diff --git a/sdk/securityinsight/arm-securityinsight/CHANGELOG.md b/sdk/securityinsight/arm-securityinsight/CHANGELOG.md index 7c20ef6e2354..589208e1132f 100644 --- a/sdk/securityinsight/arm-securityinsight/CHANGELOG.md +++ b/sdk/securityinsight/arm-securityinsight/CHANGELOG.md @@ -1,5 +1,96 @@ # Release History +## 1.0.0-beta.4 (2022-06-10) + +**Features** + + - Added operation group SecurityMLAnalyticsSettings + - Added Interface AutomationRulePropertyArrayChangedValuesCondition + - Added Interface AutomationRulePropertyValuesChangedCondition + - Added Interface GetInsightsErrorKind + - Added Interface SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams + - Added Interface SecurityMLAnalyticsSettingsDataSource + - Added Interface SecurityMLAnalyticsSettingsDeleteOptionalParams + - Added Interface SecurityMLAnalyticsSettingsGetOptionalParams + - Added Interface SecurityMLAnalyticsSettingsList + - Added Interface SecurityMLAnalyticsSettingsListNextOptionalParams + - Added Interface SecurityMLAnalyticsSettingsListOptionalParams + - Added Type Alias AnomalySecurityMLAnalyticsSettings + - Added Type Alias AnomalyTimelineItem + - Added Type Alias AutomationRulePropertyArrayChangedConditionSupportedArrayType + - Added Type Alias AutomationRulePropertyArrayChangedConditionSupportedChangeType + - Added Type Alias AutomationRulePropertyChangedConditionSupportedChangedType + - Added Type Alias AutomationRulePropertyChangedConditionSupportedPropertyType + - Added Type Alias DeviceImportance + - Added Type Alias EntityProviders + - Added Type Alias Enum13 + - Added Type Alias GetInsightsError + - Added Type Alias NicEntity + - Added Type Alias NicEntityProperties + - Added Type Alias PropertyArrayChangedConditionProperties + - Added Type Alias PropertyChangedConditionProperties + - Added Type Alias SecurityMLAnalyticsSetting + - Added Type Alias SecurityMLAnalyticsSettingsCreateOrUpdateResponse + - Added Type Alias SecurityMLAnalyticsSettingsGetResponse + - Added Type Alias SecurityMLAnalyticsSettingsKind + - Added Type Alias SecurityMLAnalyticsSettingsListNextResponse + - Added Type Alias SecurityMLAnalyticsSettingsListResponse + - Added Type Alias SecurityMLAnalyticsSettingUnion + - Added Type Alias SettingsStatus + - Interface DataConnectorConnectBody has a new optional parameter dataCollectionEndpoint + - Interface DataConnectorConnectBody has a new optional parameter dataCollectionRuleImmutableId + - Interface DataConnectorConnectBody has a new optional parameter outputStream + - Class SecurityInsights has a new parameter securityMLAnalyticsSettings + - Type Alias EntityAnalytics has a new parameter entityProviders + - Type Alias IoTDeviceEntity has a new parameter owners + - Type Alias IoTDeviceEntity has a new parameter nicEntityIds + - Type Alias IoTDeviceEntity has a new parameter site + - Type Alias IoTDeviceEntity has a new parameter zone + - Type Alias IoTDeviceEntity has a new parameter sensor + - Type Alias IoTDeviceEntity has a new parameter deviceSubType + - Type Alias IoTDeviceEntity has a new parameter importance + - Type Alias IoTDeviceEntity has a new parameter purdueLayer + - Type Alias IoTDeviceEntity has a new parameter isAuthorized + - Type Alias IoTDeviceEntity has a new parameter isProgramming + - Type Alias IoTDeviceEntity has a new parameter isScanner + - Type Alias IoTDeviceEntityProperties has a new parameter owners + - Type Alias IoTDeviceEntityProperties has a new parameter nicEntityIds + - Type Alias IoTDeviceEntityProperties has a new parameter site + - Type Alias IoTDeviceEntityProperties has a new parameter zone + - Type Alias IoTDeviceEntityProperties has a new parameter sensor + - Type Alias IoTDeviceEntityProperties has a new parameter deviceSubType + - Type Alias IoTDeviceEntityProperties has a new parameter importance + - Type Alias IoTDeviceEntityProperties has a new parameter purdueLayer + - Type Alias IoTDeviceEntityProperties has a new parameter isAuthorized + - Type Alias IoTDeviceEntityProperties has a new parameter isProgramming + - Type Alias IoTDeviceEntityProperties has a new parameter isScanner + - Added Enum KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType + - Added Enum KnownAutomationRulePropertyArrayChangedConditionSupportedChangeType + - Added Enum KnownAutomationRulePropertyChangedConditionSupportedChangedType + - Added Enum KnownAutomationRulePropertyChangedConditionSupportedPropertyType + - Added Enum KnownDeviceImportance + - Added Enum KnownEntityProviders + - Added Enum KnownEnum13 + - Added Enum KnownGetInsightsError + - Added Enum KnownSecurityMLAnalyticsSettingsKind + - Added Enum KnownSettingsStatus + - Enum KnownConditionType has a new value PropertyArrayChanged + - Enum KnownConditionType has a new value PropertyChanged + - Enum KnownEntityKind has a new value Nic + - Enum KnownEntityTimelineKind has a new value Anomaly + - Enum KnownEntityType has a new value Nic + - Enum KnownTriggersWhen has a new value Updated + +**Breaking Changes** + + - Type Alias EntityAnalytics no longer has parameter isEnabled + - Type Alias Watchlist no longer has parameter sasUri + - Type Alias Watchlist no longer has parameter provisioningState + - Removed Enum KnownEnum12 + - Removed Enum KnownProvisioningState + - Removed Enum KnownSkuKind + + ## 1.0.0-beta.3 (2022-05-16) **Features** diff --git a/sdk/securityinsight/arm-securityinsight/_meta.json b/sdk/securityinsight/arm-securityinsight/_meta.json index 8391793238c9..7bcbb403b830 100644 --- a/sdk/securityinsight/arm-securityinsight/_meta.json +++ b/sdk/securityinsight/arm-securityinsight/_meta.json @@ -1,8 +1,8 @@ { - "commit": "057c69f5ed2f893c34944e9bfba3e303d49f64bc", + "commit": "f4a13a8e22df31d91c7c56cf02b9c2a7c7747ae7", "readme": "specification/securityinsights/resource-manager/readme.md", - "autorest_command": "autorest --version=3.7.3 --typescript --modelerfour.lenient-model-deduplication --head-as-boolean=true --license-header=MICROSOFT_MIT_NO_VERSION --generate-test --typescript-sdks-folder=D:\\work\\azure-sdk-for-js ..\\azure-rest-api-specs\\specification\\securityinsights\\resource-manager\\readme.md --use=@autorest/typescript@6.0.0-alpha.19.20220408.1 --generate-sample=true", + "autorest_command": "autorest --version=3.7.3 --typescript --modelerfour.lenient-model-deduplication --head-as-boolean=true --license-header=MICROSOFT_MIT_NO_VERSION --generate-test --typescript-sdks-folder=/mnt/vss/_work/1/s/azure-sdk-for-js ../azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md --use=@autorest/typescript@6.0.0-alpha.19.20220425.1", "repository_url": "https://github.com/Azure/azure-rest-api-specs.git", - "release_tool": "@azure-tools/js-sdk-release-tools@2.3.0", - "use": "@autorest/typescript@6.0.0-alpha.19.20220408.1" + "release_tool": "@azure-tools/js-sdk-release-tools@2.3.1", + "use": "@autorest/typescript@6.0.0-alpha.19.20220425.1" } \ No newline at end of file diff --git a/sdk/securityinsight/arm-securityinsight/package.json b/sdk/securityinsight/arm-securityinsight/package.json index 097b2d471f26..a5a4bbd5eb9a 100644 --- a/sdk/securityinsight/arm-securityinsight/package.json +++ b/sdk/securityinsight/arm-securityinsight/package.json @@ -3,7 +3,7 @@ "sdk-type": "mgmt", "author": "Microsoft Corporation", "description": "A generated SDK for SecurityInsights.", - "version": "1.0.0-beta.3", + "version": "1.0.0-beta.4", "engines": { "node": ">=12.0.0" }, @@ -38,9 +38,11 @@ "uglify-js": "^3.4.9", "rimraf": "^3.0.0", "@azure/identity": "^2.0.1", - "@azure-tools/test-recorder": "^1.0.0", + "@azure-tools/test-recorder": "^2.0.0", + "@azure-tools/test-credential": "^1.0.0", "mocha": "^7.1.1", - "cross-env": "^7.0.2" + "cross-env": "^7.0.2", + "@azure/dev-tool": "^1.0.0" }, "homepage": "https://github.com/Azure/azure-sdk-for-js/tree/main/sdk/securityinsight/arm-securityinsight", "repository": { @@ -91,7 +93,7 @@ "unit-test:node": "cross-env TEST_MODE=playback npm run integration-test:node", "unit-test:browser": "echo skipped", "integration-test": "npm run integration-test:node && npm run integration-test:browser", - "integration-test:node": "mocha -r esm --require ts-node/register --timeout 1200000 --full-trace test/*.ts --reporter ../../../common/tools/mocha-multi-reporter.js", + "integration-test:node": "dev-tool run test:node-ts-input -- --timeout 1200000 'test/*.ts'", "integration-test:browser": "echo skipped", "docs": "echo skipped" }, @@ -104,13 +106,5 @@ } ] }, - "autoPublish": true, - "//sampleConfiguration": { - "productName": "", - "productSlugs": [ - "azure" - ], - "disableDocsMs": true, - "apiRefLink": "https://docs.microsoft.com/javascript/api/@azure/arm-securityinsight?view=azure-node-preview" - } -} + "autoPublish": true +} \ No newline at end of file diff --git a/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md b/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md index 4d005d95f14e..fafe88e72618 100644 --- a/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md +++ b/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md @@ -375,6 +375,40 @@ export type Anomalies = Settings & { readonly isEnabled?: boolean; }; +// @public +export type AnomalySecurityMLAnalyticsSettings = SecurityMLAnalyticsSetting & { + description?: string; + displayName?: string; + enabled?: boolean; + readonly lastModifiedUtc?: Date; + requiredDataConnectors?: SecurityMLAnalyticsSettingsDataSource[]; + tactics?: AttackTactic[]; + techniques?: string[]; + anomalyVersion?: string; + customizableObservations?: Record; + frequency?: string; + settingsStatus?: SettingsStatus; + isDefaultSettings?: boolean; + anomalySettingsVersion?: number; + settingsDefinitionId?: string; +}; + +// @public +export type AnomalyTimelineItem = EntityTimelineItem & { + kind: "Anomaly"; + azureResourceId: string; + productName?: string; + description?: string; + displayName: string; + endTimeUtc: Date; + startTimeUtc: Date; + timeGenerated: Date; + vendor?: string; + intent?: string; + techniques?: string[]; + reasons?: string[]; +}; + // @public export type AntispamMailDirection = string; @@ -422,11 +456,11 @@ export type AutomationRuleActionUnion = AutomationRuleAction | AutomationRuleMod // @public export interface AutomationRuleCondition { - conditionType: "Property"; + conditionType: "PropertyArrayChanged" | "PropertyChanged" | "Property"; } // @public (undocumented) -export type AutomationRuleConditionUnion = AutomationRuleCondition | PropertyConditionProperties; +export type AutomationRuleConditionUnion = AutomationRuleCondition | PropertyArrayChangedConditionProperties | PropertyChangedConditionProperties | PropertyConditionProperties; // @public export type AutomationRuleModifyPropertiesAction = AutomationRuleAction & { @@ -434,12 +468,44 @@ export type AutomationRuleModifyPropertiesAction = AutomationRuleAction & { actionConfiguration?: IncidentPropertiesAction; }; +// @public +export type AutomationRulePropertyArrayChangedConditionSupportedArrayType = string; + +// @public +export type AutomationRulePropertyArrayChangedConditionSupportedChangeType = string; + +// @public (undocumented) +export interface AutomationRulePropertyArrayChangedValuesCondition { + // (undocumented) + arrayType?: AutomationRulePropertyArrayChangedConditionSupportedArrayType; + // (undocumented) + changeType?: AutomationRulePropertyArrayChangedConditionSupportedChangeType; +} + +// @public +export type AutomationRulePropertyChangedConditionSupportedChangedType = string; + +// @public +export type AutomationRulePropertyChangedConditionSupportedPropertyType = string; + // @public export type AutomationRulePropertyConditionSupportedOperator = string; // @public export type AutomationRulePropertyConditionSupportedProperty = string; +// @public (undocumented) +export interface AutomationRulePropertyValuesChangedCondition { + // (undocumented) + changeType?: AutomationRulePropertyChangedConditionSupportedChangedType; + // (undocumented) + operator?: AutomationRulePropertyConditionSupportedOperator; + // (undocumented) + propertyName?: AutomationRulePropertyChangedConditionSupportedPropertyType; + // (undocumented) + propertyValues?: string[]; +} + // @public (undocumented) export interface AutomationRulePropertyValuesCondition { // (undocumented) @@ -971,7 +1037,10 @@ export interface DataConnectorConnectBody { authorizationCode?: string; clientId?: string; clientSecret?: string; + dataCollectionEndpoint?: string; + dataCollectionRuleImmutableId?: string; kind?: ConnectAuthKind; + outputStream?: string; password?: string; // (undocumented) requestConfigUserInputValues?: Record[]; @@ -1123,6 +1192,9 @@ export type DeploymentResult = string; // @public export type DeploymentState = string; +// @public +export type DeviceImportance = string; + // @public export type DnsEntity = Entity & { readonly additionalData?: { @@ -1354,7 +1426,7 @@ export type Entity = Resource & { // @public export type EntityAnalytics = Settings & { - readonly isEnabled?: boolean; + entityProviders?: EntityProviders[]; }; // @public @@ -1447,6 +1519,9 @@ export interface EntityMapping { // @public export type EntityMappingType = string; +// @public +export type EntityProviders = string; + // @public export interface EntityQueries { createOrUpdate(resourceGroupName: string, workspaceName: string, entityQueryId: string, entityQuery: CustomEntityQueryUnion, options?: EntityQueriesCreateOrUpdateOptionalParams): Promise; @@ -1475,7 +1550,7 @@ export type EntityQueriesGetResponse = EntityQueryUnion; // @public export interface EntityQueriesListNextOptionalParams extends coreClient.OperationOptions { - kind?: Enum12; + kind?: Enum13; } // @public @@ -1483,7 +1558,7 @@ export type EntityQueriesListNextResponse = EntityQueryList; // @public export interface EntityQueriesListOptionalParams extends coreClient.OperationOptions { - kind?: Enum12; + kind?: Enum13; } // @public @@ -1588,11 +1663,11 @@ export type EntityRelationsGetRelationResponse = Relation; // @public export interface EntityTimelineItem { - kind: "Activity" | "Bookmark" | "SecurityAlert"; + kind: "Activity" | "Bookmark" | "Anomaly" | "SecurityAlert"; } // @public (undocumented) -export type EntityTimelineItemUnion = EntityTimelineItem | ActivityTimelineItem | BookmarkTimelineItem | SecurityAlertTimelineItem; +export type EntityTimelineItemUnion = EntityTimelineItem | ActivityTimelineItem | BookmarkTimelineItem | AnomalyTimelineItem | SecurityAlertTimelineItem; // @public export type EntityTimelineKind = string; @@ -1615,10 +1690,10 @@ export interface EntityTimelineResponse { export type EntityType = string; // @public (undocumented) -export type EntityUnion = Entity | SecurityAlert | HuntingBookmark | AccountEntity | AzureResourceEntity | CloudApplicationEntity | DnsEntity | FileEntity | FileHashEntity | HostEntity | IoTDeviceEntity | IpEntity | MailboxEntity | MailClusterEntity | MailMessageEntity | MalwareEntity | ProcessEntity | RegistryKeyEntity | RegistryValueEntity | SecurityGroupEntity | SubmissionMailEntity | UrlEntity; +export type EntityUnion = Entity | SecurityAlert | HuntingBookmark | AccountEntity | AzureResourceEntity | CloudApplicationEntity | DnsEntity | FileEntity | FileHashEntity | HostEntity | IoTDeviceEntity | IpEntity | MailboxEntity | MailClusterEntity | MailMessageEntity | MalwareEntity | ProcessEntity | RegistryKeyEntity | RegistryValueEntity | SecurityGroupEntity | SubmissionMailEntity | UrlEntity | NicEntity; // @public -export type Enum12 = string; +export type Enum13 = string; // @public export type EventGroupingAggregationKind = string; @@ -1794,15 +1869,18 @@ export interface GeoLocation { } // @public -export interface GetInsightsError { +export type GetInsightsError = string; + +// @public +export interface GetInsightsErrorKind { errorMessage: string; - kind: "Insight"; + kind: GetInsightsError; queryId?: string; } // @public export interface GetInsightsResultsMetadata { - errors?: GetInsightsError[]; + errors?: GetInsightsErrorKind[]; totalCount: number; } @@ -2057,7 +2135,7 @@ export interface IncidentOwnerInfo { assignedTo?: string; email?: string; objectId?: string; - readonly ownerType?: OwnerType; + ownerType?: OwnerType; userPrincipalName?: string; } @@ -2340,6 +2418,17 @@ export type IoTDeviceEntity = Entity & { readonly ipAddressEntityId?: string; readonly threatIntelligence?: ThreatIntelligence[]; readonly protocols?: string[]; + readonly owners?: string[]; + readonly nicEntityIds?: string[]; + readonly site?: string; + readonly zone?: string; + readonly sensor?: string; + readonly deviceSubType?: string; + importance?: DeviceImportance; + readonly purdueLayer?: string; + readonly isAuthorized?: boolean; + readonly isProgramming?: boolean; + readonly isScanner?: boolean; }; // @public @@ -2361,6 +2450,17 @@ export type IoTDeviceEntityProperties = EntityCommonProperties & { readonly ipAddressEntityId?: string; readonly threatIntelligence?: ThreatIntelligence[]; readonly protocols?: string[]; + readonly owners?: string[]; + readonly nicEntityIds?: string[]; + readonly site?: string; + readonly zone?: string; + readonly sensor?: string; + readonly deviceSubType?: string; + importance?: DeviceImportance; + readonly purdueLayer?: string; + readonly isAuthorized?: boolean; + readonly isProgramming?: boolean; + readonly isScanner?: boolean; }; // @public @@ -2490,6 +2590,32 @@ export enum KnownAttackTactic { ResourceDevelopment = "ResourceDevelopment" } +// @public +export enum KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType { + Alerts = "Alerts", + Comments = "Comments", + Labels = "Labels", + Tactics = "Tactics" +} + +// @public +export enum KnownAutomationRulePropertyArrayChangedConditionSupportedChangeType { + Added = "Added" +} + +// @public +export enum KnownAutomationRulePropertyChangedConditionSupportedChangedType { + ChangedFrom = "ChangedFrom", + ChangedTo = "ChangedTo" +} + +// @public +export enum KnownAutomationRulePropertyChangedConditionSupportedPropertyType { + IncidentOwner = "IncidentOwner", + IncidentSeverity = "IncidentSeverity", + IncidentStatus = "IncidentStatus" +} + // @public export enum KnownAutomationRulePropertyConditionSupportedOperator { Contains = "Contains", @@ -2562,7 +2688,9 @@ export enum KnownAutomationRulePropertyConditionSupportedProperty { // @public export enum KnownConditionType { - Property = "Property" + Property = "Property", + PropertyArrayChanged = "PropertyArrayChanged", + PropertyChanged = "PropertyChanged" } // @public @@ -2724,6 +2852,14 @@ export enum KnownDeploymentState { Queued = "Queued" } +// @public +export enum KnownDeviceImportance { + High = "High", + Low = "Low", + Normal = "Normal", + Unknown = "Unknown" +} + // @public export enum KnownEntityItemQueryKind { Insight = "Insight" @@ -2745,6 +2881,7 @@ export enum KnownEntityKind { MailCluster = "MailCluster", MailMessage = "MailMessage", Malware = "Malware", + Nic = "Nic", Process = "Process", RegistryKey = "RegistryKey", RegistryValue = "RegistryValue", @@ -2776,6 +2913,14 @@ export enum KnownEntityMappingType { URL = "URL" } +// @public +export enum KnownEntityProviders { + // (undocumented) + ActiveDirectory = "ActiveDirectory", + // (undocumented) + AzureActiveDirectory = "AzureActiveDirectory" +} + // @public export enum KnownEntityQueryKind { // (undocumented) @@ -2795,6 +2940,7 @@ export enum KnownEntityQueryTemplateKind { // @public export enum KnownEntityTimelineKind { Activity = "Activity", + Anomaly = "Anomaly", Bookmark = "Bookmark", SecurityAlert = "SecurityAlert" } @@ -2815,6 +2961,7 @@ export enum KnownEntityType { MailCluster = "MailCluster", MailMessage = "MailMessage", Malware = "Malware", + Nic = "Nic", Process = "Process", RegistryKey = "RegistryKey", RegistryValue = "RegistryValue", @@ -2825,7 +2972,7 @@ export enum KnownEntityType { } // @public -export enum KnownEnum12 { +export enum KnownEnum13 { // (undocumented) Activity = "Activity", // (undocumented) @@ -2849,6 +2996,12 @@ export enum KnownFileHashAlgorithm { Unknown = "Unknown" } +// @public +export enum KnownGetInsightsError { + // (undocumented) + Insight = "Insight" +} + // @public export enum KnownIncidentClassification { BenignPositive = "BenignPositive", @@ -3027,18 +3180,6 @@ export enum KnownProviderName { MicrosoftOperationalInsightsWorkspacesSharedKeys = "Microsoft.OperationalInsights/workspaces/sharedKeys" } -// @public -export enum KnownProvisioningState { - // (undocumented) - Canceled = "Canceled", - // (undocumented) - Failed = "Failed", - // (undocumented) - InProgress = "InProgress", - // (undocumented) - Succeeded = "Succeeded" -} - // @public export enum KnownRegistryHive { HkeyA = "HKEY_A", @@ -3073,6 +3214,12 @@ export enum KnownRepoType { Github = "Github" } +// @public +export enum KnownSecurityMLAnalyticsSettingsKind { + // (undocumented) + Anomaly = "Anomaly" +} + // @public export enum KnownSettingKind { // (undocumented) @@ -3085,6 +3232,12 @@ export enum KnownSettingKind { Ueba = "Ueba" } +// @public +export enum KnownSettingsStatus { + Flighting = "Flighting", + Production = "Production" +} + // @public export enum KnownSettingType { // (undocumented) @@ -3095,14 +3248,6 @@ export enum KnownSettingType { InstructionStepsGroup = "InstructionStepsGroup" } -// @public -export enum KnownSkuKind { - // (undocumented) - CapacityReservation = "CapacityReservation", - // (undocumented) - PerGB = "PerGB" -} - // @public export enum KnownSourceKind { // (undocumented) @@ -3162,7 +3307,8 @@ export enum KnownTriggersOn { // @public export enum KnownTriggersWhen { - Created = "Created" + Created = "Created", + Updated = "Updated" } // @public @@ -3686,6 +3832,24 @@ export type MTPDataConnectorProperties = DataConnectorTenantId & { dataTypes: MTPDataConnectorDataTypes; }; +// @public +export type NicEntity = Entity & { + readonly additionalData?: { + [propertyName: string]: Record; + }; + readonly friendlyName?: string; + readonly macAddress?: string; + readonly ipAddressEntityId?: string; + readonly vlans?: string[]; +}; + +// @public +export type NicEntityProperties = EntityCommonProperties & { + readonly macAddress?: string; + readonly ipAddressEntityId?: string; + readonly vlans?: string[]; +}; + // @public export type NrtAlertRule = AlertRule & { alertRuleTemplateName?: string; @@ -4036,6 +4200,18 @@ export interface ProductSettingsUpdateOptionalParams extends coreClient.Operatio // @public export type ProductSettingsUpdateResponse = SettingsUnion; +// @public +export type PropertyArrayChangedConditionProperties = AutomationRuleCondition & { + conditionType: "PropertyArrayChanged"; + conditionProperties?: AutomationRulePropertyArrayChangedValuesCondition; +}; + +// @public +export type PropertyChangedConditionProperties = AutomationRuleCondition & { + conditionType: "PropertyChanged"; + conditionProperties?: AutomationRulePropertyValuesChangedCondition; +}; + // @public export type PropertyConditionProperties = AutomationRuleCondition & { conditionType: "Property"; @@ -4045,9 +4221,6 @@ export type PropertyConditionProperties = AutomationRuleCondition & { // @public export type ProviderName = string; -// @public -export type ProvisioningState = string; - // @public export interface QueryBasedAlertRuleTemplateProperties { alertDetailsOverride?: AlertDetailsOverride; @@ -4424,6 +4597,8 @@ export class SecurityInsights extends coreClient.ServiceClient { // (undocumented) productSettings: ProductSettings; // (undocumented) + securityMLAnalyticsSettings: SecurityMLAnalyticsSettings; + // (undocumented) sentinelOnboardingStates: SentinelOnboardingStates; // (undocumented) sourceControlOperations: SourceControlOperations; @@ -4450,6 +4625,69 @@ export interface SecurityInsightsOptionalParams extends coreClient.ServiceClient endpoint?: string; } +// @public +export type SecurityMLAnalyticsSetting = ResourceWithEtag & { + kind: SecurityMLAnalyticsSettingsKind; +}; + +// @public +export interface SecurityMLAnalyticsSettings { + createOrUpdate(resourceGroupName: string, workspaceName: string, settingsResourceName: string, securityMLAnalyticsSetting: SecurityMLAnalyticsSettingUnion, options?: SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams): Promise; + delete(resourceGroupName: string, workspaceName: string, settingsResourceName: string, options?: SecurityMLAnalyticsSettingsDeleteOptionalParams): Promise; + get(resourceGroupName: string, workspaceName: string, settingsResourceName: string, options?: SecurityMLAnalyticsSettingsGetOptionalParams): Promise; + list(resourceGroupName: string, workspaceName: string, options?: SecurityMLAnalyticsSettingsListOptionalParams): PagedAsyncIterableIterator; +} + +// @public +export interface SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type SecurityMLAnalyticsSettingsCreateOrUpdateResponse = SecurityMLAnalyticsSettingUnion; + +// @public +export interface SecurityMLAnalyticsSettingsDataSource { + connectorId?: string; + dataTypes?: string[]; +} + +// @public +export interface SecurityMLAnalyticsSettingsDeleteOptionalParams extends coreClient.OperationOptions { +} + +// @public +export interface SecurityMLAnalyticsSettingsGetOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type SecurityMLAnalyticsSettingsGetResponse = SecurityMLAnalyticsSettingUnion; + +// @public +export type SecurityMLAnalyticsSettingsKind = string; + +// @public +export interface SecurityMLAnalyticsSettingsList { + readonly nextLink?: string; + value: SecurityMLAnalyticsSettingUnion[]; +} + +// @public +export interface SecurityMLAnalyticsSettingsListNextOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type SecurityMLAnalyticsSettingsListNextResponse = SecurityMLAnalyticsSettingsList; + +// @public +export interface SecurityMLAnalyticsSettingsListOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type SecurityMLAnalyticsSettingsListResponse = SecurityMLAnalyticsSettingsList; + +// @public (undocumented) +export type SecurityMLAnalyticsSettingUnion = SecurityMLAnalyticsSetting | AnomalySecurityMLAnalyticsSettings; + // @public export type SentinelOnboardingState = ResourceWithEtag & { customerManagedKey?: boolean; @@ -4507,21 +4745,15 @@ export type Settings = ResourceWithEtag & { kind: SettingKind; }; +// @public +export type SettingsStatus = string; + // @public (undocumented) export type SettingsUnion = Settings | Anomalies | EyesOn | EntityAnalytics | Ueba; // @public export type SettingType = string; -// @public -export interface Sku { - capacityReservationLevel?: number; - name?: SkuKind; -} - -// @public -export type SkuKind = string; - // @public export type SourceControl = ResourceWithEtag & { idPropertiesId?: string; @@ -5147,11 +5379,9 @@ export type Watchlist = ResourceWithEtag & { tenantId?: string; numberOfLinesToSkip?: number; rawContent?: string; - sasUri?: string; itemsSearchKey?: string; contentType?: string; uploadStatus?: string; - readonly provisioningState?: ProvisioningState; }; // @public diff --git a/sdk/securityinsight/arm-securityinsight/src/models/index.ts b/sdk/securityinsight/arm-securityinsight/src/models/index.ts index 0a1cb2ff7f83..07e9d80b642f 100644 --- a/sdk/securityinsight/arm-securityinsight/src/models/index.ts +++ b/sdk/securityinsight/arm-securityinsight/src/models/index.ts @@ -10,6 +10,8 @@ import * as coreClient from "@azure/core-client"; export type AutomationRuleConditionUnion = | AutomationRuleCondition + | PropertyArrayChangedConditionProperties + | PropertyChangedConditionProperties | PropertyConditionProperties; export type AutomationRuleActionUnion = | AutomationRuleAction @@ -19,6 +21,7 @@ export type EntityTimelineItemUnion = | EntityTimelineItem | ActivityTimelineItem | BookmarkTimelineItem + | AnomalyTimelineItem | SecurityAlertTimelineItem; export type EntityQueryItemUnion = EntityQueryItem | InsightQueryItem; export type DataConnectorsCheckRequirementsUnion = @@ -70,7 +73,8 @@ export type EntityUnion = | RegistryValueEntity | SecurityGroupEntity | SubmissionMailEntity - | UrlEntity; + | UrlEntity + | NicEntity; export type EntityQueryTemplateUnion = | EntityQueryTemplate | ActivityEntityQueryTemplate; @@ -89,6 +93,9 @@ export type EntityQueryUnion = export type CustomEntityQueryUnion = | CustomEntityQuery | ActivityCustomEntityQuery; +export type SecurityMLAnalyticsSettingUnion = + | SecurityMLAnalyticsSetting + | AnomalySecurityMLAnalyticsSettings; export type SettingsUnion = | Settings | Anomalies @@ -220,25 +227,25 @@ export interface AlertRuleTemplatesList { value: AlertRuleTemplateUnion[]; } -/** Describes automation rule triggering logic */ +/** Describes automation rule triggering logic. */ export interface AutomationRuleTriggeringLogic { - /** Determines whether the automation rule is enabled or disabled */ + /** Determines whether the automation rule is enabled or disabled. */ isEnabled: boolean; /** Determines when the automation rule should automatically expire and be disabled. */ expirationTimeUtc?: Date; triggersOn: TriggersOn; triggersWhen: TriggersWhen; - /** The conditions to evaluate to determine if the automation rule should be triggered on a given object */ + /** The conditions to evaluate to determine if the automation rule should be triggered on a given object. */ conditions?: AutomationRuleConditionUnion[]; } -/** Describes an automation rule condition */ +/** Describes an automation rule condition. */ export interface AutomationRuleCondition { /** Polymorphic discriminator, which specifies the different types this object can be */ - conditionType: "Property"; + conditionType: "PropertyArrayChanged" | "PropertyChanged" | "Property"; } -/** Describes an automation rule action */ +/** Describes an automation rule action. */ export interface AutomationRuleAction { /** Polymorphic discriminator, which specifies the different types this object can be */ actionType: "ModifyProperties" | "RunPlaybook"; @@ -599,7 +606,7 @@ export interface TimelineError { /** Entity timeline Item. */ export interface EntityTimelineItem { /** Polymorphic discriminator, which specifies the different types this object can be */ - kind: "Activity" | "Bookmark" | "SecurityAlert"; + kind: "Activity" | "Bookmark" | "Anomaly" | "SecurityAlert"; } /** Retrieve queries for entity result operation response. */ @@ -648,13 +655,13 @@ export interface GetInsightsResultsMetadata { /** the total items found for the insights request */ totalCount: number; /** information about the failed queries */ - errors?: GetInsightsError[]; + errors?: GetInsightsErrorKind[]; } /** GetInsights Query Errors. */ -export interface GetInsightsError { +export interface GetInsightsErrorKind { /** the query kind */ - kind: "Insight"; + kind: GetInsightsError; /** the query id */ queryId?: string; /** the error message */ @@ -789,11 +796,8 @@ export interface IncidentOwnerInfo { objectId?: string; /** The user principal name of the user the incident is assigned to. */ userPrincipalName?: string; - /** - * The type of the owner the incident is assigned to. - * NOTE: This property will not be serialized. It can only be populated by the server. - */ - readonly ownerType?: OwnerType; + /** The type of the owner the incident is assigned to. */ + ownerType?: OwnerType; } /** Describes team information */ @@ -988,6 +992,17 @@ export interface SentinelOnboardingStatesList { value: SentinelOnboardingState[]; } +/** List all the SecurityMLAnalyticsSettings */ +export interface SecurityMLAnalyticsSettingsList { + /** + * URL to fetch the next set of SecurityMLAnalyticsSettings. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly nextLink?: string; + /** Array of SecurityMLAnalyticsSettings */ + value: SecurityMLAnalyticsSettingUnion[]; +} + /** List of all the settings. */ export interface SettingList { /** Array of settings. */ @@ -1282,6 +1297,12 @@ export interface DataConnectorConnectBody { kind?: ConnectAuthKind; /** The API key of the audit server. */ apiKey?: string; + /** Used in v2 logs connector. Represents the data collection ingestion endpoint in log analytics. */ + dataCollectionEndpoint?: string; + /** Used in v2 logs connector. The data collection rule immutable id, the rule defines the transformation and data destination. */ + dataCollectionRuleImmutableId?: string; + /** Used in v2 logs connector. The stream we are sending the data to, this is the name of the streamDeclarations defined in the DCR. */ + outputStream?: string; /** The client secret of the OAuth 2.0 application. */ clientSecret?: string; /** The client id of the OAuth 2.0 application. */ @@ -1595,25 +1616,37 @@ export interface IncidentPropertiesAction { classification?: IncidentClassification; /** The classification reason the incident was closed with */ classificationReason?: IncidentClassificationReason; - /** Describes the reason the incident was closed */ + /** Describes the reason the incident was closed. */ classificationComment?: string; /** Information on the user an incident is assigned to */ owner?: IncidentOwnerInfo; - /** List of labels to add to the incident */ + /** List of labels to add to the incident. */ labels?: IncidentLabel[]; } +export interface AutomationRulePropertyArrayChangedValuesCondition { + arrayType?: AutomationRulePropertyArrayChangedConditionSupportedArrayType; + changeType?: AutomationRulePropertyArrayChangedConditionSupportedChangeType; +} + +export interface AutomationRulePropertyValuesChangedCondition { + propertyName?: AutomationRulePropertyChangedConditionSupportedPropertyType; + changeType?: AutomationRulePropertyChangedConditionSupportedChangedType; + operator?: AutomationRulePropertyConditionSupportedOperator; + propertyValues?: string[]; +} + export interface AutomationRulePropertyValuesCondition { - /** The property to evaluate in an automation rule property condition */ + /** The property to evaluate in an automation rule property condition. */ propertyName?: AutomationRulePropertyConditionSupportedProperty; operator?: AutomationRulePropertyConditionSupportedOperator; propertyValues?: string[]; } export interface PlaybookActionProperties { - /** The resource id of the playbook resource */ + /** The resource id of the playbook resource. */ logicAppResourceId?: string; - /** The tenant id of the playbook resource */ + /** The tenant id of the playbook resource. */ tenantId?: string; } @@ -1711,12 +1744,12 @@ export interface DataTypeDefinitions { dataType?: string; } -/** The pricing tier of the solution */ -export interface Sku { - /** The kind of the tier */ - name?: SkuKind; - /** The amount of reservation level */ - capacityReservationLevel?: number; +/** security ml analytics settings data sources */ +export interface SecurityMLAnalyticsSettingsDataSource { + /** The connector id that provides the following data types */ + connectorId?: string; + /** The data types used by the security ml analytics settings */ + dataTypes?: string[]; } /** Properties data connector on tenant level. */ @@ -2162,6 +2195,20 @@ export type ActionRequestProperties = ActionPropertiesBase & { triggerUri: string; }; +/** Describes an automation rule condition that evaluates an array property's value change */ +export type PropertyArrayChangedConditionProperties = AutomationRuleCondition & { + /** Polymorphic discriminator, which specifies the different types this object can be */ + conditionType: "PropertyArrayChanged"; + conditionProperties?: AutomationRulePropertyArrayChangedValuesCondition; +}; + +/** Describes an automation rule condition that evaluates a property's value change */ +export type PropertyChangedConditionProperties = AutomationRuleCondition & { + /** Polymorphic discriminator, which specifies the different types this object can be */ + conditionType: "PropertyChanged"; + conditionProperties?: AutomationRulePropertyValuesChangedCondition; +}; + /** Describes an automation rule condition that evaluates a property's value */ export type PropertyConditionProperties = AutomationRuleCondition & { /** Polymorphic discriminator, which specifies the different types this object can be */ @@ -2225,6 +2272,34 @@ export type BookmarkTimelineItem = EntityTimelineItem & { labels?: string[]; }; +/** Represents anomaly timeline item. */ +export type AnomalyTimelineItem = EntityTimelineItem & { + /** Polymorphic discriminator, which specifies the different types this object can be */ + kind: "Anomaly"; + /** The anomaly azure resource id. */ + azureResourceId: string; + /** The anomaly product name. */ + productName?: string; + /** The anomaly description. */ + description?: string; + /** The anomaly name. */ + displayName: string; + /** The anomaly end time. */ + endTimeUtc: Date; + /** The anomaly start time. */ + startTimeUtc: Date; + /** The anomaly generated time. */ + timeGenerated: Date; + /** The name of the anomaly vendor. */ + vendor?: string; + /** The intent of the anomaly. */ + intent?: string; + /** The techniques of the anomaly. */ + techniques?: string[]; + /** The reasons that cause the anomaly. */ + reasons?: string[]; +}; + /** Represents security alert timeline item. */ export type SecurityAlertTimelineItem = EntityTimelineItem & { /** Polymorphic discriminator, which specifies the different types this object can be */ @@ -2761,6 +2836,58 @@ export type IoTDeviceEntityProperties = EntityCommonProperties & { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly protocols?: string[]; + /** + * A list of owners of the IoTDevice entity. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly owners?: string[]; + /** + * A list of Nic entity ids of the IoTDevice entity. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly nicEntityIds?: string[]; + /** + * The site of the device + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly site?: string; + /** + * The zone location of the device within a site + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly zone?: string; + /** + * The sensor the device is monitored by + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly sensor?: string; + /** + * The subType of the device ('PLC', 'HMI', 'EWS', etc.) + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly deviceSubType?: string; + /** Device importance, determines if the device classified as 'crown jewel' */ + importance?: DeviceImportance; + /** + * The Purdue Layer of the device + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly purdueLayer?: string; + /** + * Determines whether the device classified as authorized device + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly isAuthorized?: boolean; + /** + * Determines whether the device classified as programming device + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly isProgramming?: boolean; + /** + * Is the device classified as a scanner device + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly isScanner?: boolean; }; /** Ip entity property bag. */ @@ -3180,6 +3307,25 @@ export type UrlEntityProperties = EntityCommonProperties & { readonly url?: string; }; +/** Nic entity property bag. */ +export type NicEntityProperties = EntityCommonProperties & { + /** + * The MAC address of this network interface + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly macAddress?: string; + /** + * The IP entity id of this network interface + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly ipAddressEntityId?: string; + /** + * A list of VLANs of the network interface entity. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly vlans?: string[]; +}; + /** Represents AAD (Azure Active Directory) requirements check request. */ export type AADCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ @@ -3636,21 +3782,21 @@ export type ActionRequest = ResourceWithEtag & { }; export type AutomationRule = ResourceWithEtag & { - /** The display name of the automation rule */ + /** The display name of the automation rule. */ displayName: string; - /** The order of execution of the automation rule */ + /** The order of execution of the automation rule. */ order: number; - /** Describes automation rule triggering logic */ + /** Describes automation rule triggering logic. */ triggeringLogic: AutomationRuleTriggeringLogic; - /** The actions to execute when the automation rule is triggered */ + /** The actions to execute when the automation rule is triggered. */ actions: AutomationRuleActionUnion[]; /** - * The last time the automation rule was updated + * The last time the automation rule was updated. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly lastModifiedTimeUtc?: Date; /** - * The time the automation rule was created + * The time the automation rule was created. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly createdTimeUtc?: Date; @@ -3908,6 +4054,12 @@ export type SentinelOnboardingState = ResourceWithEtag & { customerManagedKey?: boolean; }; +/** Security ML Analytics Setting */ +export type SecurityMLAnalyticsSetting = ResourceWithEtag & { + /** The kind of security ML Analytics Settings */ + kind: SecurityMLAnalyticsSettingsKind; +}; + /** The Setting. */ export type Settings = ResourceWithEtag & { /** The kind of the setting */ @@ -3980,19 +4132,12 @@ export type Watchlist = ResourceWithEtag & { numberOfLinesToSkip?: number; /** The raw content that represents to watchlist items to create. In case of csv/tsv content type, it's the content of the file that will parsed by the endpoint */ rawContent?: string; - /** The Shared Access Signature (SAS) URI under which the large csv watchlist file is located and from which the watchlist and its items will be created */ - sasUri?: string; /** The search key is used to optimize query performance when using watchlists for joins with other data. For example, enable a column with IP addresses to be the designated SearchKey field, then use this field as the key field when joining to other event data by IP address. */ itemsSearchKey?: string; /** The content type of the raw content. Example : text/csv or text/tsv */ contentType?: string; /** The status of the Watchlist upload : New, InProgress or Complete. Pls note : When a Watchlist upload status is equal to InProgress, the Watchlist cannot be deleted */ uploadStatus?: string; - /** - * The provisioning state of the watchlist resource. - * NOTE: This property will not be serialized. It can only be populated by the server. - */ - readonly provisioningState?: ProvisioningState; }; /** Represents a Watchlist item in Azure Security Insights. */ @@ -4783,6 +4928,58 @@ export type IoTDeviceEntity = Entity & { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly protocols?: string[]; + /** + * A list of owners of the IoTDevice entity. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly owners?: string[]; + /** + * A list of Nic entity ids of the IoTDevice entity. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly nicEntityIds?: string[]; + /** + * The site of the device + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly site?: string; + /** + * The zone location of the device within a site + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly zone?: string; + /** + * The sensor the device is monitored by + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly sensor?: string; + /** + * The subType of the device ('PLC', 'HMI', 'EWS', etc.) + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly deviceSubType?: string; + /** Device importance, determines if the device classified as 'crown jewel' */ + importance?: DeviceImportance; + /** + * The Purdue Layer of the device + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly purdueLayer?: string; + /** + * Determines whether the device classified as authorized device + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly isAuthorized?: boolean; + /** + * Determines whether the device classified as programming device + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly isProgramming?: boolean; + /** + * Is the device classified as a scanner device + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly isScanner?: boolean; }; /** Represents an ip entity. */ @@ -5312,6 +5509,35 @@ export type UrlEntity = Entity & { readonly url?: string; }; +/** Represents an network interface entity. */ +export type NicEntity = Entity & { + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly additionalData?: { [propertyName: string]: Record }; + /** + * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly friendlyName?: string; + /** + * The MAC address of this network interface + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly macAddress?: string; + /** + * The IP entity id of this network interface + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly ipAddressEntityId?: string; + /** + * A list of VLANs of the network interface entity. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly vlans?: string[]; +}; + /** Represents Activity entity query. */ export type ActivityEntityQueryTemplate = EntityQueryTemplate & { /** The entity query title */ @@ -5657,6 +5883,41 @@ export type ActivityCustomEntityQuery = CustomEntityQuery & { readonly lastModifiedTimeUtc?: Date; }; +/** Represents Anomaly Security ML Analytics Settings */ +export type AnomalySecurityMLAnalyticsSettings = SecurityMLAnalyticsSetting & { + /** The description of the SecurityMLAnalyticsSettings. */ + description?: string; + /** The display name for settings created by this SecurityMLAnalyticsSettings. */ + displayName?: string; + /** Determines whether this settings is enabled or disabled. */ + enabled?: boolean; + /** + * The last time that this SecurityMLAnalyticsSettings has been modified. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly lastModifiedUtc?: Date; + /** The required data sources for this SecurityMLAnalyticsSettings */ + requiredDataConnectors?: SecurityMLAnalyticsSettingsDataSource[]; + /** The tactics of the SecurityMLAnalyticsSettings */ + tactics?: AttackTactic[]; + /** The techniques of the SecurityMLAnalyticsSettings */ + techniques?: string[]; + /** The anomaly version of the AnomalySecurityMLAnalyticsSettings. */ + anomalyVersion?: string; + /** The customizable observations of the AnomalySecurityMLAnalyticsSettings. */ + customizableObservations?: Record; + /** The frequency that this SecurityMLAnalyticsSettings will be run. */ + frequency?: string; + /** The anomaly SecurityMLAnalyticsSettings status */ + settingsStatus?: SettingsStatus; + /** Determines whether this anomaly security ml analytics settings is a default settings */ + isDefaultSettings?: boolean; + /** The anomaly settings version of the Anomaly security ml analytics settings that dictates whether job version gets updated or not. */ + anomalySettingsVersion?: number; + /** The anomaly settings definition Id */ + settingsDefinitionId?: string; +}; + /** Settings with single toggle. */ export type Anomalies = Settings & { /** @@ -5677,11 +5938,8 @@ export type EyesOn = Settings & { /** Settings with single toggle. */ export type EntityAnalytics = Settings & { - /** - * Determines whether the setting is enable or disabled. - * NOTE: This property will not be serialized. It can only be populated by the server. - */ - readonly isEnabled?: boolean; + /** The relevant entity providers that are synced */ + entityProviders?: EntityProviders[]; }; /** Settings with single toggle. */ @@ -6014,7 +6272,9 @@ export type TriggersOn = string; /** Known values of {@link TriggersWhen} that the service accepts. */ export enum KnownTriggersWhen { /** Trigger on created objects */ - Created = "Created" + Created = "Created", + /** Trigger on updated objects */ + Updated = "Updated" } /** @@ -6022,14 +6282,19 @@ export enum KnownTriggersWhen { * {@link KnownTriggersWhen} can be used interchangeably with TriggersWhen, * this enum contains the known values that the service supports. * ### Known values supported by the service - * **Created**: Trigger on created objects + * **Created**: Trigger on created objects \ + * **Updated**: Trigger on updated objects */ export type TriggersWhen = string; /** Known values of {@link ConditionType} that the service accepts. */ export enum KnownConditionType { /** Evaluate an object property value */ - Property = "Property" + Property = "Property", + /** Evaluate an object property changed value */ + PropertyChanged = "PropertyChanged", + /** Evaluate an object array property changed value */ + PropertyArrayChanged = "PropertyArrayChanged" } /** @@ -6037,7 +6302,9 @@ export enum KnownConditionType { * {@link KnownConditionType} can be used interchangeably with ConditionType, * this enum contains the known values that the service supports. * ### Known values supported by the service - * **Property**: Evaluate an object property value + * **Property**: Evaluate an object property value \ + * **PropertyChanged**: Evaluate an object property changed value \ + * **PropertyArrayChanged**: Evaluate an object array property changed value */ export type ConditionType = string; @@ -6172,7 +6439,9 @@ export enum KnownEntityKind { /** Entity represents mailbox in the system. */ Mailbox = "Mailbox", /** Entity represents submission mail in the system. */ - SubmissionMail = "SubmissionMail" + SubmissionMail = "SubmissionMail", + /** Entity represents network interface in the system. */ + Nic = "Nic" } /** @@ -6200,7 +6469,8 @@ export enum KnownEntityKind { * **MailCluster**: Entity represents mail cluster in the system. \ * **MailMessage**: Entity represents mail message in the system. \ * **Mailbox**: Entity represents mailbox in the system. \ - * **SubmissionMail**: Entity represents submission mail in the system. + * **SubmissionMail**: Entity represents submission mail in the system. \ + * **Nic**: Entity represents network interface in the system. */ export type EntityKind = string; @@ -6211,7 +6481,9 @@ export enum KnownEntityTimelineKind { /** bookmarks */ Bookmark = "Bookmark", /** security alerts */ - SecurityAlert = "SecurityAlert" + SecurityAlert = "SecurityAlert", + /** anomaly */ + Anomaly = "Anomaly" } /** @@ -6221,7 +6493,8 @@ export enum KnownEntityTimelineKind { * ### Known values supported by the service * **Activity**: activity \ * **Bookmark**: bookmarks \ - * **SecurityAlert**: security alerts + * **SecurityAlert**: security alerts \ + * **Anomaly**: anomaly */ export type EntityTimelineKind = string; @@ -6258,21 +6531,35 @@ export enum KnownEntityQueryKind { */ export type EntityQueryKind = string; -/** Known values of {@link Enum12} that the service accepts. */ -export enum KnownEnum12 { +/** Known values of {@link GetInsightsError} that the service accepts. */ +export enum KnownGetInsightsError { + Insight = "Insight" +} + +/** + * Defines values for GetInsightsError. \ + * {@link KnownGetInsightsError} can be used interchangeably with GetInsightsError, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Insight** + */ +export type GetInsightsError = string; + +/** Known values of {@link Enum13} that the service accepts. */ +export enum KnownEnum13 { Expansion = "Expansion", Activity = "Activity" } /** - * Defines values for Enum12. \ - * {@link KnownEnum12} can be used interchangeably with Enum12, + * Defines values for Enum13. \ + * {@link KnownEnum13} can be used interchangeably with Enum13, * this enum contains the known values that the service supports. * ### Known values supported by the service * **Expansion** \ * **Activity** */ -export type Enum12 = string; +export type Enum13 = string; /** Known values of {@link CustomEntityQueryKind} that the service accepts. */ export enum KnownCustomEntityQueryKind { @@ -6660,6 +6947,20 @@ export enum KnownOperator { */ export type Operator = string; +/** Known values of {@link SecurityMLAnalyticsSettingsKind} that the service accepts. */ +export enum KnownSecurityMLAnalyticsSettingsKind { + Anomaly = "Anomaly" +} + +/** + * Defines values for SecurityMLAnalyticsSettingsKind. \ + * {@link KnownSecurityMLAnalyticsSettingsKind} can be used interchangeably with SecurityMLAnalyticsSettingsKind, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Anomaly** + */ +export type SecurityMLAnalyticsSettingsKind = string; + /** Known values of {@link SettingKind} that the service accepts. */ export enum KnownSettingKind { Anomalies = "Anomalies", @@ -6833,26 +7134,6 @@ export enum KnownSourceType { */ export type SourceType = string; -/** Known values of {@link ProvisioningState} that the service accepts. */ -export enum KnownProvisioningState { - Succeeded = "Succeeded", - Failed = "Failed", - Canceled = "Canceled", - InProgress = "InProgress" -} - -/** - * Defines values for ProvisioningState. \ - * {@link KnownProvisioningState} can be used interchangeably with ProvisioningState, - * this enum contains the known values that the service supports. - * ### Known values supported by the service - * **Succeeded** \ - * **Failed** \ - * **Canceled** \ - * **InProgress** - */ -export type ProvisioningState = string; - /** Known values of {@link DataConnectorKind} that the service accepts. */ export enum KnownDataConnectorKind { AzureActiveDirectory = "AzureActiveDirectory", @@ -7125,6 +7406,120 @@ export enum KnownEventGroupingAggregationKind { */ export type EventGroupingAggregationKind = string; +/** Known values of {@link AutomationRulePropertyArrayChangedConditionSupportedArrayType} that the service accepts. */ +export enum KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType { + /** Evaluate the condition on the alerts */ + Alerts = "Alerts", + /** Evaluate the condition on the labels */ + Labels = "Labels", + /** Evaluate the condition on the tactics */ + Tactics = "Tactics", + /** Evaluate the condition on the comments */ + Comments = "Comments" +} + +/** + * Defines values for AutomationRulePropertyArrayChangedConditionSupportedArrayType. \ + * {@link KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType} can be used interchangeably with AutomationRulePropertyArrayChangedConditionSupportedArrayType, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Alerts**: Evaluate the condition on the alerts \ + * **Labels**: Evaluate the condition on the labels \ + * **Tactics**: Evaluate the condition on the tactics \ + * **Comments**: Evaluate the condition on the comments + */ +export type AutomationRulePropertyArrayChangedConditionSupportedArrayType = string; + +/** Known values of {@link AutomationRulePropertyArrayChangedConditionSupportedChangeType} that the service accepts. */ +export enum KnownAutomationRulePropertyArrayChangedConditionSupportedChangeType { + /** Evaluate the condition on items added to the array */ + Added = "Added" +} + +/** + * Defines values for AutomationRulePropertyArrayChangedConditionSupportedChangeType. \ + * {@link KnownAutomationRulePropertyArrayChangedConditionSupportedChangeType} can be used interchangeably with AutomationRulePropertyArrayChangedConditionSupportedChangeType, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Added**: Evaluate the condition on items added to the array + */ +export type AutomationRulePropertyArrayChangedConditionSupportedChangeType = string; + +/** Known values of {@link AutomationRulePropertyChangedConditionSupportedPropertyType} that the service accepts. */ +export enum KnownAutomationRulePropertyChangedConditionSupportedPropertyType { + /** Evaluate the condition on the incident severity */ + IncidentSeverity = "IncidentSeverity", + /** Evaluate the condition on the incident status */ + IncidentStatus = "IncidentStatus", + /** Evaluate the condition on the incident owner */ + IncidentOwner = "IncidentOwner" +} + +/** + * Defines values for AutomationRulePropertyChangedConditionSupportedPropertyType. \ + * {@link KnownAutomationRulePropertyChangedConditionSupportedPropertyType} can be used interchangeably with AutomationRulePropertyChangedConditionSupportedPropertyType, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **IncidentSeverity**: Evaluate the condition on the incident severity \ + * **IncidentStatus**: Evaluate the condition on the incident status \ + * **IncidentOwner**: Evaluate the condition on the incident owner + */ +export type AutomationRulePropertyChangedConditionSupportedPropertyType = string; + +/** Known values of {@link AutomationRulePropertyChangedConditionSupportedChangedType} that the service accepts. */ +export enum KnownAutomationRulePropertyChangedConditionSupportedChangedType { + /** Evaluate the condition on the previous value of the property */ + ChangedFrom = "ChangedFrom", + /** Evaluate the condition on the updated value of the property */ + ChangedTo = "ChangedTo" +} + +/** + * Defines values for AutomationRulePropertyChangedConditionSupportedChangedType. \ + * {@link KnownAutomationRulePropertyChangedConditionSupportedChangedType} can be used interchangeably with AutomationRulePropertyChangedConditionSupportedChangedType, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **ChangedFrom**: Evaluate the condition on the previous value of the property \ + * **ChangedTo**: Evaluate the condition on the updated value of the property + */ +export type AutomationRulePropertyChangedConditionSupportedChangedType = string; + +/** Known values of {@link AutomationRulePropertyConditionSupportedOperator} that the service accepts. */ +export enum KnownAutomationRulePropertyConditionSupportedOperator { + /** Evaluates if the property equals at least one of the condition values */ + Equals = "Equals", + /** Evaluates if the property does not equal any of the condition values */ + NotEquals = "NotEquals", + /** Evaluates if the property contains at least one of the condition values */ + Contains = "Contains", + /** Evaluates if the property does not contain any of the condition values */ + NotContains = "NotContains", + /** Evaluates if the property starts with any of the condition values */ + StartsWith = "StartsWith", + /** Evaluates if the property does not start with any of the condition values */ + NotStartsWith = "NotStartsWith", + /** Evaluates if the property ends with any of the condition values */ + EndsWith = "EndsWith", + /** Evaluates if the property does not end with any of the condition values */ + NotEndsWith = "NotEndsWith" +} + +/** + * Defines values for AutomationRulePropertyConditionSupportedOperator. \ + * {@link KnownAutomationRulePropertyConditionSupportedOperator} can be used interchangeably with AutomationRulePropertyConditionSupportedOperator, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Equals**: Evaluates if the property equals at least one of the condition values \ + * **NotEquals**: Evaluates if the property does not equal any of the condition values \ + * **Contains**: Evaluates if the property contains at least one of the condition values \ + * **NotContains**: Evaluates if the property does not contain any of the condition values \ + * **StartsWith**: Evaluates if the property starts with any of the condition values \ + * **NotStartsWith**: Evaluates if the property does not start with any of the condition values \ + * **EndsWith**: Evaluates if the property ends with any of the condition values \ + * **NotEndsWith**: Evaluates if the property does not end with any of the condition values + */ +export type AutomationRulePropertyConditionSupportedOperator = string; + /** Known values of {@link AutomationRulePropertyConditionSupportedProperty} that the service accepts. */ export enum KnownAutomationRulePropertyConditionSupportedProperty { /** The title of the incident */ @@ -7299,42 +7694,6 @@ export enum KnownAutomationRulePropertyConditionSupportedProperty { */ export type AutomationRulePropertyConditionSupportedProperty = string; -/** Known values of {@link AutomationRulePropertyConditionSupportedOperator} that the service accepts. */ -export enum KnownAutomationRulePropertyConditionSupportedOperator { - /** Evaluates if the property equals at least one of the condition values */ - Equals = "Equals", - /** Evaluates if the property does not equal any of the condition values */ - NotEquals = "NotEquals", - /** Evaluates if the property contains at least one of the condition values */ - Contains = "Contains", - /** Evaluates if the property does not contain any of the condition values */ - NotContains = "NotContains", - /** Evaluates if the property starts with any of the condition values */ - StartsWith = "StartsWith", - /** Evaluates if the property does not start with any of the condition values */ - NotStartsWith = "NotStartsWith", - /** Evaluates if the property ends with any of the condition values */ - EndsWith = "EndsWith", - /** Evaluates if the property does not end with any of the condition values */ - NotEndsWith = "NotEndsWith" -} - -/** - * Defines values for AutomationRulePropertyConditionSupportedOperator. \ - * {@link KnownAutomationRulePropertyConditionSupportedOperator} can be used interchangeably with AutomationRulePropertyConditionSupportedOperator, - * this enum contains the known values that the service supports. - * ### Known values supported by the service - * **Equals**: Evaluates if the property equals at least one of the condition values \ - * **NotEquals**: Evaluates if the property does not equal any of the condition values \ - * **Contains**: Evaluates if the property contains at least one of the condition values \ - * **NotContains**: Evaluates if the property does not contain any of the condition values \ - * **StartsWith**: Evaluates if the property starts with any of the condition values \ - * **NotStartsWith**: Evaluates if the property does not start with any of the condition values \ - * **EndsWith**: Evaluates if the property ends with any of the condition values \ - * **NotEndsWith**: Evaluates if the property does not end with any of the condition values - */ -export type AutomationRulePropertyConditionSupportedOperator = string; - /** Known values of {@link EntityType} that the service accepts. */ export enum KnownEntityType { /** Entity represents account in the system. */ @@ -7378,7 +7737,9 @@ export enum KnownEntityType { /** Entity represents mailbox in the system. */ Mailbox = "Mailbox", /** Entity represents submission mail in the system. */ - SubmissionMail = "SubmissionMail" + SubmissionMail = "SubmissionMail", + /** Entity represents network interface in the system. */ + Nic = "Nic" } /** @@ -7406,7 +7767,8 @@ export enum KnownEntityType { * **MailCluster**: Entity represents mail cluster in the system. \ * **MailMessage**: Entity represents mail message in the system. \ * **Mailbox**: Entity represents mailbox in the system. \ - * **SubmissionMail**: Entity represents submission mail in the system. + * **SubmissionMail**: Entity represents submission mail in the system. \ + * **Nic**: Entity represents network interface in the system. */ export type EntityType = string; @@ -7430,6 +7792,40 @@ export enum KnownOutputType { */ export type OutputType = string; +/** Known values of {@link SettingsStatus} that the service accepts. */ +export enum KnownSettingsStatus { + /** Anomaly settings status in Production mode */ + Production = "Production", + /** Anomaly settings status in Flighting mode */ + Flighting = "Flighting" +} + +/** + * Defines values for SettingsStatus. \ + * {@link KnownSettingsStatus} can be used interchangeably with SettingsStatus, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Production**: Anomaly settings status in Production mode \ + * **Flighting**: Anomaly settings status in Flighting mode + */ +export type SettingsStatus = string; + +/** Known values of {@link EntityProviders} that the service accepts. */ +export enum KnownEntityProviders { + ActiveDirectory = "ActiveDirectory", + AzureActiveDirectory = "AzureActiveDirectory" +} + +/** + * Defines values for EntityProviders. \ + * {@link KnownEntityProviders} can be used interchangeably with EntityProviders, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **ActiveDirectory** \ + * **AzureActiveDirectory** + */ +export type EntityProviders = string; + /** Known values of {@link UebaDataSources} that the service accepts. */ export enum KnownUebaDataSources { AuditLogs = "AuditLogs", @@ -7450,22 +7846,6 @@ export enum KnownUebaDataSources { */ export type UebaDataSources = string; -/** Known values of {@link SkuKind} that the service accepts. */ -export enum KnownSkuKind { - PerGB = "PerGB", - CapacityReservation = "CapacityReservation" -} - -/** - * Defines values for SkuKind. \ - * {@link KnownSkuKind} can be used interchangeably with SkuKind, - * this enum contains the known values that the service supports. - * ### Known values supported by the service - * **PerGB** \ - * **CapacityReservation** - */ -export type SkuKind = string; - /** Known values of {@link DataTypeState} that the service accepts. */ export enum KnownDataTypeState { Enabled = "Enabled", @@ -7604,6 +7984,30 @@ export enum KnownFileHashAlgorithm { */ export type FileHashAlgorithm = string; +/** Known values of {@link DeviceImportance} that the service accepts. */ +export enum KnownDeviceImportance { + /** Unknown - Default value */ + Unknown = "Unknown", + /** Low */ + Low = "Low", + /** Normal */ + Normal = "Normal", + /** High */ + High = "High" +} + +/** + * Defines values for DeviceImportance. \ + * {@link KnownDeviceImportance} can be used interchangeably with DeviceImportance, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Unknown**: Unknown - Default value \ + * **Low**: Low \ + * **Normal**: Normal \ + * **High**: High + */ +export type DeviceImportance = string; + /** Known values of {@link AntispamMailDirection} that the service accepts. */ export enum KnownAntispamMailDirection { /** Unknown */ @@ -8134,7 +8538,7 @@ export type EntityRelationsGetRelationResponse = Relation; export interface EntityQueriesListOptionalParams extends coreClient.OperationOptions { /** The entity query kind we want to fetch */ - kind?: Enum12; + kind?: Enum13; } /** Contains response data for the list operation. */ @@ -8162,7 +8566,7 @@ export interface EntityQueriesDeleteOptionalParams export interface EntityQueriesListNextOptionalParams extends coreClient.OperationOptions { /** The entity query kind we want to fetch */ - kind?: Enum12; + kind?: Enum13; } /** Contains response data for the listNext operation. */ @@ -8399,6 +8803,38 @@ export interface SentinelOnboardingStatesListOptionalParams /** Contains response data for the list operation. */ export type SentinelOnboardingStatesListResponse = SentinelOnboardingStatesList; +/** Optional parameters. */ +export interface SecurityMLAnalyticsSettingsListOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the list operation. */ +export type SecurityMLAnalyticsSettingsListResponse = SecurityMLAnalyticsSettingsList; + +/** Optional parameters. */ +export interface SecurityMLAnalyticsSettingsGetOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the get operation. */ +export type SecurityMLAnalyticsSettingsGetResponse = SecurityMLAnalyticsSettingUnion; + +/** Optional parameters. */ +export interface SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the createOrUpdate operation. */ +export type SecurityMLAnalyticsSettingsCreateOrUpdateResponse = SecurityMLAnalyticsSettingUnion; + +/** Optional parameters. */ +export interface SecurityMLAnalyticsSettingsDeleteOptionalParams + extends coreClient.OperationOptions {} + +/** Optional parameters. */ +export interface SecurityMLAnalyticsSettingsListNextOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the listNext operation. */ +export type SecurityMLAnalyticsSettingsListNextResponse = SecurityMLAnalyticsSettingsList; + /** Optional parameters. */ export interface ProductSettingsListOptionalParams extends coreClient.OperationOptions {} diff --git a/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts index d796941b1add..6a5a7d831fa4 100644 --- a/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts +++ b/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts @@ -1567,7 +1567,7 @@ export const GetInsightsResultsMetadata: coreClient.CompositeMapper = { element: { type: { name: "Composite", - className: "GetInsightsError" + className: "GetInsightsErrorKind" } } } @@ -1576,15 +1576,14 @@ export const GetInsightsResultsMetadata: coreClient.CompositeMapper = { } }; -export const GetInsightsError: coreClient.CompositeMapper = { +export const GetInsightsErrorKind: coreClient.CompositeMapper = { type: { name: "Composite", - className: "GetInsightsError", + className: "GetInsightsErrorKind", modelProperties: { kind: { - defaultValue: "Insight", - isConstant: true, serializedName: "kind", + required: true, type: { name: "String" } @@ -1940,7 +1939,6 @@ export const IncidentOwnerInfo: coreClient.CompositeMapper = { }, ownerType: { serializedName: "ownerType", - readOnly: true, type: { name: "String" } @@ -2466,6 +2464,35 @@ export const SentinelOnboardingStatesList: coreClient.CompositeMapper = { } }; +export const SecurityMLAnalyticsSettingsList: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "SecurityMLAnalyticsSettingsList", + modelProperties: { + nextLink: { + serializedName: "nextLink", + readOnly: true, + type: { + name: "String" + } + }, + value: { + serializedName: "value", + required: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SecurityMLAnalyticsSetting" + } + } + } + } + } + } +}; + export const SettingList: coreClient.CompositeMapper = { type: { name: "Composite", @@ -3353,6 +3380,24 @@ export const DataConnectorConnectBody: coreClient.CompositeMapper = { name: "String" } }, + dataCollectionEndpoint: { + serializedName: "dataCollectionEndpoint", + type: { + name: "String" + } + }, + dataCollectionRuleImmutableId: { + serializedName: "dataCollectionRuleImmutableId", + type: { + name: "String" + } + }, + outputStream: { + serializedName: "outputStream", + type: { + name: "String" + } + }, clientSecret: { serializedName: "clientSecret", type: { @@ -4281,6 +4326,65 @@ export const IncidentPropertiesAction: coreClient.CompositeMapper = { } }; +export const AutomationRulePropertyArrayChangedValuesCondition: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "AutomationRulePropertyArrayChangedValuesCondition", + modelProperties: { + arrayType: { + serializedName: "arrayType", + type: { + name: "String" + } + }, + changeType: { + serializedName: "changeType", + type: { + name: "String" + } + } + } + } +}; + +export const AutomationRulePropertyValuesChangedCondition: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "AutomationRulePropertyValuesChangedCondition", + modelProperties: { + propertyName: { + serializedName: "propertyName", + type: { + name: "String" + } + }, + changeType: { + serializedName: "changeType", + type: { + name: "String" + } + }, + operator: { + serializedName: "operator", + type: { + name: "String" + } + }, + propertyValues: { + serializedName: "propertyValues", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + export const AutomationRulePropertyValuesCondition: coreClient.CompositeMapper = { type: { name: "Composite", @@ -4631,21 +4735,26 @@ export const DataTypeDefinitions: coreClient.CompositeMapper = { } }; -export const Sku: coreClient.CompositeMapper = { +export const SecurityMLAnalyticsSettingsDataSource: coreClient.CompositeMapper = { type: { name: "Composite", - className: "Sku", + className: "SecurityMLAnalyticsSettingsDataSource", modelProperties: { - name: { - serializedName: "name", + connectorId: { + serializedName: "connectorId", type: { name: "String" } }, - capacityReservationLevel: { - serializedName: "capacityReservationLevel", + dataTypes: { + serializedName: "dataTypes", type: { - name: "Number" + name: "Sequence", + element: { + type: { + name: "String" + } + } } } } @@ -5895,6 +6004,48 @@ export const ActionRequestProperties: coreClient.CompositeMapper = { } }; +export const PropertyArrayChangedConditionProperties: coreClient.CompositeMapper = { + serializedName: "PropertyArrayChanged", + type: { + name: "Composite", + className: "PropertyArrayChangedConditionProperties", + uberParent: "AutomationRuleCondition", + polymorphicDiscriminator: + AutomationRuleCondition.type.polymorphicDiscriminator, + modelProperties: { + ...AutomationRuleCondition.type.modelProperties, + conditionProperties: { + serializedName: "conditionProperties", + type: { + name: "Composite", + className: "AutomationRulePropertyArrayChangedValuesCondition" + } + } + } + } +}; + +export const PropertyChangedConditionProperties: coreClient.CompositeMapper = { + serializedName: "PropertyChanged", + type: { + name: "Composite", + className: "PropertyChangedConditionProperties", + uberParent: "AutomationRuleCondition", + polymorphicDiscriminator: + AutomationRuleCondition.type.polymorphicDiscriminator, + modelProperties: { + ...AutomationRuleCondition.type.modelProperties, + conditionProperties: { + serializedName: "conditionProperties", + type: { + name: "Composite", + className: "AutomationRulePropertyValuesChangedCondition" + } + } + } + } +}; + export const PropertyConditionProperties: coreClient.CompositeMapper = { serializedName: "Property", type: { @@ -6088,6 +6239,100 @@ export const BookmarkTimelineItem: coreClient.CompositeMapper = { } }; +export const AnomalyTimelineItem: coreClient.CompositeMapper = { + serializedName: "Anomaly", + type: { + name: "Composite", + className: "AnomalyTimelineItem", + uberParent: "EntityTimelineItem", + polymorphicDiscriminator: EntityTimelineItem.type.polymorphicDiscriminator, + modelProperties: { + ...EntityTimelineItem.type.modelProperties, + azureResourceId: { + serializedName: "azureResourceId", + required: true, + type: { + name: "String" + } + }, + productName: { + serializedName: "productName", + type: { + name: "String" + } + }, + description: { + serializedName: "description", + type: { + name: "String" + } + }, + displayName: { + serializedName: "displayName", + required: true, + type: { + name: "String" + } + }, + endTimeUtc: { + serializedName: "endTimeUtc", + required: true, + type: { + name: "DateTime" + } + }, + startTimeUtc: { + serializedName: "startTimeUtc", + required: true, + type: { + name: "DateTime" + } + }, + timeGenerated: { + serializedName: "timeGenerated", + required: true, + type: { + name: "DateTime" + } + }, + vendor: { + serializedName: "vendor", + type: { + name: "String" + } + }, + intent: { + serializedName: "intent", + type: { + name: "String" + } + }, + techniques: { + serializedName: "techniques", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + reasons: { + serializedName: "reasons", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + export const SecurityAlertTimelineItem: coreClient.CompositeMapper = { serializedName: "SecurityAlert", type: { @@ -7169,6 +7414,92 @@ export const IoTDeviceEntityProperties: coreClient.CompositeMapper = { } } } + }, + owners: { + serializedName: "owners", + readOnly: true, + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + nicEntityIds: { + serializedName: "nicEntityIds", + readOnly: true, + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + site: { + serializedName: "site", + readOnly: true, + type: { + name: "String" + } + }, + zone: { + serializedName: "zone", + readOnly: true, + type: { + name: "String" + } + }, + sensor: { + serializedName: "sensor", + readOnly: true, + type: { + name: "String" + } + }, + deviceSubType: { + serializedName: "deviceSubType", + readOnly: true, + type: { + name: "String" + } + }, + importance: { + serializedName: "importance", + type: { + name: "String" + } + }, + purdueLayer: { + serializedName: "purdueLayer", + readOnly: true, + type: { + name: "String" + } + }, + isAuthorized: { + serializedName: "isAuthorized", + readOnly: true, + type: { + name: "Boolean" + } + }, + isProgramming: { + serializedName: "isProgramming", + readOnly: true, + type: { + name: "Boolean" + } + }, + isScanner: { + serializedName: "isScanner", + readOnly: true, + type: { + name: "Boolean" + } } } } @@ -7903,6 +8234,42 @@ export const UrlEntityProperties: coreClient.CompositeMapper = { } }; +export const NicEntityProperties: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "NicEntityProperties", + modelProperties: { + ...EntityCommonProperties.type.modelProperties, + macAddress: { + serializedName: "macAddress", + readOnly: true, + type: { + name: "String" + } + }, + ipAddressEntityId: { + serializedName: "ipAddressEntityId", + readOnly: true, + type: { + name: "String" + } + }, + vlans: { + serializedName: "vlans", + readOnly: true, + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + export const AADCheckRequirements: coreClient.CompositeMapper = { serializedName: "AzureActiveDirectory", type: { @@ -10063,6 +10430,29 @@ export const SentinelOnboardingState: coreClient.CompositeMapper = { } }; +export const SecurityMLAnalyticsSetting: coreClient.CompositeMapper = { + serializedName: "SecurityMLAnalyticsSetting", + type: { + name: "Composite", + className: "SecurityMLAnalyticsSetting", + uberParent: "Resource", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + kind: { + serializedName: "kind", + required: true, + type: { + name: "String" + } + } + } + } +}; + export const Settings: coreClient.CompositeMapper = { serializedName: "Settings", type: { @@ -10302,12 +10692,6 @@ export const Watchlist: coreClient.CompositeMapper = { name: "String" } }, - sasUri: { - serializedName: "properties.sasUri", - type: { - name: "String" - } - }, itemsSearchKey: { serializedName: "properties.itemsSearchKey", type: { @@ -10325,13 +10709,6 @@ export const Watchlist: coreClient.CompositeMapper = { type: { name: "String" } - }, - provisioningState: { - serializedName: "properties.provisioningState", - readOnly: true, - type: { - name: "String" - } } } } @@ -12068,6 +12445,92 @@ export const IoTDeviceEntity: coreClient.CompositeMapper = { } } } + }, + owners: { + serializedName: "properties.owners", + readOnly: true, + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + nicEntityIds: { + serializedName: "properties.nicEntityIds", + readOnly: true, + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + site: { + serializedName: "properties.site", + readOnly: true, + type: { + name: "String" + } + }, + zone: { + serializedName: "properties.zone", + readOnly: true, + type: { + name: "String" + } + }, + sensor: { + serializedName: "properties.sensor", + readOnly: true, + type: { + name: "String" + } + }, + deviceSubType: { + serializedName: "properties.deviceSubType", + readOnly: true, + type: { + name: "String" + } + }, + importance: { + serializedName: "properties.importance", + type: { + name: "String" + } + }, + purdueLayer: { + serializedName: "properties.purdueLayer", + readOnly: true, + type: { + name: "String" + } + }, + isAuthorized: { + serializedName: "properties.isAuthorized", + readOnly: true, + type: { + name: "Boolean" + } + }, + isProgramming: { + serializedName: "properties.isProgramming", + readOnly: true, + type: { + name: "Boolean" + } + }, + isScanner: { + serializedName: "properties.isScanner", + readOnly: true, + type: { + name: "Boolean" + } } } } @@ -13022,6 +13485,62 @@ export const UrlEntity: coreClient.CompositeMapper = { } }; +export const NicEntity: coreClient.CompositeMapper = { + serializedName: "Nic", + type: { + name: "Composite", + className: "NicEntity", + uberParent: "Resource", + polymorphicDiscriminator: Resource.type.polymorphicDiscriminator, + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + serializedName: "properties.additionalData", + readOnly: true, + type: { + name: "Dictionary", + value: { + type: { name: "Dictionary", value: { type: { name: "any" } } } + } + } + }, + friendlyName: { + serializedName: "properties.friendlyName", + readOnly: true, + type: { + name: "String" + } + }, + macAddress: { + serializedName: "properties.macAddress", + readOnly: true, + type: { + name: "String" + } + }, + ipAddressEntityId: { + serializedName: "properties.ipAddressEntityId", + readOnly: true, + type: { + name: "String" + } + }, + vlans: { + serializedName: "properties.vlans", + readOnly: true, + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + export const ActivityEntityQueryTemplate: coreClient.CompositeMapper = { serializedName: "Activity", type: { @@ -14029,6 +14548,121 @@ export const ActivityCustomEntityQuery: coreClient.CompositeMapper = { } }; +export const AnomalySecurityMLAnalyticsSettings: coreClient.CompositeMapper = { + serializedName: "Anomaly", + type: { + name: "Composite", + className: "AnomalySecurityMLAnalyticsSettings", + uberParent: "Resource", + polymorphicDiscriminator: Resource.type.polymorphicDiscriminator, + modelProperties: { + ...SecurityMLAnalyticsSetting.type.modelProperties, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + enabled: { + serializedName: "properties.enabled", + type: { + name: "Boolean" + } + }, + lastModifiedUtc: { + serializedName: "properties.lastModifiedUtc", + readOnly: true, + type: { + name: "DateTime" + } + }, + requiredDataConnectors: { + serializedName: "properties.requiredDataConnectors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SecurityMLAnalyticsSettingsDataSource" + } + } + } + }, + tactics: { + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + techniques: { + serializedName: "properties.techniques", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + anomalyVersion: { + serializedName: "properties.anomalyVersion", + type: { + name: "String" + } + }, + customizableObservations: { + serializedName: "properties.customizableObservations", + type: { + name: "Dictionary", + value: { type: { name: "any" } } + } + }, + frequency: { + serializedName: "properties.frequency", + type: { + name: "TimeSpan" + } + }, + settingsStatus: { + serializedName: "properties.settingsStatus", + type: { + name: "String" + } + }, + isDefaultSettings: { + serializedName: "properties.isDefaultSettings", + type: { + name: "Boolean" + } + }, + anomalySettingsVersion: { + serializedName: "properties.anomalySettingsVersion", + type: { + name: "Number" + } + }, + settingsDefinitionId: { + serializedName: "properties.settingsDefinitionId", + type: { + name: "Uuid" + } + } + } + } +}; + export const Anomalies: coreClient.CompositeMapper = { serializedName: "Anomalies", type: { @@ -14078,11 +14712,15 @@ export const EntityAnalytics: coreClient.CompositeMapper = { polymorphicDiscriminator: Resource.type.polymorphicDiscriminator, modelProperties: { ...Settings.type.modelProperties, - isEnabled: { - serializedName: "properties.isEnabled", - readOnly: true, + entityProviders: { + serializedName: "properties.entityProviders", type: { - name: "Boolean" + name: "Sequence", + element: { + type: { + name: "String" + } + } } } } @@ -14989,11 +15627,14 @@ export let discriminators = { "Resource.AlertRuleTemplate": AlertRuleTemplate, "Resource.Entity": Entity, "Resource.EntityQueryTemplate": EntityQueryTemplate, + "AutomationRuleCondition.PropertyArrayChanged": PropertyArrayChangedConditionProperties, + "AutomationRuleCondition.PropertyChanged": PropertyChangedConditionProperties, "AutomationRuleCondition.Property": PropertyConditionProperties, "AutomationRuleAction.ModifyProperties": AutomationRuleModifyPropertiesAction, "AutomationRuleAction.RunPlaybook": AutomationRuleRunPlaybookAction, "EntityTimelineItem.Activity": ActivityTimelineItem, "EntityTimelineItem.Bookmark": BookmarkTimelineItem, + "EntityTimelineItem.Anomaly": AnomalyTimelineItem, "EntityTimelineItem.SecurityAlert": SecurityAlertTimelineItem, "EntityQueryItem.Insight": InsightQueryItem, "DataConnectorsCheckRequirements.AzureActiveDirectory": AADCheckRequirements, @@ -15016,6 +15657,7 @@ export let discriminators = { "Resource.AlertRule": AlertRule, "Resource.EntityQuery": EntityQuery, "Resource.CustomEntityQuery": CustomEntityQuery, + "Resource.SecurityMLAnalyticsSetting": SecurityMLAnalyticsSetting, "Resource.Settings": Settings, "Resource.ThreatIntelligenceInformation": ThreatIntelligenceInformation, "Resource.DataConnector": DataConnector, @@ -15046,8 +15688,10 @@ export let discriminators = { "Resource.SecurityGroup": SecurityGroupEntity, "Resource.SubmissionMail": SubmissionMailEntity, "Resource.Url": UrlEntity, + "Resource.Nic": NicEntity, "Resource.Activity": ActivityCustomEntityQuery, "Resource.Expansion": ExpansionEntityQuery, + "Resource.Anomaly": AnomalySecurityMLAnalyticsSettings, "Resource.Anomalies": Anomalies, "Resource.EyesOn": EyesOn, "Resource.EntityAnalytics": EntityAnalytics, diff --git a/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts b/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts index 7808530d8fb0..6cc47755758b 100644 --- a/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts +++ b/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts @@ -29,6 +29,7 @@ import { MetadataModel as MetadataModelMapper, MetadataPatch as MetadataPatchMapper, SentinelOnboardingState as SentinelOnboardingStateMapper, + SecurityMLAnalyticsSetting as SecurityMLAnalyticsSettingMapper, Settings as SettingsMapper, SourceControl as SourceControlMapper, ThreatIntelligenceIndicatorModel as ThreatIntelligenceIndicatorModelMapper, @@ -68,7 +69,7 @@ export const $host: OperationURLParameter = { export const apiVersion: OperationQueryParameter = { parameterPath: "apiVersion", mapper: { - defaultValue: "2022-01-01-preview", + defaultValue: "2022-07-01-preview", isConstant: true, serializedName: "api-version", type: { @@ -500,6 +501,22 @@ export const sentinelOnboardingStateParameter: OperationParameter = { mapper: SentinelOnboardingStateMapper }; +export const settingsResourceName: OperationURLParameter = { + parameterPath: "settingsResourceName", + mapper: { + serializedName: "settingsResourceName", + required: true, + type: { + name: "String" + } + } +}; + +export const securityMLAnalyticsSetting: OperationParameter = { + parameterPath: "securityMLAnalyticsSetting", + mapper: SecurityMLAnalyticsSettingMapper +}; + export const settingsName: OperationURLParameter = { parameterPath: "settingsName", mapper: { diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/index.ts b/sdk/securityinsight/arm-securityinsight/src/operations/index.ts index 2fb99b67a9bb..953a63a9a9d9 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operations/index.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operations/index.ts @@ -27,6 +27,7 @@ export * from "./incidentRelations"; export * from "./metadata"; export * from "./officeConsents"; export * from "./sentinelOnboardingStates"; +export * from "./securityMLAnalyticsSettings"; export * from "./productSettings"; export * from "./sourceControlOperations"; export * from "./sourceControls"; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/securityMLAnalyticsSettings.ts b/sdk/securityinsight/arm-securityinsight/src/operations/securityMLAnalyticsSettings.ts new file mode 100644 index 000000000000..3b4bae234a8e --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/securityMLAnalyticsSettings.ts @@ -0,0 +1,321 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator } from "@azure/core-paging"; +import { SecurityMLAnalyticsSettings } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + SecurityMLAnalyticsSettingUnion, + SecurityMLAnalyticsSettingsListNextOptionalParams, + SecurityMLAnalyticsSettingsListOptionalParams, + SecurityMLAnalyticsSettingsListResponse, + SecurityMLAnalyticsSettingsGetOptionalParams, + SecurityMLAnalyticsSettingsGetResponse, + SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams, + SecurityMLAnalyticsSettingsCreateOrUpdateResponse, + SecurityMLAnalyticsSettingsDeleteOptionalParams, + SecurityMLAnalyticsSettingsListNextResponse +} from "../models"; + +/// +/** Class containing SecurityMLAnalyticsSettings operations. */ +export class SecurityMLAnalyticsSettingsImpl + implements SecurityMLAnalyticsSettings { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class SecurityMLAnalyticsSettings class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Gets all Security ML Analytics Settings. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + public list( + resourceGroupName: string, + workspaceName: string, + options?: SecurityMLAnalyticsSettingsListOptionalParams + ): PagedAsyncIterableIterator { + const iter = this.listPagingAll(resourceGroupName, workspaceName, options); + return { + next() { + return iter.next(); + }, + [Symbol.asyncIterator]() { + return this; + }, + byPage: () => { + return this.listPagingPage(resourceGroupName, workspaceName, options); + } + }; + } + + private async *listPagingPage( + resourceGroupName: string, + workspaceName: string, + options?: SecurityMLAnalyticsSettingsListOptionalParams + ): AsyncIterableIterator { + let result = await this._list(resourceGroupName, workspaceName, options); + yield result.value || []; + let continuationToken = result.nextLink; + while (continuationToken) { + result = await this._listNext( + resourceGroupName, + workspaceName, + continuationToken, + options + ); + continuationToken = result.nextLink; + yield result.value || []; + } + } + + private async *listPagingAll( + resourceGroupName: string, + workspaceName: string, + options?: SecurityMLAnalyticsSettingsListOptionalParams + ): AsyncIterableIterator { + for await (const page of this.listPagingPage( + resourceGroupName, + workspaceName, + options + )) { + yield* page; + } + } + + /** + * Gets all Security ML Analytics Settings. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + private _list( + resourceGroupName: string, + workspaceName: string, + options?: SecurityMLAnalyticsSettingsListOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, options }, + listOperationSpec + ); + } + + /** + * Gets the Security ML Analytics Settings. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param settingsResourceName Security ML Analytics Settings resource name + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + settingsResourceName: string, + options?: SecurityMLAnalyticsSettingsGetOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, settingsResourceName, options }, + getOperationSpec + ); + } + + /** + * Creates or updates the Security ML Analytics Settings. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param settingsResourceName Security ML Analytics Settings resource name + * @param securityMLAnalyticsSetting The security ML Analytics setting + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + settingsResourceName: string, + securityMLAnalyticsSetting: SecurityMLAnalyticsSettingUnion, + options?: SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + settingsResourceName, + securityMLAnalyticsSetting, + options + }, + createOrUpdateOperationSpec + ); + } + + /** + * Delete the Security ML Analytics Settings. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param settingsResourceName Security ML Analytics Settings resource name + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + settingsResourceName: string, + options?: SecurityMLAnalyticsSettingsDeleteOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, settingsResourceName, options }, + deleteOperationSpec + ); + } + + /** + * ListNext + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param nextLink The nextLink from the previous successful call to the List method. + * @param options The options parameters. + */ + private _listNext( + resourceGroupName: string, + workspaceName: string, + nextLink: string, + options?: SecurityMLAnalyticsSettingsListNextOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, nextLink, options }, + listNextOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const listOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.SecurityMLAnalyticsSettingsList + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName + ], + headerParameters: [Parameters.accept], + serializer +}; +const getOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/{settingsResourceName}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.SecurityMLAnalyticsSetting + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.settingsResourceName + ], + headerParameters: [Parameters.accept], + serializer +}; +const createOrUpdateOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/{settingsResourceName}", + httpMethod: "PUT", + responses: { + 200: { + bodyMapper: Mappers.SecurityMLAnalyticsSetting + }, + 201: { + bodyMapper: Mappers.SecurityMLAnalyticsSetting + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + requestBody: Parameters.securityMLAnalyticsSetting, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.settingsResourceName + ], + headerParameters: [Parameters.accept, Parameters.contentType], + mediaType: "json", + serializer +}; +const deleteOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/{settingsResourceName}", + httpMethod: "DELETE", + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.settingsResourceName + ], + headerParameters: [Parameters.accept], + serializer +}; +const listNextOperationSpec: coreClient.OperationSpec = { + path: "{nextLink}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.SecurityMLAnalyticsSettingsList + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.nextLink + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/index.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/index.ts index 2fb99b67a9bb..953a63a9a9d9 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/index.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/index.ts @@ -27,6 +27,7 @@ export * from "./incidentRelations"; export * from "./metadata"; export * from "./officeConsents"; export * from "./sentinelOnboardingStates"; +export * from "./securityMLAnalyticsSettings"; export * from "./productSettings"; export * from "./sourceControlOperations"; export * from "./sourceControls"; diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/securityMLAnalyticsSettings.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/securityMLAnalyticsSettings.ts new file mode 100644 index 000000000000..603ae1b2c8fb --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/securityMLAnalyticsSettings.ts @@ -0,0 +1,75 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator } from "@azure/core-paging"; +import { + SecurityMLAnalyticsSettingUnion, + SecurityMLAnalyticsSettingsListOptionalParams, + SecurityMLAnalyticsSettingsGetOptionalParams, + SecurityMLAnalyticsSettingsGetResponse, + SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams, + SecurityMLAnalyticsSettingsCreateOrUpdateResponse, + SecurityMLAnalyticsSettingsDeleteOptionalParams +} from "../models"; + +/// +/** Interface representing a SecurityMLAnalyticsSettings. */ +export interface SecurityMLAnalyticsSettings { + /** + * Gets all Security ML Analytics Settings. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + list( + resourceGroupName: string, + workspaceName: string, + options?: SecurityMLAnalyticsSettingsListOptionalParams + ): PagedAsyncIterableIterator; + /** + * Gets the Security ML Analytics Settings. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param settingsResourceName Security ML Analytics Settings resource name + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + settingsResourceName: string, + options?: SecurityMLAnalyticsSettingsGetOptionalParams + ): Promise; + /** + * Creates or updates the Security ML Analytics Settings. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param settingsResourceName Security ML Analytics Settings resource name + * @param securityMLAnalyticsSetting The security ML Analytics setting + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + settingsResourceName: string, + securityMLAnalyticsSetting: SecurityMLAnalyticsSettingUnion, + options?: SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams + ): Promise; + /** + * Delete the Security ML Analytics Settings. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param settingsResourceName Security ML Analytics Settings resource name + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + settingsResourceName: string, + options?: SecurityMLAnalyticsSettingsDeleteOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts b/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts index b2e33b105617..d9c9e86217ec 100644 --- a/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts +++ b/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts @@ -8,6 +8,11 @@ import * as coreClient from "@azure/core-client"; import * as coreRestPipeline from "@azure/core-rest-pipeline"; +import { + PipelineRequest, + PipelineResponse, + SendRequest +} from "@azure/core-rest-pipeline"; import * as coreAuth from "@azure/core-auth"; import { AlertRulesImpl, @@ -31,6 +36,7 @@ import { MetadataImpl, OfficeConsentsImpl, SentinelOnboardingStatesImpl, + SecurityMLAnalyticsSettingsImpl, ProductSettingsImpl, SourceControlOperationsImpl, SourceControlsImpl, @@ -65,6 +71,7 @@ import { Metadata, OfficeConsents, SentinelOnboardingStates, + SecurityMLAnalyticsSettings, ProductSettings, SourceControlOperations, SourceControls, @@ -111,7 +118,7 @@ export class SecurityInsights extends coreClient.ServiceClient { credential: credentials }; - const packageDetails = `azsdk-js-arm-securityinsight/1.0.0-beta.3`; + const packageDetails = `azsdk-js-arm-securityinsight/1.0.0-beta.4`; const userAgentPrefix = options.userAgentOptions && options.userAgentOptions.userAgentPrefix ? `${options.userAgentOptions.userAgentPrefix} ${packageDetails}` @@ -158,7 +165,7 @@ export class SecurityInsights extends coreClient.ServiceClient { // Assigning values to Constant parameters this.$host = options.$host || "https://management.azure.com"; - this.apiVersion = options.apiVersion || "2022-01-01-preview"; + this.apiVersion = options.apiVersion || "2022-07-01-preview"; this.alertRules = new AlertRulesImpl(this); this.actions = new ActionsImpl(this); this.alertRuleTemplates = new AlertRuleTemplatesImpl(this); @@ -180,6 +187,9 @@ export class SecurityInsights extends coreClient.ServiceClient { this.metadata = new MetadataImpl(this); this.officeConsents = new OfficeConsentsImpl(this); this.sentinelOnboardingStates = new SentinelOnboardingStatesImpl(this); + this.securityMLAnalyticsSettings = new SecurityMLAnalyticsSettingsImpl( + this + ); this.productSettings = new ProductSettingsImpl(this); this.sourceControlOperations = new SourceControlOperationsImpl(this); this.sourceControls = new SourceControlsImpl(this); @@ -199,6 +209,35 @@ export class SecurityInsights extends coreClient.ServiceClient { this ); this.operations = new OperationsImpl(this); + this.addCustomApiVersionPolicy(options.apiVersion); + } + + /** A function that adds a policy that sets the api-version (or equivalent) to reflect the library version. */ + private addCustomApiVersionPolicy(apiVersion?: string) { + if (!apiVersion) { + return; + } + const apiVersionPolicy = { + name: "CustomApiVersionPolicy", + async sendRequest( + request: PipelineRequest, + next: SendRequest + ): Promise { + const param = request.url.split("?"); + if (param.length > 1) { + const newParams = param[1].split("&").map((item) => { + if (item.indexOf("api-version") > -1) { + return item.replace(/(?<==).*$/, apiVersion); + } else { + return item; + } + }); + request.url = param[0] + "?" + newParams.join("&"); + } + return next(request); + } + }; + this.pipeline.addPolicy(apiVersionPolicy); } alertRules: AlertRules; @@ -222,6 +261,7 @@ export class SecurityInsights extends coreClient.ServiceClient { metadata: Metadata; officeConsents: OfficeConsents; sentinelOnboardingStates: SentinelOnboardingStates; + securityMLAnalyticsSettings: SecurityMLAnalyticsSettings; productSettings: ProductSettings; sourceControlOperations: SourceControlOperations; sourceControls: SourceControls; diff --git a/sdk/securityinsight/arm-securityinsight/test/sampleTest.ts b/sdk/securityinsight/arm-securityinsight/test/sampleTest.ts index 7ed89b043e1b..25aeb3ebcc36 100644 --- a/sdk/securityinsight/arm-securityinsight/test/sampleTest.ts +++ b/sdk/securityinsight/arm-securityinsight/test/sampleTest.ts @@ -7,35 +7,30 @@ */ import { - env, - record, - RecorderEnvironmentSetup, - Recorder + Recorder, + RecorderStartOptions, + env } from "@azure-tools/test-recorder"; -import * as assert from "assert"; +import { assert } from "chai"; +import { Context } from "mocha"; -const recorderEnvSetup: RecorderEnvironmentSetup = { - replaceableVariables: { - AZURE_CLIENT_ID: "azure_client_id", - AZURE_CLIENT_SECRET: "azure_client_secret", - AZURE_TENANT_ID: "88888888-8888-8888-8888-888888888888", - SUBSCRIPTION_ID: "azure_subscription_id" - }, - customizationsOnRecordings: [ - (recording: any): any => - recording.replace( - /"access_token":"[^"]*"/g, - `"access_token":"access_token"` - ) - ], - queryParametersToSkip: [] +const replaceableVariables: Record = { + AZURE_CLIENT_ID: "azure_client_id", + AZURE_CLIENT_SECRET: "azure_client_secret", + AZURE_TENANT_ID: "88888888-8888-8888-8888-888888888888", + SUBSCRIPTION_ID: "azure_subscription_id" +}; + +const recorderOptions: RecorderStartOptions = { + envSetupForPlayback: replaceableVariables }; describe("My test", () => { let recorder: Recorder; - beforeEach(async function() { - recorder = record(this, recorderEnvSetup); + beforeEach(async function(this: Context) { + recorder = new Recorder(this.currentTest); + await recorder.start(recorderOptions); }); afterEach(async function() { diff --git a/sdk/securityinsight/arm-securityinsight/tsconfig.json b/sdk/securityinsight/arm-securityinsight/tsconfig.json index 6c7875caddba..3e6ae96443f3 100644 --- a/sdk/securityinsight/arm-securityinsight/tsconfig.json +++ b/sdk/securityinsight/arm-securityinsight/tsconfig.json @@ -15,17 +15,11 @@ ], "declaration": true, "outDir": "./dist-esm", - "importHelpers": true, - "paths": { - "@azure/arm-securityinsight": [ - "./src/index" - ] - } + "importHelpers": true }, "include": [ "./src/**/*.ts", - "./test/**/*.ts", - "samples-dev/**/*.ts" + "./test/**/*.ts" ], "exclude": [ "node_modules"