Azure · msJinLei · Feb 27, 2024 · Feb 12, 2024 · Feb 13, 2024 · Feb 14, 2024
diff --git a/src/Security/Security.Autorest/.gitattributes b/src/Security/Security.Autorest/.gitattributes
@@ -0,0 +1 @@
+* text=auto
diff --git a/src/Security/Security.Autorest/.gitignore b/src/Security/Security.Autorest/.gitignore
@@ -0,0 +1,16 @@
+bin
+obj
+.vs
+generated
+internal
+exports
+tools
+custom/*.psm1
+custom/autogen-model-cmdlets
+test/*-TestResults.xml
+/*.ps1
+/*.ps1xml
+/*.psm1
+/*.snk
+/*.csproj
+/*.nuspec
diff --git a/src/Security/Security.Autorest/Az.Security.psd1 b/src/Security/Security.Autorest/Az.Security.psd1
@@ -0,0 +1,23 @@
+@{
+  GUID = '6f1c0dfd-dfcd-4e5b-b77c-a64a9d355ebf'
+  RootModule = './Az.Security.psm1'
+  ModuleVersion = '1.5.1'
+  CompatiblePSEditions = 'Core', 'Desktop'
+  Author = 'Microsoft Corporation'
+  CompanyName = 'Microsoft Corporation'
+  Copyright = 'Microsoft Corporation. All rights reserved.'
+  Description = 'Microsoft Azure PowerShell: Security cmdlets'
+  PowerShellVersion = '5.1'
+  DotNetFrameworkVersion = '4.7.2'
+  RequiredAssemblies = './bin/Az.Security.private.dll'
+  FormatsToProcess = './Az.Security.format.ps1xml'
+  FunctionsToExport = 'Get-AzSecurityApiCollection', 'Get-AzSecurityConnector', 'Get-AzSecurityConnectorAzureDevOpsOrg', 'Get-AzSecurityConnectorAzureDevOpsOrgAvailable', 'Get-AzSecurityConnectorAzureDevOpsProject', 'Get-AzSecurityConnectorAzureDevOpsRepo', 'Get-AzSecurityConnectorDevOpsConfiguration', 'Get-AzSecurityConnectorGitHubOwner', 'Get-AzSecurityConnectorGitHubOwnerAvailable', 'Get-AzSecurityConnectorGitHubRepo', 'Get-AzSecurityConnectorGitLabGroup', 'Get-AzSecurityConnectorGitLabGroupAvailable', 'Get-AzSecurityConnectorGitLabProject', 'Get-AzSecurityConnectorGitLabSubgroup', 'Invoke-AzSecurityApiCollectionApimOffboard', 'Invoke-AzSecurityApiCollectionApimOnboard', 'New-AzSecurityAwsEnvironmentObject', 'New-AzSecurityAwsOrganizationalDataMasterObject', 'New-AzSecurityAwsOrganizationalDataMemberObject', 'New-AzSecurityAzureDevOpsScopeEnvironmentObject', 'New-AzSecurityConnector', 'New-AzSecurityConnectorActionableRemediationObject', 'New-AzSecurityConnectorDevOpsConfiguration', 'New-AzSecurityCspmMonitorAwsOfferingObject', 'New-AzSecurityCspmMonitorAzureDevOpsOfferingObject', 'New-AzSecurityCspmMonitorGcpOfferingObject', 'New-AzSecurityCspmMonitorGithubOfferingObject', 'New-AzSecurityCspmMonitorGitLabOfferingObject', 'New-AzSecurityDefenderCspmAwsOfferingObject', 'New-AzSecurityDefenderCspmGcpOfferingObject', 'New-AzSecurityDefenderForContainersAwsOfferingObject', 'New-AzSecurityDefenderForContainersGcpOfferingObject', 'New-AzSecurityDefenderForDatabasesAwsOfferingObject', 'New-AzSecurityDefenderForDatabasesGcpOfferingObject', 'New-AzSecurityDefenderForServersAwsOfferingObject', 'New-AzSecurityDefenderForServersGcpOfferingObject', 'New-AzSecurityGcpOrganizationalDataMemberObject', 'New-AzSecurityGcpOrganizationalDataOrganizationObject', 'New-AzSecurityGcpProjectEnvironmentObject', 'New-AzSecurityGitHubScopeEnvironmentObject', 'New-AzSecurityGitLabScopeEnvironmentObject', 'New-AzSecurityInformationProtectionAwsOfferingObject', 'Remove-AzSecurityConnector', 'Remove-AzSecurityConnectorDevOpsConfiguration', 'Update-AzSecurityConnector', 'Update-AzSecurityConnectorAzureDevOpsOrg', 'Update-AzSecurityConnectorAzureDevOpsProject', 'Update-AzSecurityConnectorAzureDevOpsRepo', 'Update-AzSecurityConnectorDevOpsConfiguration'
+  PrivateData = @{
+    PSData = @{
+      Tags = 'Azure', 'ResourceManager', 'ARM', 'PSModule', 'Security'
+      LicenseUri = 'https://aka.ms/azps-license'
+      ProjectUri = 'https://github.com/Azure/azure-powershell'
+      ReleaseNotes = ''
+    }
+  }
+}
diff --git a/src/Security/Security.Autorest/README.md b/src/Security/Security.Autorest/README.md
@@ -0,0 +1,187 @@
+<!-- region Generated -->
+# Az.Security
+This directory contains the PowerShell module for the Security service.
+
+---
+## Status
+[![Az.Security](https://img.shields.io/powershellgallery/v/Az.Security.svg?style=flat-square&label=Az.Security "Az.Security")](https://www.powershellgallery.com/packages/Az.Security/)
+
+## Info
+- Modifiable: yes
+- Generated: all
+- Committed: yes
+- Packaged: yes
+
+---
+## Detail
+This module was primarily generated via [AutoRest](https://github.com/Azure/autorest) using the [PowerShell](https://github.com/Azure/autorest.powershell) extension.
+
+## Module Requirements
+- [Az.Accounts module](https://www.powershellgallery.com/packages/Az.Accounts/), version 2.7.5 or greater
+
+## Authentication
+AutoRest does not generate authentication code for the module. Authentication is handled via Az.Accounts by altering the HTTP payload before it is sent.
+
+## Development
+For information on how to develop for `Az.Security`, see [how-to.md](how-to.md).
+<!-- endregion -->
+
+### AutoRest Configuration
+> see https://aka.ms/autorest
+
+###
+``` yaml
+commit: 6c4497e6b0aaad8127f2dd50fa8a29aaf68f24e6
+require:
+  - $(this-folder)/../../readme.azure.noprofile.md
+input-file:
+  - $(repo)/specification/security/resource-manager/Microsoft.Security/preview/2023-10-01-preview/securityConnectors.json
+  - $(repo)/specification/security/resource-manager/Microsoft.Security/preview/2023-09-01-preview/securityConnectorsDevOps.json
+  - $(repo)/specification/security/resource-manager/Microsoft.Security/stable/2023-11-15/apiCollections.json
+
+title: Security
+module-version: 1.5.1
+subject-prefix: $(service-name)
+enable-parent-pipeline-input: false
+
+directive:
+  - rename-model:
+      from: EnvironmentData
+      to: SecurityConnectorEnvironment
+  - rename-model:
+      from: AwsEnvironmentData
+      to: AwsEnvironment
+  - rename-model:
+      from: GcpProjectEnvironmentData
+      to: GcpProjectEnvironment
+  - rename-model:
+      from: AzureDevOpsScopeEnvironmentData
+      to: AzureDevOpsScopeEnvironment
+  - rename-model:
+      from: GitlabScopeEnvironmentData
+      to: GitLabScopeEnvironment
+  - rename-model:
+      from: GithubScopeEnvironmentData
+      to: GitHubScopeEnvironment
+
+  - from: securityConnectors.json
+    where: $.definitions
+    debug: true
+    transform: >
+      $.defenderFoDatabasesAwsOffering['x-ms-client-name'] = 'DefenderForDatabasesAwsOffering'
+
+  - from: types.json
+    where: $.definitions.Kind
+    transform: >
+      $['x-ms-client-name'] = 'ResourceKind';
+
+  - from: apiCollections.json
+    where: $.paths..operationId
+    transform: >
+      return $.replace(/OffboardAzureApiManagementApi$/g, "ApiCollectionAPIM_Delete")
+
+  - where:
+      verb: Invoke
+      subject: ^AzureApiCollection$
+    set:
+      subject: ApiCollectionApimOnboard
+
+  - where:
+      verb: Remove
+      subject: ^ApiCollectionApim$
+    set:
+      verb: Invoke
+      subject: ApiCollectionApimOffboard
+
+  # New-* cmdlets, ViaIdentity is not required
+  - where:
+      variant: ^(Create|Update)(?!.*?Expanded|JsonFilePath|JsonString)
+    remove: true
+  - where:
+      variant: ^CreateViaIdentity.*$
+    remove: true
+
+  # Remove the set-* cmdlet
+  - where:
+      verb: Set
+    remove: true
+
+  - where:
+      subject: ^(DevOpsConfiguration|AzureDevOps|GitHub|GitLab)(.*)
+    set:
+      subject-prefix: SecurityConnector
+
+  - where:
+      subject: (.*)(AzureDevOpsRepos)$
+    set:
+      subject: $1AzureDevOpsRepo
+
+  - where:
+      subject: (.*)(GitHubRepos)$
+    set:
+      subject: $1GitHubRepo
+
+  - where:
+      verb: New
+      subject: ^(AzureDevOpsOrg|AzureDevOpsProject|AzureDevOpsRepo)(.*)
+    remove: true
+
+  - where:
+      subject: ^(DevOpsOperationResult)(.*)
+    remove: true
+
+  - where:
+      subject: ^(DevOpsConfiguration|AzureDevOps|GitHub|GitLab)(.*)
+      parameter-name: ProvisioningState
+    hide: true
+
+  - where:
+      verb: Update
+      subject: ^(AzureDevOps)(.*)
+      parameter-name: OnboardingState
+    hide: true
+
+  - where:
+      model-name: SecurityConnector
+    set:
+      format-table:
+        properties:
+          - Name
+          - ResourceGroupName
+          - EnvironmentName
+          - Location
+          - HierarchyIdentifier
+
+  - no-inline:
+    - SecurityConnectorEnvironment
+    - AwsOrganizationalData
+    - GcpOrganizationalData
+    - ActionableRemediation
+
+  - model-cmdlet:
+    - model-name: AwsEnvironment
+    - model-name: AwsOrganizationalDataMaster
+    - model-name: AwsOrganizationalDataMember
+    - model-name: GcpProjectEnvironment
+    - model-name: GcpOrganizationalDataOrganization
+    - model-name: GcpOrganizationalDataMember
+    - model-name: AzureDevOpsScopeEnvironment
+    - model-name: GitLabScopeEnvironment
+    - model-name: GitHubScopeEnvironment
+    - model-name: CspmMonitorAwsOffering
+    - model-name: CspmMonitorGcpOffering
+    - model-name: CspmMonitorGithubOffering
+    - model-name: CspmMonitorAzureDevOpsOffering
+    - model-name: CspmMonitorGitLabOffering
+    - model-name: DefenderCspmAwsOffering
+    - model-name: DefenderCspmGcpOffering
+    - model-name: DefenderForContainersAwsOffering
+    - model-name: DefenderForContainersGcpOffering
+    - model-name: DefenderForDatabasesAwsOffering
+    - model-name: DefenderForDatabasesGcpOffering
+    - model-name: DefenderForServersAwsOffering
+    - model-name: DefenderForServersGcpOffering
+    - model-name: InformationProtectionAwsOffering
+    - model-name: ActionableRemediation
+      cmdlet-name: New-AzSecurityConnectorActionableRemediationObject
+```
diff --git a/src/Security/Security.Autorest/UX/Microsoft.ApiManagement/service-apiCollections.json b/src/Security/Security.Autorest/UX/Microsoft.ApiManagement/service-apiCollections.json
@@ -0,0 +1,138 @@
+{
+  "resourceType": "service/apiCollections",
+  "apiVersion": "2023-11-15",
+  "learnMore": {
+    "url": "https://learn.microsoft.com/powershell/module/az.security"
+  },
+  "commands": [
+    {
+      "name": "Get-AzSecurityApiCollection",
+      "description": "Gets an Azure API Management API if it has been onboarded to Microsoft Defender for APIs.\nIf an Azure API Management API is onboarded to Microsoft Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+      "path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiId}",
+      "help": {
+        "learnMore": {
+          "url": "https://learn.microsoft.com/powershell/module/az.security/get-azsecurityapicollection"
+        },
+        "parameterSets": [
+          {
+            "parameters": [
+              "-ApiId <String>",
+              "-ResourceGroupName <String>",
+              "-ServiceName <String>",
+              "[-SubscriptionId <String[]>]"
+            ]
+          }
+        ]
+      },
+      "examples": [
+        {
+          "description": "Gets an Azure API Management API if it has been onboarded to Microsoft Defender for APIs. If an Azure API Management API is onboarded to Microsoft Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+          "parameters": [
+            {
+              "name": "-ApiId",
+              "value": "[Path.apiId]"
+            },
+            {
+              "name": "-ResourceGroupName",
+              "value": "[Path.resourceGroupName]"
+            },
+            {
+              "name": "-ServiceName",
+              "value": "[Path.serviceName]"
+            },
+            {
+              "name": "-SubscriptionId",
+              "value": "[Path.subscriptionId]"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "name": "Invoke-AzSecurityApiCollectionApimOffboard",
+      "description": "Offboard an Azure API Management API from Microsoft Defender for APIs.\nThe system will stop monitoring the operations within the Azure API Management API for intrusive behaviors.",
+      "path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiId}",
+      "help": {
+        "learnMore": {
+          "url": "https://learn.microsoft.com/powershell/module/az.security/invoke-azsecurityapicollectionapimoffboard"
+        },
+        "parameterSets": [
+          {
+            "parameters": [
+              "-ApiId <String>",
+              "-ResourceGroupName <String>",
+              "-ServiceName <String>",
+              "[-SubscriptionId <String>]"
+            ]
+          }
+        ]
+      },
+      "examples": [
+        {
+          "description": "Offboard an Azure API Management API from Microsoft Defender for APIs. The system will stop monitoring the operations within the Azure API Management API for intrusive behaviors.",
+          "parameters": [
+            {
+              "name": "-ApiId",
+              "value": "[Path.apiId]"
+            },
+            {
+              "name": "-ResourceGroupName",
+              "value": "[Path.resourceGroupName]"
+            },
+            {
+              "name": "-ServiceName",
+              "value": "[Path.serviceName]"
+            },
+            {
+              "name": "-SubscriptionId",
+              "value": "[Path.subscriptionId]"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "name": "Invoke-AzSecurityApiCollectionApimOnboard",
+      "description": "Onboard an Azure API Management API to Microsoft Defender for APIs.\nThe system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+      "path": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiId}",
+      "help": {
+        "learnMore": {
+          "url": "https://learn.microsoft.com/powershell/module/az.security/invoke-azsecurityapicollectionapimonboard"
+        },
+        "parameterSets": [
+          {
+            "parameters": [
+              "-ApiId <String>",
+              "-ResourceGroupName <String>",
+              "-ServiceName <String>",
+              "[-SubscriptionId <String>]"
+            ]
+          }
+        ]
+      },
+      "examples": [
+        {
+          "description": "Onboard an Azure API Management API to Microsoft Defender for APIs. The system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+          "parameters": [
+            {
+              "name": "-ApiId",
+              "value": "[Path.apiId]"
+            },
+            {
+              "name": "-ResourceGroupName",
+              "value": "[Path.resourceGroupName]"
+            },
+            {
+              "name": "-ServiceName",
+              "value": "[Path.serviceName]"
+            },
+            {
+              "name": "-SubscriptionId",
+              "value": "[Path.subscriptionId]"
+            }
+          ]
+        }
+      ]
+    }
+  ]
+}