceManagerAssignmentsClient() instead. +type WorkspaceManagerAssignmentsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewWorkspaceManagerAssignmentsClient creates a new instance of WorkspaceManagerAssignmentsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewWorkspaceManagerAssignmentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WorkspaceManagerAssignmentsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &WorkspaceManagerAssignmentsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a workspace manager assignment. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - workspaceManagerAssignment - The workspace manager assignment +// - options - WorkspaceManagerAssignmentsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.CreateOrUpdate +// method. +func (client *WorkspaceManagerAssignmentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, workspaceManagerAssignment WorkspaceManagerAssignment, options *WorkspaceManagerAssignmentsClientCreateOrUpdateOptions) (WorkspaceManagerAssignmentsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, workspaceManagerAssignment, options) + if err != nil { + return WorkspaceManagerAssignmentsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *WorkspaceManagerAssignmentsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, workspaceManagerAssignment WorkspaceManagerAssignment, options *WorkspaceManagerAssignmentsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, workspaceManagerAssignment); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *WorkspaceManagerAssignmentsClient) createOrUpdateHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentsClientCreateOrUpdateResponse, error) { + result := WorkspaceManagerAssignmentsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerAssignment); err != nil { + return WorkspaceManagerAssignmentsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Deletes a workspace manager assignment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - options - WorkspaceManagerAssignmentsClientDeleteOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.Delete +// method. +func (client *WorkspaceManagerAssignmentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentsClientDeleteOptions) (WorkspaceManagerAssignmentsClientDeleteResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, options) + if err != nil { + return WorkspaceManagerAssignmentsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentsClientDeleteResponse{}, err + } + return WorkspaceManagerAssignmentsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *WorkspaceManagerAssignmentsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a workspace manager assignment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerAssignmentName - The name of the workspace manager assignment +// - options - WorkspaceManagerAssignmentsClientGetOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.Get +// method. +func (client *WorkspaceManagerAssignmentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentsClientGetOptions) (WorkspaceManagerAssignmentsClientGetResponse, error) { + var err error + const operationName = "WorkspaceManagerAssignmentsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerAssignmentName, options) + if err != nil { + return WorkspaceManagerAssignmentsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerAssignmentsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerAssignmentsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *WorkspaceManagerAssignmentsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerAssignmentName string, options *WorkspaceManagerAssignmentsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerAssignmentName == "" { + return nil, errors.New("parameter workspaceManagerAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerAssignmentName}", url.PathEscape(workspaceManagerAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *WorkspaceManagerAssignmentsClient) getHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentsClientGetResponse, error) { + result := WorkspaceManagerAssignmentsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerAssignment); err != nil { + return WorkspaceManagerAssignmentsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Get all workspace manager assignments for the Sentinel workspace manager. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - WorkspaceManagerAssignmentsClientListOptions contains the optional parameters for the WorkspaceManagerAssignmentsClient.NewListPager +// method. +func (client *WorkspaceManagerAssignmentsClient) NewListPager(resourceGroupName string, workspaceName string, options *WorkspaceManagerAssignmentsClientListOptions) *runtime.Pager[WorkspaceManagerAssignmentsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[WorkspaceManagerAssignmentsClientListResponse]{ + More: func(page WorkspaceManagerAssignmentsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *WorkspaceManagerAssignmentsClientListResponse) (WorkspaceManagerAssignmentsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "WorkspaceManagerAssignmentsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return WorkspaceManagerAssignmentsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *WorkspaceManagerAssignmentsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *WorkspaceManagerAssignmentsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *WorkspaceManagerAssignmentsClient) listHandleResponse(resp *http.Response) (WorkspaceManagerAssignmentsClientListResponse, error) { + result := WorkspaceManagerAssignmentsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerAssignmentList); err != nil { + return WorkspaceManagerAssignmentsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerconfigurations_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerconfigurations_client.go new file mode 100644 index 000000000000..7d90fc0081fd --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagerconfigurations_client.go @@ -0,0 +1,323 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// WorkspaceManagerConfigurationsClient contains the methods for the WorkspaceManagerConfigurations group. +// Don't use this type directly, use NewWorkspaceManagerConfigurationsClient() instead. +type WorkspaceManagerConfigurationsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewWorkspaceManagerConfigurationsClient creates a new instance of WorkspaceManagerConfigurationsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewWorkspaceManagerConfigurationsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WorkspaceManagerConfigurationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &WorkspaceManagerConfigurationsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a workspace manager configuration. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerConfigurationName - The name of the workspace manager configuration +// - workspaceManagerConfiguration - The workspace manager configuration +// - options - WorkspaceManagerConfigurationsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.CreateOrUpdate +// method. +func (client *WorkspaceManagerConfigurationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, workspaceManagerConfiguration WorkspaceManagerConfiguration, options *WorkspaceManagerConfigurationsClientCreateOrUpdateOptions) (WorkspaceManagerConfigurationsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "WorkspaceManagerConfigurationsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerConfigurationName, workspaceManagerConfiguration, options) + if err != nil { + return WorkspaceManagerConfigurationsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerConfigurationsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerConfigurationsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *WorkspaceManagerConfigurationsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, workspaceManagerConfiguration WorkspaceManagerConfiguration, options *WorkspaceManagerConfigurationsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerConfigurationName == "" { + return nil, errors.New("parameter workspaceManagerConfigurationName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerConfigurationName}", url.PathEscape(workspaceManagerConfigurationName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, workspaceManagerConfiguration); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *WorkspaceManagerConfigurationsClient) createOrUpdateHandleResponse(resp *http.Response) (WorkspaceManagerConfigurationsClientCreateOrUpdateResponse, error) { + result := WorkspaceManagerConfigurationsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerConfiguration); err != nil { + return WorkspaceManagerConfigurationsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Deletes a workspace manager configuration +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerConfigurationName - The name of the workspace manager configuration +// - options - WorkspaceManagerConfigurationsClientDeleteOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.Delete +// method. +func (client *WorkspaceManagerConfigurationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, options *WorkspaceManagerConfigurationsClientDeleteOptions) (WorkspaceManagerConfigurationsClientDeleteResponse, error) { + var err error + const operationName = "WorkspaceManagerConfigurationsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerConfigurationName, options) + if err != nil { + return WorkspaceManagerConfigurationsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerConfigurationsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerConfigurationsClientDeleteResponse{}, err + } + return WorkspaceManagerConfigurationsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *WorkspaceManagerConfigurationsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, options *WorkspaceManagerConfigurationsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerConfigurationName == "" { + return nil, errors.New("parameter workspaceManagerConfigurationName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerConfigurationName}", url.PathEscape(workspaceManagerConfigurationName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a workspace manager configuration +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerConfigurationName - The name of the workspace manager configuration +// - options - WorkspaceManagerConfigurationsClientGetOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.Get +// method. +func (client *WorkspaceManagerConfigurationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, options *WorkspaceManagerConfigurationsClientGetOptions) (WorkspaceManagerConfigurationsClientGetResponse, error) { + var err error + const operationName = "WorkspaceManagerConfigurationsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerConfigurationName, options) + if err != nil { + return WorkspaceManagerConfigurationsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerConfigurationsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerConfigurationsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *WorkspaceManagerConfigurationsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerConfigurationName string, options *WorkspaceManagerConfigurationsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerConfigurationName == "" { + return nil, errors.New("parameter workspaceManagerConfigurationName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerConfigurationName}", url.PathEscape(workspaceManagerConfigurationName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *WorkspaceManagerConfigurationsClient) getHandleResponse(resp *http.Response) (WorkspaceManagerConfigurationsClientGetResponse, error) { + result := WorkspaceManagerConfigurationsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerConfiguration); err != nil { + return WorkspaceManagerConfigurationsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all workspace manager configurations for a Sentinel workspace. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - WorkspaceManagerConfigurationsClientListOptions contains the optional parameters for the WorkspaceManagerConfigurationsClient.NewListPager +// method. +func (client *WorkspaceManagerConfigurationsClient) NewListPager(resourceGroupName string, workspaceName string, options *WorkspaceManagerConfigurationsClientListOptions) *runtime.Pager[WorkspaceManagerConfigurationsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[WorkspaceManagerConfigurationsClientListResponse]{ + More: func(page WorkspaceManagerConfigurationsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *WorkspaceManagerConfigurationsClientListResponse) (WorkspaceManagerConfigurationsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "WorkspaceManagerConfigurationsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return WorkspaceManagerConfigurationsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *WorkspaceManagerConfigurationsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *WorkspaceManagerConfigurationsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *WorkspaceManagerConfigurationsClient) listHandleResponse(resp *http.Response) (WorkspaceManagerConfigurationsClientListResponse, error) { + result := WorkspaceManagerConfigurationsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerConfigurationList); err != nil { + return WorkspaceManagerConfigurationsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagergroups_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagergroups_client.go new file mode 100644 index 000000000000..1df9b8f37379 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagergroups_client.go @@ -0,0 +1,323 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// WorkspaceManagerGroupsClient contains the methods for the WorkspaceManagerGroups group. +// Don't use this type directly, use NewWorkspaceManagerGroupsClient() instead. +type WorkspaceManagerGroupsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewWorkspaceManagerGroupsClient creates a new instance of WorkspaceManagerGroupsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewWorkspaceManagerGroupsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WorkspaceManagerGroupsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &WorkspaceManagerGroupsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a workspace manager group. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerGroupName - The name of the workspace manager group +// - workspaceManagerGroup - The workspace manager group object +// - options - WorkspaceManagerGroupsClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerGroupsClient.CreateOrUpdate +// method. +func (client *WorkspaceManagerGroupsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, workspaceManagerGroup WorkspaceManagerGroup, options *WorkspaceManagerGroupsClientCreateOrUpdateOptions) (WorkspaceManagerGroupsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "WorkspaceManagerGroupsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerGroupName, workspaceManagerGroup, options) + if err != nil { + return WorkspaceManagerGroupsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerGroupsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerGroupsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *WorkspaceManagerGroupsClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, workspaceManagerGroup WorkspaceManagerGroup, options *WorkspaceManagerGroupsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerGroupName == "" { + return nil, errors.New("parameter workspaceManagerGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerGroupName}", url.PathEscape(workspaceManagerGroupName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, workspaceManagerGroup); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *WorkspaceManagerGroupsClient) createOrUpdateHandleResponse(resp *http.Response) (WorkspaceManagerGroupsClientCreateOrUpdateResponse, error) { + result := WorkspaceManagerGroupsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerGroup); err != nil { + return WorkspaceManagerGroupsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Deletes a workspace manager group +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerGroupName - The name of the workspace manager group +// - options - WorkspaceManagerGroupsClientDeleteOptions contains the optional parameters for the WorkspaceManagerGroupsClient.Delete +// method. +func (client *WorkspaceManagerGroupsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, options *WorkspaceManagerGroupsClientDeleteOptions) (WorkspaceManagerGroupsClientDeleteResponse, error) { + var err error + const operationName = "WorkspaceManagerGroupsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerGroupName, options) + if err != nil { + return WorkspaceManagerGroupsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerGroupsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerGroupsClientDeleteResponse{}, err + } + return WorkspaceManagerGroupsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *WorkspaceManagerGroupsClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, options *WorkspaceManagerGroupsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerGroupName == "" { + return nil, errors.New("parameter workspaceManagerGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerGroupName}", url.PathEscape(workspaceManagerGroupName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a workspace manager group +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerGroupName - The name of the workspace manager group +// - options - WorkspaceManagerGroupsClientGetOptions contains the optional parameters for the WorkspaceManagerGroupsClient.Get +// method. +func (client *WorkspaceManagerGroupsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, options *WorkspaceManagerGroupsClientGetOptions) (WorkspaceManagerGroupsClientGetResponse, error) { + var err error + const operationName = "WorkspaceManagerGroupsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerGroupName, options) + if err != nil { + return WorkspaceManagerGroupsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerGroupsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerGroupsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *WorkspaceManagerGroupsClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerGroupName string, options *WorkspaceManagerGroupsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerGroupName == "" { + return nil, errors.New("parameter workspaceManagerGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerGroupName}", url.PathEscape(workspaceManagerGroupName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *WorkspaceManagerGroupsClient) getHandleResponse(resp *http.Response) (WorkspaceManagerGroupsClientGetResponse, error) { + result := WorkspaceManagerGroupsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerGroup); err != nil { + return WorkspaceManagerGroupsClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all workspace manager groups in the Sentinel workspace manager +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - WorkspaceManagerGroupsClientListOptions contains the optional parameters for the WorkspaceManagerGroupsClient.NewListPager +// method. +func (client *WorkspaceManagerGroupsClient) NewListPager(resourceGroupName string, workspaceName string, options *WorkspaceManagerGroupsClientListOptions) *runtime.Pager[WorkspaceManagerGroupsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[WorkspaceManagerGroupsClientListResponse]{ + More: func(page WorkspaceManagerGroupsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *WorkspaceManagerGroupsClientListResponse) (WorkspaceManagerGroupsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "WorkspaceManagerGroupsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return WorkspaceManagerGroupsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *WorkspaceManagerGroupsClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *WorkspaceManagerGroupsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *WorkspaceManagerGroupsClient) listHandleResponse(resp *http.Response) (WorkspaceManagerGroupsClientListResponse, error) { + result := WorkspaceManagerGroupsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerGroupList); err != nil { + return WorkspaceManagerGroupsClientListResponse{}, err + } + return result, nil +} diff --git a/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagermembers_client.go b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagermembers_client.go new file mode 100644 index 000000000000..0e11d90a9f96 --- /dev/null +++ b/sdk/resourcemanager/securityinsights/armsecurityinsights/workspacemanagermembers_client.go @@ -0,0 +1,323 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armsecurityinsights + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" +) + +// WorkspaceManagerMembersClient contains the methods for the WorkspaceManagerMembers group. +// Don't use this type directly, use NewWorkspaceManagerMembersClient() instead. +type WorkspaceManagerMembersClient struct { + internal *arm.Client + subscriptionID string +} + +// NewWorkspaceManagerMembersClient creates a new instance of WorkspaceManagerMembersClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewWorkspaceManagerMembersClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*WorkspaceManagerMembersClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &WorkspaceManagerMembersClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a workspace manager member +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerMemberName - The name of the workspace manager member +// - workspaceManagerMember - The workspace manager member object +// - options - WorkspaceManagerMembersClientCreateOrUpdateOptions contains the optional parameters for the WorkspaceManagerMembersClient.CreateOrUpdate +// method. +func (client *WorkspaceManagerMembersClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, workspaceManagerMember WorkspaceManagerMember, options *WorkspaceManagerMembersClientCreateOrUpdateOptions) (WorkspaceManagerMembersClientCreateOrUpdateResponse, error) { + var err error + const operationName = "WorkspaceManagerMembersClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerMemberName, workspaceManagerMember, options) + if err != nil { + return WorkspaceManagerMembersClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerMembersClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerMembersClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *WorkspaceManagerMembersClient) createOrUpdateCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, workspaceManagerMember WorkspaceManagerMember, options *WorkspaceManagerMembersClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerMemberName == "" { + return nil, errors.New("parameter workspaceManagerMemberName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerMemberName}", url.PathEscape(workspaceManagerMemberName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, workspaceManagerMember); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *WorkspaceManagerMembersClient) createOrUpdateHandleResponse(resp *http.Response) (WorkspaceManagerMembersClientCreateOrUpdateResponse, error) { + result := WorkspaceManagerMembersClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerMember); err != nil { + return WorkspaceManagerMembersClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Deletes a workspace manager member +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerMemberName - The name of the workspace manager member +// - options - WorkspaceManagerMembersClientDeleteOptions contains the optional parameters for the WorkspaceManagerMembersClient.Delete +// method. +func (client *WorkspaceManagerMembersClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, options *WorkspaceManagerMembersClientDeleteOptions) (WorkspaceManagerMembersClientDeleteResponse, error) { + var err error + const operationName = "WorkspaceManagerMembersClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerMemberName, options) + if err != nil { + return WorkspaceManagerMembersClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerMembersClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerMembersClientDeleteResponse{}, err + } + return WorkspaceManagerMembersClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *WorkspaceManagerMembersClient) deleteCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, options *WorkspaceManagerMembersClientDeleteOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerMemberName == "" { + return nil, errors.New("parameter workspaceManagerMemberName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerMemberName}", url.PathEscape(workspaceManagerMemberName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Gets a workspace manager member +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - workspaceManagerMemberName - The name of the workspace manager member +// - options - WorkspaceManagerMembersClientGetOptions contains the optional parameters for the WorkspaceManagerMembersClient.Get +// method. +func (client *WorkspaceManagerMembersClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, options *WorkspaceManagerMembersClientGetOptions) (WorkspaceManagerMembersClientGetResponse, error) { + var err error + const operationName = "WorkspaceManagerMembersClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceGroupName, workspaceName, workspaceManagerMemberName, options) + if err != nil { + return WorkspaceManagerMembersClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return WorkspaceManagerMembersClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return WorkspaceManagerMembersClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *WorkspaceManagerMembersClient) getCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, workspaceManagerMemberName string, options *WorkspaceManagerMembersClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + if workspaceManagerMemberName == "" { + return nil, errors.New("parameter workspaceManagerMemberName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceManagerMemberName}", url.PathEscape(workspaceManagerMemberName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *WorkspaceManagerMembersClient) getHandleResponse(resp *http.Response) (WorkspaceManagerMembersClientGetResponse, error) { + result := WorkspaceManagerMembersClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerMember); err != nil { + return WorkspaceManagerMembersClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all workspace manager members that exist for the given Sentinel workspace manager +// +// Generated from API version 2024-01-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - workspaceName - The name of the workspace. +// - options - WorkspaceManagerMembersClientListOptions contains the optional parameters for the WorkspaceManagerMembersClient.NewListPager +// method. +func (client *WorkspaceManagerMembersClient) NewListPager(resourceGroupName string, workspaceName string, options *WorkspaceManagerMembersClientListOptions) *runtime.Pager[WorkspaceManagerMembersClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[WorkspaceManagerMembersClientListResponse]{ + More: func(page WorkspaceManagerMembersClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *WorkspaceManagerMembersClientListResponse) (WorkspaceManagerMembersClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "WorkspaceManagerMembersClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, resourceGroupName, workspaceName, options) + }, nil) + if err != nil { + return WorkspaceManagerMembersClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *WorkspaceManagerMembersClient) listCreateRequest(ctx context.Context, resourceGroupName string, workspaceName string, options *WorkspaceManagerMembersClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if workspaceName == "" { + return nil, errors.New("parameter workspaceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{workspaceName}", url.PathEscape(workspaceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Orderby != nil { + reqQP.Set("$orderby", *options.Orderby) + } + if options != nil && options.SkipToken != nil { + reqQP.Set("$skipToken", *options.SkipToken) + } + if options != nil && options.Top != nil { + reqQP.Set("$top", strconv.FormatInt(int64(*options.Top), 10)) + } + reqQP.Set("api-version", "2024-01-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *WorkspaceManagerMembersClient) listHandleResponse(resp *http.Response) (WorkspaceManagerMembersClientListResponse, error) { + result := WorkspaceManagerMembersClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.WorkspaceManagerMembersList); err != nil { + return WorkspaceManagerMembersClientListResponse{}, err + } + return result, nil +}