diff --git a/internal/services/sentinel/client/client.go b/internal/services/sentinel/client/client.go index 9b1e2a50f399..a58ee7b30aae 100644 --- a/internal/services/sentinel/client/client.go +++ b/internal/services/sentinel/client/client.go @@ -1,7 +1,7 @@ package client import ( - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/internal/common" ) diff --git a/internal/services/sentinel/sentinel.go b/internal/services/sentinel/sentinel.go deleted file mode 100644 index 944cb25dbecf..000000000000 --- a/internal/services/sentinel/sentinel.go +++ /dev/null @@ -1,3 +0,0 @@ -package sentinel - -const OperationalInsightsResourceProvider = "Microsoft.OperationalInsights" diff --git a/internal/services/sentinel/sentinel_alert_rule.go b/internal/services/sentinel/sentinel_alert_rule.go index 73c2477f45da..0a899c3b856a 100644 --- a/internal/services/sentinel/sentinel_alert_rule.go +++ b/internal/services/sentinel/sentinel_alert_rule.go @@ -4,7 +4,7 @@ import ( "context" "fmt" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" @@ -36,7 +36,7 @@ func importSentinelAlertRule(expectKind securityinsight.AlertRuleKind) pluginsdk } client := meta.(*clients.Client).Sentinel.AlertRulesClient - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { return nil, fmt.Errorf("retrieving Sentinel Alert Rule %q: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_alert_rule_data_source.go b/internal/services/sentinel/sentinel_alert_rule_data_source.go index e5bf58694dcb..f92067be7486 100644 --- a/internal/services/sentinel/sentinel_alert_rule_data_source.go +++ b/internal/services/sentinel/sentinel_alert_rule_data_source.go @@ -50,7 +50,7 @@ func dataSourceSentinelAlertRuleRead(d *pluginsdk.ResourceData, meta interface{} } id := parse.NewAlertRuleID(workspaceID.SubscriptionId, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) - resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("Sentinel Alert Rule %q was not found", id) diff --git a/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go b/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go index 3969bc14673d..1a7ed6aa18fd 100644 --- a/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go +++ b/internal/services/sentinel/sentinel_alert_rule_fusion_resource.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -81,7 +81,7 @@ func resourceSentinelAlertRuleFusionCreateUpdate(d *pluginsdk.ResourceData, meta id := parse.NewAlertRuleID(workspaceID.SubscriptionId, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing Sentinel Alert Rule Fusion %q: %+v", id, err) @@ -104,7 +104,7 @@ func resourceSentinelAlertRuleFusionCreateUpdate(d *pluginsdk.ResourceData, meta // Service avoid concurrent update of this resource via checking the "etag" to guarantee it is the same value as last Read. if !d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if err != nil { return fmt.Errorf("retrieving Sentinel Alert Rule Fusion %q: %+v", id, err) } @@ -115,7 +115,7 @@ func resourceSentinelAlertRuleFusionCreateUpdate(d *pluginsdk.ResourceData, meta params.Etag = resp.Value.(securityinsight.FusionAlertRule).Etag } - if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name, params); err != nil { + if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name, params); err != nil { return fmt.Errorf("creating Sentinel Alert Rule Fusion %q: %+v", id, err) } @@ -134,7 +134,7 @@ func resourceSentinelAlertRuleFusionRead(d *pluginsdk.ResourceData, meta interfa return err } - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] Sentinel Alert Rule Fusion %q was not found - removing from state!", id) @@ -173,7 +173,7 @@ func resourceSentinelAlertRuleFusionDelete(d *pluginsdk.ResourceData, meta inter return err } - if _, err := client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err := client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting Sentinel Alert Rule Fusion %q: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go b/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go index faed74c1950f..861d268820a0 100644 --- a/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go +++ b/internal/services/sentinel/sentinel_alert_rule_fusion_resource_test.go @@ -5,7 +5,7 @@ import ( "fmt" "testing" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -97,7 +97,7 @@ func (r SentinelAlertRuleFusionResource) Exists(ctx context.Context, client *cli return nil, err } - resp, err := alertRuleClient.Get(ctx, id.ResourceGroup, "Microsoft.OperationalInsights", id.WorkspaceName, id.Name) + resp, err := alertRuleClient.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil diff --git a/internal/services/sentinel/sentinel_alert_rule_machine_learning_behavior_analytics.go b/internal/services/sentinel/sentinel_alert_rule_machine_learning_behavior_analytics.go index 1084e9a8a235..423ad6fb752e 100644 --- a/internal/services/sentinel/sentinel_alert_rule_machine_learning_behavior_analytics.go +++ b/internal/services/sentinel/sentinel_alert_rule_machine_learning_behavior_analytics.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -81,7 +81,7 @@ func resourceSentinelAlertRuleMLBehaviorAnalyticsCreateUpdate(d *pluginsdk.Resou id := parse.NewAlertRuleID(workspaceID.SubscriptionId, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing Sentinel Alert Rule MLBehaviorAnalytics %q: %+v", id, err) @@ -104,7 +104,7 @@ func resourceSentinelAlertRuleMLBehaviorAnalyticsCreateUpdate(d *pluginsdk.Resou // Service avoid concurrent update of this resource via checking the "etag" to guarantee it is the same value as last Read. if !d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if err != nil { return fmt.Errorf("retrieving Sentinel Alert Rule MLBehaviorAnalytics %q: %+v", id, err) } @@ -115,7 +115,7 @@ func resourceSentinelAlertRuleMLBehaviorAnalyticsCreateUpdate(d *pluginsdk.Resou params.Etag = resp.Value.(securityinsight.MLBehaviorAnalyticsAlertRule).Etag } - if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name, params); err != nil { + if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name, params); err != nil { return fmt.Errorf("creating Sentinel Alert Rule MLBehaviorAnalytics %q: %+v", id, err) } @@ -134,7 +134,7 @@ func resourceSentinelAlertRuleMLBehaviorAnalyticsRead(d *pluginsdk.ResourceData, return err } - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] Sentinel Alert Rule MLBehaviorAnalytics %q was not found - removing from state!", id) @@ -173,7 +173,7 @@ func resourceSentinelAlertRuleMLBehaviorAnalyticsDelete(d *pluginsdk.ResourceDat return err } - if _, err := client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err := client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting Sentinel Alert Rule MLBehaviorAnalytics %q: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_alert_rule_machine_learning_behavior_analytics_test.go b/internal/services/sentinel/sentinel_alert_rule_machine_learning_behavior_analytics_test.go index 769b0cf1b295..8dfaa400531f 100644 --- a/internal/services/sentinel/sentinel_alert_rule_machine_learning_behavior_analytics_test.go +++ b/internal/services/sentinel/sentinel_alert_rule_machine_learning_behavior_analytics_test.go @@ -5,7 +5,7 @@ import ( "fmt" "testing" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -97,7 +97,7 @@ func (r SentinelAlertRuleMLBehaviorAnalyticsResource) Exists(ctx context.Context return nil, err } - resp, err := alertRuleClient.Get(ctx, id.ResourceGroup, "Microsoft.OperationalInsights", id.WorkspaceName, id.Name) + resp, err := alertRuleClient.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil diff --git a/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource.go b/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource.go index 25b2d92e3cd3..b6b3f0fe7781 100644 --- a/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource.go +++ b/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -156,7 +156,7 @@ func resourceSentinelAlertRuleMsSecurityIncidentCreateUpdate(d *pluginsdk.Resour id := parse.NewAlertRuleID(workspaceID.SubscriptionId, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing Sentinel Alert Rule Ms Security Incident %q: %+v", id, err) @@ -196,7 +196,7 @@ func resourceSentinelAlertRuleMsSecurityIncidentCreateUpdate(d *pluginsdk.Resour // Service avoid concurrent update of this resource via checking the "etag" to guarantee it is the same value as last Read. if !d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if err != nil { return fmt.Errorf("retrieving Sentinel Alert Rule Ms Security Incident %q: %+v", id, err) } @@ -207,7 +207,7 @@ func resourceSentinelAlertRuleMsSecurityIncidentCreateUpdate(d *pluginsdk.Resour param.Etag = resp.Value.(securityinsight.MicrosoftSecurityIncidentCreationAlertRule).Etag } - if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name, param); err != nil { + if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name, param); err != nil { return fmt.Errorf("creating Sentinel Alert Rule Ms Security Incident %q: %+v", id, err) } @@ -226,7 +226,7 @@ func resourceSentinelAlertRuleMsSecurityIncidentRead(d *pluginsdk.ResourceData, return err } - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] Sentinel Alert Rule Ms Security Incident %q was not found - removing from state!", id) @@ -280,7 +280,7 @@ func resourceSentinelAlertRuleMsSecurityIncidentDelete(d *pluginsdk.ResourceData return err } - if _, err := client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err := client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting Sentinel Alert Rule Ms Security Incident %q: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource_test.go b/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource_test.go index c5c58a47cf05..eb20b3ba4093 100644 --- a/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource_test.go +++ b/internal/services/sentinel/sentinel_alert_rule_ms_security_incident_resource_test.go @@ -5,7 +5,7 @@ import ( "fmt" "testing" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -140,7 +140,7 @@ func (t SentinelAlertRuleMsSecurityIncidentResource) Exists(ctx context.Context, return nil, err } - resp, err := clients.Sentinel.AlertRulesClient.Get(ctx, id.ResourceGroup, "Microsoft.OperationalInsights", id.WorkspaceName, id.Name) + resp, err := clients.Sentinel.AlertRulesClient.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { return nil, fmt.Errorf("reading Sentinel Alert Rule Ms Security Incident %q: %v", id, err) } diff --git a/internal/services/sentinel/sentinel_alert_rule_scheduled_resource.go b/internal/services/sentinel/sentinel_alert_rule_scheduled_resource.go index b9d64fedd633..36d107cb8f91 100644 --- a/internal/services/sentinel/sentinel_alert_rule_scheduled_resource.go +++ b/internal/services/sentinel/sentinel_alert_rule_scheduled_resource.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/helpers/validate" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -19,6 +19,14 @@ import ( "github.com/rickb777/date/period" ) +// entityMatchingMethodMap maps the entity matching method used in old API version (prior to 2021-09-01-preview) to the new ones. +// TODO 3.0 - Remove this mapping +var entityMatchingMethodMap = map[string]string{ + "All": string(securityinsight.MatchingMethodAnyAlert), + "Custom": string(securityinsight.MatchingMethodSelected), + "None": string(securityinsight.MatchingMethodAllEntities), +} + func resourceSentinelAlertRuleScheduled() *pluginsdk.Resource { return &pluginsdk.Resource{ Create: resourceSentinelAlertRuleScheduledCreateUpdate, @@ -151,12 +159,29 @@ func resourceSentinelAlertRuleScheduled() *pluginsdk.Resource { "entity_matching_method": { Type: pluginsdk.TypeString, Optional: true, - Default: securityinsight.EntitiesMatchingMethodNone, - ValidateFunc: validation.StringInSlice([]string{ - string(securityinsight.EntitiesMatchingMethodAll), - string(securityinsight.EntitiesMatchingMethodCustom), - string(securityinsight.EntitiesMatchingMethodNone), - }, false), + Default: securityinsight.MatchingMethodAnyAlert, + // TODO 3.0 - remove the hardcoded string literals + ValidateFunc: func(i interface{}, k string) (warnings []string, errors []error) { + v, ok := i.(string) + if !ok { + return nil, []error{fmt.Errorf("expected type of %s to be string", k)} + } + valid := []string{ + string(securityinsight.MatchingMethodAnyAlert), + string(securityinsight.MatchingMethodSelected), + string(securityinsight.MatchingMethodAllEntities), + } + for _, str := range valid { + if str == v { + return nil, nil + } + } + if mm, ok := entityMatchingMethodMap[v]; ok { + return []string{fmt.Sprintf("%q is deprecated in favor of %q", v, mm)}, nil + } + + return nil, []error{fmt.Errorf("expected %s to be one of %v, got %s", k, valid, v)} + }, }, "group_by": { Type: pluginsdk.TypeSet, @@ -164,10 +189,24 @@ func resourceSentinelAlertRuleScheduled() *pluginsdk.Resource { Elem: &pluginsdk.Schema{ Type: pluginsdk.TypeString, ValidateFunc: validation.StringInSlice([]string{ - string(securityinsight.GroupingEntityTypeAccount), - string(securityinsight.GroupingEntityTypeHost), - string(securityinsight.GroupingEntityTypeIP), - string(securityinsight.GroupingEntityTypeURL), + string(securityinsight.EntityMappingTypeAccount), + string(securityinsight.EntityMappingTypeAzureResource), + string(securityinsight.EntityMappingTypeCloudApplication), + string(securityinsight.EntityMappingTypeDNS), + string(securityinsight.EntityMappingTypeFile), + string(securityinsight.EntityMappingTypeFileHash), + string(securityinsight.EntityMappingTypeHost), + string(securityinsight.EntityMappingTypeIP), + string(securityinsight.EntityMappingTypeMailbox), + string(securityinsight.EntityMappingTypeMailCluster), + string(securityinsight.EntityMappingTypeMailMessage), + string(securityinsight.EntityMappingTypeMalware), + string(securityinsight.EntityMappingTypeProcess), + string(securityinsight.EntityMappingTypeRegistryKey), + string(securityinsight.EntityMappingTypeRegistryValue), + string(securityinsight.EntityMappingTypeSecurityGroup), + string(securityinsight.EntityMappingTypeSubmissionMail), + string(securityinsight.EntityMappingTypeURL), }, false), }, }, @@ -262,7 +301,7 @@ func resourceSentinelAlertRuleScheduledCreateUpdate(d *pluginsdk.ResourceData, m id := parse.NewAlertRuleID(workspaceID.SubscriptionId, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing Sentinel Alert Rule Scheduled %q: %+v", id, err) @@ -326,7 +365,7 @@ func resourceSentinelAlertRuleScheduledCreateUpdate(d *pluginsdk.ResourceData, m // Service avoid concurrent update of this resource via checking the "etag" to guarantee it is the same value as last Read. if !d.IsNewResource() { - resp, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + resp, err := client.Get(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if err != nil { return fmt.Errorf("retrieving Sentinel Alert Rule Scheduled %q: %+v", id, err) } @@ -337,7 +376,7 @@ func resourceSentinelAlertRuleScheduledCreateUpdate(d *pluginsdk.ResourceData, m param.Etag = resp.Value.(securityinsight.ScheduledAlertRule).Etag } - if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name, param); err != nil { + if _, err := client.CreateOrUpdate(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name, param); err != nil { return fmt.Errorf("creating Sentinel Alert Rule Scheduled %q: %+v", id, err) } @@ -356,7 +395,7 @@ func resourceSentinelAlertRuleScheduledRead(d *pluginsdk.ResourceData, meta inte return err } - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] Sentinel Alert Rule Scheduled %q was not found - removing from state!", id) @@ -421,7 +460,7 @@ func resourceSentinelAlertRuleScheduledDelete(d *pluginsdk.ResourceData, meta in return err } - if _, err := client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err := client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting Sentinel Alert Rule Scheduled %q: %+v", id, err) } @@ -492,17 +531,21 @@ func expandAlertRuleScheduledGrouping(input []interface{}) *securityinsight.Grou raw := input[0].(map[string]interface{}) + mm := raw["entity_matching_method"].(string) + if nmm, ok := entityMatchingMethodMap[mm]; ok { + mm = nmm + } output := &securityinsight.GroupingConfiguration{ - Enabled: utils.Bool(raw["enabled"].(bool)), - ReopenClosedIncident: utils.Bool(raw["reopen_closed_incidents"].(bool)), - LookbackDuration: utils.String(raw["lookback_duration"].(string)), - EntitiesMatchingMethod: securityinsight.EntitiesMatchingMethod(raw["entity_matching_method"].(string)), + Enabled: utils.Bool(raw["enabled"].(bool)), + ReopenClosedIncident: utils.Bool(raw["reopen_closed_incidents"].(bool)), + LookbackDuration: utils.String(raw["lookback_duration"].(string)), + MatchingMethod: securityinsight.MatchingMethod(mm), } groupByEntitiesSet := raw["group_by"].(*pluginsdk.Set).List() - groupByEntities := make([]securityinsight.GroupingEntityType, len(groupByEntitiesSet)) + groupByEntities := make([]securityinsight.EntityMappingType, len(groupByEntitiesSet)) for idx, t := range groupByEntitiesSet { - groupByEntities[idx] = securityinsight.GroupingEntityType(t.(string)) + groupByEntities[idx] = securityinsight.EntityMappingType(t.(string)) } output.GroupByEntities = &groupByEntities @@ -556,7 +599,7 @@ func flattenAlertRuleScheduledGrouping(input *securityinsight.GroupingConfigurat "enabled": enabled, "lookback_duration": lookbackDuration, "reopen_closed_incidents": reopenClosedIncidents, - "entity_matching_method": string(input.EntitiesMatchingMethod), + "entity_matching_method": string(input.MatchingMethod), "group_by": groupByEntities, }, } diff --git a/internal/services/sentinel/sentinel_alert_rule_scheduled_resource_test.go b/internal/services/sentinel/sentinel_alert_rule_scheduled_resource_test.go index 57be45432771..fbeb073b81c2 100644 --- a/internal/services/sentinel/sentinel_alert_rule_scheduled_resource_test.go +++ b/internal/services/sentinel/sentinel_alert_rule_scheduled_resource_test.go @@ -5,7 +5,7 @@ import ( "fmt" "testing" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" @@ -133,7 +133,7 @@ func (t SentinelAlertRuleScheduledResource) Exists(ctx context.Context, clients return nil, err } - resp, err := clients.Sentinel.AlertRulesClient.Get(ctx, id.ResourceGroup, "Microsoft.OperationalInsights", id.WorkspaceName, id.Name) + resp, err := clients.Sentinel.AlertRulesClient.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { return nil, fmt.Errorf("reading Sentinel Alert Rule Scheduled %q: %v", id, err) } @@ -183,7 +183,7 @@ resource "azurerm_sentinel_alert_rule_scheduled" "test" { enabled = true lookback_duration = "P7D" reopen_closed_incidents = true - entity_matching_method = "Custom" + entity_matching_method = "Selected" group_by = ["Account", "Host"] } } diff --git a/internal/services/sentinel/sentinel_alert_rule_template_data_source.go b/internal/services/sentinel/sentinel_alert_rule_template_data_source.go index fa1828c40a5d..36241f639a08 100644 --- a/internal/services/sentinel/sentinel_alert_rule_template_data_source.go +++ b/internal/services/sentinel/sentinel_alert_rule_template_data_source.go @@ -6,7 +6,7 @@ import ( "fmt" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" loganalyticsValidate "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/validate" @@ -158,7 +158,7 @@ func dataSourceSentinelAlertRuleTemplateRead(d *pluginsdk.ResourceData, meta int } func getAlertRuleTemplateByName(ctx context.Context, client *securityinsight.AlertRuleTemplatesClient, workspaceID *loganalyticsParse.LogAnalyticsWorkspaceId, name string) (res securityinsight.BasicAlertRuleTemplate, err error) { - template, err := client.Get(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName, name) + template, err := client.Get(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName, name) if err != nil { return nil, err } @@ -166,7 +166,7 @@ func getAlertRuleTemplateByName(ctx context.Context, client *securityinsight.Ale } func getAlertRuleTemplateByDisplayName(ctx context.Context, client *securityinsight.AlertRuleTemplatesClient, workspaceID *loganalyticsParse.LogAnalyticsWorkspaceId, name string) (res securityinsight.BasicAlertRuleTemplate, err error) { - templates, err := client.ListComplete(ctx, workspaceID.ResourceGroup, OperationalInsightsResourceProvider, workspaceID.WorkspaceName) + templates, err := client.ListComplete(ctx, workspaceID.ResourceGroup, workspaceID.WorkspaceName) if err != nil { return nil, err } diff --git a/internal/services/sentinel/sentinel_automation_rule_resource.go b/internal/services/sentinel/sentinel_automation_rule_resource.go index 6be2bf859d71..d989cc972586 100644 --- a/internal/services/sentinel/sentinel_automation_rule_resource.go +++ b/internal/services/sentinel/sentinel_automation_rule_resource.go @@ -6,7 +6,7 @@ import ( "strings" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/Azure/go-autorest/autorest/date" "github.com/gofrs/uuid" "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" @@ -285,7 +285,7 @@ func resourceSentinelAutomationRuleCreateUpdate(d *pluginsdk.ResourceData, meta id := parse.NewAutomationRuleID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing %s: %+v", id, err) @@ -320,7 +320,7 @@ func resourceSentinelAutomationRuleCreateUpdate(d *pluginsdk.ResourceData, meta params.AutomationRuleProperties.TriggeringLogic.ExpirationTimeUtc = &date.Time{Time: t} } - _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, params) + _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, params) if err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -340,7 +340,7 @@ func resourceSentinelAutomationRuleRead(d *pluginsdk.ResourceData, meta interfac return err } - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] %s was not found - removing from state!", id) @@ -403,7 +403,7 @@ func resourceSentinelAutomationRuleDelete(d *pluginsdk.ResourceData, meta interf return err } - _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + _, err = client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_automation_rule_resource_test.go b/internal/services/sentinel/sentinel_automation_rule_resource_test.go index a65154013a3a..b067c6f0f0d9 100644 --- a/internal/services/sentinel/sentinel_automation_rule_resource_test.go +++ b/internal/services/sentinel/sentinel_automation_rule_resource_test.go @@ -9,7 +9,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" "github.com/hashicorp/terraform-provider-azurerm/utils" @@ -99,7 +98,7 @@ func (r SentinelAutomationRuleResource) Exists(ctx context.Context, clients *cli return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } diff --git a/internal/services/sentinel/sentinel_data_connector.go b/internal/services/sentinel/sentinel_data_connector.go index 2ad849ef291b..bd21f48df6a3 100644 --- a/internal/services/sentinel/sentinel_data_connector.go +++ b/internal/services/sentinel/sentinel_data_connector.go @@ -4,7 +4,7 @@ import ( "context" "fmt" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" @@ -18,7 +18,7 @@ func importSentinelDataConnector(expectKind securityinsight.DataConnectorKind) p } client := meta.(*clients.Client).Sentinel.DataConnectorsClient - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { return nil, fmt.Errorf("retrieving Sentinel Alert Rule %q: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go b/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go index 8a561c4da922..7de5afe5e370 100644 --- a/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go +++ b/internal/services/sentinel/sentinel_data_connector_aws_cloud_trail.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -73,7 +73,7 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *pluginsdk.Resourc id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing %s: %+v", id, err) @@ -102,7 +102,7 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *pluginsdk.Resourc // TODO: following code can be removed once the issue below is fixed: // https://github.com/Azure/azure-rest-api-specs/issues/13203 if !d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { return fmt.Errorf("retrieving %s: %+v", id, err) } @@ -114,7 +114,7 @@ func resourceSentinelDataConnectorAwsCloudTrailCreateUpdate(d *pluginsdk.Resourc param.Etag = dc.Etag } - if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, param); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -134,7 +134,7 @@ func resourceSentinelDataConnectorAwsCloudTrailRead(d *pluginsdk.ResourceData, m } workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] %s was not found - removing from state!", id) @@ -169,7 +169,7 @@ func resourceSentinelDataConnectorAwsCloudTrailDelete(d *pluginsdk.ResourceData, return err } - if _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err = client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go b/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go index d8c8d6abd6e5..4ed25df65bda 100644 --- a/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go +++ b/internal/services/sentinel/sentinel_data_connector_azure_active_directory.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -73,7 +73,7 @@ func resourceSentinelDataConnectorAzureActiveDirectoryCreate(d *pluginsdk.Resour id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing %s: %+v", id, err) @@ -95,7 +95,7 @@ func resourceSentinelDataConnectorAzureActiveDirectoryCreate(d *pluginsdk.Resour AADDataConnectorProperties: &securityinsight.AADDataConnectorProperties{ TenantID: &tenantId, DataTypes: &securityinsight.AlertsDataTypeOfDataConnector{ - Alerts: &securityinsight.AlertsDataTypeOfDataConnectorAlerts{ + Alerts: &securityinsight.DataConnectorDataTypeCommon{ State: securityinsight.DataTypeStateEnabled, }, }, @@ -103,7 +103,7 @@ func resourceSentinelDataConnectorAzureActiveDirectoryCreate(d *pluginsdk.Resour Kind: securityinsight.KindBasicDataConnectorKindAzureActiveDirectory, } - if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, param); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -123,7 +123,7 @@ func resourceSentinelDataConnectorAzureActiveDirectoryRead(d *pluginsdk.Resource } workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] %s was not found - removing from state!", id) @@ -156,7 +156,7 @@ func resourceSentinelDataConnectorAzureActiveDirectoryDelete(d *pluginsdk.Resour return err } - if _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err = client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go b/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go index 130910bc3465..477d833957e2 100644 --- a/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go +++ b/internal/services/sentinel/sentinel_data_connector_azure_active_directory_test.go @@ -8,7 +8,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" "github.com/hashicorp/terraform-provider-azurerm/utils" @@ -69,7 +68,7 @@ func (r SentinelDataConnectorAzureActiveDirectoryResource) Exists(ctx context.Co return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } diff --git a/internal/services/sentinel/sentinel_data_connector_azure_advanced_threat_protection.go b/internal/services/sentinel/sentinel_data_connector_azure_advanced_threat_protection.go index 548c204529b0..072d652c46d2 100644 --- a/internal/services/sentinel/sentinel_data_connector_azure_advanced_threat_protection.go +++ b/internal/services/sentinel/sentinel_data_connector_azure_advanced_threat_protection.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -73,7 +73,7 @@ func resourceSentinelDataConnectorAzureAdvancedThreatProtectionCreate(d *plugins id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing %s: %+v", id, err) @@ -95,7 +95,7 @@ func resourceSentinelDataConnectorAzureAdvancedThreatProtectionCreate(d *plugins AATPDataConnectorProperties: &securityinsight.AATPDataConnectorProperties{ TenantID: &tenantId, DataTypes: &securityinsight.AlertsDataTypeOfDataConnector{ - Alerts: &securityinsight.AlertsDataTypeOfDataConnectorAlerts{ + Alerts: &securityinsight.DataConnectorDataTypeCommon{ State: securityinsight.DataTypeStateEnabled, }, }, @@ -103,7 +103,7 @@ func resourceSentinelDataConnectorAzureAdvancedThreatProtectionCreate(d *plugins Kind: securityinsight.KindBasicDataConnectorKindAzureAdvancedThreatProtection, } - if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, param); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -123,7 +123,7 @@ func resourceSentinelDataConnectorAzureAdvancedThreatProtectionRead(d *pluginsdk } workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] %s was not found - removing from state!", id) @@ -156,7 +156,7 @@ func resourceSentinelDataConnectorAzureAdvancedThreatProtectionDelete(d *plugins return err } - if _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err = client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_data_connector_azure_advanced_threat_protection_test.go b/internal/services/sentinel/sentinel_data_connector_azure_advanced_threat_protection_test.go index 4bf8ab9bf76c..1d26341f690f 100644 --- a/internal/services/sentinel/sentinel_data_connector_azure_advanced_threat_protection_test.go +++ b/internal/services/sentinel/sentinel_data_connector_azure_advanced_threat_protection_test.go @@ -8,7 +8,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" "github.com/hashicorp/terraform-provider-azurerm/utils" @@ -69,7 +68,7 @@ func (r SentinelDataConnectorAzureAdvancedThreatProtectionResource) Exists(ctx c return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } diff --git a/internal/services/sentinel/sentinel_data_connector_azure_security_center.go b/internal/services/sentinel/sentinel_data_connector_azure_security_center.go index 243e17675ad2..75077dba321e 100644 --- a/internal/services/sentinel/sentinel_data_connector_azure_security_center.go +++ b/internal/services/sentinel/sentinel_data_connector_azure_security_center.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -73,7 +73,7 @@ func resourceSentinelDataConnectorAzureSecurityCenterCreate(d *pluginsdk.Resourc id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing %s: %+v", id, err) @@ -95,7 +95,7 @@ func resourceSentinelDataConnectorAzureSecurityCenterCreate(d *pluginsdk.Resourc ASCDataConnectorProperties: &securityinsight.ASCDataConnectorProperties{ SubscriptionID: &subscriptionId, DataTypes: &securityinsight.AlertsDataTypeOfDataConnector{ - Alerts: &securityinsight.AlertsDataTypeOfDataConnectorAlerts{ + Alerts: &securityinsight.DataConnectorDataTypeCommon{ State: securityinsight.DataTypeStateEnabled, }, }, @@ -103,7 +103,7 @@ func resourceSentinelDataConnectorAzureSecurityCenterCreate(d *pluginsdk.Resourc Kind: securityinsight.KindBasicDataConnectorKindAzureSecurityCenter, } - if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, param); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -123,7 +123,7 @@ func resourceSentinelDataConnectorAzureSecurityCenterRead(d *pluginsdk.ResourceD } workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] %s was not found - removing from state!", id) @@ -156,7 +156,7 @@ func resourceSentinelDataConnectorAzureSecurityCenterDelete(d *pluginsdk.Resourc return err } - if _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err = client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_data_connector_azure_security_center_test.go b/internal/services/sentinel/sentinel_data_connector_azure_security_center_test.go index 9a870c99fa66..7f54f7d0e27f 100644 --- a/internal/services/sentinel/sentinel_data_connector_azure_security_center_test.go +++ b/internal/services/sentinel/sentinel_data_connector_azure_security_center_test.go @@ -8,7 +8,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" "github.com/hashicorp/terraform-provider-azurerm/utils" @@ -69,7 +68,7 @@ func (r SentinelDataConnectorAzureSecurityCenterResource) Exists(ctx context.Con return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } diff --git a/internal/services/sentinel/sentinel_data_connector_microsoft_cloud_app_security.go b/internal/services/sentinel/sentinel_data_connector_microsoft_cloud_app_security.go index daf76a8d9364..4760e73898dc 100644 --- a/internal/services/sentinel/sentinel_data_connector_microsoft_cloud_app_security.go +++ b/internal/services/sentinel/sentinel_data_connector_microsoft_cloud_app_security.go @@ -6,7 +6,7 @@ import ( "strings" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -87,7 +87,7 @@ func resourceSentinelDataConnectorMicrosoftCloudAppSecurityCreateUpdate(d *plugi id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing %s: %+v", id, err) @@ -127,10 +127,10 @@ func resourceSentinelDataConnectorMicrosoftCloudAppSecurityCreateUpdate(d *plugi MCASDataConnectorProperties: &securityinsight.MCASDataConnectorProperties{ TenantID: &tenantId, DataTypes: &securityinsight.MCASDataConnectorDataTypes{ - Alerts: &securityinsight.AlertsDataTypeOfDataConnectorAlerts{ + Alerts: &securityinsight.DataConnectorDataTypeCommon{ State: alertState, }, - DiscoveryLogs: &securityinsight.MCASDataConnectorDataTypesDiscoveryLogs{ + DiscoveryLogs: &securityinsight.DataConnectorDataTypeCommon{ State: discoveryLogsState, }, }, @@ -142,7 +142,7 @@ func resourceSentinelDataConnectorMicrosoftCloudAppSecurityCreateUpdate(d *plugi // TODO: following code can be removed once the issue below is fixed: // https://github.com/Azure/azure-rest-api-specs/issues/13203 if !d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { return fmt.Errorf("retrieving %s: %+v", id, err) } @@ -154,7 +154,7 @@ func resourceSentinelDataConnectorMicrosoftCloudAppSecurityCreateUpdate(d *plugi param.Etag = dc.Etag } - if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, param); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -174,7 +174,7 @@ func resourceSentinelDataConnectorMicrosoftCloudAppSecurityRead(d *pluginsdk.Res } workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] %s was not found - removing from state!", id) @@ -223,7 +223,7 @@ func resourceSentinelDataConnectorMicrosoftCloudAppSecurityDelete(d *pluginsdk.R return err } - if _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err = client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_data_connector_microsoft_cloud_app_security_test.go b/internal/services/sentinel/sentinel_data_connector_microsoft_cloud_app_security_test.go index 41223c04e035..ca6ad6ff9ec2 100644 --- a/internal/services/sentinel/sentinel_data_connector_microsoft_cloud_app_security_test.go +++ b/internal/services/sentinel/sentinel_data_connector_microsoft_cloud_app_security_test.go @@ -8,7 +8,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" "github.com/hashicorp/terraform-provider-azurerm/utils" @@ -112,7 +111,7 @@ func (r SentinelDataConnectorMicrosoftCloudAppSecurityResource) Exists(ctx conte return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } diff --git a/internal/services/sentinel/sentinel_data_connector_microsoft_defender_advanced_threat_protection.go b/internal/services/sentinel/sentinel_data_connector_microsoft_defender_advanced_threat_protection.go index 7eca832a49f8..1094bbe29b0a 100644 --- a/internal/services/sentinel/sentinel_data_connector_microsoft_defender_advanced_threat_protection.go +++ b/internal/services/sentinel/sentinel_data_connector_microsoft_defender_advanced_threat_protection.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -73,7 +73,7 @@ func resourceSentinelDataConnectorMicrosoftDefenderAdvancedThreatProtectionCreat id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing %s: %+v", id, err) @@ -95,7 +95,7 @@ func resourceSentinelDataConnectorMicrosoftDefenderAdvancedThreatProtectionCreat MDATPDataConnectorProperties: &securityinsight.MDATPDataConnectorProperties{ TenantID: &tenantId, DataTypes: &securityinsight.AlertsDataTypeOfDataConnector{ - Alerts: &securityinsight.AlertsDataTypeOfDataConnectorAlerts{ + Alerts: &securityinsight.DataConnectorDataTypeCommon{ State: securityinsight.DataTypeStateEnabled, }, }, @@ -103,7 +103,7 @@ func resourceSentinelDataConnectorMicrosoftDefenderAdvancedThreatProtectionCreat Kind: securityinsight.KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection, } - if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, param); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -123,7 +123,7 @@ func resourceSentinelDataConnectorMicrosoftDefenderAdvancedThreatProtectionRead( } workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] %s was not found - removing from state!", id) @@ -156,7 +156,7 @@ func resourceSentinelDataConnectorMicrosoftDefenderAdvancedThreatProtectionDelet return err } - if _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err = client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_data_connector_microsoft_defender_advanced_threat_protection_test.go b/internal/services/sentinel/sentinel_data_connector_microsoft_defender_advanced_threat_protection_test.go index c93fa829a54f..de1208ce304d 100644 --- a/internal/services/sentinel/sentinel_data_connector_microsoft_defender_advanced_threat_protection_test.go +++ b/internal/services/sentinel/sentinel_data_connector_microsoft_defender_advanced_threat_protection_test.go @@ -8,7 +8,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" "github.com/hashicorp/terraform-provider-azurerm/utils" @@ -69,7 +68,7 @@ func (r SentinelDataConnectorMicrosoftDefenderAdvancedThreatProtectionResource) return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } diff --git a/internal/services/sentinel/sentinel_data_connector_office_365.go b/internal/services/sentinel/sentinel_data_connector_office_365.go index c7f64fcd0674..8e11334646e4 100644 --- a/internal/services/sentinel/sentinel_data_connector_office_365.go +++ b/internal/services/sentinel/sentinel_data_connector_office_365.go @@ -6,7 +6,7 @@ import ( "strings" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -94,7 +94,7 @@ func resourceSentinelDataConnectorOffice365CreateUpdate(d *pluginsdk.ResourceDat id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing %s: %+v", id, err) @@ -158,7 +158,7 @@ func resourceSentinelDataConnectorOffice365CreateUpdate(d *pluginsdk.ResourceDat // TODO: following code can be removed once the issue below is fixed: // https://github.com/Azure/azure-rest-api-specs/issues/13203 if !d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { return fmt.Errorf("retrieving Sentinel Data Connector Office 365 %q: %+v", id, err) } @@ -171,7 +171,7 @@ func resourceSentinelDataConnectorOffice365CreateUpdate(d *pluginsdk.ResourceDat param.Etag = dc.Etag } - if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, param); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -191,7 +191,7 @@ func resourceSentinelDataConnectorOffice365Read(d *pluginsdk.ResourceData, meta } workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] %s was not found - removing from state!", id) @@ -244,7 +244,7 @@ func resourceSentinelDataConnectorOffice365Delete(d *pluginsdk.ResourceData, met return err } - if _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err = client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_data_connector_office_365_test.go b/internal/services/sentinel/sentinel_data_connector_office_365_test.go index ba49778e9404..f04b0a6844e3 100644 --- a/internal/services/sentinel/sentinel_data_connector_office_365_test.go +++ b/internal/services/sentinel/sentinel_data_connector_office_365_test.go @@ -8,7 +8,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" "github.com/hashicorp/terraform-provider-azurerm/utils" @@ -119,7 +118,7 @@ func (r SentinelDataConnectorOffice365Resource) Exists(ctx context.Context, clie return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } diff --git a/internal/services/sentinel/sentinel_data_connector_threat_intelligence.go b/internal/services/sentinel/sentinel_data_connector_threat_intelligence.go index acf482e0916e..5c96c8556632 100644 --- a/internal/services/sentinel/sentinel_data_connector_threat_intelligence.go +++ b/internal/services/sentinel/sentinel_data_connector_threat_intelligence.go @@ -5,7 +5,7 @@ import ( "log" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/hashicorp/terraform-provider-azurerm/helpers/tf" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -73,7 +73,7 @@ func resourceSentinelDataConnectorThreatIntelligenceCreateUpdate(d *pluginsdk.Re id := parse.NewDataConnectorID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, name) if d.IsNewResource() { - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, name) if err != nil { if !utils.ResponseWasNotFound(resp.Response) { return fmt.Errorf("checking for existing %s: %+v", id, err) @@ -103,7 +103,7 @@ func resourceSentinelDataConnectorThreatIntelligenceCreateUpdate(d *pluginsdk.Re Kind: securityinsight.KindBasicDataConnectorKindThreatIntelligence, } - if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param); err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, param); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -123,7 +123,7 @@ func resourceSentinelDataConnectorThreatIntelligenceRead(d *pluginsdk.ResourceDa } workspaceId := loganalyticsParse.NewLogAnalyticsWorkspaceID(id.SubscriptionId, id.ResourceGroup, id.WorkspaceName) - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { log.Printf("[DEBUG] %s was not found - removing from state!", id) @@ -156,7 +156,7 @@ func resourceSentinelDataConnectorThreatIntelligenceDelete(d *pluginsdk.Resource return err } - if _, err = client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err = client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_data_connector_threat_intelligence_test.go b/internal/services/sentinel/sentinel_data_connector_threat_intelligence_test.go index 6b1941fffddc..bda269590594 100644 --- a/internal/services/sentinel/sentinel_data_connector_threat_intelligence_test.go +++ b/internal/services/sentinel/sentinel_data_connector_threat_intelligence_test.go @@ -8,7 +8,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" "github.com/hashicorp/terraform-provider-azurerm/utils" @@ -69,7 +68,7 @@ func (r SentinelDataConnectorThreatIntelligenceResource) Exists(ctx context.Cont return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } diff --git a/internal/services/sentinel/sentinel_watchlist_item_resource.go b/internal/services/sentinel/sentinel_watchlist_item_resource.go index 5918ec5fe6b0..083c1d062731 100644 --- a/internal/services/sentinel/sentinel_watchlist_item_resource.go +++ b/internal/services/sentinel/sentinel_watchlist_item_resource.go @@ -5,7 +5,7 @@ import ( "fmt" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" "github.com/google/uuid" "github.com/hashicorp/terraform-provider-azurerm/internal/sdk" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" @@ -89,7 +89,7 @@ func (r WatchlistItemResource) Create() sdk.ResourceFunc { id := parse.NewWatchlistItemID(watchlistId.SubscriptionId, watchlistId.ResourceGroup, watchlistId.WorkspaceName, watchlistId.Name, model.Name) - existing, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.WatchlistName, id.Name) + existing, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.WatchlistName, id.Name) if err != nil { if !utils.ResponseWasNotFound(existing.Response) { return fmt.Errorf("checking for presence of existing %s: %+v", id, err) @@ -105,7 +105,7 @@ func (r WatchlistItemResource) Create() sdk.ResourceFunc { }, } - if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.WatchlistName, id.Name, params); err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.WatchlistName, id.Name, params); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -126,7 +126,7 @@ func (r WatchlistItemResource) Read() sdk.ResourceFunc { return err } - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.WatchlistName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.WatchlistName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { return metadata.MarkAsGone(id) @@ -164,7 +164,7 @@ func (r WatchlistItemResource) Delete() sdk.ResourceFunc { return err } - if _, err := client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.WatchlistName, id.Name); err != nil { + if _, err := client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.WatchlistName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } @@ -190,7 +190,7 @@ func (r WatchlistItemResource) Update() sdk.ResourceFunc { } id := parse.NewWatchlistItemID(watchlistId.SubscriptionId, watchlistId.ResourceGroup, watchlistId.WorkspaceName, watchlistId.Name, model.Name) - existing, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.WatchlistName, id.Name) + existing, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.WatchlistName, id.Name) if err != nil { return fmt.Errorf("checking for presence of existing %s: %+v", id, err) } @@ -206,7 +206,7 @@ func (r WatchlistItemResource) Update() sdk.ResourceFunc { update.WatchlistItemProperties.ItemsKeyValue = model.Properties } - if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.WatchlistName, id.Name, update); err != nil { + if _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.WatchlistName, id.Name, update); err != nil { return fmt.Errorf("creating %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_watchlist_item_resource_test.go b/internal/services/sentinel/sentinel_watchlist_item_resource_test.go index d8af31272280..adacd5e364c9 100644 --- a/internal/services/sentinel/sentinel_watchlist_item_resource_test.go +++ b/internal/services/sentinel/sentinel_watchlist_item_resource_test.go @@ -10,7 +10,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/utils" ) @@ -84,7 +83,7 @@ func (r WatchlistItemResource) Exists(ctx context.Context, clients *clients.Clie return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.WatchlistName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.WatchlistName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } diff --git a/internal/services/sentinel/sentinel_watchlist_resource.go b/internal/services/sentinel/sentinel_watchlist_resource.go index ce940e312656..ea1c34b0496e 100644 --- a/internal/services/sentinel/sentinel_watchlist_resource.go +++ b/internal/services/sentinel/sentinel_watchlist_resource.go @@ -5,7 +5,7 @@ import ( "fmt" "time" - "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" + "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" commonValidate "github.com/hashicorp/terraform-provider-azurerm/helpers/validate" "github.com/hashicorp/terraform-provider-azurerm/internal/sdk" loganalyticsParse "github.com/hashicorp/terraform-provider-azurerm/internal/services/loganalytics/parse" @@ -108,7 +108,7 @@ func (r WatchlistResource) Create() sdk.ResourceFunc { id := parse.NewWatchlistID(workspaceId.SubscriptionId, workspaceId.ResourceGroup, workspaceId.WorkspaceName, model.Name) - existing, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + existing, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if !utils.ResponseWasNotFound(existing.Response) { return fmt.Errorf("checking for presence of existing %s: %+v", id, err) @@ -141,7 +141,7 @@ func (r WatchlistResource) Create() sdk.ResourceFunc { param.WatchlistProperties.DefaultDuration = &model.DefaultDuration } - _, err = client.Create(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name, param) + _, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.Name, param) if err != nil { return fmt.Errorf("creating %s: %+v", id, err) } @@ -163,7 +163,7 @@ func (r WatchlistResource) Read() sdk.ResourceFunc { return err } - resp, err := client.Get(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name) + resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { return metadata.MarkAsGone(id) @@ -207,7 +207,7 @@ func (r WatchlistResource) Delete() sdk.ResourceFunc { return err } - if _, err := client.Delete(ctx, id.ResourceGroup, OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if _, err := client.Delete(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { return fmt.Errorf("deleting %s: %+v", id, err) } diff --git a/internal/services/sentinel/sentinel_watchlist_resource_test.go b/internal/services/sentinel/sentinel_watchlist_resource_test.go index b177e33e3d41..eb465a0ebdde 100644 --- a/internal/services/sentinel/sentinel_watchlist_resource_test.go +++ b/internal/services/sentinel/sentinel_watchlist_resource_test.go @@ -10,7 +10,6 @@ import ( "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" "github.com/hashicorp/terraform-provider-azurerm/internal/clients" - "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel" "github.com/hashicorp/terraform-provider-azurerm/internal/services/sentinel/parse" "github.com/hashicorp/terraform-provider-azurerm/utils" ) @@ -70,7 +69,7 @@ func (r WatchlistResource) Exists(ctx context.Context, clients *clients.Client, return nil, err } - if resp, err := client.Get(ctx, id.ResourceGroup, sentinel.OperationalInsightsResourceProvider, id.WorkspaceName, id.Name); err != nil { + if resp, err := client.Get(ctx, id.ResourceGroup, id.WorkspaceName, id.Name); err != nil { if utils.ResponseWasNotFound(resp.Response) { return utils.Bool(false), nil } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/casecomments.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/casecomments.go deleted file mode 100644 index 219807d4d7c5..000000000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/casecomments.go +++ /dev/null @@ -1,135 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// CaseCommentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type CaseCommentsClient struct { - BaseClient -} - -// NewCaseCommentsClient creates an instance of the CaseCommentsClient client. -func NewCaseCommentsClient(subscriptionID string) CaseCommentsClient { - return NewCaseCommentsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewCaseCommentsClientWithBaseURI creates an instance of the CaseCommentsClient client using a custom endpoint. Use -// this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewCaseCommentsClientWithBaseURI(baseURI string, subscriptionID string) CaseCommentsClient { - return CaseCommentsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateComment creates the case comment. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// caseCommentID - case comment ID -// caseComment - the case comment -func (client CaseCommentsClient) CreateComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseCommentID string, caseComment CaseComment) (result CaseComment, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseCommentsClient.CreateComment") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, - {TargetValue: caseComment, - Constraints: []validation.Constraint{{Target: "caseComment.CaseCommentProperties", Name: validation.Null, Rule: false, - Chain: []validation.Constraint{{Target: "caseComment.CaseCommentProperties.Message", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { - return result, validation.NewError("securityinsight.CaseCommentsClient", "CreateComment", err.Error()) - } - - req, err := client.CreateCommentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, caseCommentID, caseComment) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseCommentsClient", "CreateComment", nil, "Failure preparing request") - return - } - - resp, err := client.CreateCommentSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CaseCommentsClient", "CreateComment", resp, "Failure sending request") - return - } - - result, err = client.CreateCommentResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseCommentsClient", "CreateComment", resp, "Failure responding to request") - return - } - - return -} - -// CreateCommentPreparer prepares the CreateComment request. -func (client CaseCommentsClient) CreateCommentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseCommentID string, caseComment CaseComment) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseCommentId": autorest.Encode("path", caseCommentID), - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/comments/{caseCommentId}", pathParameters), - autorest.WithJSON(caseComment), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateCommentSender sends the CreateComment request. The method will close the -// http.Response Body if it receives an error. -func (client CaseCommentsClient) CreateCommentSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// CreateCommentResponder handles the response to the CreateComment request. The method always -// closes the http.Response Body. -func (client CaseCommentsClient) CreateCommentResponder(resp *http.Response) (result CaseComment, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/caserelations.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/caserelations.go deleted file mode 100644 index 75acec527187..000000000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/caserelations.go +++ /dev/null @@ -1,480 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// CaseRelationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type CaseRelationsClient struct { - BaseClient -} - -// NewCaseRelationsClient creates an instance of the CaseRelationsClient client. -func NewCaseRelationsClient(subscriptionID string) CaseRelationsClient { - return NewCaseRelationsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewCaseRelationsClientWithBaseURI creates an instance of the CaseRelationsClient client using a custom endpoint. -// Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewCaseRelationsClientWithBaseURI(baseURI string, subscriptionID string) CaseRelationsClient { - return CaseRelationsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdateRelation creates or updates the case relation. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// relationName - relation Name -// relationInputModel - the relation input model -func (client CaseRelationsClient) CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string, relationInputModel RelationsModelInput) (result CaseRelation, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationsClient.CreateOrUpdateRelation") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CaseRelationsClient", "CreateOrUpdateRelation", err.Error()) - } - - req, err := client.CreateOrUpdateRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, relationName, relationInputModel) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "CreateOrUpdateRelation", nil, "Failure preparing request") - return - } - - resp, err := client.CreateOrUpdateRelationSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "CreateOrUpdateRelation", resp, "Failure sending request") - return - } - - result, err = client.CreateOrUpdateRelationResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "CreateOrUpdateRelation", resp, "Failure responding to request") - return - } - - return -} - -// CreateOrUpdateRelationPreparer prepares the CreateOrUpdateRelation request. -func (client CaseRelationsClient) CreateOrUpdateRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string, relationInputModel RelationsModelInput) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations/{relationName}", pathParameters), - autorest.WithJSON(relationInputModel), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateRelationSender sends the CreateOrUpdateRelation request. The method will close the -// http.Response Body if it receives an error. -func (client CaseRelationsClient) CreateOrUpdateRelationSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// CreateOrUpdateRelationResponder handles the response to the CreateOrUpdateRelation request. The method always -// closes the http.Response Body. -func (client CaseRelationsClient) CreateOrUpdateRelationResponder(resp *http.Response) (result CaseRelation, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// DeleteRelation delete the case relation. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// relationName - relation Name -func (client CaseRelationsClient) DeleteRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string) (result autorest.Response, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationsClient.DeleteRelation") - defer func() { - sc := -1 - if result.Response != nil { - sc = result.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CaseRelationsClient", "DeleteRelation", err.Error()) - } - - req, err := client.DeleteRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, relationName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "DeleteRelation", nil, "Failure preparing request") - return - } - - resp, err := client.DeleteRelationSender(req) - if err != nil { - result.Response = resp - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "DeleteRelation", resp, "Failure sending request") - return - } - - result, err = client.DeleteRelationResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "DeleteRelation", resp, "Failure responding to request") - return - } - - return -} - -// DeleteRelationPreparer prepares the DeleteRelation request. -func (client CaseRelationsClient) DeleteRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations/{relationName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteRelationSender sends the DeleteRelation request. The method will close the -// http.Response Body if it receives an error. -func (client CaseRelationsClient) DeleteRelationSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// DeleteRelationResponder handles the response to the DeleteRelation request. The method always -// closes the http.Response Body. -func (client CaseRelationsClient) DeleteRelationResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// GetRelation gets a case relation. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// relationName - relation Name -func (client CaseRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string) (result CaseRelation, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationsClient.GetRelation") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CaseRelationsClient", "GetRelation", err.Error()) - } - - req, err := client.GetRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, relationName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "GetRelation", nil, "Failure preparing request") - return - } - - resp, err := client.GetRelationSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "GetRelation", resp, "Failure sending request") - return - } - - result, err = client.GetRelationResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "GetRelation", resp, "Failure responding to request") - return - } - - return -} - -// GetRelationPreparer prepares the GetRelation request. -func (client CaseRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations/{relationName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetRelationSender sends the GetRelation request. The method will close the -// http.Response Body if it receives an error. -func (client CaseRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetRelationResponder handles the response to the GetRelation request. The method always -// closes the http.Response Body. -func (client CaseRelationsClient) GetRelationResponder(resp *http.Response) (result CaseRelation, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all case relations. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// filter - filters the results, based on a Boolean condition. Optional. -// orderby - sorts the results. Optional. -// top - returns only the first n results. Optional. -// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response -// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that -// specifies a starting point to use for subsequent calls. Optional. -func (client CaseRelationsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result CaseRelationListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationsClient.List") - defer func() { - sc := -1 - if result.crl.Response.Response != nil { - sc = result.crl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CaseRelationsClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, filter, orderby, top, skipToken) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.crl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "List", resp, "Failure sending request") - return - } - - result.crl, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "List", resp, "Failure responding to request") - return - } - if result.crl.hasNextLink() && result.crl.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListPreparer prepares the List request. -func (client CaseRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if len(filter) > 0 { - queryParameters["$filter"] = autorest.Encode("query", filter) - } - if len(orderby) > 0 { - queryParameters["$orderby"] = autorest.Encode("query", orderby) - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(skipToken) > 0 { - queryParameters["$skipToken"] = autorest.Encode("query", skipToken) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client CaseRelationsClient) ListSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client CaseRelationsClient) ListResponder(resp *http.Response) (result CaseRelationList, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client CaseRelationsClient) listNextResults(ctx context.Context, lastResults CaseRelationList) (result CaseRelationList, err error) { - req, err := lastResults.caseRelationListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client CaseRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result CaseRelationListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationsClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, filter, orderby, top, skipToken) - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/cases.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/cases.go deleted file mode 100644 index c2781010ad07..000000000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/cases.go +++ /dev/null @@ -1,572 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// CasesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type CasesClient struct { - BaseClient -} - -// NewCasesClient creates an instance of the CasesClient client. -func NewCasesClient(subscriptionID string) CasesClient { - return NewCasesClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewCasesClientWithBaseURI creates an instance of the CasesClient client using a custom endpoint. Use this when -// interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewCasesClientWithBaseURI(baseURI string, subscriptionID string) CasesClient { - return CasesClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdate creates or updates the case. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// caseParameter - the case -func (client CasesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseParameter Case) (result Case, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.CreateOrUpdate") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, - {TargetValue: caseParameter, - Constraints: []validation.Constraint{{Target: "caseParameter.CaseProperties", Name: validation.Null, Rule: false, - Chain: []validation.Constraint{{Target: "caseParameter.CaseProperties.Title", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesClient", "CreateOrUpdate", err.Error()) - } - - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, caseParameter) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "CreateOrUpdate", nil, "Failure preparing request") - return - } - - resp, err := client.CreateOrUpdateSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "CreateOrUpdate", resp, "Failure sending request") - return - } - - result, err = client.CreateOrUpdateResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "CreateOrUpdate", resp, "Failure responding to request") - return - } - - return -} - -// CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client CasesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseParameter Case) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}", pathParameters), - autorest.WithJSON(caseParameter), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the -// http.Response Body if it receives an error. -func (client CasesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always -// closes the http.Response Body. -func (client CasesClient) CreateOrUpdateResponder(resp *http.Response) (result Case, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Delete delete the case. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -func (client CasesClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (result autorest.Response, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.Delete") - defer func() { - sc := -1 - if result.Response != nil { - sc = result.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesClient", "Delete", err.Error()) - } - - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Delete", nil, "Failure preparing request") - return - } - - resp, err := client.DeleteSender(req) - if err != nil { - result.Response = resp - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Delete", resp, "Failure sending request") - return - } - - result, err = client.DeleteResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Delete", resp, "Failure responding to request") - return - } - - return -} - -// DeletePreparer prepares the Delete request. -func (client CasesClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteSender sends the Delete request. The method will close the -// http.Response Body if it receives an error. -func (client CasesClient) DeleteSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// DeleteResponder handles the response to the Delete request. The method always -// closes the http.Response Body. -func (client CasesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// Get gets a case. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -func (client CasesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (result Case, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Get", resp, "Failure responding to request") - return - } - - return -} - -// GetPreparer prepares the Get request. -func (client CasesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client CasesClient) GetSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client CasesClient) GetResponder(resp *http.Response) (result Case, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// GetComment gets a case comment. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// caseCommentID - case comment ID -func (client CasesClient) GetComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseCommentID string) (result CaseComment, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.GetComment") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesClient", "GetComment", err.Error()) - } - - req, err := client.GetCommentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, caseCommentID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "GetComment", nil, "Failure preparing request") - return - } - - resp, err := client.GetCommentSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "GetComment", resp, "Failure sending request") - return - } - - result, err = client.GetCommentResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "GetComment", resp, "Failure responding to request") - return - } - - return -} - -// GetCommentPreparer prepares the GetComment request. -func (client CasesClient) GetCommentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseCommentID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseCommentId": autorest.Encode("path", caseCommentID), - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/comments/{caseCommentId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetCommentSender sends the GetComment request. The method will close the -// http.Response Body if it receives an error. -func (client CasesClient) GetCommentSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetCommentResponder handles the response to the GetComment request. The method always -// closes the http.Response Body. -func (client CasesClient) GetCommentResponder(resp *http.Response) (result CaseComment, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all cases. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// filter - filters the results, based on a Boolean condition. Optional. -// orderby - sorts the results. Optional. -// top - returns only the first n results. Optional. -// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response -// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that -// specifies a starting point to use for subsequent calls. Optional. -func (client CasesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result CaseListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.List") - defer func() { - sc := -1 - if result.cl.Response.Response != nil { - sc = result.cl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, filter, orderby, top, skipToken) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.cl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "List", resp, "Failure sending request") - return - } - - result.cl, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "List", resp, "Failure responding to request") - return - } - if result.cl.hasNextLink() && result.cl.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListPreparer prepares the List request. -func (client CasesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if len(filter) > 0 { - queryParameters["$filter"] = autorest.Encode("query", filter) - } - if len(orderby) > 0 { - queryParameters["$orderby"] = autorest.Encode("query", orderby) - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(skipToken) > 0 { - queryParameters["$skipToken"] = autorest.Encode("query", skipToken) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client CasesClient) ListSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client CasesClient) ListResponder(resp *http.Response) (result CaseList, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client CasesClient) listNextResults(ctx context.Context, lastResults CaseList) (result CaseList, err error) { - req, err := lastResults.caseListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.CasesClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.CasesClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client CasesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result CaseListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, filter, orderby, top, skipToken) - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/casesaggregations.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/casesaggregations.go deleted file mode 100644 index 0583fed40a18..000000000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/casesaggregations.go +++ /dev/null @@ -1,128 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// CasesAggregationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type CasesAggregationsClient struct { - BaseClient -} - -// NewCasesAggregationsClient creates an instance of the CasesAggregationsClient client. -func NewCasesAggregationsClient(subscriptionID string) CasesAggregationsClient { - return NewCasesAggregationsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewCasesAggregationsClientWithBaseURI creates an instance of the CasesAggregationsClient client using a custom -// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure -// stack). -func NewCasesAggregationsClientWithBaseURI(baseURI string, subscriptionID string) CasesAggregationsClient { - return CasesAggregationsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// Get get aggregative result for the given resources under the defined workspace -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// aggregationsName - the aggregation name. Supports - Cases -func (client CasesAggregationsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, aggregationsName string) (result AggregationsModel, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesAggregationsClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesAggregationsClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, aggregationsName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesAggregationsClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CasesAggregationsClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesAggregationsClient", "Get", resp, "Failure responding to request") - return - } - - return -} - -// GetPreparer prepares the Get request. -func (client CasesAggregationsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, aggregationsName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "aggregationsName": autorest.Encode("path", aggregationsName), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/aggregations/{aggregationsName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client CasesAggregationsClient) GetSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client CasesAggregationsClient) GetResponder(resp *http.Response) (result AggregationsModel, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/comments.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/comments.go deleted file mode 100644 index 79549a037837..000000000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/comments.go +++ /dev/null @@ -1,187 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// CommentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type CommentsClient struct { - BaseClient -} - -// NewCommentsClient creates an instance of the CommentsClient client. -func NewCommentsClient(subscriptionID string) CommentsClient { - return NewCommentsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewCommentsClientWithBaseURI creates an instance of the CommentsClient client using a custom endpoint. Use this -// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewCommentsClientWithBaseURI(baseURI string, subscriptionID string) CommentsClient { - return CommentsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// ListByCase gets all case comments. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// filter - filters the results, based on a Boolean condition. Optional. -// orderby - sorts the results. Optional. -// top - returns only the first n results. Optional. -// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response -// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that -// specifies a starting point to use for subsequent calls. Optional. -func (client CommentsClient) ListByCase(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result CaseCommentListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CommentsClient.ListByCase") - defer func() { - sc := -1 - if result.ccl.Response.Response != nil { - sc = result.ccl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CommentsClient", "ListByCase", err.Error()) - } - - result.fn = client.listByCaseNextResults - req, err := client.ListByCasePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, filter, orderby, top, skipToken) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "ListByCase", nil, "Failure preparing request") - return - } - - resp, err := client.ListByCaseSender(req) - if err != nil { - result.ccl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "ListByCase", resp, "Failure sending request") - return - } - - result.ccl, err = client.ListByCaseResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "ListByCase", resp, "Failure responding to request") - return - } - if result.ccl.hasNextLink() && result.ccl.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListByCasePreparer prepares the ListByCase request. -func (client CommentsClient) ListByCasePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if len(filter) > 0 { - queryParameters["$filter"] = autorest.Encode("query", filter) - } - if len(orderby) > 0 { - queryParameters["$orderby"] = autorest.Encode("query", orderby) - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(skipToken) > 0 { - queryParameters["$skipToken"] = autorest.Encode("query", skipToken) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/comments", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListByCaseSender sends the ListByCase request. The method will close the -// http.Response Body if it receives an error. -func (client CommentsClient) ListByCaseSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListByCaseResponder handles the response to the ListByCase request. The method always -// closes the http.Response Body. -func (client CommentsClient) ListByCaseResponder(resp *http.Response) (result CaseCommentList, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listByCaseNextResults retrieves the next set of results, if any. -func (client CommentsClient) listByCaseNextResults(ctx context.Context, lastResults CaseCommentList) (result CaseCommentList, err error) { - req, err := lastResults.caseCommentListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "listByCaseNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListByCaseSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "listByCaseNextResults", resp, "Failure sending next results request") - } - result, err = client.ListByCaseResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "listByCaseNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListByCaseComplete enumerates all values, automatically crossing page boundaries as required. -func (client CommentsClient) ListByCaseComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result CaseCommentListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CommentsClient.ListByCase") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.ListByCase(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, filter, orderby, top, skipToken) - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entityqueries.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entityqueries.go deleted file mode 100644 index 1a56e09ed0e0..000000000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entityqueries.go +++ /dev/null @@ -1,262 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// EntityQueriesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type EntityQueriesClient struct { - BaseClient -} - -// NewEntityQueriesClient creates an instance of the EntityQueriesClient client. -func NewEntityQueriesClient(subscriptionID string) EntityQueriesClient { - return NewEntityQueriesClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewEntityQueriesClientWithBaseURI creates an instance of the EntityQueriesClient client using a custom endpoint. -// Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewEntityQueriesClientWithBaseURI(baseURI string, subscriptionID string) EntityQueriesClient { - return EntityQueriesClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// Get gets an entity query. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// entityQueryID - entity query ID -func (client EntityQueriesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityQueryID string) (result EntityQueryModel, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.EntityQueriesClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityQueryID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Get", resp, "Failure responding to request") - return - } - - return -} - -// GetPreparer prepares the Get request. -func (client EntityQueriesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityQueryID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "entityQueryId": autorest.Encode("path", entityQueryID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client EntityQueriesClient) GetSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client EntityQueriesClient) GetResponder(resp *http.Response) (result EntityQueryModel, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all entity queries. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -func (client EntityQueriesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityQueryListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.List") - defer func() { - sc := -1 - if result.eql.Response.Response != nil { - sc = result.eql.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.EntityQueriesClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.eql.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "List", resp, "Failure sending request") - return - } - - result.eql, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "List", resp, "Failure responding to request") - return - } - if result.eql.hasNextLink() && result.eql.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListPreparer prepares the List request. -func (client EntityQueriesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client EntityQueriesClient) ListSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client EntityQueriesClient) ListResponder(resp *http.Response) (result EntityQueryList, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client EntityQueriesClient) listNextResults(ctx context.Context, lastResults EntityQueryList) (result EntityQueryList, err error) { - req, err := lastResults.entityQueryListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client EntityQueriesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityQueryListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/incidentcomments.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/incidentcomments.go deleted file mode 100644 index 370c0f838f76..000000000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/incidentcomments.go +++ /dev/null @@ -1,484 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// IncidentCommentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type IncidentCommentsClient struct { - BaseClient -} - -// NewIncidentCommentsClient creates an instance of the IncidentCommentsClient client. -func NewIncidentCommentsClient(subscriptionID string) IncidentCommentsClient { - return NewIncidentCommentsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewIncidentCommentsClientWithBaseURI creates an instance of the IncidentCommentsClient client using a custom -// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure -// stack). -func NewIncidentCommentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentCommentsClient { - return IncidentCommentsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateComment creates or updates the incident comment. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// incidentID - incident ID -// incidentCommentID - incident comment ID -// incidentComment - the incident comment -func (client IncidentCommentsClient) CreateComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment) (result IncidentComment, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.CreateComment") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, - {TargetValue: incidentComment, - Constraints: []validation.Constraint{{Target: "incidentComment.IncidentCommentProperties", Name: validation.Null, Rule: false, - Chain: []validation.Constraint{{Target: "incidentComment.IncidentCommentProperties.Message", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { - return result, validation.NewError("securityinsight.IncidentCommentsClient", "CreateComment", err.Error()) - } - - req, err := client.CreateCommentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, incidentCommentID, incidentComment) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "CreateComment", nil, "Failure preparing request") - return - } - - resp, err := client.CreateCommentSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "CreateComment", resp, "Failure sending request") - return - } - - result, err = client.CreateCommentResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "CreateComment", resp, "Failure responding to request") - return - } - - return -} - -// CreateCommentPreparer prepares the CreateComment request. -func (client IncidentCommentsClient) CreateCommentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "incidentCommentId": autorest.Encode("path", incidentCommentID), - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", pathParameters), - autorest.WithJSON(incidentComment), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateCommentSender sends the CreateComment request. The method will close the -// http.Response Body if it receives an error. -func (client IncidentCommentsClient) CreateCommentSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// CreateCommentResponder handles the response to the CreateComment request. The method always -// closes the http.Response Body. -func (client IncidentCommentsClient) CreateCommentResponder(resp *http.Response) (result IncidentComment, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// DeleteComment delete the incident comment. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// incidentID - incident ID -// incidentCommentID - incident comment ID -func (client IncidentCommentsClient) DeleteComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string) (result autorest.Response, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.DeleteComment") - defer func() { - sc := -1 - if result.Response != nil { - sc = result.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.IncidentCommentsClient", "DeleteComment", err.Error()) - } - - req, err := client.DeleteCommentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, incidentCommentID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "DeleteComment", nil, "Failure preparing request") - return - } - - resp, err := client.DeleteCommentSender(req) - if err != nil { - result.Response = resp - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "DeleteComment", resp, "Failure sending request") - return - } - - result, err = client.DeleteCommentResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "DeleteComment", resp, "Failure responding to request") - return - } - - return -} - -// DeleteCommentPreparer prepares the DeleteComment request. -func (client IncidentCommentsClient) DeleteCommentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "incidentCommentId": autorest.Encode("path", incidentCommentID), - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteCommentSender sends the DeleteComment request. The method will close the -// http.Response Body if it receives an error. -func (client IncidentCommentsClient) DeleteCommentSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// DeleteCommentResponder handles the response to the DeleteComment request. The method always -// closes the http.Response Body. -func (client IncidentCommentsClient) DeleteCommentResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// GetComment gets an incident comment. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// incidentID - incident ID -// incidentCommentID - incident comment ID -func (client IncidentCommentsClient) GetComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string) (result IncidentComment, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.GetComment") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.IncidentCommentsClient", "GetComment", err.Error()) - } - - req, err := client.GetCommentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, incidentCommentID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "GetComment", nil, "Failure preparing request") - return - } - - resp, err := client.GetCommentSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "GetComment", resp, "Failure sending request") - return - } - - result, err = client.GetCommentResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "GetComment", resp, "Failure responding to request") - return - } - - return -} - -// GetCommentPreparer prepares the GetComment request. -func (client IncidentCommentsClient) GetCommentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "incidentCommentId": autorest.Encode("path", incidentCommentID), - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetCommentSender sends the GetComment request. The method will close the -// http.Response Body if it receives an error. -func (client IncidentCommentsClient) GetCommentSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetCommentResponder handles the response to the GetComment request. The method always -// closes the http.Response Body. -func (client IncidentCommentsClient) GetCommentResponder(resp *http.Response) (result IncidentComment, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// ListByIncident gets all incident comments. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// incidentID - incident ID -// filter - filters the results, based on a Boolean condition. Optional. -// orderby - sorts the results. Optional. -// top - returns only the first n results. Optional. -// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response -// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that -// specifies a starting point to use for subsequent calls. Optional. -func (client IncidentCommentsClient) ListByIncident(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result IncidentCommentListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.ListByIncident") - defer func() { - sc := -1 - if result.icl.Response.Response != nil { - sc = result.icl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.IncidentCommentsClient", "ListByIncident", err.Error()) - } - - result.fn = client.listByIncidentNextResults - req, err := client.ListByIncidentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, filter, orderby, top, skipToken) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "ListByIncident", nil, "Failure preparing request") - return - } - - resp, err := client.ListByIncidentSender(req) - if err != nil { - result.icl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "ListByIncident", resp, "Failure sending request") - return - } - - result.icl, err = client.ListByIncidentResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "ListByIncident", resp, "Failure responding to request") - return - } - if result.icl.hasNextLink() && result.icl.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListByIncidentPreparer prepares the ListByIncident request. -func (client IncidentCommentsClient) ListByIncidentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if len(filter) > 0 { - queryParameters["$filter"] = autorest.Encode("query", filter) - } - if len(orderby) > 0 { - queryParameters["$orderby"] = autorest.Encode("query", orderby) - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(skipToken) > 0 { - queryParameters["$skipToken"] = autorest.Encode("query", skipToken) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListByIncidentSender sends the ListByIncident request. The method will close the -// http.Response Body if it receives an error. -func (client IncidentCommentsClient) ListByIncidentSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListByIncidentResponder handles the response to the ListByIncident request. The method always -// closes the http.Response Body. -func (client IncidentCommentsClient) ListByIncidentResponder(resp *http.Response) (result IncidentCommentList, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listByIncidentNextResults retrieves the next set of results, if any. -func (client IncidentCommentsClient) listByIncidentNextResults(ctx context.Context, lastResults IncidentCommentList) (result IncidentCommentList, err error) { - req, err := lastResults.incidentCommentListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "listByIncidentNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListByIncidentSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "listByIncidentNextResults", resp, "Failure sending next results request") - } - result, err = client.ListByIncidentResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "listByIncidentNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListByIncidentComplete enumerates all values, automatically crossing page boundaries as required. -func (client IncidentCommentsClient) ListByIncidentComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result IncidentCommentListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.ListByIncident") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.ListByIncident(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, filter, orderby, top, skipToken) - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/CHANGELOG.md b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/CHANGELOG.md similarity index 100% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/CHANGELOG.md rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/CHANGELOG.md diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/_meta.json b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/_meta.json similarity index 80% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/_meta.json rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/_meta.json index c322b2263547..a690e253e955 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/_meta.json +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/_meta.json @@ -1,10 +1,10 @@ { - "commit": "c2ea3a3ccd14293b4bd1d17e684ef9129f0dc604", + "commit": "3e1f462ff6a7daa705ac58f1772dd5c429bb8d2e", "readme": "/_/azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md", - "tag": "package-2019-01-preview", + "tag": "package-preview-2021-09", "use": "@microsoft.azure/autorest.go@2.1.187", "repository_url": "https://github.com/Azure/azure-rest-api-specs.git", - "autorest_command": "autorest --use=@microsoft.azure/autorest.go@2.1.187 --tag=package-2019-01-preview --go-sdk-folder=/_/azure-sdk-for-go --go --verbose --use-onever --version=2.0.4421 --go.license-header=MICROSOFT_MIT_NO_VERSION --enum-prefix /_/azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md", + "autorest_command": "autorest --use=@microsoft.azure/autorest.go@2.1.187 --tag=package-preview-2021-09 --go-sdk-folder=/_/azure-sdk-for-go --go --verbose --use-onever --version=2.0.4421 --go.license-header=MICROSOFT_MIT_NO_VERSION --enum-prefix /_/azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md", "additional_properties": { "additional_options": "--go --verbose --use-onever --version=2.0.4421 --go.license-header=MICROSOFT_MIT_NO_VERSION --enum-prefix" } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/actions.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/actions.go similarity index 69% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/actions.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/actions.go index 3396256c4c0f..920e5e3dad68 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/actions.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/actions.go @@ -33,15 +33,12 @@ func NewActionsClientWithBaseURI(baseURI string, subscriptionID string) ActionsC // CreateOrUpdate creates or updates the action of alert rule. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // ruleID - alert rule ID // actionID - action ID // action - the action -func (client ActionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string, action ActionRequest) (result ActionResponse, err error) { +func (client ActionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action ActionRequest) (result ActionResponse, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ActionsClient.CreateOrUpdate") defer func() { @@ -54,11 +51,10 @@ func (client ActionsClient) CreateOrUpdate(ctx context.Context, resourceGroupNam } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, @@ -68,7 +64,7 @@ func (client ActionsClient) CreateOrUpdate(ctx context.Context, resourceGroupNam return result, validation.NewError("securityinsight.ActionsClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID, actionID, action) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, ruleID, actionID, action) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ActionsClient", "CreateOrUpdate", nil, "Failure preparing request") return @@ -91,17 +87,16 @@ func (client ActionsClient) CreateOrUpdate(ctx context.Context, resourceGroupNam } // CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client ActionsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string, action ActionRequest) (*http.Request, error) { +func (client ActionsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action ActionRequest) (*http.Request, error) { pathParameters := map[string]interface{}{ - "actionId": autorest.Encode("path", actionID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "actionId": autorest.Encode("path", actionID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -110,7 +105,7 @@ func (client ActionsClient) CreateOrUpdatePreparer(ctx context.Context, resource autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), autorest.WithJSON(action), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -136,14 +131,11 @@ func (client ActionsClient) CreateOrUpdateResponder(resp *http.Response) (result // Delete delete the action of alert rule. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // ruleID - alert rule ID // actionID - action ID -func (client ActionsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (result autorest.Response, err error) { +func (client ActionsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ActionsClient.Delete") defer func() { @@ -156,18 +148,17 @@ func (client ActionsClient) Delete(ctx context.Context, resourceGroupName string } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ActionsClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID, actionID) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, ruleID, actionID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ActionsClient", "Delete", nil, "Failure preparing request") return @@ -190,17 +181,16 @@ func (client ActionsClient) Delete(ctx context.Context, resourceGroupName string } // DeletePreparer prepares the Delete request. -func (client ActionsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (*http.Request, error) { +func (client ActionsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "actionId": autorest.Encode("path", actionID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "actionId": autorest.Encode("path", actionID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -208,7 +198,7 @@ func (client ActionsClient) DeletePreparer(ctx context.Context, resourceGroupNam preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -232,14 +222,11 @@ func (client ActionsClient) DeleteResponder(resp *http.Response) (result autores // Get gets the action of alert rule. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // ruleID - alert rule ID // actionID - action ID -func (client ActionsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (result ActionResponse, err error) { +func (client ActionsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (result ActionResponse, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ActionsClient.Get") defer func() { @@ -252,18 +239,17 @@ func (client ActionsClient) Get(ctx context.Context, resourceGroupName string, o } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ActionsClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID, actionID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, ruleID, actionID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ActionsClient", "Get", nil, "Failure preparing request") return @@ -286,17 +272,16 @@ func (client ActionsClient) Get(ctx context.Context, resourceGroupName string, o } // GetPreparer prepares the Get request. -func (client ActionsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (*http.Request, error) { +func (client ActionsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "actionId": autorest.Encode("path", actionID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "actionId": autorest.Encode("path", actionID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -304,7 +289,7 @@ func (client ActionsClient) GetPreparer(ctx context.Context, resourceGroupName s preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -329,13 +314,10 @@ func (client ActionsClient) GetResponder(resp *http.Response) (result ActionResp // ListByAlertRule gets all actions of alert rule. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // ruleID - alert rule ID -func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result ActionsListPage, err error) { +func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result ActionsListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ActionsClient.ListByAlertRule") defer func() { @@ -348,11 +330,10 @@ func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupNa } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -360,7 +341,7 @@ func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupNa } result.fn = client.listByAlertRuleNextResults - req, err := client.ListByAlertRulePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID) + req, err := client.ListByAlertRulePreparer(ctx, resourceGroupName, workspaceName, ruleID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ActionsClient", "ListByAlertRule", nil, "Failure preparing request") return @@ -387,16 +368,15 @@ func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupNa } // ListByAlertRulePreparer prepares the ListByAlertRule request. -func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (*http.Request, error) { +func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -404,7 +384,7 @@ func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourc preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -449,7 +429,7 @@ func (client ActionsClient) listByAlertRuleNextResults(ctx context.Context, last } // ListByAlertRuleComplete enumerates all values, automatically crossing page boundaries as required. -func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result ActionsListIterator, err error) { +func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result ActionsListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ActionsClient.ListByAlertRule") defer func() { @@ -460,6 +440,6 @@ func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourc tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.ListByAlertRule(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID) + result.page, err = client.ListByAlertRule(ctx, resourceGroupName, workspaceName, ruleID) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/alertrules.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/alertrules.go similarity index 70% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/alertrules.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/alertrules.go index e8bfbf63b5ee..f2d1497d61ea 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/alertrules.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/alertrules.go @@ -33,14 +33,11 @@ func NewAlertRulesClientWithBaseURI(baseURI string, subscriptionID string) Alert // CreateOrUpdate creates or updates the alert rule. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // ruleID - alert rule ID // alertRule - the alert rule -func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, alertRule BasicAlertRule) (result AlertRuleModel, err error) { +func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule BasicAlertRule) (result AlertRuleModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.CreateOrUpdate") defer func() { @@ -53,18 +50,17 @@ func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroup } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.AlertRulesClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID, alertRule) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, ruleID, alertRule) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "CreateOrUpdate", nil, "Failure preparing request") return @@ -87,16 +83,15 @@ func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroup } // CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, alertRule BasicAlertRule) (*http.Request, error) { +func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule BasicAlertRule) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -105,7 +100,7 @@ func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resou autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), autorest.WithJSON(alertRule), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -131,13 +126,10 @@ func (client AlertRulesClient) CreateOrUpdateResponder(resp *http.Response) (res // Delete delete the alert rule. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // ruleID - alert rule ID -func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result autorest.Response, err error) { +func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.Delete") defer func() { @@ -150,18 +142,17 @@ func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName str } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.AlertRulesClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, ruleID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "Delete", nil, "Failure preparing request") return @@ -184,16 +175,15 @@ func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName str } // DeletePreparer prepares the Delete request. -func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (*http.Request, error) { +func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -201,7 +191,7 @@ func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroup preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -225,13 +215,10 @@ func (client AlertRulesClient) DeleteResponder(resp *http.Response) (result auto // Get gets the alert rule. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // ruleID - alert rule ID -func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result AlertRuleModel, err error) { +func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result AlertRuleModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.Get") defer func() { @@ -244,18 +231,17 @@ func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.AlertRulesClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, ruleID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "Get", nil, "Failure preparing request") return @@ -278,16 +264,15 @@ func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string } // GetPreparer prepares the Get request. -func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (*http.Request, error) { +func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -295,7 +280,7 @@ func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupNam preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -320,12 +305,9 @@ func (client AlertRulesClient) GetResponder(resp *http.Response) (result AlertRu // List gets all alert rules. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AlertRulesListPage, err error) { +func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.List") defer func() { @@ -338,11 +320,10 @@ func (client AlertRulesClient) List(ctx context.Context, resourceGroupName strin } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -350,7 +331,7 @@ func (client AlertRulesClient) List(ctx context.Context, resourceGroupName strin } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "List", nil, "Failure preparing request") return @@ -377,15 +358,14 @@ func (client AlertRulesClient) List(ctx context.Context, resourceGroupName strin } // ListPreparer prepares the List request. -func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -393,7 +373,7 @@ func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupNa preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -438,7 +418,7 @@ func (client AlertRulesClient) listNextResults(ctx context.Context, lastResults } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AlertRulesListIterator, err error) { +func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.List") defer func() { @@ -449,6 +429,6 @@ func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupNa tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + result.page, err = client.List(ctx, resourceGroupName, workspaceName) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/alertruletemplates.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/alertruletemplates.go similarity index 73% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/alertruletemplates.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/alertruletemplates.go index b9d164a1c381..55800350fd0f 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/alertruletemplates.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/alertruletemplates.go @@ -34,13 +34,10 @@ func NewAlertRuleTemplatesClientWithBaseURI(baseURI string, subscriptionID strin // Get gets the alert rule template. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // alertRuleTemplateID - alert rule template ID -func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, alertRuleTemplateID string) (result AlertRuleTemplateModel, err error) { +func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, alertRuleTemplateID string) (result AlertRuleTemplateModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRuleTemplatesClient.Get") defer func() { @@ -53,18 +50,17 @@ func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupNam } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.AlertRuleTemplatesClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, alertRuleTemplateID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, alertRuleTemplateID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "Get", nil, "Failure preparing request") return @@ -87,16 +83,15 @@ func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupNam } // GetPreparer prepares the Get request. -func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, alertRuleTemplateID string) (*http.Request, error) { +func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, alertRuleTemplateID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "alertRuleTemplateId": autorest.Encode("path", alertRuleTemplateID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "alertRuleTemplateId": autorest.Encode("path", alertRuleTemplateID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -104,7 +99,7 @@ func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resource preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates/{alertRuleTemplateId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates/{alertRuleTemplateId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -129,12 +124,9 @@ func (client AlertRuleTemplatesClient) GetResponder(resp *http.Response) (result // List gets all alert rule templates. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AlertRuleTemplatesListPage, err error) { +func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRuleTemplatesClient.List") defer func() { @@ -147,11 +139,10 @@ func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupNa } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -159,7 +150,7 @@ func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupNa } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "List", nil, "Failure preparing request") return @@ -186,15 +177,14 @@ func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupNa } // ListPreparer prepares the List request. -func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -202,7 +192,7 @@ func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourc preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -247,7 +237,7 @@ func (client AlertRuleTemplatesClient) listNextResults(ctx context.Context, last } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AlertRuleTemplatesListIterator, err error) { +func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRuleTemplatesListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRuleTemplatesClient.List") defer func() { @@ -258,6 +248,6 @@ func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourc tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + result.page, err = client.List(ctx, resourceGroupName, workspaceName) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/automationrules.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/automationrules.go similarity index 71% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/automationrules.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/automationrules.go index 7982c16d1d26..21ba824efb1b 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/automationrules.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/automationrules.go @@ -33,14 +33,11 @@ func NewAutomationRulesClientWithBaseURI(baseURI string, subscriptionID string) // CreateOrUpdate creates or updates the automation rule. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // automationRuleID - automation rule ID // automationRule - the automation rule -func (client AutomationRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, automationRuleID string, automationRule AutomationRule) (result AutomationRule, err error) { +func (client AutomationRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string, automationRule AutomationRule) (result AutomationRule, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AutomationRulesClient.CreateOrUpdate") defer func() { @@ -53,11 +50,10 @@ func (client AutomationRulesClient) CreateOrUpdate(ctx context.Context, resource } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, @@ -75,7 +71,7 @@ func (client AutomationRulesClient) CreateOrUpdate(ctx context.Context, resource return result, validation.NewError("securityinsight.AutomationRulesClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, automationRuleID, automationRule) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, automationRuleID, automationRule) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AutomationRulesClient", "CreateOrUpdate", nil, "Failure preparing request") return @@ -98,16 +94,15 @@ func (client AutomationRulesClient) CreateOrUpdate(ctx context.Context, resource } // CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client AutomationRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, automationRuleID string, automationRule AutomationRule) (*http.Request, error) { +func (client AutomationRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string, automationRule AutomationRule) (*http.Request, error) { pathParameters := map[string]interface{}{ - "automationRuleId": autorest.Encode("path", automationRuleID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "automationRuleId": autorest.Encode("path", automationRuleID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -116,7 +111,7 @@ func (client AutomationRulesClient) CreateOrUpdatePreparer(ctx context.Context, autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}", pathParameters), autorest.WithJSON(automationRule), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -142,13 +137,10 @@ func (client AutomationRulesClient) CreateOrUpdateResponder(resp *http.Response) // Delete delete the automation rule. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // automationRuleID - automation rule ID -func (client AutomationRulesClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, automationRuleID string) (result autorest.Response, err error) { +func (client AutomationRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AutomationRulesClient.Delete") defer func() { @@ -161,18 +153,17 @@ func (client AutomationRulesClient) Delete(ctx context.Context, resourceGroupNam } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.AutomationRulesClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, automationRuleID) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, automationRuleID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AutomationRulesClient", "Delete", nil, "Failure preparing request") return @@ -195,16 +186,15 @@ func (client AutomationRulesClient) Delete(ctx context.Context, resourceGroupNam } // DeletePreparer prepares the Delete request. -func (client AutomationRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, automationRuleID string) (*http.Request, error) { +func (client AutomationRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "automationRuleId": autorest.Encode("path", automationRuleID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "automationRuleId": autorest.Encode("path", automationRuleID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -212,7 +202,7 @@ func (client AutomationRulesClient) DeletePreparer(ctx context.Context, resource preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -236,13 +226,10 @@ func (client AutomationRulesClient) DeleteResponder(resp *http.Response) (result // Get gets the automation rule. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // automationRuleID - automation rule ID -func (client AutomationRulesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, automationRuleID string) (result AutomationRule, err error) { +func (client AutomationRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string) (result AutomationRule, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AutomationRulesClient.Get") defer func() { @@ -255,18 +242,17 @@ func (client AutomationRulesClient) Get(ctx context.Context, resourceGroupName s } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.AutomationRulesClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, automationRuleID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, automationRuleID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AutomationRulesClient", "Get", nil, "Failure preparing request") return @@ -289,16 +275,15 @@ func (client AutomationRulesClient) Get(ctx context.Context, resourceGroupName s } // GetPreparer prepares the Get request. -func (client AutomationRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, automationRuleID string) (*http.Request, error) { +func (client AutomationRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, automationRuleID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "automationRuleId": autorest.Encode("path", automationRuleID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "automationRuleId": autorest.Encode("path", automationRuleID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -306,7 +291,7 @@ func (client AutomationRulesClient) GetPreparer(ctx context.Context, resourceGro preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -331,12 +316,9 @@ func (client AutomationRulesClient) GetResponder(resp *http.Response) (result Au // List gets all automation rules. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -func (client AutomationRulesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AutomationRulesListPage, err error) { +func (client AutomationRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AutomationRulesListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AutomationRulesClient.List") defer func() { @@ -349,11 +331,10 @@ func (client AutomationRulesClient) List(ctx context.Context, resourceGroupName } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -361,7 +342,7 @@ func (client AutomationRulesClient) List(ctx context.Context, resourceGroupName } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AutomationRulesClient", "List", nil, "Failure preparing request") return @@ -388,15 +369,14 @@ func (client AutomationRulesClient) List(ctx context.Context, resourceGroupName } // ListPreparer prepares the List request. -func (client AutomationRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client AutomationRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -404,7 +384,7 @@ func (client AutomationRulesClient) ListPreparer(ctx context.Context, resourceGr preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -449,7 +429,7 @@ func (client AutomationRulesClient) listNextResults(ctx context.Context, lastRes } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client AutomationRulesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AutomationRulesListIterator, err error) { +func (client AutomationRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AutomationRulesListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AutomationRulesClient.List") defer func() { @@ -460,6 +440,6 @@ func (client AutomationRulesClient) ListComplete(ctx context.Context, resourceGr tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + result.page, err = client.List(ctx, resourceGroupName, workspaceName) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/bookmark.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/bookmark.go similarity index 73% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/bookmark.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/bookmark.go index 4ca9d761ab01..91a31ba21c1a 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/bookmark.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/bookmark.go @@ -33,14 +33,11 @@ func NewBookmarkClientWithBaseURI(baseURI string, subscriptionID string) Bookmar // Expand expand an bookmark // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // bookmarkID - bookmark ID // parameters - the parameters required to execute an expand operation on the given bookmark. -func (client BookmarkClient) Expand(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, parameters BookmarkExpandParameters) (result BookmarkExpandResponse, err error) { +func (client BookmarkClient) Expand(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, parameters BookmarkExpandParameters) (result BookmarkExpandResponse, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkClient.Expand") defer func() { @@ -53,18 +50,17 @@ func (client BookmarkClient) Expand(ctx context.Context, resourceGroupName strin } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.BookmarkClient", "Expand", err.Error()) } - req, err := client.ExpandPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, parameters) + req, err := client.ExpandPreparer(ctx, resourceGroupName, workspaceName, bookmarkID, parameters) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.BookmarkClient", "Expand", nil, "Failure preparing request") return @@ -87,16 +83,15 @@ func (client BookmarkClient) Expand(ctx context.Context, resourceGroupName strin } // ExpandPreparer prepares the Expand request. -func (client BookmarkClient) ExpandPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, parameters BookmarkExpandParameters) (*http.Request, error) { +func (client BookmarkClient) ExpandPreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, parameters BookmarkExpandParameters) (*http.Request, error) { pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "bookmarkId": autorest.Encode("path", bookmarkID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -105,7 +100,7 @@ func (client BookmarkClient) ExpandPreparer(ctx context.Context, resourceGroupNa autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/expand", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/expand", pathParameters), autorest.WithJSON(parameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/bookmarkrelations.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/bookmarkrelations.go similarity index 56% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/bookmarkrelations.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/bookmarkrelations.go index 8f3e3dfc331d..7b9489d32ca1 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/bookmarkrelations.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/bookmarkrelations.go @@ -32,19 +32,16 @@ func NewBookmarkRelationsClientWithBaseURI(baseURI string, subscriptionID string return BookmarkRelationsClient{NewWithBaseURI(baseURI, subscriptionID)} } -// CreateOrUpdateRelation creates the bookmark relation. +// CreateOrUpdate creates the bookmark relation. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // bookmarkID - bookmark ID // relationName - relation Name // relation - the relation model -func (client BookmarkRelationsClient) CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string, relation Relation) (result Relation, err error) { +func (client BookmarkRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, relation Relation) (result Relation, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.CreateOrUpdateRelation") + ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.CreateOrUpdate") defer func() { sc := -1 if result.Response.Response != nil { @@ -55,54 +52,52 @@ func (client BookmarkRelationsClient) CreateOrUpdateRelation(ctx context.Context } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: relation, Constraints: []validation.Constraint{{Target: "relation.RelationProperties", Name: validation.Null, Rule: false, Chain: []validation.Constraint{{Target: "relation.RelationProperties.RelatedResourceID", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarkRelationsClient", "CreateOrUpdateRelation", err.Error()) + return result, validation.NewError("securityinsight.BookmarkRelationsClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdateRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, relationName, relation) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, bookmarkID, relationName, relation) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "CreateOrUpdateRelation", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "CreateOrUpdate", nil, "Failure preparing request") return } - resp, err := client.CreateOrUpdateRelationSender(req) + resp, err := client.CreateOrUpdateSender(req) if err != nil { result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "CreateOrUpdateRelation", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "CreateOrUpdate", resp, "Failure sending request") return } - result, err = client.CreateOrUpdateRelationResponder(resp) + result, err = client.CreateOrUpdateResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "CreateOrUpdateRelation", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "CreateOrUpdate", resp, "Failure responding to request") return } return } -// CreateOrUpdateRelationPreparer prepares the CreateOrUpdateRelation request. -func (client BookmarkRelationsClient) CreateOrUpdateRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string, relation Relation) (*http.Request, error) { +// CreateOrUpdatePreparer prepares the CreateOrUpdate request. +func (client BookmarkRelationsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string, relation Relation) (*http.Request, error) { pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "bookmarkId": autorest.Encode("path", bookmarkID), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -111,21 +106,21 @@ func (client BookmarkRelationsClient) CreateOrUpdateRelationPreparer(ctx context autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", pathParameters), autorest.WithJSON(relation), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// CreateOrUpdateRelationSender sends the CreateOrUpdateRelation request. The method will close the +// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the // http.Response Body if it receives an error. -func (client BookmarkRelationsClient) CreateOrUpdateRelationSender(req *http.Request) (*http.Response, error) { +func (client BookmarkRelationsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// CreateOrUpdateRelationResponder handles the response to the CreateOrUpdateRelation request. The method always +// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always // closes the http.Response Body. -func (client BookmarkRelationsClient) CreateOrUpdateRelationResponder(resp *http.Response) (result Relation, err error) { +func (client BookmarkRelationsClient) CreateOrUpdateResponder(resp *http.Response) (result Relation, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), @@ -135,18 +130,15 @@ func (client BookmarkRelationsClient) CreateOrUpdateRelationResponder(resp *http return } -// DeleteRelation delete the bookmark relation. +// Delete delete the bookmark relation. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // bookmarkID - bookmark ID // relationName - relation Name -func (client BookmarkRelationsClient) DeleteRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string) (result autorest.Response, err error) { +func (client BookmarkRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string) (result autorest.Response, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.DeleteRelation") + ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.Delete") defer func() { sc := -1 if result.Response != nil { @@ -157,51 +149,49 @@ func (client BookmarkRelationsClient) DeleteRelation(ctx context.Context, resour } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarkRelationsClient", "DeleteRelation", err.Error()) + return result, validation.NewError("securityinsight.BookmarkRelationsClient", "Delete", err.Error()) } - req, err := client.DeleteRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, relationName) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, bookmarkID, relationName) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "DeleteRelation", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "Delete", nil, "Failure preparing request") return } - resp, err := client.DeleteRelationSender(req) + resp, err := client.DeleteSender(req) if err != nil { result.Response = resp - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "DeleteRelation", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "Delete", resp, "Failure sending request") return } - result, err = client.DeleteRelationResponder(resp) + result, err = client.DeleteResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "DeleteRelation", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "Delete", resp, "Failure responding to request") return } return } -// DeleteRelationPreparer prepares the DeleteRelation request. -func (client BookmarkRelationsClient) DeleteRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string) (*http.Request, error) { +// DeletePreparer prepares the Delete request. +func (client BookmarkRelationsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "bookmarkId": autorest.Encode("path", bookmarkID), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -209,20 +199,20 @@ func (client BookmarkRelationsClient) DeleteRelationPreparer(ctx context.Context preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// DeleteRelationSender sends the DeleteRelation request. The method will close the +// DeleteSender sends the Delete request. The method will close the // http.Response Body if it receives an error. -func (client BookmarkRelationsClient) DeleteRelationSender(req *http.Request) (*http.Response, error) { +func (client BookmarkRelationsClient) DeleteSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// DeleteRelationResponder handles the response to the DeleteRelation request. The method always +// DeleteResponder handles the response to the Delete request. The method always // closes the http.Response Body. -func (client BookmarkRelationsClient) DeleteRelationResponder(resp *http.Response) (result autorest.Response, err error) { +func (client BookmarkRelationsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), @@ -231,18 +221,15 @@ func (client BookmarkRelationsClient) DeleteRelationResponder(resp *http.Respons return } -// GetRelation gets a bookmark relation. +// Get gets a bookmark relation. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // bookmarkID - bookmark ID // relationName - relation Name -func (client BookmarkRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string) (result Relation, err error) { +func (client BookmarkRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string) (result Relation, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.GetRelation") + ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.Get") defer func() { sc := -1 if result.Response.Response != nil { @@ -253,51 +240,49 @@ func (client BookmarkRelationsClient) GetRelation(ctx context.Context, resourceG } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarkRelationsClient", "GetRelation", err.Error()) + return result, validation.NewError("securityinsight.BookmarkRelationsClient", "Get", err.Error()) } - req, err := client.GetRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, relationName) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, bookmarkID, relationName) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "GetRelation", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "Get", nil, "Failure preparing request") return } - resp, err := client.GetRelationSender(req) + resp, err := client.GetSender(req) if err != nil { result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "GetRelation", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "Get", resp, "Failure sending request") return } - result, err = client.GetRelationResponder(resp) + result, err = client.GetResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "GetRelation", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "Get", resp, "Failure responding to request") return } return } -// GetRelationPreparer prepares the GetRelation request. -func (client BookmarkRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string) (*http.Request, error) { +// GetPreparer prepares the Get request. +func (client BookmarkRelationsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, relationName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "bookmarkId": autorest.Encode("path", bookmarkID), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -305,20 +290,20 @@ func (client BookmarkRelationsClient) GetRelationPreparer(ctx context.Context, r preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// GetRelationSender sends the GetRelation request. The method will close the +// GetSender sends the Get request. The method will close the // http.Response Body if it receives an error. -func (client BookmarkRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error) { +func (client BookmarkRelationsClient) GetSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// GetRelationResponder handles the response to the GetRelation request. The method always +// GetResponder handles the response to the Get request. The method always // closes the http.Response Body. -func (client BookmarkRelationsClient) GetRelationResponder(resp *http.Response) (result Relation, err error) { +func (client BookmarkRelationsClient) GetResponder(resp *http.Response) (result Relation, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK), @@ -330,10 +315,7 @@ func (client BookmarkRelationsClient) GetRelationResponder(resp *http.Response) // List gets all bookmark relations. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // bookmarkID - bookmark ID // filter - filters the results, based on a Boolean condition. Optional. @@ -342,7 +324,7 @@ func (client BookmarkRelationsClient) GetRelationResponder(resp *http.Response) // skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response // contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that // specifies a starting point to use for subsequent calls. Optional. -func (client BookmarkRelationsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error) { +func (client BookmarkRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.List") defer func() { @@ -355,11 +337,10 @@ func (client BookmarkRelationsClient) List(ctx context.Context, resourceGroupNam } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -367,7 +348,7 @@ func (client BookmarkRelationsClient) List(ctx context.Context, resourceGroupNam } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, filter, orderby, top, skipToken) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, bookmarkID, filter, orderby, top, skipToken) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "List", nil, "Failure preparing request") return @@ -394,16 +375,15 @@ func (client BookmarkRelationsClient) List(ctx context.Context, resourceGroupNam } // ListPreparer prepares the List request. -func (client BookmarkRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { +func (client BookmarkRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "bookmarkId": autorest.Encode("path", bookmarkID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -423,7 +403,7 @@ func (client BookmarkRelationsClient) ListPreparer(ctx context.Context, resource preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -468,7 +448,7 @@ func (client BookmarkRelationsClient) listNextResults(ctx context.Context, lastR } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client BookmarkRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error) { +func (client BookmarkRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.List") defer func() { @@ -479,6 +459,6 @@ func (client BookmarkRelationsClient) ListComplete(ctx context.Context, resource tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, filter, orderby, top, skipToken) + result.page, err = client.List(ctx, resourceGroupName, workspaceName, bookmarkID, filter, orderby, top, skipToken) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/bookmarks.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/bookmarks.go similarity index 71% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/bookmarks.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/bookmarks.go index 81228084c536..a71bbb9a74c9 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/bookmarks.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/bookmarks.go @@ -33,14 +33,11 @@ func NewBookmarksClientWithBaseURI(baseURI string, subscriptionID string) Bookma // CreateOrUpdate creates or updates the bookmark. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // bookmarkID - bookmark ID // bookmark - the bookmark -func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, bookmark Bookmark) (result Bookmark, err error) { +func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, bookmark Bookmark) (result Bookmark, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/BookmarksClient.CreateOrUpdate") defer func() { @@ -53,11 +50,10 @@ func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupN } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, @@ -69,7 +65,7 @@ func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupN return result, validation.NewError("securityinsight.BookmarksClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, bookmark) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, bookmarkID, bookmark) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "CreateOrUpdate", nil, "Failure preparing request") return @@ -92,16 +88,15 @@ func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupN } // CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, bookmark Bookmark) (*http.Request, error) { +func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string, bookmark Bookmark) (*http.Request, error) { pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "bookmarkId": autorest.Encode("path", bookmarkID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -110,7 +105,7 @@ func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resour autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", pathParameters), autorest.WithJSON(bookmark), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -136,13 +131,10 @@ func (client BookmarksClient) CreateOrUpdateResponder(resp *http.Response) (resu // Delete delete the bookmark. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // bookmarkID - bookmark ID -func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (result autorest.Response, err error) { +func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/BookmarksClient.Delete") defer func() { @@ -155,18 +147,17 @@ func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName stri } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.BookmarksClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, bookmarkID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "Delete", nil, "Failure preparing request") return @@ -189,16 +180,15 @@ func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName stri } // DeletePreparer prepares the Delete request. -func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (*http.Request, error) { +func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "bookmarkId": autorest.Encode("path", bookmarkID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -206,7 +196,7 @@ func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupN preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -230,13 +220,10 @@ func (client BookmarksClient) DeleteResponder(resp *http.Response) (result autor // Get gets a bookmark. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // bookmarkID - bookmark ID -func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (result Bookmark, err error) { +func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (result Bookmark, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/BookmarksClient.Get") defer func() { @@ -249,18 +236,17 @@ func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.BookmarksClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, bookmarkID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "Get", nil, "Failure preparing request") return @@ -283,16 +269,15 @@ func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, } // GetPreparer prepares the Get request. -func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (*http.Request, error) { +func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, bookmarkID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "bookmarkId": autorest.Encode("path", bookmarkID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -300,7 +285,7 @@ func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -325,12 +310,9 @@ func (client BookmarksClient) GetResponder(resp *http.Response) (result Bookmark // List gets all bookmarks. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result BookmarkListPage, err error) { +func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/BookmarksClient.List") defer func() { @@ -343,11 +325,10 @@ func (client BookmarksClient) List(ctx context.Context, resourceGroupName string } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -355,7 +336,7 @@ func (client BookmarksClient) List(ctx context.Context, resourceGroupName string } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "List", nil, "Failure preparing request") return @@ -382,15 +363,14 @@ func (client BookmarksClient) List(ctx context.Context, resourceGroupName string } // ListPreparer prepares the List request. -func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -398,7 +378,7 @@ func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupNam preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -443,7 +423,7 @@ func (client BookmarksClient) listNextResults(ctx context.Context, lastResults B } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result BookmarkListIterator, err error) { +func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result BookmarkListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/BookmarksClient.List") defer func() { @@ -454,6 +434,6 @@ func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupNam tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + result.page, err = client.List(ctx, resourceGroupName, workspaceName) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/client.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/client.go similarity index 96% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/client.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/client.go index 8d2810a96fb1..3d586f082695 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/client.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/client.go @@ -1,4 +1,4 @@ -// Package securityinsight implements the Azure ARM Securityinsight service API version 2019-01-01-preview. +// Package securityinsight implements the Azure ARM Securityinsight service API version 2021-09-01-preview. // // API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider package securityinsight diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/dataconnectors.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/dataconnectors.go similarity index 55% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/dataconnectors.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/dataconnectors.go index 9e5a71597e56..4f2929c4bb37 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/dataconnectors.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/dataconnectors.go @@ -31,16 +31,105 @@ func NewDataConnectorsClientWithBaseURI(baseURI string, subscriptionID string) D return DataConnectorsClient{NewWithBaseURI(baseURI, subscriptionID)} } +// Connect connects a data connector. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// dataConnectorID - connector ID +// connectBody - the data connector +func (client DataConnectorsClient) Connect(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, connectBody DataConnectorConnectBody) (result autorest.Response, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.Connect") + defer func() { + sc := -1 + if result.Response != nil { + sc = result.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.DataConnectorsClient", "Connect", err.Error()) + } + + req, err := client.ConnectPreparer(ctx, resourceGroupName, workspaceName, dataConnectorID, connectBody) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "Connect", nil, "Failure preparing request") + return + } + + resp, err := client.ConnectSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "Connect", resp, "Failure sending request") + return + } + + result, err = client.ConnectResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "Connect", resp, "Failure responding to request") + return + } + + return +} + +// ConnectPreparer prepares the Connect request. +func (client DataConnectorsClient) ConnectPreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, connectBody DataConnectorConnectBody) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "dataConnectorId": autorest.Encode("path", dataConnectorID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPost(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}/connect", pathParameters), + autorest.WithJSON(connectBody), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ConnectSender sends the Connect request. The method will close the +// http.Response Body if it receives an error. +func (client DataConnectorsClient) ConnectSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// ConnectResponder handles the response to the Connect request. The method always +// closes the http.Response Body. +func (client DataConnectorsClient) ConnectResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByClosing()) + result.Response = resp + return +} + // CreateOrUpdate creates or updates the data connector. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // dataConnectorID - connector ID // dataConnector - the data connector -func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (result DataConnectorModel, err error) { +func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (result DataConnectorModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.CreateOrUpdate") defer func() { @@ -53,18 +142,17 @@ func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceG } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.DataConnectorsClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, dataConnectorID, dataConnector) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, dataConnectorID, dataConnector) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "CreateOrUpdate", nil, "Failure preparing request") return @@ -87,16 +175,15 @@ func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceG } // CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (*http.Request, error) { +func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (*http.Request, error) { pathParameters := map[string]interface{}{ - "dataConnectorId": autorest.Encode("path", dataConnectorID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "dataConnectorId": autorest.Encode("path", dataConnectorID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -105,7 +192,7 @@ func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, r autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), autorest.WithJSON(dataConnector), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -131,13 +218,10 @@ func (client DataConnectorsClient) CreateOrUpdateResponder(resp *http.Response) // Delete delete the data connector. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // dataConnectorID - connector ID -func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (result autorest.Response, err error) { +func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.Delete") defer func() { @@ -150,18 +234,17 @@ func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.DataConnectorsClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, dataConnectorID) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, dataConnectorID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "Delete", nil, "Failure preparing request") return @@ -184,16 +267,15 @@ func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName } // DeletePreparer prepares the Delete request. -func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (*http.Request, error) { +func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "dataConnectorId": autorest.Encode("path", dataConnectorID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "dataConnectorId": autorest.Encode("path", dataConnectorID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -201,7 +283,7 @@ func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceG preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -223,15 +305,101 @@ func (client DataConnectorsClient) DeleteResponder(resp *http.Response) (result return } +// Disconnect disconnect a data connector. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// dataConnectorID - connector ID +func (client DataConnectorsClient) Disconnect(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result autorest.Response, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.Disconnect") + defer func() { + sc := -1 + if result.Response != nil { + sc = result.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.DataConnectorsClient", "Disconnect", err.Error()) + } + + req, err := client.DisconnectPreparer(ctx, resourceGroupName, workspaceName, dataConnectorID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "Disconnect", nil, "Failure preparing request") + return + } + + resp, err := client.DisconnectSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "Disconnect", resp, "Failure sending request") + return + } + + result, err = client.DisconnectResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "Disconnect", resp, "Failure responding to request") + return + } + + return +} + +// DisconnectPreparer prepares the Disconnect request. +func (client DataConnectorsClient) DisconnectPreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "dataConnectorId": autorest.Encode("path", dataConnectorID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsPost(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}/disconnect", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DisconnectSender sends the Disconnect request. The method will close the +// http.Response Body if it receives an error. +func (client DataConnectorsClient) DisconnectSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// DisconnectResponder handles the response to the Disconnect request. The method always +// closes the http.Response Body. +func (client DataConnectorsClient) DisconnectResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByClosing()) + result.Response = resp + return +} + // Get gets a data connector. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // dataConnectorID - connector ID -func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (result DataConnectorModel, err error) { +func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result DataConnectorModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.Get") defer func() { @@ -244,18 +412,17 @@ func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName st } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.DataConnectorsClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, dataConnectorID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, dataConnectorID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "Get", nil, "Failure preparing request") return @@ -278,16 +445,15 @@ func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName st } // GetPreparer prepares the Get request. -func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (*http.Request, error) { +func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "dataConnectorId": autorest.Encode("path", dataConnectorID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "dataConnectorId": autorest.Encode("path", dataConnectorID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -295,7 +461,7 @@ func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGrou preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -320,12 +486,9 @@ func (client DataConnectorsClient) GetResponder(resp *http.Response) (result Dat // List gets all data connectors. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result DataConnectorListPage, err error) { +func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.List") defer func() { @@ -338,11 +501,10 @@ func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName s } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -350,7 +512,7 @@ func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName s } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "List", nil, "Failure preparing request") return @@ -377,15 +539,14 @@ func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName s } // ListPreparer prepares the List request. -func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -393,7 +554,7 @@ func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGro preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -438,7 +599,7 @@ func (client DataConnectorsClient) listNextResults(ctx context.Context, lastResu } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result DataConnectorListIterator, err error) { +func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.List") defer func() { @@ -449,6 +610,6 @@ func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGro tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + result.page, err = client.List(ctx, resourceGroupName, workspaceName) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/dataconnectorscheckrequirements.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/dataconnectorscheckrequirements.go similarity index 76% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/dataconnectorscheckrequirements.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/dataconnectorscheckrequirements.go index 2b00948d999e..6f9817ea6979 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/dataconnectorscheckrequirements.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/dataconnectorscheckrequirements.go @@ -35,13 +35,10 @@ func NewDataConnectorsCheckRequirementsClientWithBaseURI(baseURI string, subscri // Post get requirements state for a data connector type. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // dataConnectorsCheckRequirements - the parameters for requirements check message -func (client DataConnectorsCheckRequirementsClient) Post(ctx context.Context, resourceGroupName string, workspaceName string, operationalInsightsResourceProvider string, dataConnectorsCheckRequirements BasicDataConnectorsCheckRequirements) (result DataConnectorRequirementsState, err error) { +func (client DataConnectorsCheckRequirementsClient) Post(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorsCheckRequirements BasicDataConnectorsCheckRequirements) (result DataConnectorRequirementsState, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsCheckRequirementsClient.Post") defer func() { @@ -54,18 +51,17 @@ func (client DataConnectorsCheckRequirementsClient) Post(ctx context.Context, re } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.DataConnectorsCheckRequirementsClient", "Post", err.Error()) } - req, err := client.PostPreparer(ctx, resourceGroupName, workspaceName, operationalInsightsResourceProvider, dataConnectorsCheckRequirements) + req, err := client.PostPreparer(ctx, resourceGroupName, workspaceName, dataConnectorsCheckRequirements) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsCheckRequirementsClient", "Post", nil, "Failure preparing request") return @@ -88,15 +84,14 @@ func (client DataConnectorsCheckRequirementsClient) Post(ctx context.Context, re } // PostPreparer prepares the Post request. -func (client DataConnectorsCheckRequirementsClient) PostPreparer(ctx context.Context, resourceGroupName string, workspaceName string, operationalInsightsResourceProvider string, dataConnectorsCheckRequirements BasicDataConnectorsCheckRequirements) (*http.Request, error) { +func (client DataConnectorsCheckRequirementsClient) PostPreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorsCheckRequirements BasicDataConnectorsCheckRequirements) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -105,7 +100,7 @@ func (client DataConnectorsCheckRequirementsClient) PostPreparer(ctx context.Con autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorsCheckRequirements", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorsCheckRequirements", pathParameters), autorest.WithJSON(dataConnectorsCheckRequirements), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/domainwhois.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/domainwhois.go new file mode 100644 index 000000000000..fe511c2c25ec --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/domainwhois.go @@ -0,0 +1,117 @@ +package securityinsight + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// DomainWhoisClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type DomainWhoisClient struct { + BaseClient +} + +// NewDomainWhoisClient creates an instance of the DomainWhoisClient client. +func NewDomainWhoisClient(subscriptionID string) DomainWhoisClient { + return NewDomainWhoisClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewDomainWhoisClientWithBaseURI creates an instance of the DomainWhoisClient client using a custom endpoint. Use +// this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). +func NewDomainWhoisClientWithBaseURI(baseURI string, subscriptionID string) DomainWhoisClient { + return DomainWhoisClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// Get get whois information for a single domain name +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// domain - domain name to be enriched +func (client DomainWhoisClient) Get(ctx context.Context, resourceGroupName string, domain string) (result EnrichmentDomainWhois, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/DomainWhoisClient.Get") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.DomainWhoisClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, domain) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.DomainWhoisClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.DomainWhoisClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.DomainWhoisClient", "Get", resp, "Failure responding to request") + return + } + + return +} + +// GetPreparer prepares the Get request. +func (client DomainWhoisClient) GetPreparer(ctx context.Context, resourceGroupName string, domain string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + "domain": autorest.Encode("query", domain), + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/domain/whois/", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client DomainWhoisClient) GetSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client DomainWhoisClient) GetResponder(resp *http.Response) (result EnrichmentDomainWhois, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entities.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entities.go similarity index 69% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entities.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entities.go index 702d527756e6..00ea90f8a421 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entities.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entities.go @@ -33,14 +33,11 @@ func NewEntitiesClientWithBaseURI(baseURI string, subscriptionID string) Entitie // Expand expands an entity. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // entityID - entity ID // parameters - the parameters required to execute an expand operation on the given entity. -func (client EntitiesClient) Expand(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, parameters EntityExpandParameters) (result EntityExpandResponse, err error) { +func (client EntitiesClient) Expand(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityExpandParameters) (result EntityExpandResponse, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesClient.Expand") defer func() { @@ -53,18 +50,17 @@ func (client EntitiesClient) Expand(ctx context.Context, resourceGroupName strin } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.EntitiesClient", "Expand", err.Error()) } - req, err := client.ExpandPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID, parameters) + req, err := client.ExpandPreparer(ctx, resourceGroupName, workspaceName, entityID, parameters) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "Expand", nil, "Failure preparing request") return @@ -87,16 +83,15 @@ func (client EntitiesClient) Expand(ctx context.Context, resourceGroupName strin } // ExpandPreparer prepares the Expand request. -func (client EntitiesClient) ExpandPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, parameters EntityExpandParameters) (*http.Request, error) { +func (client EntitiesClient) ExpandPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityExpandParameters) (*http.Request, error) { pathParameters := map[string]interface{}{ - "entityId": autorest.Encode("path", entityID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "entityId": autorest.Encode("path", entityID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -105,7 +100,7 @@ func (client EntitiesClient) ExpandPreparer(ctx context.Context, resourceGroupNa autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/expand", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/expand", pathParameters), autorest.WithJSON(parameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -131,13 +126,10 @@ func (client EntitiesClient) ExpandResponder(resp *http.Response) (result Entity // Get gets an entity. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // entityID - entity ID -func (client EntitiesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string) (result EntityModel, err error) { +func (client EntitiesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, entityID string) (result EntityModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesClient.Get") defer func() { @@ -150,18 +142,17 @@ func (client EntitiesClient) Get(ctx context.Context, resourceGroupName string, } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.EntitiesClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, entityID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "Get", nil, "Failure preparing request") return @@ -184,16 +175,15 @@ func (client EntitiesClient) Get(ctx context.Context, resourceGroupName string, } // GetPreparer prepares the Get request. -func (client EntitiesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string) (*http.Request, error) { +func (client EntitiesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "entityId": autorest.Encode("path", entityID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "entityId": autorest.Encode("path", entityID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -201,7 +191,7 @@ func (client EntitiesClient) GetPreparer(ctx context.Context, resourceGroupName preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -226,14 +216,11 @@ func (client EntitiesClient) GetResponder(resp *http.Response) (result EntityMod // GetInsights execute Insights for an entity. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // entityID - entity ID // parameters - the parameters required to execute insights on the given entity. -func (client EntitiesClient) GetInsights(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, parameters EntityGetInsightsParameters) (result EntityGetInsightsResponse, err error) { +func (client EntitiesClient) GetInsights(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityGetInsightsParameters) (result EntityGetInsightsResponse, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesClient.GetInsights") defer func() { @@ -246,11 +233,10 @@ func (client EntitiesClient) GetInsights(ctx context.Context, resourceGroupName } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, @@ -260,7 +246,7 @@ func (client EntitiesClient) GetInsights(ctx context.Context, resourceGroupName return result, validation.NewError("securityinsight.EntitiesClient", "GetInsights", err.Error()) } - req, err := client.GetInsightsPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID, parameters) + req, err := client.GetInsightsPreparer(ctx, resourceGroupName, workspaceName, entityID, parameters) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "GetInsights", nil, "Failure preparing request") return @@ -283,16 +269,15 @@ func (client EntitiesClient) GetInsights(ctx context.Context, resourceGroupName } // GetInsightsPreparer prepares the GetInsights request. -func (client EntitiesClient) GetInsightsPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, parameters EntityGetInsightsParameters) (*http.Request, error) { +func (client EntitiesClient) GetInsightsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityGetInsightsParameters) (*http.Request, error) { pathParameters := map[string]interface{}{ - "entityId": autorest.Encode("path", entityID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "entityId": autorest.Encode("path", entityID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -301,7 +286,7 @@ func (client EntitiesClient) GetInsightsPreparer(ctx context.Context, resourceGr autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/getInsights", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/getInsights", pathParameters), autorest.WithJSON(parameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -327,12 +312,9 @@ func (client EntitiesClient) GetInsightsResponder(resp *http.Response) (result E // List gets all entities. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityListPage, err error) { +func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result EntityListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesClient.List") defer func() { @@ -345,11 +327,10 @@ func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -357,7 +338,7 @@ func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "List", nil, "Failure preparing request") return @@ -384,15 +365,14 @@ func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, } // ListPreparer prepares the List request. -func (client EntitiesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client EntitiesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -400,7 +380,7 @@ func (client EntitiesClient) ListPreparer(ctx context.Context, resourceGroupName preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -445,7 +425,7 @@ func (client EntitiesClient) listNextResults(ctx context.Context, lastResults En } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client EntitiesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityListIterator, err error) { +func (client EntitiesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result EntityListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesClient.List") defer func() { @@ -456,19 +436,16 @@ func (client EntitiesClient) ListComplete(ctx context.Context, resourceGroupName tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + result.page, err = client.List(ctx, resourceGroupName, workspaceName) return } // Queries get Insights and Activities for an entity. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // entityID - entity ID -func (client EntitiesClient) Queries(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string) (result GetQueriesResponse, err error) { +func (client EntitiesClient) Queries(ctx context.Context, resourceGroupName string, workspaceName string, entityID string) (result GetQueriesResponse, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesClient.Queries") defer func() { @@ -481,18 +458,17 @@ func (client EntitiesClient) Queries(ctx context.Context, resourceGroupName stri } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.EntitiesClient", "Queries", err.Error()) } - req, err := client.QueriesPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID) + req, err := client.QueriesPreparer(ctx, resourceGroupName, workspaceName, entityID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "Queries", nil, "Failure preparing request") return @@ -515,16 +491,15 @@ func (client EntitiesClient) Queries(ctx context.Context, resourceGroupName stri } // QueriesPreparer prepares the Queries request. -func (client EntitiesClient) QueriesPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string) (*http.Request, error) { +func (client EntitiesClient) QueriesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "entityId": autorest.Encode("path", entityID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "entityId": autorest.Encode("path", entityID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, "kind": autorest.Encode("query", "Insight"), @@ -533,7 +508,7 @@ func (client EntitiesClient) QueriesPreparer(ctx context.Context, resourceGroupN preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/queries", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/queries", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entitiesgettimeline.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entitiesgettimeline.go similarity index 74% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entitiesgettimeline.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entitiesgettimeline.go index 7078f81a2072..16c58758f9da 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entitiesgettimeline.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entitiesgettimeline.go @@ -34,14 +34,11 @@ func NewEntitiesGetTimelineClientWithBaseURI(baseURI string, subscriptionID stri // List timeline for an entity. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // entityID - entity ID // parameters - the parameters required to execute an timeline operation on the given entity. -func (client EntitiesGetTimelineClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, parameters EntityTimelineParameters) (result EntityTimelineResponse, err error) { +func (client EntitiesGetTimelineClient) List(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityTimelineParameters) (result EntityTimelineResponse, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesGetTimelineClient.List") defer func() { @@ -54,11 +51,10 @@ func (client EntitiesGetTimelineClient) List(ctx context.Context, resourceGroupN } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, @@ -68,7 +64,7 @@ func (client EntitiesGetTimelineClient) List(ctx context.Context, resourceGroupN return result, validation.NewError("securityinsight.EntitiesGetTimelineClient", "List", err.Error()) } - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID, parameters) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, entityID, parameters) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.EntitiesGetTimelineClient", "List", nil, "Failure preparing request") return @@ -91,16 +87,15 @@ func (client EntitiesGetTimelineClient) List(ctx context.Context, resourceGroupN } // ListPreparer prepares the List request. -func (client EntitiesGetTimelineClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, parameters EntityTimelineParameters) (*http.Request, error) { +func (client EntitiesGetTimelineClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, parameters EntityTimelineParameters) (*http.Request, error) { pathParameters := map[string]interface{}{ - "entityId": autorest.Encode("path", entityID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "entityId": autorest.Encode("path", entityID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -109,7 +104,7 @@ func (client EntitiesGetTimelineClient) ListPreparer(ctx context.Context, resour autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/getTimeline", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/getTimeline", pathParameters), autorest.WithJSON(parameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entitiesrelations.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entitiesrelations.go similarity index 76% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entitiesrelations.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entitiesrelations.go index ee07abe53570..2f0dd64adb6c 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entitiesrelations.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entitiesrelations.go @@ -34,10 +34,7 @@ func NewEntitiesRelationsClientWithBaseURI(baseURI string, subscriptionID string // List gets all relations of an entity. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // entityID - entity ID // filter - filters the results, based on a Boolean condition. Optional. @@ -46,7 +43,7 @@ func NewEntitiesRelationsClientWithBaseURI(baseURI string, subscriptionID string // skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response // contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that // specifies a starting point to use for subsequent calls. Optional. -func (client EntitiesRelationsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error) { +func (client EntitiesRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesRelationsClient.List") defer func() { @@ -59,11 +56,10 @@ func (client EntitiesRelationsClient) List(ctx context.Context, resourceGroupNam } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -71,7 +67,7 @@ func (client EntitiesRelationsClient) List(ctx context.Context, resourceGroupNam } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID, filter, orderby, top, skipToken) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, entityID, filter, orderby, top, skipToken) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.EntitiesRelationsClient", "List", nil, "Failure preparing request") return @@ -98,16 +94,15 @@ func (client EntitiesRelationsClient) List(ctx context.Context, resourceGroupNam } // ListPreparer prepares the List request. -func (client EntitiesRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { +func (client EntitiesRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "entityId": autorest.Encode("path", entityID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "entityId": autorest.Encode("path", entityID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -127,7 +122,7 @@ func (client EntitiesRelationsClient) ListPreparer(ctx context.Context, resource preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -172,7 +167,7 @@ func (client EntitiesRelationsClient) listNextResults(ctx context.Context, lastR } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client EntitiesRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error) { +func (client EntitiesRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesRelationsClient.List") defer func() { @@ -183,6 +178,6 @@ func (client EntitiesRelationsClient) ListComplete(ctx context.Context, resource tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID, filter, orderby, top, skipToken) + result.page, err = client.List(ctx, resourceGroupName, workspaceName, entityID, filter, orderby, top, skipToken) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entityqueries.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entityqueries.go new file mode 100644 index 000000000000..c95ee9621b31 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entityqueries.go @@ -0,0 +1,438 @@ +package securityinsight + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// EntityQueriesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type EntityQueriesClient struct { + BaseClient +} + +// NewEntityQueriesClient creates an instance of the EntityQueriesClient client. +func NewEntityQueriesClient(subscriptionID string) EntityQueriesClient { + return NewEntityQueriesClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewEntityQueriesClientWithBaseURI creates an instance of the EntityQueriesClient client using a custom endpoint. +// Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). +func NewEntityQueriesClientWithBaseURI(baseURI string, subscriptionID string) EntityQueriesClient { + return EntityQueriesClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// CreateOrUpdate creates or updates the entity query. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// entityQueryID - entity query ID +// entityQuery - the entity query we want to create or update +func (client EntityQueriesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, entityQuery BasicCustomEntityQuery) (result EntityQueryModel, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.CreateOrUpdate") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.EntityQueriesClient", "CreateOrUpdate", err.Error()) + } + + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, entityQueryID, entityQuery) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "CreateOrUpdate", nil, "Failure preparing request") + return + } + + resp, err := client.CreateOrUpdateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "CreateOrUpdate", resp, "Failure sending request") + return + } + + result, err = client.CreateOrUpdateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "CreateOrUpdate", resp, "Failure responding to request") + return + } + + return +} + +// CreateOrUpdatePreparer prepares the CreateOrUpdate request. +func (client EntityQueriesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string, entityQuery BasicCustomEntityQuery) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "entityQueryId": autorest.Encode("path", entityQueryID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}", pathParameters), + autorest.WithJSON(entityQuery), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the +// http.Response Body if it receives an error. +func (client EntityQueriesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always +// closes the http.Response Body. +func (client EntityQueriesClient) CreateOrUpdateResponder(resp *http.Response) (result EntityQueryModel, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Delete delete the entity query. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// entityQueryID - entity query ID +func (client EntityQueriesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string) (result autorest.Response, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.Delete") + defer func() { + sc := -1 + if result.Response != nil { + sc = result.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.EntityQueriesClient", "Delete", err.Error()) + } + + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, entityQueryID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Delete", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Delete", resp, "Failure sending request") + return + } + + result, err = client.DeleteResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Delete", resp, "Failure responding to request") + return + } + + return +} + +// DeletePreparer prepares the Delete request. +func (client EntityQueriesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "entityQueryId": autorest.Encode("path", entityQueryID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteSender sends the Delete request. The method will close the +// http.Response Body if it receives an error. +func (client EntityQueriesClient) DeleteSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// DeleteResponder handles the response to the Delete request. The method always +// closes the http.Response Body. +func (client EntityQueriesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// Get gets an entity query. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// entityQueryID - entity query ID +func (client EntityQueriesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string) (result EntityQueryModel, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.Get") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.EntityQueriesClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, entityQueryID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Get", resp, "Failure responding to request") + return + } + + return +} + +// GetPreparer prepares the Get request. +func (client EntityQueriesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "entityQueryId": autorest.Encode("path", entityQueryID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client EntityQueriesClient) GetSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client EntityQueriesClient) GetResponder(resp *http.Response) (result EntityQueryModel, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// List gets all entity queries. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// kind - the entity query kind we want to fetch +func (client EntityQueriesClient) List(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (result EntityQueryListPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.List") + defer func() { + sc := -1 + if result.eql.Response.Response != nil { + sc = result.eql.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.EntityQueriesClient", "List", err.Error()) + } + + result.fn = client.listNextResults + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, kind) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.eql.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "List", resp, "Failure sending request") + return + } + + result.eql, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "List", resp, "Failure responding to request") + return + } + if result.eql.hasNextLink() && result.eql.IsEmpty() { + err = result.NextWithContext(ctx) + return + } + + return +} + +// ListPreparer prepares the List request. +func (client EntityQueriesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(string(kind)) > 0 { + queryParameters["kind"] = autorest.Encode("query", kind) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client EntityQueriesClient) ListSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client EntityQueriesClient) ListResponder(resp *http.Response) (result EntityQueryList, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listNextResults retrieves the next set of results, if any. +func (client EntityQueriesClient) listNextResults(ctx context.Context, lastResults EntityQueryList) (result EntityQueryList, err error) { + req, err := lastResults.entityQueryListPreparer(ctx) + if err != nil { + return result, autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "listNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "listNextResults", resp, "Failure sending next results request") + } + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "listNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client EntityQueriesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (result EntityQueryListIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.List") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.List(ctx, resourceGroupName, workspaceName, kind) + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entityquerytemplates.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entityquerytemplates.go new file mode 100644 index 000000000000..543501d6e47f --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entityquerytemplates.go @@ -0,0 +1,258 @@ +package securityinsight + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// EntityQueryTemplatesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource +// provider +type EntityQueryTemplatesClient struct { + BaseClient +} + +// NewEntityQueryTemplatesClient creates an instance of the EntityQueryTemplatesClient client. +func NewEntityQueryTemplatesClient(subscriptionID string) EntityQueryTemplatesClient { + return NewEntityQueryTemplatesClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewEntityQueryTemplatesClientWithBaseURI creates an instance of the EntityQueryTemplatesClient client using a custom +// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure +// stack). +func NewEntityQueryTemplatesClientWithBaseURI(baseURI string, subscriptionID string) EntityQueryTemplatesClient { + return EntityQueryTemplatesClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// Get gets an entity query. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// entityQueryTemplateID - entity query template ID +func (client EntityQueryTemplatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryTemplateID string) (result EntityQueryTemplateModel, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryTemplatesClient.Get") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.EntityQueryTemplatesClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, entityQueryTemplateID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueryTemplatesClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueryTemplatesClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueryTemplatesClient", "Get", resp, "Failure responding to request") + return + } + + return +} + +// GetPreparer prepares the Get request. +func (client EntityQueryTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityQueryTemplateID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "entityQueryTemplateId": autorest.Encode("path", entityQueryTemplateID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueryTemplates/{entityQueryTemplateId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client EntityQueryTemplatesClient) GetSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client EntityQueryTemplatesClient) GetResponder(resp *http.Response) (result EntityQueryTemplateModel, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// List gets all entity query templates. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// kind - the entity template query kind we want to fetch +func (client EntityQueryTemplatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (result EntityQueryTemplateListPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryTemplatesClient.List") + defer func() { + sc := -1 + if result.eqtl.Response.Response != nil { + sc = result.eqtl.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.EntityQueryTemplatesClient", "List", err.Error()) + } + + result.fn = client.listNextResults + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, kind) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueryTemplatesClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.eqtl.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueryTemplatesClient", "List", resp, "Failure sending request") + return + } + + result.eqtl, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueryTemplatesClient", "List", resp, "Failure responding to request") + return + } + if result.eqtl.hasNextLink() && result.eqtl.IsEmpty() { + err = result.NextWithContext(ctx) + return + } + + return +} + +// ListPreparer prepares the List request. +func (client EntityQueryTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(string(kind)) > 0 { + queryParameters["kind"] = autorest.Encode("query", kind) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueryTemplates", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client EntityQueryTemplatesClient) ListSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client EntityQueryTemplatesClient) ListResponder(resp *http.Response) (result EntityQueryTemplateList, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listNextResults retrieves the next set of results, if any. +func (client EntityQueryTemplatesClient) listNextResults(ctx context.Context, lastResults EntityQueryTemplateList) (result EntityQueryTemplateList, err error) { + req, err := lastResults.entityQueryTemplateListPreparer(ctx) + if err != nil { + return result, autorest.NewErrorWithError(err, "securityinsight.EntityQueryTemplatesClient", "listNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "securityinsight.EntityQueryTemplatesClient", "listNextResults", resp, "Failure sending next results request") + } + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityQueryTemplatesClient", "listNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client EntityQueryTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, kind string) (result EntityQueryTemplateListIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryTemplatesClient.List") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.List(ctx, resourceGroupName, workspaceName, kind) + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entityrelations.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entityrelations.go similarity index 73% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entityrelations.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entityrelations.go index 3eea350c749b..0d2b4343a051 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/entityrelations.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/entityrelations.go @@ -33,14 +33,11 @@ func NewEntityRelationsClientWithBaseURI(baseURI string, subscriptionID string) // GetRelation gets an entity relation. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // entityID - entity ID // relationName - relation Name -func (client EntityRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, relationName string) (result Relation, err error) { +func (client EntityRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, relationName string) (result Relation, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/EntityRelationsClient.GetRelation") defer func() { @@ -53,18 +50,17 @@ func (client EntityRelationsClient) GetRelation(ctx context.Context, resourceGro } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.EntityRelationsClient", "GetRelation", err.Error()) } - req, err := client.GetRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID, relationName) + req, err := client.GetRelationPreparer(ctx, resourceGroupName, workspaceName, entityID, relationName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.EntityRelationsClient", "GetRelation", nil, "Failure preparing request") return @@ -87,17 +83,16 @@ func (client EntityRelationsClient) GetRelation(ctx context.Context, resourceGro } // GetRelationPreparer prepares the GetRelation request. -func (client EntityRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, relationName string) (*http.Request, error) { +func (client EntityRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, workspaceName string, entityID string, relationName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "entityId": autorest.Encode("path", entityID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "entityId": autorest.Encode("path", entityID), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -105,7 +100,7 @@ func (client EntityRelationsClient) GetRelationPreparer(ctx context.Context, res preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations/{relationName}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations/{relationName}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/enums.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/enums.go similarity index 77% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/enums.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/enums.go index 1614204c001f..c7c285e835f0 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/enums.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/enums.go @@ -23,6 +23,21 @@ func PossibleActionTypeValues() []ActionType { return []ActionType{ActionTypeAutomationRuleAction, ActionTypeModifyProperties, ActionTypeRunPlaybook} } +// AlertDetail enumerates the values for alert detail. +type AlertDetail string + +const ( + // AlertDetailDisplayName Alert display name + AlertDetailDisplayName AlertDetail = "DisplayName" + // AlertDetailSeverity Alert severity + AlertDetailSeverity AlertDetail = "Severity" +) + +// PossibleAlertDetailValues returns an array of possible values for the AlertDetail const type. +func PossibleAlertDetailValues() []AlertDetail { + return []AlertDetail{AlertDetailDisplayName, AlertDetailSeverity} +} + // AlertRuleKind enumerates the values for alert rule kind. type AlertRuleKind string @@ -33,6 +48,8 @@ const ( AlertRuleKindMicrosoftSecurityIncidentCreation AlertRuleKind = "MicrosoftSecurityIncidentCreation" // AlertRuleKindMLBehaviorAnalytics ... AlertRuleKindMLBehaviorAnalytics AlertRuleKind = "MLBehaviorAnalytics" + // AlertRuleKindNRT ... + AlertRuleKindNRT AlertRuleKind = "NRT" // AlertRuleKindScheduled ... AlertRuleKindScheduled AlertRuleKind = "Scheduled" // AlertRuleKindThreatIntelligence ... @@ -41,7 +58,7 @@ const ( // PossibleAlertRuleKindValues returns an array of possible values for the AlertRuleKind const type. func PossibleAlertRuleKindValues() []AlertRuleKind { - return []AlertRuleKind{AlertRuleKindFusion, AlertRuleKindMicrosoftSecurityIncidentCreation, AlertRuleKindMLBehaviorAnalytics, AlertRuleKindScheduled, AlertRuleKindThreatIntelligence} + return []AlertRuleKind{AlertRuleKindFusion, AlertRuleKindMicrosoftSecurityIncidentCreation, AlertRuleKindMLBehaviorAnalytics, AlertRuleKindNRT, AlertRuleKindScheduled, AlertRuleKindThreatIntelligence} } // AlertSeverity enumerates the values for alert severity. @@ -300,67 +317,6 @@ func PossibleAutomationRulePropertyConditionSupportedPropertyValues() []Automati return []AutomationRulePropertyConditionSupportedProperty{AutomationRulePropertyConditionSupportedPropertyAccountAadTenantID, AutomationRulePropertyConditionSupportedPropertyAccountAadUserID, AutomationRulePropertyConditionSupportedPropertyAccountName, AutomationRulePropertyConditionSupportedPropertyAccountNTDomain, AutomationRulePropertyConditionSupportedPropertyAccountObjectGUID, AutomationRulePropertyConditionSupportedPropertyAccountPUID, AutomationRulePropertyConditionSupportedPropertyAccountSid, AutomationRulePropertyConditionSupportedPropertyAccountUPNSuffix, AutomationRulePropertyConditionSupportedPropertyAzureResourceResourceID, AutomationRulePropertyConditionSupportedPropertyAzureResourceSubscriptionID, AutomationRulePropertyConditionSupportedPropertyCloudApplicationAppID, AutomationRulePropertyConditionSupportedPropertyCloudApplicationAppName, AutomationRulePropertyConditionSupportedPropertyDNSDomainName, AutomationRulePropertyConditionSupportedPropertyFileDirectory, AutomationRulePropertyConditionSupportedPropertyFileHashValue, AutomationRulePropertyConditionSupportedPropertyFileName, AutomationRulePropertyConditionSupportedPropertyHostAzureID, AutomationRulePropertyConditionSupportedPropertyHostName, AutomationRulePropertyConditionSupportedPropertyHostNetBiosName, AutomationRulePropertyConditionSupportedPropertyHostNTDomain, AutomationRulePropertyConditionSupportedPropertyHostOSVersion, AutomationRulePropertyConditionSupportedPropertyIncidentDescription, AutomationRulePropertyConditionSupportedPropertyIncidentProviderName, AutomationRulePropertyConditionSupportedPropertyIncidentRelatedAnalyticRuleIds, AutomationRulePropertyConditionSupportedPropertyIncidentSeverity, AutomationRulePropertyConditionSupportedPropertyIncidentStatus, AutomationRulePropertyConditionSupportedPropertyIncidentTactics, AutomationRulePropertyConditionSupportedPropertyIncidentTitle, AutomationRulePropertyConditionSupportedPropertyIoTDeviceID, AutomationRulePropertyConditionSupportedPropertyIoTDeviceModel, AutomationRulePropertyConditionSupportedPropertyIoTDeviceName, AutomationRulePropertyConditionSupportedPropertyIoTDeviceOperatingSystem, AutomationRulePropertyConditionSupportedPropertyIoTDeviceType, AutomationRulePropertyConditionSupportedPropertyIoTDeviceVendor, AutomationRulePropertyConditionSupportedPropertyIPAddress, AutomationRulePropertyConditionSupportedPropertyMailboxDisplayName, AutomationRulePropertyConditionSupportedPropertyMailboxPrimaryAddress, AutomationRulePropertyConditionSupportedPropertyMailboxUPN, AutomationRulePropertyConditionSupportedPropertyMailMessageDeliveryAction, AutomationRulePropertyConditionSupportedPropertyMailMessageDeliveryLocation, AutomationRulePropertyConditionSupportedPropertyMailMessageP1Sender, AutomationRulePropertyConditionSupportedPropertyMailMessageP2Sender, AutomationRulePropertyConditionSupportedPropertyMailMessageRecipient, AutomationRulePropertyConditionSupportedPropertyMailMessageSenderIP, AutomationRulePropertyConditionSupportedPropertyMailMessageSubject, AutomationRulePropertyConditionSupportedPropertyMalwareCategory, AutomationRulePropertyConditionSupportedPropertyMalwareName, AutomationRulePropertyConditionSupportedPropertyProcessCommandLine, AutomationRulePropertyConditionSupportedPropertyProcessID, AutomationRulePropertyConditionSupportedPropertyRegistryKey, AutomationRulePropertyConditionSupportedPropertyRegistryValueData, AutomationRulePropertyConditionSupportedPropertyURL} } -// CaseSeverity enumerates the values for case severity. -type CaseSeverity string - -const ( - // CaseSeverityCritical Critical severity - CaseSeverityCritical CaseSeverity = "Critical" - // CaseSeverityHigh High severity - CaseSeverityHigh CaseSeverity = "High" - // CaseSeverityInformational Informational severity - CaseSeverityInformational CaseSeverity = "Informational" - // CaseSeverityLow Low severity - CaseSeverityLow CaseSeverity = "Low" - // CaseSeverityMedium Medium severity - CaseSeverityMedium CaseSeverity = "Medium" -) - -// PossibleCaseSeverityValues returns an array of possible values for the CaseSeverity const type. -func PossibleCaseSeverityValues() []CaseSeverity { - return []CaseSeverity{CaseSeverityCritical, CaseSeverityHigh, CaseSeverityInformational, CaseSeverityLow, CaseSeverityMedium} -} - -// CaseStatus enumerates the values for case status. -type CaseStatus string - -const ( - // CaseStatusClosed A non active case - CaseStatusClosed CaseStatus = "Closed" - // CaseStatusDraft Case that wasn't promoted yet to active - CaseStatusDraft CaseStatus = "Draft" - // CaseStatusInProgress An active case which is handled - CaseStatusInProgress CaseStatus = "InProgress" - // CaseStatusNew An active case which isn't handled currently - CaseStatusNew CaseStatus = "New" -) - -// PossibleCaseStatusValues returns an array of possible values for the CaseStatus const type. -func PossibleCaseStatusValues() []CaseStatus { - return []CaseStatus{CaseStatusClosed, CaseStatusDraft, CaseStatusInProgress, CaseStatusNew} -} - -// CloseReason enumerates the values for close reason. -type CloseReason string - -const ( - // CloseReasonDismissed Case was dismissed - CloseReasonDismissed CloseReason = "Dismissed" - // CloseReasonFalsePositive Case was false positive - CloseReasonFalsePositive CloseReason = "FalsePositive" - // CloseReasonOther Case was closed for another reason - CloseReasonOther CloseReason = "Other" - // CloseReasonResolved Case was resolved - CloseReasonResolved CloseReason = "Resolved" - // CloseReasonTruePositive Case was true positive - CloseReasonTruePositive CloseReason = "TruePositive" -) - -// PossibleCloseReasonValues returns an array of possible values for the CloseReason const type. -func PossibleCloseReasonValues() []CloseReason { - return []CloseReason{CloseReasonDismissed, CloseReasonFalsePositive, CloseReasonOther, CloseReasonResolved, CloseReasonTruePositive} -} - // ConditionType enumerates the values for condition type. type ConditionType string @@ -415,6 +371,83 @@ func PossibleConfidenceScoreStatusValues() []ConfidenceScoreStatus { return []ConfidenceScoreStatus{ConfidenceScoreStatusFinal, ConfidenceScoreStatusInProcess, ConfidenceScoreStatusNotApplicable, ConfidenceScoreStatusNotFinal} } +// ConnectAuthKind enumerates the values for connect auth kind. +type ConnectAuthKind string + +const ( + // ConnectAuthKindAPIKey ... + ConnectAuthKindAPIKey ConnectAuthKind = "APIKey" + // ConnectAuthKindBasic ... + ConnectAuthKindBasic ConnectAuthKind = "Basic" + // ConnectAuthKindOAuth2 ... + ConnectAuthKindOAuth2 ConnectAuthKind = "OAuth2" +) + +// PossibleConnectAuthKindValues returns an array of possible values for the ConnectAuthKind const type. +func PossibleConnectAuthKindValues() []ConnectAuthKind { + return []ConnectAuthKind{ConnectAuthKindAPIKey, ConnectAuthKindBasic, ConnectAuthKindOAuth2} +} + +// ConnectivityType enumerates the values for connectivity type. +type ConnectivityType string + +const ( + // ConnectivityTypeIsConnectedQuery ... + ConnectivityTypeIsConnectedQuery ConnectivityType = "IsConnectedQuery" +) + +// PossibleConnectivityTypeValues returns an array of possible values for the ConnectivityType const type. +func PossibleConnectivityTypeValues() []ConnectivityType { + return []ConnectivityType{ConnectivityTypeIsConnectedQuery} +} + +// ContentType enumerates the values for content type. +type ContentType string + +const ( + // ContentTypeAnalyticRule ... + ContentTypeAnalyticRule ContentType = "AnalyticRule" + // ContentTypeWorkbook ... + ContentTypeWorkbook ContentType = "Workbook" +) + +// PossibleContentTypeValues returns an array of possible values for the ContentType const type. +func PossibleContentTypeValues() []ContentType { + return []ContentType{ContentTypeAnalyticRule, ContentTypeWorkbook} +} + +// CreatedByType enumerates the values for created by type. +type CreatedByType string + +const ( + // CreatedByTypeApplication ... + CreatedByTypeApplication CreatedByType = "Application" + // CreatedByTypeKey ... + CreatedByTypeKey CreatedByType = "Key" + // CreatedByTypeManagedIdentity ... + CreatedByTypeManagedIdentity CreatedByType = "ManagedIdentity" + // CreatedByTypeUser ... + CreatedByTypeUser CreatedByType = "User" +) + +// PossibleCreatedByTypeValues returns an array of possible values for the CreatedByType const type. +func PossibleCreatedByTypeValues() []CreatedByType { + return []CreatedByType{CreatedByTypeApplication, CreatedByTypeKey, CreatedByTypeManagedIdentity, CreatedByTypeUser} +} + +// CustomEntityQueryKind enumerates the values for custom entity query kind. +type CustomEntityQueryKind string + +const ( + // CustomEntityQueryKindActivity ... + CustomEntityQueryKindActivity CustomEntityQueryKind = "Activity" +) + +// PossibleCustomEntityQueryKindValues returns an array of possible values for the CustomEntityQueryKind const type. +func PossibleCustomEntityQueryKindValues() []CustomEntityQueryKind { + return []CustomEntityQueryKind{CustomEntityQueryKindActivity} +} + // DataConnectorAuthorizationState enumerates the values for data connector authorization state. type DataConnectorAuthorizationState string @@ -436,6 +469,10 @@ type DataConnectorKind string const ( // DataConnectorKindAmazonWebServicesCloudTrail ... DataConnectorKindAmazonWebServicesCloudTrail DataConnectorKind = "AmazonWebServicesCloudTrail" + // DataConnectorKindAmazonWebServicesS3 ... + DataConnectorKindAmazonWebServicesS3 DataConnectorKind = "AmazonWebServicesS3" + // DataConnectorKindAPIPolling ... + DataConnectorKindAPIPolling DataConnectorKind = "APIPolling" // DataConnectorKindAzureActiveDirectory ... DataConnectorKindAzureActiveDirectory DataConnectorKind = "AzureActiveDirectory" // DataConnectorKindAzureAdvancedThreatProtection ... @@ -444,6 +481,8 @@ const ( DataConnectorKindAzureSecurityCenter DataConnectorKind = "AzureSecurityCenter" // DataConnectorKindDynamics365 ... DataConnectorKindDynamics365 DataConnectorKind = "Dynamics365" + // DataConnectorKindGenericUI ... + DataConnectorKindGenericUI DataConnectorKind = "GenericUI" // DataConnectorKindMicrosoftCloudAppSecurity ... DataConnectorKindMicrosoftCloudAppSecurity DataConnectorKind = "MicrosoftCloudAppSecurity" // DataConnectorKindMicrosoftDefenderAdvancedThreatProtection ... @@ -456,6 +495,8 @@ const ( DataConnectorKindOffice365 DataConnectorKind = "Office365" // DataConnectorKindOfficeATP ... DataConnectorKindOfficeATP DataConnectorKind = "OfficeATP" + // DataConnectorKindOfficeIRM ... + DataConnectorKindOfficeIRM DataConnectorKind = "OfficeIRM" // DataConnectorKindThreatIntelligence ... DataConnectorKindThreatIntelligence DataConnectorKind = "ThreatIntelligence" // DataConnectorKindThreatIntelligenceTaxii ... @@ -464,7 +505,7 @@ const ( // PossibleDataConnectorKindValues returns an array of possible values for the DataConnectorKind const type. func PossibleDataConnectorKindValues() []DataConnectorKind { - return []DataConnectorKind{DataConnectorKindAmazonWebServicesCloudTrail, DataConnectorKindAzureActiveDirectory, DataConnectorKindAzureAdvancedThreatProtection, DataConnectorKindAzureSecurityCenter, DataConnectorKindDynamics365, DataConnectorKindMicrosoftCloudAppSecurity, DataConnectorKindMicrosoftDefenderAdvancedThreatProtection, DataConnectorKindMicrosoftThreatIntelligence, DataConnectorKindMicrosoftThreatProtection, DataConnectorKindOffice365, DataConnectorKindOfficeATP, DataConnectorKindThreatIntelligence, DataConnectorKindThreatIntelligenceTaxii} + return []DataConnectorKind{DataConnectorKindAmazonWebServicesCloudTrail, DataConnectorKindAmazonWebServicesS3, DataConnectorKindAPIPolling, DataConnectorKindAzureActiveDirectory, DataConnectorKindAzureAdvancedThreatProtection, DataConnectorKindAzureSecurityCenter, DataConnectorKindDynamics365, DataConnectorKindGenericUI, DataConnectorKindMicrosoftCloudAppSecurity, DataConnectorKindMicrosoftDefenderAdvancedThreatProtection, DataConnectorKindMicrosoftThreatIntelligence, DataConnectorKindMicrosoftThreatProtection, DataConnectorKindOffice365, DataConnectorKindOfficeATP, DataConnectorKindOfficeIRM, DataConnectorKindThreatIntelligence, DataConnectorKindThreatIntelligenceTaxii} } // DataConnectorLicenseState enumerates the values for data connector license state. @@ -566,23 +607,6 @@ func PossibleElevationTokenValues() []ElevationToken { return []ElevationToken{ElevationTokenDefault, ElevationTokenFull, ElevationTokenLimited} } -// EntitiesMatchingMethod enumerates the values for entities matching method. -type EntitiesMatchingMethod string - -const ( - // EntitiesMatchingMethodAll Grouping alerts into a single incident if all the entities match - EntitiesMatchingMethodAll EntitiesMatchingMethod = "All" - // EntitiesMatchingMethodCustom Grouping alerts into a single incident if the selected entities match - EntitiesMatchingMethodCustom EntitiesMatchingMethod = "Custom" - // EntitiesMatchingMethodNone Grouping all alerts triggered by this rule into a single incident - EntitiesMatchingMethodNone EntitiesMatchingMethod = "None" -) - -// PossibleEntitiesMatchingMethodValues returns an array of possible values for the EntitiesMatchingMethod const type. -func PossibleEntitiesMatchingMethodValues() []EntitiesMatchingMethod { - return []EntitiesMatchingMethod{EntitiesMatchingMethodAll, EntitiesMatchingMethodCustom, EntitiesMatchingMethodNone} -} - // EntityKind enumerates the values for entity kind. type EntityKind string @@ -636,10 +660,59 @@ func PossibleEntityKindValues() []EntityKind { return []EntityKind{EntityKindAccount, EntityKindAzureResource, EntityKindBookmark, EntityKindCloudApplication, EntityKindDNSResolution, EntityKindFile, EntityKindFileHash, EntityKindHost, EntityKindIoTDevice, EntityKindIP, EntityKindMailbox, EntityKindMailCluster, EntityKindMailMessage, EntityKindMalware, EntityKindProcess, EntityKindRegistryKey, EntityKindRegistryValue, EntityKindSecurityAlert, EntityKindSecurityGroup, EntityKindSubmissionMail, EntityKindURL} } +// EntityMappingType enumerates the values for entity mapping type. +type EntityMappingType string + +const ( + // EntityMappingTypeAccount User account entity type + EntityMappingTypeAccount EntityMappingType = "Account" + // EntityMappingTypeAzureResource Azure resource entity type + EntityMappingTypeAzureResource EntityMappingType = "AzureResource" + // EntityMappingTypeCloudApplication Cloud app entity type + EntityMappingTypeCloudApplication EntityMappingType = "CloudApplication" + // EntityMappingTypeDNS DNS entity type + EntityMappingTypeDNS EntityMappingType = "DNS" + // EntityMappingTypeFile System file entity type + EntityMappingTypeFile EntityMappingType = "File" + // EntityMappingTypeFileHash File-hash entity type + EntityMappingTypeFileHash EntityMappingType = "FileHash" + // EntityMappingTypeHost Host entity type + EntityMappingTypeHost EntityMappingType = "Host" + // EntityMappingTypeIP IP address entity type + EntityMappingTypeIP EntityMappingType = "IP" + // EntityMappingTypeMailbox Mailbox entity type + EntityMappingTypeMailbox EntityMappingType = "Mailbox" + // EntityMappingTypeMailCluster Mail cluster entity type + EntityMappingTypeMailCluster EntityMappingType = "MailCluster" + // EntityMappingTypeMailMessage Mail message entity type + EntityMappingTypeMailMessage EntityMappingType = "MailMessage" + // EntityMappingTypeMalware Malware entity type + EntityMappingTypeMalware EntityMappingType = "Malware" + // EntityMappingTypeProcess Process entity type + EntityMappingTypeProcess EntityMappingType = "Process" + // EntityMappingTypeRegistryKey Registry key entity type + EntityMappingTypeRegistryKey EntityMappingType = "RegistryKey" + // EntityMappingTypeRegistryValue Registry value entity type + EntityMappingTypeRegistryValue EntityMappingType = "RegistryValue" + // EntityMappingTypeSecurityGroup Security group entity type + EntityMappingTypeSecurityGroup EntityMappingType = "SecurityGroup" + // EntityMappingTypeSubmissionMail Submission mail entity type + EntityMappingTypeSubmissionMail EntityMappingType = "SubmissionMail" + // EntityMappingTypeURL URL entity type + EntityMappingTypeURL EntityMappingType = "URL" +) + +// PossibleEntityMappingTypeValues returns an array of possible values for the EntityMappingType const type. +func PossibleEntityMappingTypeValues() []EntityMappingType { + return []EntityMappingType{EntityMappingTypeAccount, EntityMappingTypeAzureResource, EntityMappingTypeCloudApplication, EntityMappingTypeDNS, EntityMappingTypeFile, EntityMappingTypeFileHash, EntityMappingTypeHost, EntityMappingTypeIP, EntityMappingTypeMailbox, EntityMappingTypeMailCluster, EntityMappingTypeMailMessage, EntityMappingTypeMalware, EntityMappingTypeProcess, EntityMappingTypeRegistryKey, EntityMappingTypeRegistryValue, EntityMappingTypeSecurityGroup, EntityMappingTypeSubmissionMail, EntityMappingTypeURL} +} + // EntityQueryKind enumerates the values for entity query kind. type EntityQueryKind string const ( + // EntityQueryKindActivity ... + EntityQueryKindActivity EntityQueryKind = "Activity" // EntityQueryKindExpansion ... EntityQueryKindExpansion EntityQueryKind = "Expansion" // EntityQueryKindInsight ... @@ -648,7 +721,20 @@ const ( // PossibleEntityQueryKindValues returns an array of possible values for the EntityQueryKind const type. func PossibleEntityQueryKindValues() []EntityQueryKind { - return []EntityQueryKind{EntityQueryKindExpansion, EntityQueryKindInsight} + return []EntityQueryKind{EntityQueryKindActivity, EntityQueryKindExpansion, EntityQueryKindInsight} +} + +// EntityQueryTemplateKind enumerates the values for entity query template kind. +type EntityQueryTemplateKind string + +const ( + // EntityQueryTemplateKindActivity ... + EntityQueryTemplateKindActivity EntityQueryTemplateKind = "Activity" +) + +// PossibleEntityQueryTemplateKindValues returns an array of possible values for the EntityQueryTemplateKind const type. +func PossibleEntityQueryTemplateKindValues() []EntityQueryTemplateKind { + return []EntityQueryTemplateKind{EntityQueryTemplateKindActivity} } // EntityTimelineKind enumerates the values for entity timeline kind. @@ -757,27 +843,6 @@ func PossibleFileHashAlgorithmValues() []FileHashAlgorithm { return []FileHashAlgorithm{FileHashAlgorithmMD5, FileHashAlgorithmSHA1, FileHashAlgorithmSHA256, FileHashAlgorithmSHA256AC, FileHashAlgorithmUnknown} } -// GroupingEntityType enumerates the values for grouping entity type. -type GroupingEntityType string - -const ( - // GroupingEntityTypeAccount Account entity - GroupingEntityTypeAccount GroupingEntityType = "Account" - // GroupingEntityTypeFileHash FileHash entity - GroupingEntityTypeFileHash GroupingEntityType = "FileHash" - // GroupingEntityTypeHost Host entity - GroupingEntityTypeHost GroupingEntityType = "Host" - // GroupingEntityTypeIP Ip entity - GroupingEntityTypeIP GroupingEntityType = "Ip" - // GroupingEntityTypeURL Url entity - GroupingEntityTypeURL GroupingEntityType = "Url" -) - -// PossibleGroupingEntityTypeValues returns an array of possible values for the GroupingEntityType const type. -func PossibleGroupingEntityTypeValues() []GroupingEntityType { - return []GroupingEntityType{GroupingEntityTypeAccount, GroupingEntityTypeFileHash, GroupingEntityTypeHost, GroupingEntityTypeIP, GroupingEntityTypeURL} -} - // IncidentClassification enumerates the values for incident classification. type IncidentClassification string @@ -949,15 +1014,39 @@ func PossibleKillChainIntentValues() []KillChainIntent { type Kind string const ( - // KindAggregations ... - KindAggregations Kind = "Aggregations" - // KindCasesAggregation ... - KindCasesAggregation Kind = "CasesAggregation" + // KindAnalyticsRule ... + KindAnalyticsRule Kind = "AnalyticsRule" + // KindAnalyticsRuleTemplate ... + KindAnalyticsRuleTemplate Kind = "AnalyticsRuleTemplate" + // KindDataConnector ... + KindDataConnector Kind = "DataConnector" + // KindDataType ... + KindDataType Kind = "DataType" + // KindHuntingQuery ... + KindHuntingQuery Kind = "HuntingQuery" + // KindInvestigationQuery ... + KindInvestigationQuery Kind = "InvestigationQuery" + // KindParser ... + KindParser Kind = "Parser" + // KindPlaybook ... + KindPlaybook Kind = "Playbook" + // KindPlaybookTemplate ... + KindPlaybookTemplate Kind = "PlaybookTemplate" + // KindSolution ... + KindSolution Kind = "Solution" + // KindWatchlist ... + KindWatchlist Kind = "Watchlist" + // KindWatchlistTemplate ... + KindWatchlistTemplate Kind = "WatchlistTemplate" + // KindWorkbook ... + KindWorkbook Kind = "Workbook" + // KindWorkbookTemplate ... + KindWorkbookTemplate Kind = "WorkbookTemplate" ) // PossibleKindValues returns an array of possible values for the Kind const type. func PossibleKindValues() []Kind { - return []Kind{KindAggregations, KindCasesAggregation} + return []Kind{KindAnalyticsRule, KindAnalyticsRuleTemplate, KindDataConnector, KindDataType, KindHuntingQuery, KindInvestigationQuery, KindParser, KindPlaybook, KindPlaybookTemplate, KindSolution, KindWatchlist, KindWatchlistTemplate, KindWorkbook, KindWorkbookTemplate} } // KindBasicAlertRule enumerates the values for kind basic alert rule. @@ -972,6 +1061,8 @@ const ( KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation KindBasicAlertRule = "MicrosoftSecurityIncidentCreation" // KindBasicAlertRuleKindMLBehaviorAnalytics ... KindBasicAlertRuleKindMLBehaviorAnalytics KindBasicAlertRule = "MLBehaviorAnalytics" + // KindBasicAlertRuleKindNRT ... + KindBasicAlertRuleKindNRT KindBasicAlertRule = "NRT" // KindBasicAlertRuleKindScheduled ... KindBasicAlertRuleKindScheduled KindBasicAlertRule = "Scheduled" // KindBasicAlertRuleKindThreatIntelligence ... @@ -980,7 +1071,7 @@ const ( // PossibleKindBasicAlertRuleValues returns an array of possible values for the KindBasicAlertRule const type. func PossibleKindBasicAlertRuleValues() []KindBasicAlertRule { - return []KindBasicAlertRule{KindBasicAlertRuleKindAlertRule, KindBasicAlertRuleKindFusion, KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation, KindBasicAlertRuleKindMLBehaviorAnalytics, KindBasicAlertRuleKindScheduled, KindBasicAlertRuleKindThreatIntelligence} + return []KindBasicAlertRule{KindBasicAlertRuleKindAlertRule, KindBasicAlertRuleKindFusion, KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation, KindBasicAlertRuleKindMLBehaviorAnalytics, KindBasicAlertRuleKindNRT, KindBasicAlertRuleKindScheduled, KindBasicAlertRuleKindThreatIntelligence} } // KindBasicAlertRuleTemplate enumerates the values for kind basic alert rule template. @@ -995,6 +1086,8 @@ const ( KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation KindBasicAlertRuleTemplate = "MicrosoftSecurityIncidentCreation" // KindBasicAlertRuleTemplateKindMLBehaviorAnalytics ... KindBasicAlertRuleTemplateKindMLBehaviorAnalytics KindBasicAlertRuleTemplate = "MLBehaviorAnalytics" + // KindBasicAlertRuleTemplateKindNRT ... + KindBasicAlertRuleTemplateKindNRT KindBasicAlertRuleTemplate = "NRT" // KindBasicAlertRuleTemplateKindScheduled ... KindBasicAlertRuleTemplateKindScheduled KindBasicAlertRuleTemplate = "Scheduled" // KindBasicAlertRuleTemplateKindThreatIntelligence ... @@ -1003,7 +1096,22 @@ const ( // PossibleKindBasicAlertRuleTemplateValues returns an array of possible values for the KindBasicAlertRuleTemplate const type. func PossibleKindBasicAlertRuleTemplateValues() []KindBasicAlertRuleTemplate { - return []KindBasicAlertRuleTemplate{KindBasicAlertRuleTemplateKindAlertRuleTemplate, KindBasicAlertRuleTemplateKindFusion, KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation, KindBasicAlertRuleTemplateKindMLBehaviorAnalytics, KindBasicAlertRuleTemplateKindScheduled, KindBasicAlertRuleTemplateKindThreatIntelligence} + return []KindBasicAlertRuleTemplate{KindBasicAlertRuleTemplateKindAlertRuleTemplate, KindBasicAlertRuleTemplateKindFusion, KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation, KindBasicAlertRuleTemplateKindMLBehaviorAnalytics, KindBasicAlertRuleTemplateKindNRT, KindBasicAlertRuleTemplateKindScheduled, KindBasicAlertRuleTemplateKindThreatIntelligence} +} + +// KindBasicCustomEntityQuery enumerates the values for kind basic custom entity query. +type KindBasicCustomEntityQuery string + +const ( + // KindBasicCustomEntityQueryKindActivity ... + KindBasicCustomEntityQueryKindActivity KindBasicCustomEntityQuery = "Activity" + // KindBasicCustomEntityQueryKindCustomEntityQuery ... + KindBasicCustomEntityQueryKindCustomEntityQuery KindBasicCustomEntityQuery = "CustomEntityQuery" +) + +// PossibleKindBasicCustomEntityQueryValues returns an array of possible values for the KindBasicCustomEntityQuery const type. +func PossibleKindBasicCustomEntityQueryValues() []KindBasicCustomEntityQuery { + return []KindBasicCustomEntityQuery{KindBasicCustomEntityQueryKindActivity, KindBasicCustomEntityQueryKindCustomEntityQuery} } // KindBasicDataConnector enumerates the values for kind basic data connector. @@ -1012,6 +1120,10 @@ type KindBasicDataConnector string const ( // KindBasicDataConnectorKindAmazonWebServicesCloudTrail ... KindBasicDataConnectorKindAmazonWebServicesCloudTrail KindBasicDataConnector = "AmazonWebServicesCloudTrail" + // KindBasicDataConnectorKindAmazonWebServicesS3 ... + KindBasicDataConnectorKindAmazonWebServicesS3 KindBasicDataConnector = "AmazonWebServicesS3" + // KindBasicDataConnectorKindAPIPolling ... + KindBasicDataConnectorKindAPIPolling KindBasicDataConnector = "APIPolling" // KindBasicDataConnectorKindAzureActiveDirectory ... KindBasicDataConnectorKindAzureActiveDirectory KindBasicDataConnector = "AzureActiveDirectory" // KindBasicDataConnectorKindAzureAdvancedThreatProtection ... @@ -1022,6 +1134,8 @@ const ( KindBasicDataConnectorKindDataConnector KindBasicDataConnector = "DataConnector" // KindBasicDataConnectorKindDynamics365 ... KindBasicDataConnectorKindDynamics365 KindBasicDataConnector = "Dynamics365" + // KindBasicDataConnectorKindGenericUI ... + KindBasicDataConnectorKindGenericUI KindBasicDataConnector = "GenericUI" // KindBasicDataConnectorKindMicrosoftCloudAppSecurity ... KindBasicDataConnectorKindMicrosoftCloudAppSecurity KindBasicDataConnector = "MicrosoftCloudAppSecurity" // KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection ... @@ -1034,6 +1148,8 @@ const ( KindBasicDataConnectorKindOffice365 KindBasicDataConnector = "Office365" // KindBasicDataConnectorKindOfficeATP ... KindBasicDataConnectorKindOfficeATP KindBasicDataConnector = "OfficeATP" + // KindBasicDataConnectorKindOfficeIRM ... + KindBasicDataConnectorKindOfficeIRM KindBasicDataConnector = "OfficeIRM" // KindBasicDataConnectorKindThreatIntelligence ... KindBasicDataConnectorKindThreatIntelligence KindBasicDataConnector = "ThreatIntelligence" // KindBasicDataConnectorKindThreatIntelligenceTaxii ... @@ -1042,7 +1158,7 @@ const ( // PossibleKindBasicDataConnectorValues returns an array of possible values for the KindBasicDataConnector const type. func PossibleKindBasicDataConnectorValues() []KindBasicDataConnector { - return []KindBasicDataConnector{KindBasicDataConnectorKindAmazonWebServicesCloudTrail, KindBasicDataConnectorKindAzureActiveDirectory, KindBasicDataConnectorKindAzureAdvancedThreatProtection, KindBasicDataConnectorKindAzureSecurityCenter, KindBasicDataConnectorKindDataConnector, KindBasicDataConnectorKindDynamics365, KindBasicDataConnectorKindMicrosoftCloudAppSecurity, KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection, KindBasicDataConnectorKindMicrosoftThreatIntelligence, KindBasicDataConnectorKindMicrosoftThreatProtection, KindBasicDataConnectorKindOffice365, KindBasicDataConnectorKindOfficeATP, KindBasicDataConnectorKindThreatIntelligence, KindBasicDataConnectorKindThreatIntelligenceTaxii} + return []KindBasicDataConnector{KindBasicDataConnectorKindAmazonWebServicesCloudTrail, KindBasicDataConnectorKindAmazonWebServicesS3, KindBasicDataConnectorKindAPIPolling, KindBasicDataConnectorKindAzureActiveDirectory, KindBasicDataConnectorKindAzureAdvancedThreatProtection, KindBasicDataConnectorKindAzureSecurityCenter, KindBasicDataConnectorKindDataConnector, KindBasicDataConnectorKindDynamics365, KindBasicDataConnectorKindGenericUI, KindBasicDataConnectorKindMicrosoftCloudAppSecurity, KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection, KindBasicDataConnectorKindMicrosoftThreatIntelligence, KindBasicDataConnectorKindMicrosoftThreatProtection, KindBasicDataConnectorKindOffice365, KindBasicDataConnectorKindOfficeATP, KindBasicDataConnectorKindOfficeIRM, KindBasicDataConnectorKindThreatIntelligence, KindBasicDataConnectorKindThreatIntelligenceTaxii} } // KindBasicDataConnectorsCheckRequirements enumerates the values for kind basic data connectors check @@ -1052,6 +1168,8 @@ type KindBasicDataConnectorsCheckRequirements string const ( // KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail ... KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail KindBasicDataConnectorsCheckRequirements = "AmazonWebServicesCloudTrail" + // KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3 ... + KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3 KindBasicDataConnectorsCheckRequirements = "AmazonWebServicesS3" // KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory ... KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory KindBasicDataConnectorsCheckRequirements = "AzureActiveDirectory" // KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection ... @@ -1072,6 +1190,8 @@ const ( KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection KindBasicDataConnectorsCheckRequirements = "MicrosoftThreatProtection" // KindBasicDataConnectorsCheckRequirementsKindOfficeATP ... KindBasicDataConnectorsCheckRequirementsKindOfficeATP KindBasicDataConnectorsCheckRequirements = "OfficeATP" + // KindBasicDataConnectorsCheckRequirementsKindOfficeIRM ... + KindBasicDataConnectorsCheckRequirementsKindOfficeIRM KindBasicDataConnectorsCheckRequirements = "OfficeIRM" // KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence ... KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence KindBasicDataConnectorsCheckRequirements = "ThreatIntelligence" // KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii ... @@ -1080,7 +1200,7 @@ const ( // PossibleKindBasicDataConnectorsCheckRequirementsValues returns an array of possible values for the KindBasicDataConnectorsCheckRequirements const type. func PossibleKindBasicDataConnectorsCheckRequirementsValues() []KindBasicDataConnectorsCheckRequirements { - return []KindBasicDataConnectorsCheckRequirements{KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail, KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory, KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection, KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter, KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements, KindBasicDataConnectorsCheckRequirementsKindDynamics365, KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity, KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection, KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence, KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection, KindBasicDataConnectorsCheckRequirementsKindOfficeATP, KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence, KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii} + return []KindBasicDataConnectorsCheckRequirements{KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail, KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3, KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory, KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection, KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter, KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements, KindBasicDataConnectorsCheckRequirementsKindDynamics365, KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity, KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection, KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence, KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection, KindBasicDataConnectorsCheckRequirementsKindOfficeATP, KindBasicDataConnectorsCheckRequirementsKindOfficeIRM, KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence, KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii} } // KindBasicEntity enumerates the values for kind basic entity. @@ -1142,6 +1262,8 @@ func PossibleKindBasicEntityValues() []KindBasicEntity { type KindBasicEntityQuery string const ( + // KindBasicEntityQueryKindActivity ... + KindBasicEntityQueryKindActivity KindBasicEntityQuery = "Activity" // KindBasicEntityQueryKindEntityQuery ... KindBasicEntityQueryKindEntityQuery KindBasicEntityQuery = "EntityQuery" // KindBasicEntityQueryKindExpansion ... @@ -1150,7 +1272,37 @@ const ( // PossibleKindBasicEntityQueryValues returns an array of possible values for the KindBasicEntityQuery const type. func PossibleKindBasicEntityQueryValues() []KindBasicEntityQuery { - return []KindBasicEntityQuery{KindBasicEntityQueryKindEntityQuery, KindBasicEntityQueryKindExpansion} + return []KindBasicEntityQuery{KindBasicEntityQueryKindActivity, KindBasicEntityQueryKindEntityQuery, KindBasicEntityQueryKindExpansion} +} + +// KindBasicEntityQueryItem enumerates the values for kind basic entity query item. +type KindBasicEntityQueryItem string + +const ( + // KindBasicEntityQueryItemKindEntityQueryItem ... + KindBasicEntityQueryItemKindEntityQueryItem KindBasicEntityQueryItem = "EntityQueryItem" + // KindBasicEntityQueryItemKindInsight ... + KindBasicEntityQueryItemKindInsight KindBasicEntityQueryItem = "Insight" +) + +// PossibleKindBasicEntityQueryItemValues returns an array of possible values for the KindBasicEntityQueryItem const type. +func PossibleKindBasicEntityQueryItemValues() []KindBasicEntityQueryItem { + return []KindBasicEntityQueryItem{KindBasicEntityQueryItemKindEntityQueryItem, KindBasicEntityQueryItemKindInsight} +} + +// KindBasicEntityQueryTemplate enumerates the values for kind basic entity query template. +type KindBasicEntityQueryTemplate string + +const ( + // KindBasicEntityQueryTemplateKindActivity ... + KindBasicEntityQueryTemplateKindActivity KindBasicEntityQueryTemplate = "Activity" + // KindBasicEntityQueryTemplateKindEntityQueryTemplate ... + KindBasicEntityQueryTemplateKindEntityQueryTemplate KindBasicEntityQueryTemplate = "EntityQueryTemplate" +) + +// PossibleKindBasicEntityQueryTemplateValues returns an array of possible values for the KindBasicEntityQueryTemplate const type. +func PossibleKindBasicEntityQueryTemplateValues() []KindBasicEntityQueryTemplate { + return []KindBasicEntityQueryTemplate{KindBasicEntityQueryTemplateKindActivity, KindBasicEntityQueryTemplateKindEntityQueryTemplate} } // KindBasicEntityTimelineItem enumerates the values for kind basic entity timeline item. @@ -1176,12 +1328,12 @@ func PossibleKindBasicEntityTimelineItemValues() []KindBasicEntityTimelineItem { type KindBasicSettings string const ( + // KindBasicSettingsKindAnomalies ... + KindBasicSettingsKindAnomalies KindBasicSettings = "Anomalies" // KindBasicSettingsKindEntityAnalytics ... KindBasicSettingsKindEntityAnalytics KindBasicSettings = "EntityAnalytics" // KindBasicSettingsKindEyesOn ... KindBasicSettingsKindEyesOn KindBasicSettings = "EyesOn" - // KindBasicSettingsKindIPSyncer ... - KindBasicSettingsKindIPSyncer KindBasicSettings = "IPSyncer" // KindBasicSettingsKindSettings ... KindBasicSettingsKindSettings KindBasicSettings = "Settings" // KindBasicSettingsKindUeba ... @@ -1190,7 +1342,7 @@ const ( // PossibleKindBasicSettingsValues returns an array of possible values for the KindBasicSettings const type. func PossibleKindBasicSettingsValues() []KindBasicSettings { - return []KindBasicSettings{KindBasicSettingsKindEntityAnalytics, KindBasicSettingsKindEyesOn, KindBasicSettingsKindIPSyncer, KindBasicSettingsKindSettings, KindBasicSettingsKindUeba} + return []KindBasicSettings{KindBasicSettingsKindAnomalies, KindBasicSettingsKindEntityAnalytics, KindBasicSettingsKindEyesOn, KindBasicSettingsKindSettings, KindBasicSettingsKindUeba} } // KindBasicThreatIntelligenceInformation enumerates the values for kind basic threat intelligence information. @@ -1208,6 +1360,24 @@ func PossibleKindBasicThreatIntelligenceInformationValues() []KindBasicThreatInt return []KindBasicThreatIntelligenceInformation{KindBasicThreatIntelligenceInformationKindIndicator, KindBasicThreatIntelligenceInformationKindThreatIntelligenceInformation} } +// MatchingMethod enumerates the values for matching method. +type MatchingMethod string + +const ( + // MatchingMethodAllEntities Grouping alerts into a single incident if all the entities match + MatchingMethodAllEntities MatchingMethod = "AllEntities" + // MatchingMethodAnyAlert Grouping any alerts triggered by this rule into a single incident + MatchingMethodAnyAlert MatchingMethod = "AnyAlert" + // MatchingMethodSelected Grouping alerts into a single incident if the selected entities, custom details + // and alert details match + MatchingMethodSelected MatchingMethod = "Selected" +) + +// PossibleMatchingMethodValues returns an array of possible values for the MatchingMethod const type. +func PossibleMatchingMethodValues() []MatchingMethod { + return []MatchingMethod{MatchingMethodAllEntities, MatchingMethodAnyAlert, MatchingMethodSelected} +} + // MicrosoftSecurityProductName enumerates the values for microsoft security product name. type MicrosoftSecurityProductName string @@ -1233,6 +1403,21 @@ func PossibleMicrosoftSecurityProductNameValues() []MicrosoftSecurityProductName return []MicrosoftSecurityProductName{MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection, MicrosoftSecurityProductNameAzureAdvancedThreatProtection, MicrosoftSecurityProductNameAzureSecurityCenter, MicrosoftSecurityProductNameAzureSecurityCenterforIoT, MicrosoftSecurityProductNameMicrosoftCloudAppSecurity, MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection, MicrosoftSecurityProductNameOffice365AdvancedThreatProtection} } +// Operator enumerates the values for operator. +type Operator string + +const ( + // OperatorAND ... + OperatorAND Operator = "AND" + // OperatorOR ... + OperatorOR Operator = "OR" +) + +// PossibleOperatorValues returns an array of possible values for the Operator const type. +func PossibleOperatorValues() []Operator { + return []Operator{OperatorAND, OperatorOR} +} + // OSFamily enumerates the values for os family. type OSFamily string @@ -1273,6 +1458,40 @@ func PossibleOutputTypeValues() []OutputType { return []OutputType{OutputTypeDate, OutputTypeEntity, OutputTypeNumber, OutputTypeString} } +// OwnerType enumerates the values for owner type. +type OwnerType string + +const ( + // OwnerTypeGroup The incident owner type is an AAD group + OwnerTypeGroup OwnerType = "Group" + // OwnerTypeUnknown The incident owner type is unknown + OwnerTypeUnknown OwnerType = "Unknown" + // OwnerTypeUser The incident owner type is an AAD user + OwnerTypeUser OwnerType = "User" +) + +// PossibleOwnerTypeValues returns an array of possible values for the OwnerType const type. +func PossibleOwnerTypeValues() []OwnerType { + return []OwnerType{OwnerTypeGroup, OwnerTypeUnknown, OwnerTypeUser} +} + +// PermissionProviderScope enumerates the values for permission provider scope. +type PermissionProviderScope string + +const ( + // PermissionProviderScopeResourceGroup ... + PermissionProviderScopeResourceGroup PermissionProviderScope = "ResourceGroup" + // PermissionProviderScopeSubscription ... + PermissionProviderScopeSubscription PermissionProviderScope = "Subscription" + // PermissionProviderScopeWorkspace ... + PermissionProviderScopeWorkspace PermissionProviderScope = "Workspace" +) + +// PossiblePermissionProviderScopeValues returns an array of possible values for the PermissionProviderScope const type. +func PossiblePermissionProviderScopeValues() []PermissionProviderScope { + return []PermissionProviderScope{PermissionProviderScopeResourceGroup, PermissionProviderScopeSubscription, PermissionProviderScopeWorkspace} +} + // PollingFrequency enumerates the values for polling frequency. type PollingFrequency string @@ -1290,6 +1509,29 @@ func PossiblePollingFrequencyValues() []PollingFrequency { return []PollingFrequency{PollingFrequencyOnceADay, PollingFrequencyOnceAMinute, PollingFrequencyOnceAnHour} } +// ProviderName enumerates the values for provider name. +type ProviderName string + +const ( + // ProviderNameMicrosoftaadiamdiagnosticSettings ... + ProviderNameMicrosoftaadiamdiagnosticSettings ProviderName = "microsoft.aadiam/diagnosticSettings" + // ProviderNameMicrosoftAuthorizationpolicyAssignments ... + ProviderNameMicrosoftAuthorizationpolicyAssignments ProviderName = "Microsoft.Authorization/policyAssignments" + // ProviderNameMicrosoftOperationalInsightssolutions ... + ProviderNameMicrosoftOperationalInsightssolutions ProviderName = "Microsoft.OperationalInsights/solutions" + // ProviderNameMicrosoftOperationalInsightsworkspaces ... + ProviderNameMicrosoftOperationalInsightsworkspaces ProviderName = "Microsoft.OperationalInsights/workspaces" + // ProviderNameMicrosoftOperationalInsightsworkspacesdatasources ... + ProviderNameMicrosoftOperationalInsightsworkspacesdatasources ProviderName = "Microsoft.OperationalInsights/workspaces/datasources" + // ProviderNameMicrosoftOperationalInsightsworkspacessharedKeys ... + ProviderNameMicrosoftOperationalInsightsworkspacessharedKeys ProviderName = "Microsoft.OperationalInsights/workspaces/sharedKeys" +) + +// PossibleProviderNameValues returns an array of possible values for the ProviderName const type. +func PossibleProviderNameValues() []ProviderName { + return []ProviderName{ProviderNameMicrosoftaadiamdiagnosticSettings, ProviderNameMicrosoftAuthorizationpolicyAssignments, ProviderNameMicrosoftOperationalInsightssolutions, ProviderNameMicrosoftOperationalInsightsworkspaces, ProviderNameMicrosoftOperationalInsightsworkspacesdatasources, ProviderNameMicrosoftOperationalInsightsworkspacessharedKeys} +} + // RegistryHive enumerates the values for registry hive. type RegistryHive string @@ -1348,49 +1590,51 @@ func PossibleRegistryValueKindValues() []RegistryValueKind { return []RegistryValueKind{RegistryValueKindBinary, RegistryValueKindDWord, RegistryValueKindExpandString, RegistryValueKindMultiString, RegistryValueKindNone, RegistryValueKindQWord, RegistryValueKindString, RegistryValueKindUnknown} } -// RelationNodeKind enumerates the values for relation node kind. -type RelationNodeKind string +// RepoType enumerates the values for repo type. +type RepoType string const ( - // RelationNodeKindBookmark Bookmark node part of the relation - RelationNodeKindBookmark RelationNodeKind = "Bookmark" - // RelationNodeKindCase Case node part of the relation - RelationNodeKindCase RelationNodeKind = "Case" + // RepoTypeDevOps ... + RepoTypeDevOps RepoType = "DevOps" + // RepoTypeGithub ... + RepoTypeGithub RepoType = "Github" ) -// PossibleRelationNodeKindValues returns an array of possible values for the RelationNodeKind const type. -func PossibleRelationNodeKindValues() []RelationNodeKind { - return []RelationNodeKind{RelationNodeKindBookmark, RelationNodeKindCase} +// PossibleRepoTypeValues returns an array of possible values for the RepoType const type. +func PossibleRepoTypeValues() []RepoType { + return []RepoType{RepoTypeDevOps, RepoTypeGithub} } -// RelationTypes enumerates the values for relation types. -type RelationTypes string +// SettingType enumerates the values for setting type. +type SettingType string const ( - // RelationTypesCasesToBookmarks Relations between cases and bookmarks - RelationTypesCasesToBookmarks RelationTypes = "CasesToBookmarks" + // SettingTypeCopyableLabel ... + SettingTypeCopyableLabel SettingType = "CopyableLabel" + // SettingTypeInfoMessage ... + SettingTypeInfoMessage SettingType = "InfoMessage" + // SettingTypeInstructionStepsGroup ... + SettingTypeInstructionStepsGroup SettingType = "InstructionStepsGroup" ) -// PossibleRelationTypesValues returns an array of possible values for the RelationTypes const type. -func PossibleRelationTypesValues() []RelationTypes { - return []RelationTypes{RelationTypesCasesToBookmarks} +// PossibleSettingTypeValues returns an array of possible values for the SettingType const type. +func PossibleSettingTypeValues() []SettingType { + return []SettingType{SettingTypeCopyableLabel, SettingTypeInfoMessage, SettingTypeInstructionStepsGroup} } -// SettingKind enumerates the values for setting kind. -type SettingKind string +// SkuKind enumerates the values for sku kind. +type SkuKind string const ( - // SettingKindEntityAnalytics ... - SettingKindEntityAnalytics SettingKind = "EntityAnalytics" - // SettingKindEyesOn ... - SettingKindEyesOn SettingKind = "EyesOn" - // SettingKindUeba ... - SettingKindUeba SettingKind = "Ueba" + // SkuKindCapacityReservation ... + SkuKindCapacityReservation SkuKind = "CapacityReservation" + // SkuKindPerGB ... + SkuKindPerGB SkuKind = "PerGB" ) -// PossibleSettingKindValues returns an array of possible values for the SettingKind const type. -func PossibleSettingKindValues() []SettingKind { - return []SettingKind{SettingKindEntityAnalytics, SettingKindEyesOn, SettingKindUeba} +// PossibleSkuKindValues returns an array of possible values for the SkuKind const type. +func PossibleSkuKindValues() []SkuKind { + return []SkuKind{SkuKindCapacityReservation, SkuKindPerGB} } // Source enumerates the values for source. @@ -1408,6 +1652,42 @@ func PossibleSourceValues() []Source { return []Source{SourceLocalfile, SourceRemotestorage} } +// SourceKind enumerates the values for source kind. +type SourceKind string + +const ( + // SourceKindCommunity ... + SourceKindCommunity SourceKind = "Community" + // SourceKindLocalWorkspace ... + SourceKindLocalWorkspace SourceKind = "LocalWorkspace" + // SourceKindSolution ... + SourceKindSolution SourceKind = "Solution" + // SourceKindSourceRepository ... + SourceKindSourceRepository SourceKind = "SourceRepository" +) + +// PossibleSourceKindValues returns an array of possible values for the SourceKind const type. +func PossibleSourceKindValues() []SourceKind { + return []SourceKind{SourceKindCommunity, SourceKindLocalWorkspace, SourceKindSolution, SourceKindSourceRepository} +} + +// SupportTier enumerates the values for support tier. +type SupportTier string + +const ( + // SupportTierCommunity ... + SupportTierCommunity SupportTier = "Community" + // SupportTierMicrosoft ... + SupportTierMicrosoft SupportTier = "Microsoft" + // SupportTierPartner ... + SupportTierPartner SupportTier = "Partner" +) + +// PossibleSupportTierValues returns an array of possible values for the SupportTier const type. +func PossibleSupportTierValues() []SupportTier { + return []SupportTier{SupportTierCommunity, SupportTierMicrosoft, SupportTierPartner} +} + // TemplateStatus enumerates the values for template status. type TemplateStatus string @@ -1425,34 +1705,35 @@ func PossibleTemplateStatusValues() []TemplateStatus { return []TemplateStatus{TemplateStatusAvailable, TemplateStatusInstalled, TemplateStatusNotAvailable} } -// ThreatIntelligenceResourceKind enumerates the values for threat intelligence resource kind. -type ThreatIntelligenceResourceKind string +// ThreatIntelligenceResourceKindEnum enumerates the values for threat intelligence resource kind enum. +type ThreatIntelligenceResourceKindEnum string const ( - // ThreatIntelligenceResourceKindIndicator Entity represents threat intelligence indicator in the system. - ThreatIntelligenceResourceKindIndicator ThreatIntelligenceResourceKind = "indicator" + // ThreatIntelligenceResourceKindEnumIndicator Entity represents threat intelligence indicator in the + // system. + ThreatIntelligenceResourceKindEnumIndicator ThreatIntelligenceResourceKindEnum = "indicator" ) -// PossibleThreatIntelligenceResourceKindValues returns an array of possible values for the ThreatIntelligenceResourceKind const type. -func PossibleThreatIntelligenceResourceKindValues() []ThreatIntelligenceResourceKind { - return []ThreatIntelligenceResourceKind{ThreatIntelligenceResourceKindIndicator} +// PossibleThreatIntelligenceResourceKindEnumValues returns an array of possible values for the ThreatIntelligenceResourceKindEnum const type. +func PossibleThreatIntelligenceResourceKindEnumValues() []ThreatIntelligenceResourceKindEnum { + return []ThreatIntelligenceResourceKindEnum{ThreatIntelligenceResourceKindEnumIndicator} } -// ThreatIntelligenceSortingCriteria enumerates the values for threat intelligence sorting criteria. -type ThreatIntelligenceSortingCriteria string +// ThreatIntelligenceSortingCriteriaEnum enumerates the values for threat intelligence sorting criteria enum. +type ThreatIntelligenceSortingCriteriaEnum string const ( - // ThreatIntelligenceSortingCriteriaAscending ... - ThreatIntelligenceSortingCriteriaAscending ThreatIntelligenceSortingCriteria = "ascending" - // ThreatIntelligenceSortingCriteriaDescending ... - ThreatIntelligenceSortingCriteriaDescending ThreatIntelligenceSortingCriteria = "descending" - // ThreatIntelligenceSortingCriteriaUnsorted ... - ThreatIntelligenceSortingCriteriaUnsorted ThreatIntelligenceSortingCriteria = "unsorted" + // ThreatIntelligenceSortingCriteriaEnumAscending ... + ThreatIntelligenceSortingCriteriaEnumAscending ThreatIntelligenceSortingCriteriaEnum = "ascending" + // ThreatIntelligenceSortingCriteriaEnumDescending ... + ThreatIntelligenceSortingCriteriaEnumDescending ThreatIntelligenceSortingCriteriaEnum = "descending" + // ThreatIntelligenceSortingCriteriaEnumUnsorted ... + ThreatIntelligenceSortingCriteriaEnumUnsorted ThreatIntelligenceSortingCriteriaEnum = "unsorted" ) -// PossibleThreatIntelligenceSortingCriteriaValues returns an array of possible values for the ThreatIntelligenceSortingCriteria const type. -func PossibleThreatIntelligenceSortingCriteriaValues() []ThreatIntelligenceSortingCriteria { - return []ThreatIntelligenceSortingCriteria{ThreatIntelligenceSortingCriteriaAscending, ThreatIntelligenceSortingCriteriaDescending, ThreatIntelligenceSortingCriteriaUnsorted} +// PossibleThreatIntelligenceSortingCriteriaEnumValues returns an array of possible values for the ThreatIntelligenceSortingCriteriaEnum const type. +func PossibleThreatIntelligenceSortingCriteriaEnumValues() []ThreatIntelligenceSortingCriteriaEnum { + return []ThreatIntelligenceSortingCriteriaEnum{ThreatIntelligenceSortingCriteriaEnumAscending, ThreatIntelligenceSortingCriteriaEnumDescending, ThreatIntelligenceSortingCriteriaEnumUnsorted} } // TriggerOperator enumerates the values for trigger operator. diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/incidentcomments.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/incidentcomments.go new file mode 100644 index 000000000000..8260232904a4 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/incidentcomments.go @@ -0,0 +1,464 @@ +package securityinsight + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// IncidentCommentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type IncidentCommentsClient struct { + BaseClient +} + +// NewIncidentCommentsClient creates an instance of the IncidentCommentsClient client. +func NewIncidentCommentsClient(subscriptionID string) IncidentCommentsClient { + return NewIncidentCommentsClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewIncidentCommentsClientWithBaseURI creates an instance of the IncidentCommentsClient client using a custom +// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure +// stack). +func NewIncidentCommentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentCommentsClient { + return IncidentCommentsClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// CreateOrUpdate creates or updates the incident comment. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// incidentCommentID - incident comment ID +// incidentComment - the incident comment +func (client IncidentCommentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment) (result IncidentComment, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.CreateOrUpdate") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: incidentComment, + Constraints: []validation.Constraint{{Target: "incidentComment.IncidentCommentProperties", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "incidentComment.IncidentCommentProperties.Message", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentCommentsClient", "CreateOrUpdate", err.Error()) + } + + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, incidentID, incidentCommentID, incidentComment) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "CreateOrUpdate", nil, "Failure preparing request") + return + } + + resp, err := client.CreateOrUpdateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "CreateOrUpdate", resp, "Failure sending request") + return + } + + result, err = client.CreateOrUpdateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "CreateOrUpdate", resp, "Failure responding to request") + return + } + + return +} + +// CreateOrUpdatePreparer prepares the CreateOrUpdate request. +func (client IncidentCommentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentCommentId": autorest.Encode("path", incidentCommentID), + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", pathParameters), + autorest.WithJSON(incidentComment), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentCommentsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always +// closes the http.Response Body. +func (client IncidentCommentsClient) CreateOrUpdateResponder(resp *http.Response) (result IncidentComment, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Delete delete the incident comment. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// incidentCommentID - incident comment ID +func (client IncidentCommentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string) (result autorest.Response, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.Delete") + defer func() { + sc := -1 + if result.Response != nil { + sc = result.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentCommentsClient", "Delete", err.Error()) + } + + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, incidentID, incidentCommentID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "Delete", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "Delete", resp, "Failure sending request") + return + } + + result, err = client.DeleteResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "Delete", resp, "Failure responding to request") + return + } + + return +} + +// DeletePreparer prepares the Delete request. +func (client IncidentCommentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentCommentId": autorest.Encode("path", incidentCommentID), + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteSender sends the Delete request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentCommentsClient) DeleteSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// DeleteResponder handles the response to the Delete request. The method always +// closes the http.Response Body. +func (client IncidentCommentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// Get gets an incident comment. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// incidentCommentID - incident comment ID +func (client IncidentCommentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string) (result IncidentComment, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.Get") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentCommentsClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, incidentID, incidentCommentID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "Get", resp, "Failure responding to request") + return + } + + return +} + +// GetPreparer prepares the Get request. +func (client IncidentCommentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incidentCommentID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentCommentId": autorest.Encode("path", incidentCommentID), + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentCommentsClient) GetSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client IncidentCommentsClient) GetResponder(resp *http.Response) (result IncidentComment, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// List gets all incident comments. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// filter - filters the results, based on a Boolean condition. Optional. +// orderby - sorts the results. Optional. +// top - returns only the first n results. Optional. +// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response +// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that +// specifies a starting point to use for subsequent calls. Optional. +func (client IncidentCommentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result IncidentCommentListPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.List") + defer func() { + sc := -1 + if result.icl.Response.Response != nil { + sc = result.icl.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentCommentsClient", "List", err.Error()) + } + + result.fn = client.listNextResults + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, incidentID, filter, orderby, top, skipToken) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.icl.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "List", resp, "Failure sending request") + return + } + + result.icl, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "List", resp, "Failure responding to request") + return + } + if result.icl.hasNextLink() && result.icl.IsEmpty() { + err = result.NextWithContext(ctx) + return + } + + return +} + +// ListPreparer prepares the List request. +func (client IncidentCommentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(filter) > 0 { + queryParameters["$filter"] = autorest.Encode("query", filter) + } + if len(orderby) > 0 { + queryParameters["$orderby"] = autorest.Encode("query", orderby) + } + if top != nil { + queryParameters["$top"] = autorest.Encode("query", *top) + } + if len(skipToken) > 0 { + queryParameters["$skipToken"] = autorest.Encode("query", skipToken) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentCommentsClient) ListSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client IncidentCommentsClient) ListResponder(resp *http.Response) (result IncidentCommentList, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listNextResults retrieves the next set of results, if any. +func (client IncidentCommentsClient) listNextResults(ctx context.Context, lastResults IncidentCommentList) (result IncidentCommentList, err error) { + req, err := lastResults.incidentCommentListPreparer(ctx) + if err != nil { + return result, autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "listNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "listNextResults", resp, "Failure sending next results request") + } + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "listNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client IncidentCommentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result IncidentCommentListIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.List") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.List(ctx, resourceGroupName, workspaceName, incidentID, filter, orderby, top, skipToken) + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/incidentrelations.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/incidentrelations.go similarity index 56% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/incidentrelations.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/incidentrelations.go index cf2cfee21ded..29ec27f01781 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/incidentrelations.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/incidentrelations.go @@ -32,19 +32,16 @@ func NewIncidentRelationsClientWithBaseURI(baseURI string, subscriptionID string return IncidentRelationsClient{NewWithBaseURI(baseURI, subscriptionID)} } -// CreateOrUpdateRelation creates or updates the incident relation. +// CreateOrUpdate creates or updates the incident relation. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // incidentID - incident ID // relationName - relation Name // relation - the relation model -func (client IncidentRelationsClient) CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string, relation Relation) (result Relation, err error) { +func (client IncidentRelationsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string, relation Relation) (result Relation, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.CreateOrUpdateRelation") + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.CreateOrUpdate") defer func() { sc := -1 if result.Response.Response != nil { @@ -55,54 +52,52 @@ func (client IncidentRelationsClient) CreateOrUpdateRelation(ctx context.Context } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: relation, Constraints: []validation.Constraint{{Target: "relation.RelationProperties", Name: validation.Null, Rule: false, Chain: []validation.Constraint{{Target: "relation.RelationProperties.RelatedResourceID", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { - return result, validation.NewError("securityinsight.IncidentRelationsClient", "CreateOrUpdateRelation", err.Error()) + return result, validation.NewError("securityinsight.IncidentRelationsClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdateRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, relationName, relation) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, incidentID, relationName, relation) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "CreateOrUpdateRelation", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "CreateOrUpdate", nil, "Failure preparing request") return } - resp, err := client.CreateOrUpdateRelationSender(req) + resp, err := client.CreateOrUpdateSender(req) if err != nil { result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "CreateOrUpdateRelation", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "CreateOrUpdate", resp, "Failure sending request") return } - result, err = client.CreateOrUpdateRelationResponder(resp) + result, err = client.CreateOrUpdateResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "CreateOrUpdateRelation", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "CreateOrUpdate", resp, "Failure responding to request") return } return } -// CreateOrUpdateRelationPreparer prepares the CreateOrUpdateRelation request. -func (client IncidentRelationsClient) CreateOrUpdateRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string, relation Relation) (*http.Request, error) { +// CreateOrUpdatePreparer prepares the CreateOrUpdate request. +func (client IncidentRelationsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string, relation Relation) (*http.Request, error) { pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "incidentId": autorest.Encode("path", incidentID), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -111,21 +106,21 @@ func (client IncidentRelationsClient) CreateOrUpdateRelationPreparer(ctx context autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", pathParameters), autorest.WithJSON(relation), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// CreateOrUpdateRelationSender sends the CreateOrUpdateRelation request. The method will close the +// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the // http.Response Body if it receives an error. -func (client IncidentRelationsClient) CreateOrUpdateRelationSender(req *http.Request) (*http.Response, error) { +func (client IncidentRelationsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// CreateOrUpdateRelationResponder handles the response to the CreateOrUpdateRelation request. The method always +// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always // closes the http.Response Body. -func (client IncidentRelationsClient) CreateOrUpdateRelationResponder(resp *http.Response) (result Relation, err error) { +func (client IncidentRelationsClient) CreateOrUpdateResponder(resp *http.Response) (result Relation, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), @@ -135,18 +130,15 @@ func (client IncidentRelationsClient) CreateOrUpdateRelationResponder(resp *http return } -// DeleteRelation delete the incident relation. +// Delete delete the incident relation. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // incidentID - incident ID // relationName - relation Name -func (client IncidentRelationsClient) DeleteRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string) (result autorest.Response, err error) { +func (client IncidentRelationsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string) (result autorest.Response, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.DeleteRelation") + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.Delete") defer func() { sc := -1 if result.Response != nil { @@ -157,51 +149,49 @@ func (client IncidentRelationsClient) DeleteRelation(ctx context.Context, resour } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.IncidentRelationsClient", "DeleteRelation", err.Error()) + return result, validation.NewError("securityinsight.IncidentRelationsClient", "Delete", err.Error()) } - req, err := client.DeleteRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, relationName) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, incidentID, relationName) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "DeleteRelation", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "Delete", nil, "Failure preparing request") return } - resp, err := client.DeleteRelationSender(req) + resp, err := client.DeleteSender(req) if err != nil { result.Response = resp - err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "DeleteRelation", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "Delete", resp, "Failure sending request") return } - result, err = client.DeleteRelationResponder(resp) + result, err = client.DeleteResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "DeleteRelation", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "Delete", resp, "Failure responding to request") return } return } -// DeleteRelationPreparer prepares the DeleteRelation request. -func (client IncidentRelationsClient) DeleteRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string) (*http.Request, error) { +// DeletePreparer prepares the Delete request. +func (client IncidentRelationsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "incidentId": autorest.Encode("path", incidentID), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -209,20 +199,20 @@ func (client IncidentRelationsClient) DeleteRelationPreparer(ctx context.Context preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// DeleteRelationSender sends the DeleteRelation request. The method will close the +// DeleteSender sends the Delete request. The method will close the // http.Response Body if it receives an error. -func (client IncidentRelationsClient) DeleteRelationSender(req *http.Request) (*http.Response, error) { +func (client IncidentRelationsClient) DeleteSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// DeleteRelationResponder handles the response to the DeleteRelation request. The method always +// DeleteResponder handles the response to the Delete request. The method always // closes the http.Response Body. -func (client IncidentRelationsClient) DeleteRelationResponder(resp *http.Response) (result autorest.Response, err error) { +func (client IncidentRelationsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), @@ -231,18 +221,15 @@ func (client IncidentRelationsClient) DeleteRelationResponder(resp *http.Respons return } -// GetRelation gets an incident relation. +// Get gets an incident relation. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // incidentID - incident ID // relationName - relation Name -func (client IncidentRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string) (result Relation, err error) { +func (client IncidentRelationsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string) (result Relation, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.GetRelation") + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.Get") defer func() { sc := -1 if result.Response.Response != nil { @@ -253,51 +240,49 @@ func (client IncidentRelationsClient) GetRelation(ctx context.Context, resourceG } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.IncidentRelationsClient", "GetRelation", err.Error()) + return result, validation.NewError("securityinsight.IncidentRelationsClient", "Get", err.Error()) } - req, err := client.GetRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, relationName) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, incidentID, relationName) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "GetRelation", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "Get", nil, "Failure preparing request") return } - resp, err := client.GetRelationSender(req) + resp, err := client.GetSender(req) if err != nil { result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "GetRelation", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "Get", resp, "Failure sending request") return } - result, err = client.GetRelationResponder(resp) + result, err = client.GetResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "GetRelation", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "Get", resp, "Failure responding to request") return } return } -// GetRelationPreparer prepares the GetRelation request. -func (client IncidentRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string) (*http.Request, error) { +// GetPreparer prepares the Get request. +func (client IncidentRelationsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, relationName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "incidentId": autorest.Encode("path", incidentID), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -305,20 +290,20 @@ func (client IncidentRelationsClient) GetRelationPreparer(ctx context.Context, r preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// GetRelationSender sends the GetRelation request. The method will close the +// GetSender sends the Get request. The method will close the // http.Response Body if it receives an error. -func (client IncidentRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error) { +func (client IncidentRelationsClient) GetSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// GetRelationResponder handles the response to the GetRelation request. The method always +// GetResponder handles the response to the Get request. The method always // closes the http.Response Body. -func (client IncidentRelationsClient) GetRelationResponder(resp *http.Response) (result Relation, err error) { +func (client IncidentRelationsClient) GetResponder(resp *http.Response) (result Relation, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK), @@ -330,10 +315,7 @@ func (client IncidentRelationsClient) GetRelationResponder(resp *http.Response) // List gets all incident relations. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // incidentID - incident ID // filter - filters the results, based on a Boolean condition. Optional. @@ -342,7 +324,7 @@ func (client IncidentRelationsClient) GetRelationResponder(resp *http.Response) // skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response // contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that // specifies a starting point to use for subsequent calls. Optional. -func (client IncidentRelationsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error) { +func (client IncidentRelationsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.List") defer func() { @@ -355,11 +337,10 @@ func (client IncidentRelationsClient) List(ctx context.Context, resourceGroupNam } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -367,7 +348,7 @@ func (client IncidentRelationsClient) List(ctx context.Context, resourceGroupNam } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, filter, orderby, top, skipToken) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, incidentID, filter, orderby, top, skipToken) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "List", nil, "Failure preparing request") return @@ -394,16 +375,15 @@ func (client IncidentRelationsClient) List(ctx context.Context, resourceGroupNam } // ListPreparer prepares the List request. -func (client IncidentRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { +func (client IncidentRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -423,7 +403,7 @@ func (client IncidentRelationsClient) ListPreparer(ctx context.Context, resource preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -468,7 +448,7 @@ func (client IncidentRelationsClient) listNextResults(ctx context.Context, lastR } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client IncidentRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error) { +func (client IncidentRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.List") defer func() { @@ -479,6 +459,6 @@ func (client IncidentRelationsClient) ListComplete(ctx context.Context, resource tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, filter, orderby, top, skipToken) + result.page, err = client.List(ctx, resourceGroupName, workspaceName, incidentID, filter, orderby, top, skipToken) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/incidents.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/incidents.go similarity index 60% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/incidents.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/incidents.go index d79700b7265d..0780cc3f41ba 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/incidents.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/incidents.go @@ -33,14 +33,11 @@ func NewIncidentsClientWithBaseURI(baseURI string, subscriptionID string) Incide // CreateOrUpdate creates or updates the incident. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // incidentID - incident ID // incident - the incident -func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incident Incident) (result Incident, err error) { +func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incident Incident) (result Incident, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.CreateOrUpdate") defer func() { @@ -53,11 +50,10 @@ func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupN } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, @@ -67,7 +63,7 @@ func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupN return result, validation.NewError("securityinsight.IncidentsClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, incident) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, incidentID, incident) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "CreateOrUpdate", nil, "Failure preparing request") return @@ -90,16 +86,15 @@ func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupN } // CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incident Incident) (*http.Request, error) { +func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, incident Incident) (*http.Request, error) { pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -108,7 +103,7 @@ func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resour autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", pathParameters), autorest.WithJSON(incident), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -132,15 +127,108 @@ func (client IncidentsClient) CreateOrUpdateResponder(resp *http.Response) (resu return } +// CreateTeam creates a Microsoft team to investigate the incident by sharing information and insights between +// participants. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// teamProperties - team properties +func (client IncidentsClient) CreateTeam(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, teamProperties TeamProperties) (result TeamInformation, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.CreateTeam") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: teamProperties, + Constraints: []validation.Constraint{{Target: "teamProperties.TeamName", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentsClient", "CreateTeam", err.Error()) + } + + req, err := client.CreateTeamPreparer(ctx, resourceGroupName, workspaceName, incidentID, teamProperties) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "CreateTeam", nil, "Failure preparing request") + return + } + + resp, err := client.CreateTeamSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "CreateTeam", resp, "Failure sending request") + return + } + + result, err = client.CreateTeamResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "CreateTeam", resp, "Failure responding to request") + return + } + + return +} + +// CreateTeamPreparer prepares the CreateTeam request. +func (client IncidentsClient) CreateTeamPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string, teamProperties TeamProperties) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPost(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/createTeam", pathParameters), + autorest.WithJSON(teamProperties), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateTeamSender sends the CreateTeam request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentsClient) CreateTeamSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// CreateTeamResponder handles the response to the CreateTeam request. The method always +// closes the http.Response Body. +func (client IncidentsClient) CreateTeamResponder(resp *http.Response) (result TeamInformation, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + // Delete delete the incident. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // incidentID - incident ID -func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (result autorest.Response, err error) { +func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.Delete") defer func() { @@ -153,18 +241,17 @@ func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName stri } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.IncidentsClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, incidentID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "Delete", nil, "Failure preparing request") return @@ -187,16 +274,15 @@ func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName stri } // DeletePreparer prepares the Delete request. -func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (*http.Request, error) { +func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -204,7 +290,7 @@ func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupN preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -228,13 +314,10 @@ func (client IncidentsClient) DeleteResponder(resp *http.Response) (result autor // Get gets an incident. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // incidentID - incident ID -func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (result Incident, err error) { +func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result Incident, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.Get") defer func() { @@ -247,18 +330,17 @@ func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.IncidentsClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, incidentID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "Get", nil, "Failure preparing request") return @@ -281,16 +363,15 @@ func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, } // GetPreparer prepares the Get request. -func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (*http.Request, error) { +func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -298,7 +379,7 @@ func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -323,10 +404,7 @@ func (client IncidentsClient) GetResponder(resp *http.Response) (result Incident // List gets all incidents. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // filter - filters the results, based on a Boolean condition. Optional. // orderby - sorts the results. Optional. @@ -334,7 +412,7 @@ func (client IncidentsClient) GetResponder(resp *http.Response) (result Incident // skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response // contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that // specifies a starting point to use for subsequent calls. Optional. -func (client IncidentsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result IncidentListPage, err error) { +func (client IncidentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result IncidentListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.List") defer func() { @@ -347,11 +425,10 @@ func (client IncidentsClient) List(ctx context.Context, resourceGroupName string } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -359,7 +436,7 @@ func (client IncidentsClient) List(ctx context.Context, resourceGroupName string } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, filter, orderby, top, skipToken) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, filter, orderby, top, skipToken) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "List", nil, "Failure preparing request") return @@ -386,15 +463,14 @@ func (client IncidentsClient) List(ctx context.Context, resourceGroupName string } // ListPreparer prepares the List request. -func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { +func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -414,7 +490,7 @@ func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupNam preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -459,7 +535,7 @@ func (client IncidentsClient) listNextResults(ctx context.Context, lastResults I } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result IncidentListIterator, err error) { +func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result IncidentListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.List") defer func() { @@ -470,21 +546,18 @@ func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupNam tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, filter, orderby, top, skipToken) + result.page, err = client.List(ctx, resourceGroupName, workspaceName, filter, orderby, top, skipToken) return } -// ListOfAlerts gets all incident alerts. +// ListAlerts gets all incident alerts. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // incidentID - incident ID -func (client IncidentsClient) ListOfAlerts(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (result IncidentAlertList, err error) { +func (client IncidentsClient) ListAlerts(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result IncidentAlertList, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.ListOfAlerts") + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.ListAlerts") defer func() { sc := -1 if result.Response.Response != nil { @@ -495,50 +568,48 @@ func (client IncidentsClient) ListOfAlerts(ctx context.Context, resourceGroupNam } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.IncidentsClient", "ListOfAlerts", err.Error()) + return result, validation.NewError("securityinsight.IncidentsClient", "ListAlerts", err.Error()) } - req, err := client.ListOfAlertsPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID) + req, err := client.ListAlertsPreparer(ctx, resourceGroupName, workspaceName, incidentID) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListOfAlerts", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListAlerts", nil, "Failure preparing request") return } - resp, err := client.ListOfAlertsSender(req) + resp, err := client.ListAlertsSender(req) if err != nil { result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListOfAlerts", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListAlerts", resp, "Failure sending request") return } - result, err = client.ListOfAlertsResponder(resp) + result, err = client.ListAlertsResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListOfAlerts", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListAlerts", resp, "Failure responding to request") return } return } -// ListOfAlertsPreparer prepares the ListOfAlerts request. -func (client IncidentsClient) ListOfAlertsPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (*http.Request, error) { +// ListAlertsPreparer prepares the ListAlerts request. +func (client IncidentsClient) ListAlertsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -546,20 +617,20 @@ func (client IncidentsClient) ListOfAlertsPreparer(ctx context.Context, resource preparer := autorest.CreatePreparer( autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/alerts", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/alerts", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// ListOfAlertsSender sends the ListOfAlerts request. The method will close the +// ListAlertsSender sends the ListAlerts request. The method will close the // http.Response Body if it receives an error. -func (client IncidentsClient) ListOfAlertsSender(req *http.Request) (*http.Response, error) { +func (client IncidentsClient) ListAlertsSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// ListOfAlertsResponder handles the response to the ListOfAlerts request. The method always +// ListAlertsResponder handles the response to the ListAlerts request. The method always // closes the http.Response Body. -func (client IncidentsClient) ListOfAlertsResponder(resp *http.Response) (result IncidentAlertList, err error) { +func (client IncidentsClient) ListAlertsResponder(resp *http.Response) (result IncidentAlertList, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK), @@ -569,17 +640,14 @@ func (client IncidentsClient) ListOfAlertsResponder(resp *http.Response) (result return } -// ListOfBookmarks gets all incident bookmarks. +// ListBookmarks gets all incident bookmarks. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // incidentID - incident ID -func (client IncidentsClient) ListOfBookmarks(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (result IncidentBookmarkList, err error) { +func (client IncidentsClient) ListBookmarks(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result IncidentBookmarkList, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.ListOfBookmarks") + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.ListBookmarks") defer func() { sc := -1 if result.Response.Response != nil { @@ -590,50 +658,48 @@ func (client IncidentsClient) ListOfBookmarks(ctx context.Context, resourceGroup } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.IncidentsClient", "ListOfBookmarks", err.Error()) + return result, validation.NewError("securityinsight.IncidentsClient", "ListBookmarks", err.Error()) } - req, err := client.ListOfBookmarksPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID) + req, err := client.ListBookmarksPreparer(ctx, resourceGroupName, workspaceName, incidentID) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListOfBookmarks", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListBookmarks", nil, "Failure preparing request") return } - resp, err := client.ListOfBookmarksSender(req) + resp, err := client.ListBookmarksSender(req) if err != nil { result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListOfBookmarks", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListBookmarks", resp, "Failure sending request") return } - result, err = client.ListOfBookmarksResponder(resp) + result, err = client.ListBookmarksResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListOfBookmarks", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListBookmarks", resp, "Failure responding to request") return } return } -// ListOfBookmarksPreparer prepares the ListOfBookmarks request. -func (client IncidentsClient) ListOfBookmarksPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (*http.Request, error) { +// ListBookmarksPreparer prepares the ListBookmarks request. +func (client IncidentsClient) ListBookmarksPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -641,20 +707,20 @@ func (client IncidentsClient) ListOfBookmarksPreparer(ctx context.Context, resou preparer := autorest.CreatePreparer( autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/bookmarks", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/bookmarks", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// ListOfBookmarksSender sends the ListOfBookmarks request. The method will close the +// ListBookmarksSender sends the ListBookmarks request. The method will close the // http.Response Body if it receives an error. -func (client IncidentsClient) ListOfBookmarksSender(req *http.Request) (*http.Response, error) { +func (client IncidentsClient) ListBookmarksSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// ListOfBookmarksResponder handles the response to the ListOfBookmarks request. The method always +// ListBookmarksResponder handles the response to the ListBookmarks request. The method always // closes the http.Response Body. -func (client IncidentsClient) ListOfBookmarksResponder(resp *http.Response) (result IncidentBookmarkList, err error) { +func (client IncidentsClient) ListBookmarksResponder(resp *http.Response) (result IncidentBookmarkList, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK), @@ -664,17 +730,14 @@ func (client IncidentsClient) ListOfBookmarksResponder(resp *http.Response) (res return } -// ListOfEntities gets all incident related entities. +// ListEntities gets all incident related entities. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // incidentID - incident ID -func (client IncidentsClient) ListOfEntities(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (result IncidentEntitiesResponse, err error) { +func (client IncidentsClient) ListEntities(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (result IncidentEntitiesResponse, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.ListOfEntities") + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.ListEntities") defer func() { sc := -1 if result.Response.Response != nil { @@ -685,50 +748,48 @@ func (client IncidentsClient) ListOfEntities(ctx context.Context, resourceGroupN } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.IncidentsClient", "ListOfEntities", err.Error()) + return result, validation.NewError("securityinsight.IncidentsClient", "ListEntities", err.Error()) } - req, err := client.ListOfEntitiesPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID) + req, err := client.ListEntitiesPreparer(ctx, resourceGroupName, workspaceName, incidentID) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListOfEntities", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListEntities", nil, "Failure preparing request") return } - resp, err := client.ListOfEntitiesSender(req) + resp, err := client.ListEntitiesSender(req) if err != nil { result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListOfEntities", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListEntities", resp, "Failure sending request") return } - result, err = client.ListOfEntitiesResponder(resp) + result, err = client.ListEntitiesResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListOfEntities", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "ListEntities", resp, "Failure responding to request") return } return } -// ListOfEntitiesPreparer prepares the ListOfEntities request. -func (client IncidentsClient) ListOfEntitiesPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (*http.Request, error) { +// ListEntitiesPreparer prepares the ListEntities request. +func (client IncidentsClient) ListEntitiesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, incidentID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "incidentId": autorest.Encode("path", incidentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "incidentId": autorest.Encode("path", incidentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -736,20 +797,20 @@ func (client IncidentsClient) ListOfEntitiesPreparer(ctx context.Context, resour preparer := autorest.CreatePreparer( autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/entities", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/entities", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// ListOfEntitiesSender sends the ListOfEntities request. The method will close the +// ListEntitiesSender sends the ListEntities request. The method will close the // http.Response Body if it receives an error. -func (client IncidentsClient) ListOfEntitiesSender(req *http.Request) (*http.Response, error) { +func (client IncidentsClient) ListEntitiesSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// ListOfEntitiesResponder handles the response to the ListOfEntities request. The method always +// ListEntitiesResponder handles the response to the ListEntities request. The method always // closes the http.Response Body. -func (client IncidentsClient) ListOfEntitiesResponder(resp *http.Response) (result IncidentEntitiesResponse, err error) { +func (client IncidentsClient) ListEntitiesResponder(resp *http.Response) (result IncidentEntitiesResponse, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK), diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/ipgeodata.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/ipgeodata.go new file mode 100644 index 000000000000..6c18469639e6 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/ipgeodata.go @@ -0,0 +1,117 @@ +package securityinsight + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// IPGeodataClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type IPGeodataClient struct { + BaseClient +} + +// NewIPGeodataClient creates an instance of the IPGeodataClient client. +func NewIPGeodataClient(subscriptionID string) IPGeodataClient { + return NewIPGeodataClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewIPGeodataClientWithBaseURI creates an instance of the IPGeodataClient client using a custom endpoint. Use this +// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). +func NewIPGeodataClientWithBaseURI(baseURI string, subscriptionID string) IPGeodataClient { + return IPGeodataClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// Get get geodata for a single IP address +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// IPAddress - IP address (v4 or v6) to be enriched +func (client IPGeodataClient) Get(ctx context.Context, resourceGroupName string, IPAddress string) (result EnrichmentIPGeodata, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IPGeodataClient.Get") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IPGeodataClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, IPAddress) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IPGeodataClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IPGeodataClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IPGeodataClient", "Get", resp, "Failure responding to request") + return + } + + return +} + +// GetPreparer prepares the Get request. +func (client IPGeodataClient) GetPreparer(ctx context.Context, resourceGroupName string, IPAddress string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + "ipAddress": autorest.Encode("query", IPAddress), + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/ip/geodata/", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client IPGeodataClient) GetSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client IPGeodataClient) GetResponder(resp *http.Response) (result EnrichmentIPGeodata, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/metadata.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/metadata.go new file mode 100644 index 000000000000..28af0b1190e1 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/metadata.go @@ -0,0 +1,547 @@ +package securityinsight + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// MetadataClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type MetadataClient struct { + BaseClient +} + +// NewMetadataClient creates an instance of the MetadataClient client. +func NewMetadataClient(subscriptionID string) MetadataClient { + return NewMetadataClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewMetadataClientWithBaseURI creates an instance of the MetadataClient client using a custom endpoint. Use this +// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). +func NewMetadataClientWithBaseURI(baseURI string, subscriptionID string) MetadataClient { + return MetadataClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// Create create a Metadata. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// metadataName - the Metadata name. +// metadata - metadata resource. +func (client MetadataClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadata MetadataModel) (result MetadataModel, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/MetadataClient.Create") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: metadata, + Constraints: []validation.Constraint{{Target: "metadata.MetadataProperties", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "metadata.MetadataProperties.ParentID", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { + return result, validation.NewError("securityinsight.MetadataClient", "Create", err.Error()) + } + + req, err := client.CreatePreparer(ctx, resourceGroupName, workspaceName, metadataName, metadata) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Create", nil, "Failure preparing request") + return + } + + resp, err := client.CreateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Create", resp, "Failure sending request") + return + } + + result, err = client.CreateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Create", resp, "Failure responding to request") + return + } + + return +} + +// CreatePreparer prepares the Create request. +func (client MetadataClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadata MetadataModel) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "metadataName": autorest.Encode("path", metadataName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}", pathParameters), + autorest.WithJSON(metadata), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateSender sends the Create request. The method will close the +// http.Response Body if it receives an error. +func (client MetadataClient) CreateSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// CreateResponder handles the response to the Create request. The method always +// closes the http.Response Body. +func (client MetadataClient) CreateResponder(resp *http.Response) (result MetadataModel, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Delete delete a Metadata. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// metadataName - the Metadata name. +func (client MetadataClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string) (result autorest.Response, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/MetadataClient.Delete") + defer func() { + sc := -1 + if result.Response != nil { + sc = result.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.MetadataClient", "Delete", err.Error()) + } + + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, metadataName) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Delete", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Delete", resp, "Failure sending request") + return + } + + result, err = client.DeleteResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Delete", resp, "Failure responding to request") + return + } + + return +} + +// DeletePreparer prepares the Delete request. +func (client MetadataClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "metadataName": autorest.Encode("path", metadataName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteSender sends the Delete request. The method will close the +// http.Response Body if it receives an error. +func (client MetadataClient) DeleteSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// DeleteResponder handles the response to the Delete request. The method always +// closes the http.Response Body. +func (client MetadataClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// Get get a Metadata. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// metadataName - the Metadata name. +func (client MetadataClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string) (result MetadataModel, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/MetadataClient.Get") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.MetadataClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, metadataName) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Get", resp, "Failure responding to request") + return + } + + return +} + +// GetPreparer prepares the Get request. +func (client MetadataClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "metadataName": autorest.Encode("path", metadataName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client MetadataClient) GetSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client MetadataClient) GetResponder(resp *http.Response) (result MetadataModel, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// List list of all metadata +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// filter - filters the results, based on a Boolean condition. Optional. +// orderby - sorts the results. Optional. +// top - returns only the first n results. Optional. +// skip - used to skip n elements in the OData query (offset). Returns a nextLink to the next page of results +// if there are any left. +func (client MetadataClient) List(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skip *int32) (result MetadataListPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/MetadataClient.List") + defer func() { + sc := -1 + if result.ml.Response.Response != nil { + sc = result.ml.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.MetadataClient", "List", err.Error()) + } + + result.fn = client.listNextResults + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, filter, orderby, top, skip) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.ml.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "List", resp, "Failure sending request") + return + } + + result.ml, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "List", resp, "Failure responding to request") + return + } + if result.ml.hasNextLink() && result.ml.IsEmpty() { + err = result.NextWithContext(ctx) + return + } + + return +} + +// ListPreparer prepares the List request. +func (client MetadataClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skip *int32) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(filter) > 0 { + queryParameters["$filter"] = autorest.Encode("query", filter) + } + if len(orderby) > 0 { + queryParameters["$orderby"] = autorest.Encode("query", orderby) + } + if top != nil { + queryParameters["$top"] = autorest.Encode("query", *top) + } + if skip != nil { + queryParameters["$skip"] = autorest.Encode("query", *skip) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client MetadataClient) ListSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client MetadataClient) ListResponder(resp *http.Response) (result MetadataList, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listNextResults retrieves the next set of results, if any. +func (client MetadataClient) listNextResults(ctx context.Context, lastResults MetadataList) (result MetadataList, err error) { + req, err := lastResults.metadataListPreparer(ctx) + if err != nil { + return result, autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "listNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "listNextResults", resp, "Failure sending next results request") + } + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "listNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client MetadataClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skip *int32) (result MetadataListIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/MetadataClient.List") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.List(ctx, resourceGroupName, workspaceName, filter, orderby, top, skip) + return +} + +// Update update an existing Metadata. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// metadataName - the Metadata name. +// metadataPatch - partial metadata request. +func (client MetadataClient) Update(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadataPatch MetadataPatch) (result MetadataModel, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/MetadataClient.Update") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.MetadataClient", "Update", err.Error()) + } + + req, err := client.UpdatePreparer(ctx, resourceGroupName, workspaceName, metadataName, metadataPatch) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Update", nil, "Failure preparing request") + return + } + + resp, err := client.UpdateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Update", resp, "Failure sending request") + return + } + + result, err = client.UpdateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.MetadataClient", "Update", resp, "Failure responding to request") + return + } + + return +} + +// UpdatePreparer prepares the Update request. +func (client MetadataClient) UpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, metadataName string, metadataPatch MetadataPatch) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "metadataName": autorest.Encode("path", metadataName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPatch(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}", pathParameters), + autorest.WithJSON(metadataPatch), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// UpdateSender sends the Update request. The method will close the +// http.Response Body if it receives an error. +func (client MetadataClient) UpdateSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// UpdateResponder handles the response to the Update request. The method always +// closes the http.Response Body. +func (client MetadataClient) UpdateResponder(resp *http.Response) (result MetadataModel, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/models.go similarity index 71% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/models.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/models.go index b5703c18279d..e438463506d6 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/models.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/models.go @@ -18,13 +18,13 @@ import ( ) // The package's fully qualified name. -const fqdn = "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight" +const fqdn = "github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight" // AADCheckRequirements represents AAD (Azure Active Directory) requirements check request. type AADCheckRequirements struct { // AADCheckRequirementsProperties - AAD (Azure Active Directory) requirements check properties. *AADCheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` } @@ -51,16 +51,6 @@ func (acr AADCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirement return nil, false } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements. -func (acr AADCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return nil, false -} - -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements. -func (acr AADCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false -} - // AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements. func (acr AADCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false @@ -71,6 +61,11 @@ func (acr AADCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTra return nil, false } +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements. +func (acr AADCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { + return nil, false +} + // AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements. func (acr AADCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false @@ -86,11 +81,26 @@ func (acr AADCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequireme return nil, false } +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements. +func (acr AADCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { + return nil, false +} + +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements. +func (acr AADCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { + return nil, false +} + // AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements. func (acr AADCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements. +func (acr AADCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { + return nil, false +} + // AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AADCheckRequirements. func (acr AADCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return nil, false @@ -154,15 +164,17 @@ type AADCheckRequirementsProperties struct { type AADDataConnector struct { // AADDataConnectorProperties - AAD (Azure Active Directory) data connector properties. *AADDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' Kind KindBasicDataConnector `json:"kind,omitempty"` } @@ -173,12 +185,12 @@ func (adc AADDataConnector) MarshalJSON() ([]byte, error) { if adc.AADDataConnectorProperties != nil { objectMap["properties"] = adc.AADDataConnectorProperties } - if adc.Etag != nil { - objectMap["etag"] = adc.Etag - } if adc.Kind != "" { objectMap["kind"] = adc.Kind } + if adc.Etag != nil { + objectMap["etag"] = adc.Etag + } return json.Marshal(objectMap) } @@ -187,11 +199,6 @@ func (adc AADDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return &adc, true } -// AsAATPDataConnector is the BasicDataConnector implementation for AADDataConnector. -func (adc AADDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - // AsMSTIDataConnector is the BasicDataConnector implementation for AADDataConnector. func (adc AADDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false @@ -202,6 +209,11 @@ func (adc AADDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { return nil, false } +// AsAATPDataConnector is the BasicDataConnector implementation for AADDataConnector. +func (adc AADDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false +} + // AsASCDataConnector is the BasicDataConnector implementation for AADDataConnector. func (adc AADDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false @@ -212,8 +224,8 @@ func (adc AADDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataCo return nil, false } -// AsDynamics365DataConnector is the BasicDataConnector implementation for AADDataConnector. -func (adc AADDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for AADDataConnector. +func (adc AADDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } @@ -222,8 +234,8 @@ func (adc AADDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for AADDataConnector. -func (adc AADDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for AADDataConnector. +func (adc AADDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } @@ -232,6 +244,16 @@ func (adc AADDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, return nil, false } +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for AADDataConnector. +func (adc AADDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for AADDataConnector. +func (adc AADDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + // AsOfficeDataConnector is the BasicDataConnector implementation for AADDataConnector. func (adc AADDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false @@ -247,6 +269,16 @@ func (adc AADDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, boo return nil, false } +// AsCodelessUIDataConnector is the BasicDataConnector implementation for AADDataConnector. +func (adc AADDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return nil, false +} + +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for AADDataConnector. +func (adc AADDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return nil, false +} + // AsDataConnector is the BasicDataConnector implementation for AADDataConnector. func (adc AADDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false @@ -275,6 +307,24 @@ func (adc *AADDataConnector) UnmarshalJSON(body []byte) error { } adc.AADDataConnectorProperties = &aADDataConnectorProperties } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + adc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + adc.Etag = &etag + } case "id": if v != nil { var ID string @@ -302,23 +352,14 @@ func (adc *AADDataConnector) UnmarshalJSON(body []byte) error { } adc.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - adc.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - adc.Kind = kind + adc.SystemData = &systemData } } } @@ -338,7 +379,7 @@ type AADDataConnectorProperties struct { type AATPCheckRequirements struct { // AATPCheckRequirementsProperties - AATP (Azure Advanced Threat Protection) requirements check properties. *AATPCheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` } @@ -365,16 +406,6 @@ func (acr AATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequiremen return &acr, true } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements. -func (acr AATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return nil, false -} - -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements. -func (acr AATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false -} - // AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements. func (acr AATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false @@ -385,6 +416,11 @@ func (acr AATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTr return nil, false } +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements. +func (acr AATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { + return nil, false +} + // AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements. func (acr AATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false @@ -400,11 +436,26 @@ func (acr AATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirem return nil, false } +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements. +func (acr AATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { + return nil, false +} + +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements. +func (acr AATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { + return nil, false +} + // AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements. func (acr AATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements. +func (acr AATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { + return nil, false +} + // AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AATPCheckRequirements. func (acr AATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return nil, false @@ -468,16 +519,18 @@ type AATPCheckRequirementsProperties struct { type AATPDataConnector struct { // AATPDataConnectorProperties - AATP (Azure Advanced Threat Protection) data connector properties. *AATPDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for AATPDataConnector. @@ -487,12 +540,12 @@ func (adc AATPDataConnector) MarshalJSON() ([]byte, error) { if adc.AATPDataConnectorProperties != nil { objectMap["properties"] = adc.AATPDataConnectorProperties } - if adc.Etag != nil { - objectMap["etag"] = adc.Etag - } if adc.Kind != "" { objectMap["kind"] = adc.Kind } + if adc.Etag != nil { + objectMap["etag"] = adc.Etag + } return json.Marshal(objectMap) } @@ -501,11 +554,6 @@ func (adc AATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsAATPDataConnector is the BasicDataConnector implementation for AATPDataConnector. -func (adc AATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return &adc, true -} - // AsMSTIDataConnector is the BasicDataConnector implementation for AATPDataConnector. func (adc AATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false @@ -516,6 +564,11 @@ func (adc AATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { return nil, false } +// AsAATPDataConnector is the BasicDataConnector implementation for AATPDataConnector. +func (adc AATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return &adc, true +} + // AsASCDataConnector is the BasicDataConnector implementation for AATPDataConnector. func (adc AATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false @@ -526,8 +579,8 @@ func (adc AATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataC return nil, false } -// AsDynamics365DataConnector is the BasicDataConnector implementation for AATPDataConnector. -func (adc AATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for AATPDataConnector. +func (adc AATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } @@ -536,8 +589,8 @@ func (adc AATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for AATPDataConnector. -func (adc AATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for AATPDataConnector. +func (adc AATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } @@ -546,6 +599,16 @@ func (adc AATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector return nil, false } +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for AATPDataConnector. +func (adc AATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for AATPDataConnector. +func (adc AATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + // AsOfficeDataConnector is the BasicDataConnector implementation for AATPDataConnector. func (adc AATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false @@ -561,6 +624,16 @@ func (adc AATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bo return nil, false } +// AsCodelessUIDataConnector is the BasicDataConnector implementation for AATPDataConnector. +func (adc AATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return nil, false +} + +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for AATPDataConnector. +func (adc AATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return nil, false +} + // AsDataConnector is the BasicDataConnector implementation for AATPDataConnector. func (adc AATPDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false @@ -589,6 +662,24 @@ func (adc *AATPDataConnector) UnmarshalJSON(body []byte) error { } adc.AATPDataConnectorProperties = &aATPDataConnectorProperties } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + adc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + adc.Etag = &etag + } case "id": if v != nil { var ID string @@ -616,23 +707,14 @@ func (adc *AATPDataConnector) UnmarshalJSON(body []byte) error { } adc.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - adc.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - adc.Kind = kind + adc.SystemData = &systemData } } } @@ -652,13 +734,15 @@ type AATPDataConnectorProperties struct { type AccountEntity struct { // AccountEntityProperties - Account entity properties *AccountEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' Kind KindBasicEntity `json:"kind,omitempty"` } @@ -675,53 +759,53 @@ func (ae AccountEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsAccountEntity() (*AccountEntity, bool) { - return &ae, true +// AsURLEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsURLEntity() (*URLEntity, bool) { + return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } @@ -730,54 +814,54 @@ func (ae AccountEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false +// AsAccountEntity is the BasicEntity implementation for AccountEntity. +func (ae AccountEntity) AsAccountEntity() (*AccountEntity, bool) { + return &ae, true } // AsEntity is the BasicEntity implementation for AccountEntity. @@ -808,6 +892,15 @@ func (ae *AccountEntity) UnmarshalJSON(body []byte) error { } ae.AccountEntityProperties = &accountEntityProperties } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + ae.Kind = kind + } case "id": if v != nil { var ID string @@ -835,14 +928,14 @@ func (ae *AccountEntity) UnmarshalJSON(body []byte) error { } ae.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - ae.Kind = kind + ae.SystemData = &systemData } } } @@ -864,7 +957,7 @@ type AccountEntityProperties struct { HostEntityID *string `json:"hostEntityId,omitempty"` // IsDomainJoined - READ-ONLY; Determines whether this is a domain account. IsDomainJoined *bool `json:"isDomainJoined,omitempty"` - // NtDomain - READ-ONLY; The NetBIOS domain name as it appears in the alert format – domain\username. Examples: NT AUTHORITY. + // NtDomain - READ-ONLY; The NetBIOS domain name as it appears in the alert format domain/username. Examples: NT AUTHORITY. NtDomain *string `json:"ntDomain,omitempty"` // ObjectGUID - READ-ONLY; The objectGUID attribute is a single-value attribute that is the unique identifier for the object, assigned by active directory. ObjectGUID *uuid.UUID `json:"objectGuid,omitempty"` @@ -898,14 +991,16 @@ type ActionPropertiesBase struct { type ActionRequest struct { // ActionRequestProperties - Action properties for put request *ActionRequestProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for ActionRequest. @@ -938,6 +1033,15 @@ func (ar *ActionRequest) UnmarshalJSON(body []byte) error { } ar.ActionRequestProperties = &actionRequestProperties } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + ar.Etag = &etag + } case "id": if v != nil { var ID string @@ -965,14 +1069,14 @@ func (ar *ActionRequest) UnmarshalJSON(body []byte) error { } ar.Type = &typeVar } - case "etag": + case "systemData": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - ar.Etag = &etag + ar.SystemData = &systemData } } } @@ -991,27 +1095,29 @@ type ActionRequestProperties struct { // ActionResponse action for alert rule. type ActionResponse struct { autorest.Response `json:"-"` - // Etag - Etag of the action. - Etag *string `json:"etag,omitempty"` // ActionResponseProperties - Action properties for get request *ActionResponseProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for ActionResponse. func (ar ActionResponse) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if ar.Etag != nil { - objectMap["etag"] = ar.Etag - } if ar.ActionResponseProperties != nil { objectMap["properties"] = ar.ActionResponseProperties } + if ar.Etag != nil { + objectMap["etag"] = ar.Etag + } return json.Marshal(objectMap) } @@ -1024,23 +1130,23 @@ func (ar *ActionResponse) UnmarshalJSON(body []byte) error { } for k, v := range m { switch k { - case "etag": + case "properties": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var actionResponseProperties ActionResponseProperties + err = json.Unmarshal(*v, &actionResponseProperties) if err != nil { return err } - ar.Etag = &etag + ar.ActionResponseProperties = &actionResponseProperties } - case "properties": + case "etag": if v != nil { - var actionResponseProperties ActionResponseProperties - err = json.Unmarshal(*v, &actionResponseProperties) + var etag string + err = json.Unmarshal(*v, &etag) if err != nil { return err } - ar.ActionResponseProperties = &actionResponseProperties + ar.Etag = &etag } case "id": if v != nil { @@ -1069,6 +1175,15 @@ func (ar *ActionResponse) UnmarshalJSON(body []byte) error { } ar.Type = &typeVar } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + ar.SystemData = &systemData + } } } @@ -1251,184 +1366,587 @@ func NewActionsListPage(cur ActionsList, getNextPage func(context.Context, Actio } } -// ActivityTimelineItem represents Activity timeline item. -type ActivityTimelineItem struct { - // QueryID - The activity query id. - QueryID *string `json:"queryId,omitempty"` - // BucketStartTimeUTC - The grouping bucket start time. - BucketStartTimeUTC *date.Time `json:"bucketStartTimeUTC,omitempty"` - // BucketEndTimeUTC - The grouping bucket end time. - BucketEndTimeUTC *date.Time `json:"bucketEndTimeUTC,omitempty"` - // FirstActivityTimeUTC - The time of the first activity in the grouping bucket. - FirstActivityTimeUTC *date.Time `json:"firstActivityTimeUTC,omitempty"` - // LastActivityTimeUTC - The time of the last activity in the grouping bucket. - LastActivityTimeUTC *date.Time `json:"lastActivityTimeUTC,omitempty"` - // Content - The activity timeline content. - Content *string `json:"content,omitempty"` - // Title - The activity timeline title. +// ActivityCustomEntityQuery represents Activity entity query. +type ActivityCustomEntityQuery struct { + // ActivityEntityQueriesProperties - Activity entity query properties + *ActivityEntityQueriesProperties `json:"properties,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` + // Kind - Possible values include: 'KindBasicCustomEntityQueryKindCustomEntityQuery', 'KindBasicCustomEntityQueryKindActivity' + Kind KindBasicCustomEntityQuery `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for ActivityCustomEntityQuery. +func (aceq ActivityCustomEntityQuery) MarshalJSON() ([]byte, error) { + aceq.Kind = KindBasicCustomEntityQueryKindActivity + objectMap := make(map[string]interface{}) + if aceq.ActivityEntityQueriesProperties != nil { + objectMap["properties"] = aceq.ActivityEntityQueriesProperties + } + if aceq.Kind != "" { + objectMap["kind"] = aceq.Kind + } + if aceq.Etag != nil { + objectMap["etag"] = aceq.Etag + } + return json.Marshal(objectMap) +} + +// AsActivityCustomEntityQuery is the BasicCustomEntityQuery implementation for ActivityCustomEntityQuery. +func (aceq ActivityCustomEntityQuery) AsActivityCustomEntityQuery() (*ActivityCustomEntityQuery, bool) { + return &aceq, true +} + +// AsCustomEntityQuery is the BasicCustomEntityQuery implementation for ActivityCustomEntityQuery. +func (aceq ActivityCustomEntityQuery) AsCustomEntityQuery() (*CustomEntityQuery, bool) { + return nil, false +} + +// AsBasicCustomEntityQuery is the BasicCustomEntityQuery implementation for ActivityCustomEntityQuery. +func (aceq ActivityCustomEntityQuery) AsBasicCustomEntityQuery() (BasicCustomEntityQuery, bool) { + return &aceq, true +} + +// UnmarshalJSON is the custom unmarshaler for ActivityCustomEntityQuery struct. +func (aceq *ActivityCustomEntityQuery) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var activityEntityQueriesProperties ActivityEntityQueriesProperties + err = json.Unmarshal(*v, &activityEntityQueriesProperties) + if err != nil { + return err + } + aceq.ActivityEntityQueriesProperties = &activityEntityQueriesProperties + } + case "kind": + if v != nil { + var kind KindBasicCustomEntityQuery + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + aceq.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + aceq.Etag = &etag + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + aceq.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + aceq.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + aceq.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + aceq.SystemData = &systemData + } + } + } + + return nil +} + +// ActivityEntityQueriesProperties describes activity entity query properties +type ActivityEntityQueriesProperties struct { + // Title - The entity query title Title *string `json:"title,omitempty"` - // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindSecurityAlert', 'KindBasicEntityTimelineItemKindBookmark' - Kind KindBasicEntityTimelineItem `json:"kind,omitempty"` + // Content - The entity query content to display in timeline + Content *string `json:"content,omitempty"` + // Description - The entity query description + Description *string `json:"description,omitempty"` + // QueryDefinitions - The Activity query definitions + QueryDefinitions *ActivityEntityQueriesPropertiesQueryDefinitions `json:"queryDefinitions,omitempty"` + // InputEntityType - The type of the query's source entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' + InputEntityType EntityType `json:"inputEntityType,omitempty"` + // RequiredInputFieldsSets - List of the fields of the source entity that are required to run the query + RequiredInputFieldsSets *[][]string `json:"requiredInputFieldsSets,omitempty"` + // EntitiesFilter - The query applied only to entities matching to all filters + EntitiesFilter map[string][]string `json:"entitiesFilter"` + // TemplateName - The template id this activity was created from + TemplateName *string `json:"templateName,omitempty"` + // Enabled - Determines whether this activity is enabled or disabled. + Enabled *bool `json:"enabled,omitempty"` + // CreatedTimeUtc - READ-ONLY; The time the activity was created + CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` + // LastModifiedTimeUtc - READ-ONLY; The last time the activity was updated + LastModifiedTimeUtc *date.Time `json:"lastModifiedTimeUtc,omitempty"` } -// MarshalJSON is the custom marshaler for ActivityTimelineItem. -func (ati ActivityTimelineItem) MarshalJSON() ([]byte, error) { - ati.Kind = KindBasicEntityTimelineItemKindActivity +// MarshalJSON is the custom marshaler for ActivityEntityQueriesProperties. +func (aeqp ActivityEntityQueriesProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if ati.QueryID != nil { - objectMap["queryId"] = ati.QueryID + if aeqp.Title != nil { + objectMap["title"] = aeqp.Title } - if ati.BucketStartTimeUTC != nil { - objectMap["bucketStartTimeUTC"] = ati.BucketStartTimeUTC + if aeqp.Content != nil { + objectMap["content"] = aeqp.Content } - if ati.BucketEndTimeUTC != nil { - objectMap["bucketEndTimeUTC"] = ati.BucketEndTimeUTC + if aeqp.Description != nil { + objectMap["description"] = aeqp.Description } - if ati.FirstActivityTimeUTC != nil { - objectMap["firstActivityTimeUTC"] = ati.FirstActivityTimeUTC + if aeqp.QueryDefinitions != nil { + objectMap["queryDefinitions"] = aeqp.QueryDefinitions } - if ati.LastActivityTimeUTC != nil { - objectMap["lastActivityTimeUTC"] = ati.LastActivityTimeUTC + if aeqp.InputEntityType != "" { + objectMap["inputEntityType"] = aeqp.InputEntityType } - if ati.Content != nil { - objectMap["content"] = ati.Content + if aeqp.RequiredInputFieldsSets != nil { + objectMap["requiredInputFieldsSets"] = aeqp.RequiredInputFieldsSets } - if ati.Title != nil { - objectMap["title"] = ati.Title + if aeqp.EntitiesFilter != nil { + objectMap["entitiesFilter"] = aeqp.EntitiesFilter } - if ati.Kind != "" { - objectMap["kind"] = ati.Kind + if aeqp.TemplateName != nil { + objectMap["templateName"] = aeqp.TemplateName + } + if aeqp.Enabled != nil { + objectMap["enabled"] = aeqp.Enabled } return json.Marshal(objectMap) } -// AsActivityTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem. -func (ati ActivityTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool) { - return &ati, true +// ActivityEntityQueriesPropertiesQueryDefinitions the Activity query definitions +type ActivityEntityQueriesPropertiesQueryDefinitions struct { + // Query - The Activity query to run on a given entity + Query *string `json:"query,omitempty"` } -// AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem. -func (ati ActivityTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) { - return nil, false +// ActivityEntityQuery represents Activity entity query. +type ActivityEntityQuery struct { + // ActivityEntityQueriesProperties - Activity entity query properties + *ActivityEntityQueriesProperties `json:"properties,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` + // Kind - Possible values include: 'KindBasicEntityQueryKindEntityQuery', 'KindBasicEntityQueryKindExpansion', 'KindBasicEntityQueryKindActivity' + Kind KindBasicEntityQuery `json:"kind,omitempty"` } -// AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem. -func (ati ActivityTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool) { - return nil, false +// MarshalJSON is the custom marshaler for ActivityEntityQuery. +func (aeq ActivityEntityQuery) MarshalJSON() ([]byte, error) { + aeq.Kind = KindBasicEntityQueryKindActivity + objectMap := make(map[string]interface{}) + if aeq.ActivityEntityQueriesProperties != nil { + objectMap["properties"] = aeq.ActivityEntityQueriesProperties + } + if aeq.Kind != "" { + objectMap["kind"] = aeq.Kind + } + if aeq.Etag != nil { + objectMap["etag"] = aeq.Etag + } + return json.Marshal(objectMap) } -// AsEntityTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem. -func (ati ActivityTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool) { +// AsExpansionEntityQuery is the BasicEntityQuery implementation for ActivityEntityQuery. +func (aeq ActivityEntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool) { return nil, false } -// AsBasicEntityTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem. -func (ati ActivityTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool) { - return &ati, true +// AsActivityEntityQuery is the BasicEntityQuery implementation for ActivityEntityQuery. +func (aeq ActivityEntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool) { + return &aeq, true } -// BasicAggregations the aggregation. -type BasicAggregations interface { - AsCasesAggregation() (*CasesAggregation, bool) - AsAggregations() (*Aggregations, bool) +// AsEntityQuery is the BasicEntityQuery implementation for ActivityEntityQuery. +func (aeq ActivityEntityQuery) AsEntityQuery() (*EntityQuery, bool) { + return nil, false } -// Aggregations the aggregation. -type Aggregations struct { - autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindAggregations', 'KindCasesAggregation' - Kind Kind `json:"kind,omitempty"` +// AsBasicEntityQuery is the BasicEntityQuery implementation for ActivityEntityQuery. +func (aeq ActivityEntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool) { + return &aeq, true } -func unmarshalBasicAggregations(body []byte) (BasicAggregations, error) { - var m map[string]interface{} +// UnmarshalJSON is the custom unmarshaler for ActivityEntityQuery struct. +func (aeq *ActivityEntityQuery) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { - return nil, err - } - - switch m["kind"] { - case string(KindCasesAggregation): - var ca CasesAggregation - err := json.Unmarshal(body, &ca) - return ca, err - default: - var a Aggregations - err := json.Unmarshal(body, &a) - return a, err + return err } -} -func unmarshalBasicAggregationsArray(body []byte) ([]BasicAggregations, error) { - var rawMessages []*json.RawMessage - err := json.Unmarshal(body, &rawMessages) - if err != nil { - return nil, err + for k, v := range m { + switch k { + case "properties": + if v != nil { + var activityEntityQueriesProperties ActivityEntityQueriesProperties + err = json.Unmarshal(*v, &activityEntityQueriesProperties) + if err != nil { + return err + } + aeq.ActivityEntityQueriesProperties = &activityEntityQueriesProperties + } + case "kind": + if v != nil { + var kind KindBasicEntityQuery + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + aeq.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + aeq.Etag = &etag + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + aeq.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + aeq.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + aeq.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + aeq.SystemData = &systemData + } + } } - aArray := make([]BasicAggregations, len(rawMessages)) + return nil +} - for index, rawMessage := range rawMessages { - a, err := unmarshalBasicAggregations(*rawMessage) - if err != nil { - return nil, err - } - aArray[index] = a - } - return aArray, nil +// ActivityEntityQueryTemplate represents Activity entity query. +type ActivityEntityQueryTemplate struct { + // ActivityEntityQueryTemplateProperties - Activity entity query properties + *ActivityEntityQueryTemplateProperties `json:"properties,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` + // Kind - Possible values include: 'KindBasicEntityQueryTemplateKindEntityQueryTemplate', 'KindBasicEntityQueryTemplateKindActivity' + Kind KindBasicEntityQueryTemplate `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for Aggregations. -func (a Aggregations) MarshalJSON() ([]byte, error) { - a.Kind = KindAggregations +// MarshalJSON is the custom marshaler for ActivityEntityQueryTemplate. +func (aeqt ActivityEntityQueryTemplate) MarshalJSON() ([]byte, error) { + aeqt.Kind = KindBasicEntityQueryTemplateKindActivity objectMap := make(map[string]interface{}) - if a.Kind != "" { - objectMap["kind"] = a.Kind + if aeqt.ActivityEntityQueryTemplateProperties != nil { + objectMap["properties"] = aeqt.ActivityEntityQueryTemplateProperties + } + if aeqt.Kind != "" { + objectMap["kind"] = aeqt.Kind } return json.Marshal(objectMap) } -// AsCasesAggregation is the BasicAggregations implementation for Aggregations. -func (a Aggregations) AsCasesAggregation() (*CasesAggregation, bool) { +// AsActivityEntityQueryTemplate is the BasicEntityQueryTemplate implementation for ActivityEntityQueryTemplate. +func (aeqt ActivityEntityQueryTemplate) AsActivityEntityQueryTemplate() (*ActivityEntityQueryTemplate, bool) { + return &aeqt, true +} + +// AsEntityQueryTemplate is the BasicEntityQueryTemplate implementation for ActivityEntityQueryTemplate. +func (aeqt ActivityEntityQueryTemplate) AsEntityQueryTemplate() (*EntityQueryTemplate, bool) { return nil, false } -// AsAggregations is the BasicAggregations implementation for Aggregations. -func (a Aggregations) AsAggregations() (*Aggregations, bool) { - return &a, true +// AsBasicEntityQueryTemplate is the BasicEntityQueryTemplate implementation for ActivityEntityQueryTemplate. +func (aeqt ActivityEntityQueryTemplate) AsBasicEntityQueryTemplate() (BasicEntityQueryTemplate, bool) { + return &aeqt, true } -// AsBasicAggregations is the BasicAggregations implementation for Aggregations. -func (a Aggregations) AsBasicAggregations() (BasicAggregations, bool) { - return &a, true +// UnmarshalJSON is the custom unmarshaler for ActivityEntityQueryTemplate struct. +func (aeqt *ActivityEntityQueryTemplate) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var activityEntityQueryTemplateProperties ActivityEntityQueryTemplateProperties + err = json.Unmarshal(*v, &activityEntityQueryTemplateProperties) + if err != nil { + return err + } + aeqt.ActivityEntityQueryTemplateProperties = &activityEntityQueryTemplateProperties + } + case "kind": + if v != nil { + var kind KindBasicEntityQueryTemplate + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + aeqt.Kind = kind + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + aeqt.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + aeqt.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + aeqt.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + aeqt.SystemData = &systemData + } + } + } + + return nil } -// AggregationsKind describes an Azure resource with kind. -type AggregationsKind struct { - // Kind - The kind of the setting - Kind *string `json:"kind,omitempty"` +// ActivityEntityQueryTemplateProperties describes activity entity query properties +type ActivityEntityQueryTemplateProperties struct { + // Title - The entity query title + Title *string `json:"title,omitempty"` + // Content - The entity query content to display in timeline + Content *string `json:"content,omitempty"` + // Description - The entity query description + Description *string `json:"description,omitempty"` + // QueryDefinitions - The Activity query definitions + QueryDefinitions *ActivityEntityQueryTemplatePropertiesQueryDefinitions `json:"queryDefinitions,omitempty"` + // DataTypes - List of required data types for the given entity query template + DataTypes *[]DataTypeDefinitions `json:"dataTypes,omitempty"` + // InputEntityType - The type of the query's source entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' + InputEntityType EntityType `json:"inputEntityType,omitempty"` + // RequiredInputFieldsSets - List of the fields of the source entity that are required to run the query + RequiredInputFieldsSets *[][]string `json:"requiredInputFieldsSets,omitempty"` + // EntitiesFilter - The query applied only to entities matching to all filters + EntitiesFilter map[string][]string `json:"entitiesFilter"` } -// AggregationsModel ... -type AggregationsModel struct { - autorest.Response `json:"-"` - Value BasicAggregations `json:"value,omitempty"` +// MarshalJSON is the custom marshaler for ActivityEntityQueryTemplateProperties. +func (aeqtp ActivityEntityQueryTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if aeqtp.Title != nil { + objectMap["title"] = aeqtp.Title + } + if aeqtp.Content != nil { + objectMap["content"] = aeqtp.Content + } + if aeqtp.Description != nil { + objectMap["description"] = aeqtp.Description + } + if aeqtp.QueryDefinitions != nil { + objectMap["queryDefinitions"] = aeqtp.QueryDefinitions + } + if aeqtp.DataTypes != nil { + objectMap["dataTypes"] = aeqtp.DataTypes + } + if aeqtp.InputEntityType != "" { + objectMap["inputEntityType"] = aeqtp.InputEntityType + } + if aeqtp.RequiredInputFieldsSets != nil { + objectMap["requiredInputFieldsSets"] = aeqtp.RequiredInputFieldsSets + } + if aeqtp.EntitiesFilter != nil { + objectMap["entitiesFilter"] = aeqtp.EntitiesFilter + } + return json.Marshal(objectMap) } -// UnmarshalJSON is the custom unmarshaler for AggregationsModel struct. -func (am *AggregationsModel) UnmarshalJSON(body []byte) error { - a, err := unmarshalBasicAggregations(body) - if err != nil { - return err +// ActivityEntityQueryTemplatePropertiesQueryDefinitions the Activity query definitions +type ActivityEntityQueryTemplatePropertiesQueryDefinitions struct { + // Query - The Activity query to run on a given entity + Query *string `json:"query,omitempty"` + // SummarizeBy - The dimensions we want to summarize the timeline results on, this is comma separated list + SummarizeBy *string `json:"summarizeBy,omitempty"` +} + +// ActivityTimelineItem represents Activity timeline item. +type ActivityTimelineItem struct { + // QueryID - The activity query id. + QueryID *string `json:"queryId,omitempty"` + // BucketStartTimeUTC - The grouping bucket start time. + BucketStartTimeUTC *date.Time `json:"bucketStartTimeUTC,omitempty"` + // BucketEndTimeUTC - The grouping bucket end time. + BucketEndTimeUTC *date.Time `json:"bucketEndTimeUTC,omitempty"` + // FirstActivityTimeUTC - The time of the first activity in the grouping bucket. + FirstActivityTimeUTC *date.Time `json:"firstActivityTimeUTC,omitempty"` + // LastActivityTimeUTC - The time of the last activity in the grouping bucket. + LastActivityTimeUTC *date.Time `json:"lastActivityTimeUTC,omitempty"` + // Content - The activity timeline content. + Content *string `json:"content,omitempty"` + // Title - The activity timeline title. + Title *string `json:"title,omitempty"` + // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindBookmark', 'KindBasicEntityTimelineItemKindSecurityAlert' + Kind KindBasicEntityTimelineItem `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for ActivityTimelineItem. +func (ati ActivityTimelineItem) MarshalJSON() ([]byte, error) { + ati.Kind = KindBasicEntityTimelineItemKindActivity + objectMap := make(map[string]interface{}) + if ati.QueryID != nil { + objectMap["queryId"] = ati.QueryID + } + if ati.BucketStartTimeUTC != nil { + objectMap["bucketStartTimeUTC"] = ati.BucketStartTimeUTC + } + if ati.BucketEndTimeUTC != nil { + objectMap["bucketEndTimeUTC"] = ati.BucketEndTimeUTC + } + if ati.FirstActivityTimeUTC != nil { + objectMap["firstActivityTimeUTC"] = ati.FirstActivityTimeUTC + } + if ati.LastActivityTimeUTC != nil { + objectMap["lastActivityTimeUTC"] = ati.LastActivityTimeUTC + } + if ati.Content != nil { + objectMap["content"] = ati.Content } - am.Value = a + if ati.Title != nil { + objectMap["title"] = ati.Title + } + if ati.Kind != "" { + objectMap["kind"] = ati.Kind + } + return json.Marshal(objectMap) +} - return nil +// AsActivityTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem. +func (ati ActivityTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool) { + return &ati, true +} + +// AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem. +func (ati ActivityTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool) { + return nil, false +} + +// AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem. +func (ati ActivityTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) { + return nil, false +} + +// AsEntityTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem. +func (ati ActivityTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool) { + return nil, false +} + +// AsBasicEntityTimelineItem is the BasicEntityTimelineItem implementation for ActivityTimelineItem. +func (ati ActivityTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool) { + return &ati, true +} + +// AlertDetailsOverride settings for how to dynamically override alert static details +type AlertDetailsOverride struct { + // AlertDisplayNameFormat - the format containing columns name(s) to override the alert name + AlertDisplayNameFormat *string `json:"alertDisplayNameFormat,omitempty"` + // AlertDescriptionFormat - the format containing columns name(s) to override the alert description + AlertDescriptionFormat *string `json:"alertDescriptionFormat,omitempty"` + // AlertTacticsColumnName - the column name to take the alert tactics from + AlertTacticsColumnName *string `json:"alertTacticsColumnName,omitempty"` + // AlertSeverityColumnName - the column name to take the alert severity from + AlertSeverityColumnName *string `json:"alertSeverityColumnName,omitempty"` } // BasicAlertRule alert rule. @@ -1438,22 +1956,25 @@ type BasicAlertRule interface { AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) AsScheduledAlertRule() (*ScheduledAlertRule, bool) + AsNrtAlertRule() (*NrtAlertRule, bool) AsAlertRule() (*AlertRule, bool) } // AlertRule alert rule. type AlertRule struct { autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' + Kind KindBasicAlertRule `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled' - Kind KindBasicAlertRule `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } func unmarshalBasicAlertRule(body []byte) (BasicAlertRule, error) { @@ -1484,6 +2005,10 @@ func unmarshalBasicAlertRule(body []byte) (BasicAlertRule, error) { var sar ScheduledAlertRule err := json.Unmarshal(body, &sar) return sar, err + case string(KindBasicAlertRuleKindNRT): + var nar NrtAlertRule + err := json.Unmarshal(body, &nar) + return nar, err default: var ar AlertRule err := json.Unmarshal(body, &ar) @@ -1513,12 +2038,12 @@ func unmarshalBasicAlertRuleArray(body []byte) ([]BasicAlertRule, error) { func (ar AlertRule) MarshalJSON() ([]byte, error) { ar.Kind = KindBasicAlertRuleKindAlertRule objectMap := make(map[string]interface{}) - if ar.Etag != nil { - objectMap["etag"] = ar.Etag - } if ar.Kind != "" { objectMap["kind"] = ar.Kind } + if ar.Etag != nil { + objectMap["etag"] = ar.Etag + } return json.Marshal(objectMap) } @@ -1547,6 +2072,11 @@ func (ar AlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { return nil, false } +// AsNrtAlertRule is the BasicAlertRule implementation for AlertRule. +func (ar AlertRule) AsNrtAlertRule() (*NrtAlertRule, bool) { + return nil, false +} + // AsAlertRule is the BasicAlertRule implementation for AlertRule. func (ar AlertRule) AsAlertRule() (*AlertRule, bool) { return &ar, true @@ -1557,12 +2087,6 @@ func (ar AlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { return &ar, true } -// AlertRuleKind1 describes an Azure resource with kind. -type AlertRuleKind1 struct { - // Kind - The kind of the alert rule. Possible values include: 'AlertRuleKindScheduled', 'AlertRuleKindMicrosoftSecurityIncidentCreation', 'AlertRuleKindFusion', 'AlertRuleKindMLBehaviorAnalytics', 'AlertRuleKindThreatIntelligence' - Kind AlertRuleKind `json:"kind,omitempty"` -} - // AlertRuleModel ... type AlertRuleModel struct { autorest.Response `json:"-"` @@ -1787,20 +2311,23 @@ type BasicAlertRuleTemplate interface { AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) + AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) } // AlertRuleTemplate alert rule template. type AlertRuleTemplate struct { autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' + Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' - Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } func unmarshalBasicAlertRuleTemplate(body []byte) (BasicAlertRuleTemplate, error) { @@ -1831,6 +2358,10 @@ func unmarshalBasicAlertRuleTemplate(body []byte) (BasicAlertRuleTemplate, error var sart ScheduledAlertRuleTemplate err := json.Unmarshal(body, &sart) return sart, err + case string(KindBasicAlertRuleTemplateKindNRT): + var nart NrtAlertRuleTemplate + err := json.Unmarshal(body, &nart) + return nart, err default: var art AlertRuleTemplate err := json.Unmarshal(body, &art) @@ -1891,6 +2422,11 @@ func (art AlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRule return nil, false } +// AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate. +func (art AlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool) { + return nil, false +} + // AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for AlertRuleTemplate. func (art AlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { return &art, true @@ -2168,20 +2704,176 @@ func NewAlertRuleTemplatesListPage(cur AlertRuleTemplatesList, getNextPage func( // AlertsDataTypeOfDataConnector alerts data type for data connectors. type AlertsDataTypeOfDataConnector struct { // Alerts - Alerts data type connection. - Alerts *AlertsDataTypeOfDataConnectorAlerts `json:"alerts,omitempty"` + Alerts *DataConnectorDataTypeCommon `json:"alerts,omitempty"` } -// AlertsDataTypeOfDataConnectorAlerts alerts data type connection. -type AlertsDataTypeOfDataConnectorAlerts struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' - State DataTypeState `json:"state,omitempty"` +// Anomalies settings with single toggle. +type Anomalies struct { + // AnomaliesSettingsProperties - Anomalies properties + *AnomaliesSettingsProperties `json:"properties,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` + // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindAnomalies', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' + Kind KindBasicSettings `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for Anomalies. +func (a Anomalies) MarshalJSON() ([]byte, error) { + a.Kind = KindBasicSettingsKindAnomalies + objectMap := make(map[string]interface{}) + if a.AnomaliesSettingsProperties != nil { + objectMap["properties"] = a.AnomaliesSettingsProperties + } + if a.Kind != "" { + objectMap["kind"] = a.Kind + } + if a.Etag != nil { + objectMap["etag"] = a.Etag + } + return json.Marshal(objectMap) +} + +// AsAnomalies is the BasicSettings implementation for Anomalies. +func (a Anomalies) AsAnomalies() (*Anomalies, bool) { + return &a, true +} + +// AsEyesOn is the BasicSettings implementation for Anomalies. +func (a Anomalies) AsEyesOn() (*EyesOn, bool) { + return nil, false +} + +// AsEntityAnalytics is the BasicSettings implementation for Anomalies. +func (a Anomalies) AsEntityAnalytics() (*EntityAnalytics, bool) { + return nil, false +} + +// AsUeba is the BasicSettings implementation for Anomalies. +func (a Anomalies) AsUeba() (*Ueba, bool) { + return nil, false +} + +// AsSettings is the BasicSettings implementation for Anomalies. +func (a Anomalies) AsSettings() (*Settings, bool) { + return nil, false +} + +// AsBasicSettings is the BasicSettings implementation for Anomalies. +func (a Anomalies) AsBasicSettings() (BasicSettings, bool) { + return &a, true +} + +// UnmarshalJSON is the custom unmarshaler for Anomalies struct. +func (a *Anomalies) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var anomaliesSettingsProperties AnomaliesSettingsProperties + err = json.Unmarshal(*v, &anomaliesSettingsProperties) + if err != nil { + return err + } + a.AnomaliesSettingsProperties = &anomaliesSettingsProperties + } + case "kind": + if v != nil { + var kind KindBasicSettings + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + a.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + a.Etag = &etag + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + a.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + a.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + a.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + a.SystemData = &systemData + } + } + } + + return nil +} + +// AnomaliesSettingsProperties anomalies property bag. +type AnomaliesSettingsProperties struct { + // IsEnabled - READ-ONLY; Determines whether the setting is enable or disabled. + IsEnabled *bool `json:"isEnabled,omitempty"` +} + +// MarshalJSON is the custom marshaler for AnomaliesSettingsProperties. +func (asp AnomaliesSettingsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) +} + +// APIPollingParameters represents Codeless API Polling data connector +type APIPollingParameters struct { + // ConnectorUIConfig - Config to describe the instructions blade + ConnectorUIConfig *CodelessUIConnectorConfigProperties `json:"connectorUiConfig,omitempty"` + // PollingConfig - Config to describe the polling instructions + PollingConfig *CodelessConnectorPollingConfigProperties `json:"pollingConfig,omitempty"` } // ASCCheckRequirements represents ASC (Azure Security Center) requirements check request. type ASCCheckRequirements struct { // ASCCheckRequirementsProperties - ASC (Azure Security Center) requirements check properties. *ASCCheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` } @@ -2208,16 +2900,6 @@ func (acr ASCCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirement return nil, false } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements. -func (acr ASCCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return nil, false -} - -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements. -func (acr ASCCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false -} - // AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements. func (acr ASCCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return &acr, true @@ -2228,6 +2910,11 @@ func (acr ASCCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTra return nil, false } +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements. +func (acr ASCCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { + return nil, false +} + // AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements. func (acr ASCCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false @@ -2243,11 +2930,26 @@ func (acr ASCCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequireme return nil, false } +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements. +func (acr ASCCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { + return nil, false +} + +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements. +func (acr ASCCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { + return nil, false +} + // AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements. func (acr ASCCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements. +func (acr ASCCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { + return nil, false +} + // AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for ASCCheckRequirements. func (acr ASCCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return nil, false @@ -2311,16 +3013,18 @@ type ASCCheckRequirementsProperties struct { type ASCDataConnector struct { // ASCDataConnectorProperties - ASC (Azure Security Center) data connector properties. *ASCDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for ASCDataConnector. @@ -2330,12 +3034,12 @@ func (adc ASCDataConnector) MarshalJSON() ([]byte, error) { if adc.ASCDataConnectorProperties != nil { objectMap["properties"] = adc.ASCDataConnectorProperties } - if adc.Etag != nil { - objectMap["etag"] = adc.Etag - } if adc.Kind != "" { objectMap["kind"] = adc.Kind } + if adc.Etag != nil { + objectMap["etag"] = adc.Etag + } return json.Marshal(objectMap) } @@ -2344,11 +3048,6 @@ func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsAATPDataConnector is the BasicDataConnector implementation for ASCDataConnector. -func (adc ASCDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - // AsMSTIDataConnector is the BasicDataConnector implementation for ASCDataConnector. func (adc ASCDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false @@ -2359,6 +3058,11 @@ func (adc ASCDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { return nil, false } +// AsAATPDataConnector is the BasicDataConnector implementation for ASCDataConnector. +func (adc ASCDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false +} + // AsASCDataConnector is the BasicDataConnector implementation for ASCDataConnector. func (adc ASCDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return &adc, true @@ -2369,8 +3073,8 @@ func (adc ASCDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataCo return nil, false } -// AsDynamics365DataConnector is the BasicDataConnector implementation for ASCDataConnector. -func (adc ASCDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for ASCDataConnector. +func (adc ASCDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } @@ -2379,8 +3083,8 @@ func (adc ASCDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for ASCDataConnector. -func (adc ASCDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for ASCDataConnector. +func (adc ASCDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } @@ -2389,6 +3093,16 @@ func (adc ASCDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, return nil, false } +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for ASCDataConnector. +func (adc ASCDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for ASCDataConnector. +func (adc ASCDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + // AsOfficeDataConnector is the BasicDataConnector implementation for ASCDataConnector. func (adc ASCDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false @@ -2404,6 +3118,16 @@ func (adc ASCDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, boo return nil, false } +// AsCodelessUIDataConnector is the BasicDataConnector implementation for ASCDataConnector. +func (adc ASCDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return nil, false +} + +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for ASCDataConnector. +func (adc ASCDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return nil, false +} + // AsDataConnector is the BasicDataConnector implementation for ASCDataConnector. func (adc ASCDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false @@ -2432,6 +3156,24 @@ func (adc *ASCDataConnector) UnmarshalJSON(body []byte) error { } adc.ASCDataConnectorProperties = &aSCDataConnectorProperties } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + adc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + adc.Etag = &etag + } case "id": if v != nil { var ID string @@ -2459,23 +3201,14 @@ func (adc *ASCDataConnector) UnmarshalJSON(body []byte) error { } adc.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - adc.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - adc.Kind = kind + adc.SystemData = &systemData } } } @@ -2496,14 +3229,16 @@ type AutomationRule struct { autorest.Response `json:"-"` // AutomationRuleProperties - Automation rule properties *AutomationRuleProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for AutomationRule. @@ -2536,6 +3271,15 @@ func (ar *AutomationRule) UnmarshalJSON(body []byte) error { } ar.AutomationRuleProperties = &automationRuleProperties } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + ar.Etag = &etag + } case "id": if v != nil { var ID string @@ -2563,14 +3307,14 @@ func (ar *AutomationRule) UnmarshalJSON(body []byte) error { } ar.Type = &typeVar } - case "etag": + case "systemData": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - ar.Etag = &etag + ar.SystemData = &systemData } } } @@ -2795,7 +3539,7 @@ type AutomationRuleModifyPropertiesActionActionConfiguration struct { Classification IncidentClassification `json:"classification,omitempty"` // ClassificationComment - Describes the reason the incident was closed ClassificationComment *string `json:"classificationComment,omitempty"` - // ClassificationReason - The classification reason to close the incident with. Possible values include: 'IncidentClassificationReasonSuspiciousActivity', 'IncidentClassificationReasonSuspiciousButExpected', 'IncidentClassificationReasonIncorrectAlertLogic', 'IncidentClassificationReasonInaccurateData' + // ClassificationReason - The classification reason the incident was closed with. Possible values include: 'IncidentClassificationReasonSuspiciousActivity', 'IncidentClassificationReasonSuspiciousButExpected', 'IncidentClassificationReasonIncorrectAlertLogic', 'IncidentClassificationReasonInaccurateData' ClassificationReason IncidentClassificationReason `json:"classificationReason,omitempty"` // Labels - List of labels to add to the incident Labels *[]IncidentLabel `json:"labels,omitempty"` @@ -3275,9 +4019,17 @@ func (artl *AutomationRuleTriggeringLogic) UnmarshalJSON(body []byte) error { return nil } +// Availability connector Availability Status +type Availability struct { + // Status - The connector Availability Status + Status *int32 `json:"status,omitempty"` + // IsPreview - Set connector as preview + IsPreview *bool `json:"isPreview,omitempty"` +} + // AwsCloudTrailCheckRequirements amazon Web Services CloudTrail requirements check request. type AwsCloudTrailCheckRequirements struct { - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` } @@ -3301,16 +4053,6 @@ func (actcr AwsCloudTrailCheckRequirements) AsAATPCheckRequirements() (*AATPChec return nil, false } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements. -func (actcr AwsCloudTrailCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return nil, false -} - -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements. -func (actcr AwsCloudTrailCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false -} - // AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements. func (actcr AwsCloudTrailCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false @@ -3321,6 +4063,11 @@ func (actcr AwsCloudTrailCheckRequirements) AsAwsCloudTrailCheckRequirements() ( return &actcr, true } +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements. +func (actcr AwsCloudTrailCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { + return nil, false +} + // AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements. func (actcr AwsCloudTrailCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false @@ -3336,11 +4083,26 @@ func (actcr AwsCloudTrailCheckRequirements) AsMDATPCheckRequirements() (*MDATPCh return nil, false } +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements. +func (actcr AwsCloudTrailCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { + return nil, false +} + +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements. +func (actcr AwsCloudTrailCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { + return nil, false +} + // AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements. func (actcr AwsCloudTrailCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements. +func (actcr AwsCloudTrailCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { + return nil, false +} + // AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsCloudTrailCheckRequirements. func (actcr AwsCloudTrailCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return nil, false @@ -3365,16 +4127,18 @@ func (actcr AwsCloudTrailCheckRequirements) AsBasicDataConnectorsCheckRequiremen type AwsCloudTrailDataConnector struct { // AwsCloudTrailDataConnectorProperties - Amazon Web Services CloudTrail data connector properties. *AwsCloudTrailDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for AwsCloudTrailDataConnector. @@ -3384,13 +4148,13 @@ func (actdc AwsCloudTrailDataConnector) MarshalJSON() ([]byte, error) { if actdc.AwsCloudTrailDataConnectorProperties != nil { objectMap["properties"] = actdc.AwsCloudTrailDataConnectorProperties } - if actdc.Etag != nil { - objectMap["etag"] = actdc.Etag - } if actdc.Kind != "" { objectMap["kind"] = actdc.Kind } - return json.Marshal(objectMap) + if actdc.Etag != nil { + objectMap["etag"] = actdc.Etag + } + return json.Marshal(objectMap) } // AsAADDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. @@ -3398,11 +4162,6 @@ func (actdc AwsCloudTrailDataConnector) AsAADDataConnector() (*AADDataConnector, return nil, false } -// AsAATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. -func (actdc AwsCloudTrailDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - // AsMSTIDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. func (actdc AwsCloudTrailDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false @@ -3413,6 +4172,11 @@ func (actdc AwsCloudTrailDataConnector) AsMTPDataConnector() (*MTPDataConnector, return nil, false } +// AsAATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. +func (actdc AwsCloudTrailDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false +} + // AsASCDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. func (actdc AwsCloudTrailDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false @@ -3423,8 +4187,8 @@ func (actdc AwsCloudTrailDataConnector) AsAwsCloudTrailDataConnector() (*AwsClou return &actdc, true } -// AsDynamics365DataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. -func (actdc AwsCloudTrailDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. +func (actdc AwsCloudTrailDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } @@ -3433,8 +4197,8 @@ func (actdc AwsCloudTrailDataConnector) AsMCASDataConnector() (*MCASDataConnecto return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. -func (actdc AwsCloudTrailDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. +func (actdc AwsCloudTrailDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } @@ -3443,6 +4207,16 @@ func (actdc AwsCloudTrailDataConnector) AsOfficeATPDataConnector() (*OfficeATPDa return nil, false } +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. +func (actdc AwsCloudTrailDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. +func (actdc AwsCloudTrailDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + // AsOfficeDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. func (actdc AwsCloudTrailDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false @@ -3458,6 +4232,16 @@ func (actdc AwsCloudTrailDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataCo return nil, false } +// AsCodelessUIDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. +func (actdc AwsCloudTrailDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return nil, false +} + +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. +func (actdc AwsCloudTrailDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return nil, false +} + // AsDataConnector is the BasicDataConnector implementation for AwsCloudTrailDataConnector. func (actdc AwsCloudTrailDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false @@ -3486,6 +4270,24 @@ func (actdc *AwsCloudTrailDataConnector) UnmarshalJSON(body []byte) error { } actdc.AwsCloudTrailDataConnectorProperties = &awsCloudTrailDataConnectorProperties } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + actdc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + actdc.Etag = &etag + } case "id": if v != nil { var ID string @@ -3513,23 +4315,14 @@ func (actdc *AwsCloudTrailDataConnector) UnmarshalJSON(body []byte) error { } actdc.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - actdc.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - actdc.Kind = kind + actdc.SystemData = &systemData } } } @@ -3558,150 +4351,233 @@ type AwsCloudTrailDataConnectorProperties struct { DataTypes *AwsCloudTrailDataConnectorDataTypes `json:"dataTypes,omitempty"` } -// AzureResourceEntity represents an azure resource entity. -type AzureResourceEntity struct { - // AzureResourceEntityProperties - AzureResource entity properties - *AzureResourceEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` +// AwsS3CheckRequirements amazon Web Services S3 requirements check request. +type AwsS3CheckRequirements struct { + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for AzureResourceEntity. -func (are AzureResourceEntity) MarshalJSON() ([]byte, error) { - are.Kind = KindBasicEntityKindAzureResource +// MarshalJSON is the custom marshaler for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) MarshalJSON() ([]byte, error) { + ascr.Kind = KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3 objectMap := make(map[string]interface{}) - if are.AzureResourceEntityProperties != nil { - objectMap["properties"] = are.AzureResourceEntityProperties - } - if are.Kind != "" { - objectMap["kind"] = are.Kind + if ascr.Kind != "" { + objectMap["kind"] = ascr.Kind } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return &are, true +// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { + return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsFileEntity() (*FileEntity, bool) { +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { + return &ascr, true +} + +// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsHostEntity() (*HostEntity, bool) { +// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsIPEntity() (*IPEntity, bool) { +// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } -// AsMailboxEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsMailboxEntity() (*MailboxEntity, bool) { +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for AwsS3CheckRequirements. +func (ascr AwsS3CheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { + return &ascr, true +} + +// AwsS3DataConnector represents Amazon Web Services S3 data connector. +type AwsS3DataConnector struct { + // AwsS3DataConnectorProperties - Amazon Web Services S3 data connector properties. + *AwsS3DataConnectorProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for AwsS3DataConnector. +func (asdc AwsS3DataConnector) MarshalJSON() ([]byte, error) { + asdc.Kind = KindBasicDataConnectorKindAmazonWebServicesS3 + objectMap := make(map[string]interface{}) + if asdc.AwsS3DataConnectorProperties != nil { + objectMap["properties"] = asdc.AwsS3DataConnectorProperties + } + if asdc.Kind != "" { + objectMap["kind"] = asdc.Kind + } + if asdc.Etag != nil { + objectMap["etag"] = asdc.Etag + } + return json.Marshal(objectMap) +} + +// AsAADDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsMSTIDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsMTPDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsAATPDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsASCDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsURLEntity() (*URLEntity, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { + return &asdc, true +} + +// AsMCASDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsEntity() (*Entity, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsBasicEntity() (BasicEntity, bool) { - return &are, true +// AsOfficeATPDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for AzureResourceEntity struct. -func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error { +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + +// AsOfficeDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { + return nil, false +} + +// AsTIDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsTIDataConnector() (*TIDataConnector, bool) { + return nil, false +} + +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { + return nil, false +} + +// AsCodelessUIDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return nil, false +} + +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return nil, false +} + +// AsDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsDataConnector() (*DataConnector, bool) { + return nil, false +} + +// AsBasicDataConnector is the BasicDataConnector implementation for AwsS3DataConnector. +func (asdc AwsS3DataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &asdc, true +} + +// UnmarshalJSON is the custom unmarshaler for AwsS3DataConnector struct. +func (asdc *AwsS3DataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -3711,12 +4587,30 @@ func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var azureResourceEntityProperties AzureResourceEntityProperties - err = json.Unmarshal(*v, &azureResourceEntityProperties) + var awsS3DataConnectorProperties AwsS3DataConnectorProperties + err = json.Unmarshal(*v, &awsS3DataConnectorProperties) if err != nil { return err } - are.AzureResourceEntityProperties = &azureResourceEntityProperties + asdc.AwsS3DataConnectorProperties = &awsS3DataConnectorProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + asdc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + asdc.Etag = &etag } case "id": if v != nil { @@ -3725,7 +4619,7 @@ func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - are.ID = &ID + asdc.ID = &ID } case "name": if v != nil { @@ -3734,7 +4628,7 @@ func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - are.Name = &name + asdc.Name = &name } case "type": if v != nil { @@ -3743,16 +4637,16 @@ func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - are.Type = &typeVar + asdc.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - are.Kind = kind + asdc.SystemData = &systemData } } } @@ -3760,68 +4654,220 @@ func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error { return nil } -// AzureResourceEntityProperties azureResource entity property bag. -type AzureResourceEntityProperties struct { - // ResourceID - READ-ONLY; The azure resource id of the resource - ResourceID *string `json:"resourceId,omitempty"` - // SubscriptionID - READ-ONLY; The subscription id of the resource - SubscriptionID *string `json:"subscriptionId,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` +// AwsS3DataConnectorDataTypes the available data types for Amazon Web Services S3 data connector. +type AwsS3DataConnectorDataTypes struct { + // Logs - Logs data type. + Logs *AwsS3DataConnectorDataTypesLogs `json:"logs,omitempty"` } -// MarshalJSON is the custom marshaler for AzureResourceEntityProperties. -func (arep AzureResourceEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// AwsS3DataConnectorDataTypesLogs logs data type. +type AwsS3DataConnectorDataTypesLogs struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' + State DataTypeState `json:"state,omitempty"` } -// Bookmark represents a bookmark in Azure Security Insights. -type Bookmark struct { - autorest.Response `json:"-"` - // BookmarkProperties - Bookmark properties - *BookmarkProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// AwsS3DataConnectorProperties amazon Web Services S3 data connector properties. +type AwsS3DataConnectorProperties struct { + // DestinationTable - The logs destination table name in LogAnalytics. + DestinationTable *string `json:"destinationTable,omitempty"` + // SqsUrls - The AWS sqs urls for the connector. + SqsUrls *[]string `json:"sqsUrls,omitempty"` + // RoleArn - The Aws Role Arn that is used to access the Aws account. + RoleArn *string `json:"roleArn,omitempty"` + // DataTypes - The available data types for the connector. + DataTypes *AwsS3DataConnectorDataTypes `json:"dataTypes,omitempty"` +} + +// AzureEntityResource the resource model definition for an Azure Resource Manager resource with an etag. +type AzureEntityResource struct { + // Etag - READ-ONLY; Resource Etag. + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for Bookmark. -func (b Bookmark) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for AzureEntityResource. +func (aer AzureEntityResource) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if b.BookmarkProperties != nil { - objectMap["properties"] = b.BookmarkProperties - } - if b.Etag != nil { - objectMap["etag"] = b.Etag - } return json.Marshal(objectMap) } -// UnmarshalJSON is the custom unmarshaler for Bookmark struct. -func (b *Bookmark) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var bookmarkProperties BookmarkProperties - err = json.Unmarshal(*v, &bookmarkProperties) +// AzureResourceEntity represents an azure resource entity. +type AzureResourceEntity struct { + // AzureResourceEntityProperties - AzureResource entity properties + *AzureResourceEntityProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for AzureResourceEntity. +func (are AzureResourceEntity) MarshalJSON() ([]byte, error) { + are.Kind = KindBasicEntityKindAzureResource + objectMap := make(map[string]interface{}) + if are.AzureResourceEntityProperties != nil { + objectMap["properties"] = are.AzureResourceEntityProperties + } + if are.Kind != "" { + objectMap["kind"] = are.Kind + } + return json.Marshal(objectMap) +} + +// AsURLEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsURLEntity() (*URLEntity, bool) { + return nil, false +} + +// AsSubmissionMailEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { + return nil, false +} + +// AsSecurityGroupEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { + return nil, false +} + +// AsSecurityAlert is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsSecurityAlert() (*SecurityAlert, bool) { + return nil, false +} + +// AsRegistryValueEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { + return nil, false +} + +// AsRegistryKeyEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { + return nil, false +} + +// AsProcessEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsProcessEntity() (*ProcessEntity, bool) { + return nil, false +} + +// AsMalwareEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsMalwareEntity() (*MalwareEntity, bool) { + return nil, false +} + +// AsMailMessageEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { + return nil, false +} + +// AsMailClusterEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { + return nil, false +} + +// AsMailboxEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsMailboxEntity() (*MailboxEntity, bool) { + return nil, false +} + +// AsIPEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsIPEntity() (*IPEntity, bool) { + return nil, false +} + +// AsIoTDeviceEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { + return nil, false +} + +// AsHuntingBookmark is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { + return nil, false +} + +// AsHostEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsHostEntity() (*HostEntity, bool) { + return nil, false +} + +// AsFileHashEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsFileHashEntity() (*FileHashEntity, bool) { + return nil, false +} + +// AsFileEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsFileEntity() (*FileEntity, bool) { + return nil, false +} + +// AsDNSEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsDNSEntity() (*DNSEntity, bool) { + return nil, false +} + +// AsCloudApplicationEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { + return nil, false +} + +// AsAzureResourceEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { + return &are, true +} + +// AsAccountEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsAccountEntity() (*AccountEntity, bool) { + return nil, false +} + +// AsEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsEntity() (*Entity, bool) { + return nil, false +} + +// AsBasicEntity is the BasicEntity implementation for AzureResourceEntity. +func (are AzureResourceEntity) AsBasicEntity() (BasicEntity, bool) { + return &are, true +} + +// UnmarshalJSON is the custom unmarshaler for AzureResourceEntity struct. +func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var azureResourceEntityProperties AzureResourceEntityProperties + err = json.Unmarshal(*v, &azureResourceEntityProperties) if err != nil { return err } - b.BookmarkProperties = &bookmarkProperties + are.AzureResourceEntityProperties = &azureResourceEntityProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + are.Kind = kind } case "id": if v != nil { @@ -3830,7 +4876,7 @@ func (b *Bookmark) UnmarshalJSON(body []byte) error { if err != nil { return err } - b.ID = &ID + are.ID = &ID } case "name": if v != nil { @@ -3839,7 +4885,7 @@ func (b *Bookmark) UnmarshalJSON(body []byte) error { if err != nil { return err } - b.Name = &name + are.Name = &name } case "type": if v != nil { @@ -3848,16 +4894,16 @@ func (b *Bookmark) UnmarshalJSON(body []byte) error { if err != nil { return err } - b.Type = &typeVar + are.Type = &typeVar } - case "etag": + case "systemData": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - b.Etag = &etag + are.SystemData = &systemData } } } @@ -3865,35 +4911,55 @@ func (b *Bookmark) UnmarshalJSON(body []byte) error { return nil } -// BookmarkExpandParameters the parameters required to execute an expand operation on the given bookmark. -type BookmarkExpandParameters struct { - // EndTime - The end date filter, so the only expansion results returned are before this date. - EndTime *date.Time `json:"endTime,omitempty"` - // ExpansionID - The Id of the expansion to perform. - ExpansionID *uuid.UUID `json:"expansionId,omitempty"` - // StartTime - The start date filter, so the only expansion results returned are after this date. - StartTime *date.Time `json:"startTime,omitempty"` +// AzureResourceEntityProperties azureResource entity property bag. +type AzureResourceEntityProperties struct { + // ResourceID - READ-ONLY; The azure resource id of the resource + ResourceID *string `json:"resourceId,omitempty"` + // SubscriptionID - READ-ONLY; The subscription id of the resource + SubscriptionID *string `json:"subscriptionId,omitempty"` + // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` + // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + FriendlyName *string `json:"friendlyName,omitempty"` } -// BookmarkExpandResponse the entity expansion result operation response. -type BookmarkExpandResponse struct { +// MarshalJSON is the custom marshaler for AzureResourceEntityProperties. +func (arep AzureResourceEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) +} + +// Bookmark represents a bookmark in Azure Security Insights. +type Bookmark struct { autorest.Response `json:"-"` - // MetaData - The metadata from the expansion operation results. - MetaData *ExpansionResultsMetadata `json:"metaData,omitempty"` - // Value - The expansion result values. - Value *BookmarkExpandResponseValue `json:"value,omitempty"` + // BookmarkProperties - Bookmark properties + *BookmarkProperties `json:"properties,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// BookmarkExpandResponseValue the expansion result values. -type BookmarkExpandResponseValue struct { - // Entities - Array of the expansion result entities. - Entities *[]BasicEntity `json:"entities,omitempty"` - // Edges - Array of expansion result connected entities - Edges *[]ConnectedEntity `json:"edges,omitempty"` +// MarshalJSON is the custom marshaler for Bookmark. +func (b Bookmark) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if b.BookmarkProperties != nil { + objectMap["properties"] = b.BookmarkProperties + } + if b.Etag != nil { + objectMap["etag"] = b.Etag + } + return json.Marshal(objectMap) } -// UnmarshalJSON is the custom unmarshaler for BookmarkExpandResponseValue struct. -func (ber *BookmarkExpandResponseValue) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for Bookmark struct. +func (b *Bookmark) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -3901,33 +4967,129 @@ func (ber *BookmarkExpandResponseValue) UnmarshalJSON(body []byte) error { } for k, v := range m { switch k { - case "entities": + case "properties": if v != nil { - entities, err := unmarshalBasicEntityArray(*v) + var bookmarkProperties BookmarkProperties + err = json.Unmarshal(*v, &bookmarkProperties) if err != nil { return err } - ber.Entities = &entities + b.BookmarkProperties = &bookmarkProperties } - case "edges": + case "etag": if v != nil { - var edges []ConnectedEntity - err = json.Unmarshal(*v, &edges) + var etag string + err = json.Unmarshal(*v, &etag) if err != nil { return err } - ber.Edges = &edges + b.Etag = &etag } - } - } - - return nil -} - -// BookmarkList list all the bookmarks. -type BookmarkList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of cases. + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + b.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + b.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + b.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + b.SystemData = &systemData + } + } + } + + return nil +} + +// BookmarkExpandParameters the parameters required to execute an expand operation on the given bookmark. +type BookmarkExpandParameters struct { + // EndTime - The end date filter, so the only expansion results returned are before this date. + EndTime *date.Time `json:"endTime,omitempty"` + // ExpansionID - The Id of the expansion to perform. + ExpansionID *uuid.UUID `json:"expansionId,omitempty"` + // StartTime - The start date filter, so the only expansion results returned are after this date. + StartTime *date.Time `json:"startTime,omitempty"` +} + +// BookmarkExpandResponse the entity expansion result operation response. +type BookmarkExpandResponse struct { + autorest.Response `json:"-"` + // MetaData - The metadata from the expansion operation results. + MetaData *ExpansionResultsMetadata `json:"metaData,omitempty"` + // Value - The expansion result values. + Value *BookmarkExpandResponseValue `json:"value,omitempty"` +} + +// BookmarkExpandResponseValue the expansion result values. +type BookmarkExpandResponseValue struct { + // Entities - Array of the expansion result entities. + Entities *[]BasicEntity `json:"entities,omitempty"` + // Edges - Array of expansion result connected entities + Edges *[]ConnectedEntity `json:"edges,omitempty"` +} + +// UnmarshalJSON is the custom unmarshaler for BookmarkExpandResponseValue struct. +func (ber *BookmarkExpandResponseValue) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "entities": + if v != nil { + entities, err := unmarshalBasicEntityArray(*v) + if err != nil { + return err + } + ber.Entities = &entities + } + case "edges": + if v != nil { + var edges []ConnectedEntity + err = json.Unmarshal(*v, &edges) + if err != nil { + return err + } + ber.Edges = &edges + } + } + } + + return nil +} + +// BookmarkList list all the bookmarks. +type BookmarkList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of cases. NextLink *string `json:"nextLink,omitempty"` // Value - Array of bookmarks. Value *[]Bookmark `json:"value,omitempty"` @@ -4132,7 +5294,7 @@ type BookmarkTimelineItem struct { Notes *string `json:"notes,omitempty"` // EndTimeUtc - The bookmark end time. EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` - // StartTimeUtc - TThe bookmark start time. + // StartTimeUtc - The bookmark start time. StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` // EventTime - The bookmark event time. EventTime *date.Time `json:"eventTime,omitempty"` @@ -4140,7 +5302,7 @@ type BookmarkTimelineItem struct { CreatedBy *UserInfo `json:"createdBy,omitempty"` // Labels - List of labels relevant to this bookmark Labels *[]string `json:"labels,omitempty"` - // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindSecurityAlert', 'KindBasicEntityTimelineItemKindBookmark' + // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindBookmark', 'KindBasicEntityTimelineItemKindSecurityAlert' Kind KindBasicEntityTimelineItem `json:"kind,omitempty"` } @@ -4183,16 +5345,16 @@ func (bti BookmarkTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, return nil, false } -// AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for BookmarkTimelineItem. -func (bti BookmarkTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) { - return nil, false -} - // AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for BookmarkTimelineItem. func (bti BookmarkTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool) { return &bti, true } +// AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for BookmarkTimelineItem. +func (bti BookmarkTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) { + return nil, false +} + // AsEntityTimelineItem is the BasicEntityTimelineItem implementation for BookmarkTimelineItem. func (bti BookmarkTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool) { return nil, false @@ -4203,630 +5365,402 @@ func (bti BookmarkTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimeline return &bti, true } -// Case represents a case in Azure Security Insights. -type Case struct { - autorest.Response `json:"-"` - // CaseProperties - Case properties - *CaseProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// ClientInfo information on the client (user or application) that made some action +type ClientInfo struct { + // Email - The email of the client. + Email *string `json:"email,omitempty"` + // Name - The name of the client. + Name *string `json:"name,omitempty"` + // ObjectID - The object id of the client. + ObjectID *uuid.UUID `json:"objectId,omitempty"` + // UserPrincipalName - The user principal name of the client. + UserPrincipalName *string `json:"userPrincipalName,omitempty"` +} + +// CloudApplicationEntity represents a cloud application entity. +type CloudApplicationEntity struct { + // CloudApplicationEntityProperties - CloudApplication entity properties + *CloudApplicationEntityProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for Case. -func (c Case) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for CloudApplicationEntity. +func (cae CloudApplicationEntity) MarshalJSON() ([]byte, error) { + cae.Kind = KindBasicEntityKindCloudApplication objectMap := make(map[string]interface{}) - if c.CaseProperties != nil { - objectMap["properties"] = c.CaseProperties + if cae.CloudApplicationEntityProperties != nil { + objectMap["properties"] = cae.CloudApplicationEntityProperties } - if c.Etag != nil { - objectMap["etag"] = c.Etag + if cae.Kind != "" { + objectMap["kind"] = cae.Kind } return json.Marshal(objectMap) } -// UnmarshalJSON is the custom unmarshaler for Case struct. -func (c *Case) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var caseProperties CaseProperties - err = json.Unmarshal(*v, &caseProperties) - if err != nil { - return err - } - c.CaseProperties = &caseProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - c.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - c.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - c.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - c.Etag = &etag - } - } - } - - return nil +// AsURLEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsURLEntity() (*URLEntity, bool) { + return nil, false } -// CaseComment represents a case comment -type CaseComment struct { - autorest.Response `json:"-"` - // CaseCommentProperties - Case comment properties - *CaseCommentProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` +// AsSubmissionMailEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for CaseComment. -func (cc CaseComment) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if cc.CaseCommentProperties != nil { - objectMap["properties"] = cc.CaseCommentProperties - } - return json.Marshal(objectMap) +// AsSecurityGroupEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for CaseComment struct. -func (cc *CaseComment) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var caseCommentProperties CaseCommentProperties - err = json.Unmarshal(*v, &caseCommentProperties) - if err != nil { - return err - } - cc.CaseCommentProperties = &caseCommentProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - cc.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - cc.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - cc.Type = &typeVar - } - } - } - - return nil +// AsSecurityAlert is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsSecurityAlert() (*SecurityAlert, bool) { + return nil, false } -// CaseCommentList list of case comments. -type CaseCommentList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of comments. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of comments. - Value *[]CaseComment `json:"value,omitempty"` +// AsRegistryValueEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for CaseCommentList. -func (ccl CaseCommentList) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if ccl.Value != nil { - objectMap["value"] = ccl.Value - } - return json.Marshal(objectMap) +// AsRegistryKeyEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { + return nil, false } -// CaseCommentListIterator provides access to a complete listing of CaseComment values. -type CaseCommentListIterator struct { - i int - page CaseCommentListPage +// AsProcessEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsProcessEntity() (*ProcessEntity, bool) { + return nil, false } -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *CaseCommentListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseCommentListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil +// AsMalwareEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsMalwareEntity() (*MalwareEntity, bool) { + return nil, false } -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *CaseCommentListIterator) Next() error { - return iter.NextWithContext(context.Background()) +// AsMailMessageEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { + return nil, false } -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter CaseCommentListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) +// AsMailClusterEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { + return nil, false } -// Response returns the raw server response from the last page request. -func (iter CaseCommentListIterator) Response() CaseCommentList { - return iter.page.Response() +// AsMailboxEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsMailboxEntity() (*MailboxEntity, bool) { + return nil, false } -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter CaseCommentListIterator) Value() CaseComment { - if !iter.page.NotDone() { - return CaseComment{} - } - return iter.page.Values()[iter.i] +// AsIPEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsIPEntity() (*IPEntity, bool) { + return nil, false } -// Creates a new instance of the CaseCommentListIterator type. -func NewCaseCommentListIterator(page CaseCommentListPage) CaseCommentListIterator { - return CaseCommentListIterator{page: page} +// AsIoTDeviceEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { + return nil, false } -// IsEmpty returns true if the ListResult contains no values. -func (ccl CaseCommentList) IsEmpty() bool { - return ccl.Value == nil || len(*ccl.Value) == 0 +// AsHuntingBookmark is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { + return nil, false } -// hasNextLink returns true if the NextLink is not empty. -func (ccl CaseCommentList) hasNextLink() bool { - return ccl.NextLink != nil && len(*ccl.NextLink) != 0 +// AsHostEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsHostEntity() (*HostEntity, bool) { + return nil, false } -// caseCommentListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (ccl CaseCommentList) caseCommentListPreparer(ctx context.Context) (*http.Request, error) { - if !ccl.hasNextLink() { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(ccl.NextLink))) +// AsFileHashEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsFileHashEntity() (*FileHashEntity, bool) { + return nil, false } -// CaseCommentListPage contains a page of CaseComment values. -type CaseCommentListPage struct { - fn func(context.Context, CaseCommentList) (CaseCommentList, error) - ccl CaseCommentList +// AsFileEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsFileEntity() (*FileEntity, bool) { + return nil, false } -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *CaseCommentListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseCommentListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - for { - next, err := page.fn(ctx, page.ccl) - if err != nil { - return err - } - page.ccl = next - if !next.hasNextLink() || !next.IsEmpty() { - break - } - } - return nil +// AsDNSEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsDNSEntity() (*DNSEntity, bool) { + return nil, false } -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *CaseCommentListPage) Next() error { - return page.NextWithContext(context.Background()) +// AsCloudApplicationEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { + return &cae, true } -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page CaseCommentListPage) NotDone() bool { - return !page.ccl.IsEmpty() +// AsAzureResourceEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { + return nil, false } -// Response returns the raw server response from the last page request. -func (page CaseCommentListPage) Response() CaseCommentList { - return page.ccl +// AsAccountEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsAccountEntity() (*AccountEntity, bool) { + return nil, false } -// Values returns the slice of values for the current page or nil if there are no values. -func (page CaseCommentListPage) Values() []CaseComment { - if page.ccl.IsEmpty() { - return nil - } - return *page.ccl.Value +// AsEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsEntity() (*Entity, bool) { + return nil, false } -// Creates a new instance of the CaseCommentListPage type. -func NewCaseCommentListPage(cur CaseCommentList, getNextPage func(context.Context, CaseCommentList) (CaseCommentList, error)) CaseCommentListPage { - return CaseCommentListPage{ - fn: getNextPage, - ccl: cur, +// AsBasicEntity is the BasicEntity implementation for CloudApplicationEntity. +func (cae CloudApplicationEntity) AsBasicEntity() (BasicEntity, bool) { + return &cae, true +} + +// UnmarshalJSON is the custom unmarshaler for CloudApplicationEntity struct. +func (cae *CloudApplicationEntity) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var cloudApplicationEntityProperties CloudApplicationEntityProperties + err = json.Unmarshal(*v, &cloudApplicationEntityProperties) + if err != nil { + return err + } + cae.CloudApplicationEntityProperties = &cloudApplicationEntityProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + cae.Kind = kind + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + cae.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + cae.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + cae.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + cae.SystemData = &systemData + } + } } + + return nil } -// CaseCommentProperties case comment property bag. -type CaseCommentProperties struct { - // CreatedTimeUtc - READ-ONLY; The time the comment was created - CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` - // Message - The comment message - Message *string `json:"message,omitempty"` - // UserInfo - READ-ONLY; Describes the user that created the comment - UserInfo *UserInfo `json:"userInfo,omitempty"` +// CloudApplicationEntityProperties cloudApplication entity property bag. +type CloudApplicationEntityProperties struct { + // AppID - READ-ONLY; The technical identifier of the application. + AppID *int32 `json:"appId,omitempty"` + // AppName - READ-ONLY; The name of the related cloud application. + AppName *string `json:"appName,omitempty"` + // InstanceName - READ-ONLY; The user defined instance name of the cloud application. It is often used to distinguish between several applications of the same type that a customer has. + InstanceName *string `json:"instanceName,omitempty"` + // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` + // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + FriendlyName *string `json:"friendlyName,omitempty"` } -// MarshalJSON is the custom marshaler for CaseCommentProperties. -func (ccp CaseCommentProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for CloudApplicationEntityProperties. +func (caep CloudApplicationEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if ccp.Message != nil { - objectMap["message"] = ccp.Message - } return json.Marshal(objectMap) } -// CaseList list all the cases. -type CaseList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of cases. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of cases. - Value *[]Case `json:"value,omitempty"` +// CloudError error response structure. +type CloudError struct { + // Error - Error data + Error *CloudErrorBody `json:"error,omitempty"` +} + +// CloudErrorBody error details. +type CloudErrorBody struct { + // Code - READ-ONLY; An identifier for the error. Codes are invariant and are intended to be consumed programmatically. + Code *string `json:"code,omitempty"` + // Message - READ-ONLY; A message describing the error, intended to be suitable for display in a user interface. + Message *string `json:"message,omitempty"` } -// MarshalJSON is the custom marshaler for CaseList. -func (cl CaseList) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for CloudErrorBody. +func (ceb CloudErrorBody) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if cl.Value != nil { - objectMap["value"] = cl.Value - } return json.Marshal(objectMap) } -// CaseListIterator provides access to a complete listing of Case values. -type CaseListIterator struct { - i int - page CaseListPage +// CodelessAPIPollingDataConnector represents Codeless API Polling data connector. +type CodelessAPIPollingDataConnector struct { + // APIPollingParameters - Codeless poling data connector properties + *APIPollingParameters `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *CaseListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() +// MarshalJSON is the custom marshaler for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) MarshalJSON() ([]byte, error) { + capdc.Kind = KindBasicDataConnectorKindAPIPolling + objectMap := make(map[string]interface{}) + if capdc.APIPollingParameters != nil { + objectMap["properties"] = capdc.APIPollingParameters } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil + if capdc.Kind != "" { + objectMap["kind"] = capdc.Kind } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err + if capdc.Etag != nil { + objectMap["etag"] = capdc.Etag } - iter.i = 0 - return nil + return json.Marshal(objectMap) } -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *CaseListIterator) Next() error { - return iter.NextWithContext(context.Background()) +// AsAADDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { + return nil, false } -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter CaseListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) +// AsMSTIDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { + return nil, false } -// Response returns the raw server response from the last page request. -func (iter CaseListIterator) Response() CaseList { - return iter.page.Response() +// AsMTPDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { + return nil, false } -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter CaseListIterator) Value() Case { - if !iter.page.NotDone() { - return Case{} - } - return iter.page.Values()[iter.i] +// AsAATPDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false } -// Creates a new instance of the CaseListIterator type. -func NewCaseListIterator(page CaseListPage) CaseListIterator { - return CaseListIterator{page: page} +// AsASCDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { + return nil, false } -// IsEmpty returns true if the ListResult contains no values. -func (cl CaseList) IsEmpty() bool { - return cl.Value == nil || len(*cl.Value) == 0 +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { + return nil, false } -// hasNextLink returns true if the NextLink is not empty. -func (cl CaseList) hasNextLink() bool { - return cl.NextLink != nil && len(*cl.NextLink) != 0 +// AsAwsS3DataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { + return nil, false } -// caseListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (cl CaseList) caseListPreparer(ctx context.Context) (*http.Request, error) { - if !cl.hasNextLink() { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(cl.NextLink))) +// AsMCASDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { + return nil, false } -// CaseListPage contains a page of Case values. -type CaseListPage struct { - fn func(context.Context, CaseList) (CaseList, error) - cl CaseList +// AsDynamics365DataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { + return nil, false } -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *CaseListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - for { - next, err := page.fn(ctx, page.cl) - if err != nil { - return err - } - page.cl = next - if !next.hasNextLink() || !next.IsEmpty() { - break - } - } - return nil +// AsOfficeATPDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { + return nil, false } -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *CaseListPage) Next() error { - return page.NextWithContext(context.Background()) +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false } -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page CaseListPage) NotDone() bool { - return !page.cl.IsEmpty() +// AsMDATPDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false } -// Response returns the raw server response from the last page request. -func (page CaseListPage) Response() CaseList { - return page.cl +// AsOfficeDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { + return nil, false } -// Values returns the slice of values for the current page or nil if there are no values. -func (page CaseListPage) Values() []Case { - if page.cl.IsEmpty() { - return nil - } - return *page.cl.Value +// AsTIDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { + return nil, false } -// Creates a new instance of the CaseListPage type. -func NewCaseListPage(cur CaseList, getNextPage func(context.Context, CaseList) (CaseList, error)) CaseListPage { - return CaseListPage{ - fn: getNextPage, - cl: cur, - } +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { + return nil, false } -// CaseProperties describes case properties -type CaseProperties struct { - // CaseNumber - READ-ONLY; a sequential number - CaseNumber *int32 `json:"caseNumber,omitempty"` - // CloseReason - The reason the case was closed. Possible values include: 'CloseReasonResolved', 'CloseReasonDismissed', 'CloseReasonTruePositive', 'CloseReasonFalsePositive', 'CloseReasonOther' - CloseReason CloseReason `json:"closeReason,omitempty"` - // ClosedReasonText - the case close reason details - ClosedReasonText *string `json:"closedReasonText,omitempty"` - // CreatedTimeUtc - READ-ONLY; The time the case was created - CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` - // Description - The description of the case - Description *string `json:"description,omitempty"` - // EndTimeUtc - The end time of the case - EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` - // Labels - List of labels relevant to this case - Labels *[]string `json:"labels,omitempty"` - // LastComment - READ-ONLY; the last comment in the case - LastComment *string `json:"lastComment,omitempty"` - // LastUpdatedTimeUtc - READ-ONLY; The last time the case was updated - LastUpdatedTimeUtc *date.Time `json:"lastUpdatedTimeUtc,omitempty"` - // Metrics - READ-ONLY; Dictionary of metrics, for example the number of alerts in the case - Metrics map[string]*int32 `json:"metrics"` - // Owner - Describes a user that the case is assigned to - Owner *UserInfo `json:"owner,omitempty"` - // RelatedAlertIds - READ-ONLY; List of related alert identifiers - RelatedAlertIds *[]string `json:"relatedAlertIds,omitempty"` - // RelatedAlertProductNames - READ-ONLY; List of related alert product names - RelatedAlertProductNames *[]string `json:"relatedAlertProductNames,omitempty"` - // Tactics - READ-ONLY; The tactics associated with case - Tactics *[]AttackTactic `json:"tactics,omitempty"` - // Severity - The severity of the case. Possible values include: 'CaseSeverityCritical', 'CaseSeverityHigh', 'CaseSeverityMedium', 'CaseSeverityLow', 'CaseSeverityInformational' - Severity CaseSeverity `json:"severity,omitempty"` - // StartTimeUtc - The start time of the case - StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` - // Status - The status of the case. Possible values include: 'CaseStatusDraft', 'CaseStatusNew', 'CaseStatusInProgress', 'CaseStatusClosed' - Status CaseStatus `json:"status,omitempty"` - // Title - The title of the case - Title *string `json:"title,omitempty"` - // TotalComments - READ-ONLY; the number of total comments in the case - TotalComments *int32 `json:"totalComments,omitempty"` +// AsCodelessUIDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for CaseProperties. -func (cp CaseProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if cp.CloseReason != "" { - objectMap["closeReason"] = cp.CloseReason - } - if cp.ClosedReasonText != nil { - objectMap["closedReasonText"] = cp.ClosedReasonText - } - if cp.Description != nil { - objectMap["description"] = cp.Description - } - if cp.EndTimeUtc != nil { - objectMap["endTimeUtc"] = cp.EndTimeUtc - } - if cp.Labels != nil { - objectMap["labels"] = cp.Labels - } - if cp.Owner != nil { - objectMap["owner"] = cp.Owner - } - if cp.Severity != "" { - objectMap["severity"] = cp.Severity - } - if cp.StartTimeUtc != nil { - objectMap["startTimeUtc"] = cp.StartTimeUtc - } - if cp.Status != "" { - objectMap["status"] = cp.Status - } - if cp.Title != nil { - objectMap["title"] = cp.Title - } - return json.Marshal(objectMap) +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return &capdc, true } -// CaseRelation represents a case relation -type CaseRelation struct { - autorest.Response `json:"-"` - // CaseRelationProperties - Case relation properties - *CaseRelationProperties `json:"properties,omitempty"` - // Kind - READ-ONLY; The type of relation node. Possible values include: 'RelationTypesCasesToBookmarks' - Kind RelationTypes `json:"kind,omitempty"` - // Etag - ETag for relation - Etag *string `json:"etag,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` +// AsDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsDataConnector() (*DataConnector, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for CaseRelation. -func (cr CaseRelation) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if cr.CaseRelationProperties != nil { - objectMap["properties"] = cr.CaseRelationProperties - } - if cr.Etag != nil { - objectMap["etag"] = cr.Etag - } - return json.Marshal(objectMap) +// AsBasicDataConnector is the BasicDataConnector implementation for CodelessAPIPollingDataConnector. +func (capdc CodelessAPIPollingDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &capdc, true } -// UnmarshalJSON is the custom unmarshaler for CaseRelation struct. -func (cr *CaseRelation) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for CodelessAPIPollingDataConnector struct. +func (capdc *CodelessAPIPollingDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -4836,21 +5770,21 @@ func (cr *CaseRelation) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var caseRelationProperties CaseRelationProperties - err = json.Unmarshal(*v, &caseRelationProperties) + var APIPollingParameters APIPollingParameters + err = json.Unmarshal(*v, &APIPollingParameters) if err != nil { return err } - cr.CaseRelationProperties = &caseRelationProperties + capdc.APIPollingParameters = &APIPollingParameters } case "kind": if v != nil { - var kind RelationTypes + var kind KindBasicDataConnector err = json.Unmarshal(*v, &kind) if err != nil { return err } - cr.Kind = kind + capdc.Kind = kind } case "etag": if v != nil { @@ -4859,7 +5793,7 @@ func (cr *CaseRelation) UnmarshalJSON(body []byte) error { if err != nil { return err } - cr.Etag = &etag + capdc.Etag = &etag } case "id": if v != nil { @@ -4868,7 +5802,7 @@ func (cr *CaseRelation) UnmarshalJSON(body []byte) error { if err != nil { return err } - cr.ID = &ID + capdc.ID = &ID } case "name": if v != nil { @@ -4877,7 +5811,7 @@ func (cr *CaseRelation) UnmarshalJSON(body []byte) error { if err != nil { return err } - cr.Name = &name + capdc.Name = &name } case "type": if v != nil { @@ -4886,7 +5820,16 @@ func (cr *CaseRelation) UnmarshalJSON(body []byte) error { if err != nil { return err } - cr.Type = &typeVar + capdc.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + capdc.SystemData = &systemData } } } @@ -4894,230 +5837,323 @@ func (cr *CaseRelation) UnmarshalJSON(body []byte) error { return nil } -// CaseRelationList list of case relations. -type CaseRelationList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of relations. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of relations. - Value *[]CaseRelation `json:"value,omitempty"` +// CodelessConnectorPollingAuthProperties describe the authentication properties needed to successfully +// authenticate with the server +type CodelessConnectorPollingAuthProperties struct { + // AuthType - The authentication type + AuthType *string `json:"authType,omitempty"` + // APIKeyName - The header name which the token is sent with + APIKeyName *string `json:"apiKeyName,omitempty"` + // APIKeyIdentifier - A prefix send in the header before the actual token + APIKeyIdentifier *string `json:"apiKeyIdentifier,omitempty"` + // IsAPIKeyInPostPayload - Marks if the key should sent in header + IsAPIKeyInPostPayload *string `json:"isApiKeyInPostPayload,omitempty"` + // FlowName - Describes the flow name, for example 'AuthCode' for Oauth 2.0 + FlowName *string `json:"flowName,omitempty"` + // TokenEndpoint - The endpoint used to issue a token, used in Oauth 2.0 flow + TokenEndpoint *string `json:"tokenEndpoint,omitempty"` + // AuthorizationEndpoint - The endpoint used to authorize the user, used in Oauth 2.0 flow + AuthorizationEndpoint *string `json:"authorizationEndpoint,omitempty"` + // AuthorizationEndpointQueryParameters - The query parameters used in authorization request, used in Oauth 2.0 flow + AuthorizationEndpointQueryParameters interface{} `json:"authorizationEndpointQueryParameters,omitempty"` + // RedirectionEndpoint - The redirect endpoint where we will get the authorization code, used in Oauth 2.0 flow + RedirectionEndpoint *string `json:"redirectionEndpoint,omitempty"` + // TokenEndpointHeaders - The query headers used in token request, used in Oauth 2.0 flow + TokenEndpointHeaders interface{} `json:"tokenEndpointHeaders,omitempty"` + // TokenEndpointQueryParameters - The query parameters used in token request, used in Oauth 2.0 flow + TokenEndpointQueryParameters interface{} `json:"tokenEndpointQueryParameters,omitempty"` + // IsClientSecretInHeader - Marks if we should send the client secret in header or payload, used in Oauth 2.0 flow + IsClientSecretInHeader *bool `json:"isClientSecretInHeader,omitempty"` + // Scope - The OAuth token scope + Scope *string `json:"scope,omitempty"` +} + +// CodelessConnectorPollingConfigProperties config to describe the polling config for API poller connector +type CodelessConnectorPollingConfigProperties struct { + // IsActive - The poller active status + IsActive *bool `json:"isActive,omitempty"` + // Auth - Describe the authentication type of the poller + Auth *CodelessConnectorPollingAuthProperties `json:"auth,omitempty"` + // Request - Describe the poll request config parameters of the poller + Request *CodelessConnectorPollingRequestProperties `json:"request,omitempty"` + // Paging - Describe the poll request paging config of the poller + Paging *CodelessConnectorPollingPagingProperties `json:"paging,omitempty"` + // Response - Describe the response config parameters of the poller + Response *CodelessConnectorPollingResponseProperties `json:"response,omitempty"` +} + +// CodelessConnectorPollingPagingProperties describe the properties needed to make a pagination call +type CodelessConnectorPollingPagingProperties struct { + // PagingType - Describes the type. could be 'None', 'PageToken', 'PageCount', 'TimeStamp' + PagingType *string `json:"pagingType,omitempty"` + // NextPageParaName - Defines the name of a next page attribute + NextPageParaName *string `json:"nextPageParaName,omitempty"` + // NextPageTokenJSONPath - Defines the path to a next page token JSON + NextPageTokenJSONPath *string `json:"nextPageTokenJsonPath,omitempty"` + // PageCountAttributePath - Defines the path to a page count attribute + PageCountAttributePath *string `json:"pageCountAttributePath,omitempty"` + // PageTotalCountAttributePath - Defines the path to a page total count attribute + PageTotalCountAttributePath *string `json:"pageTotalCountAttributePath,omitempty"` + // PageTimeStampAttributePath - Defines the path to a paging time stamp attribute + PageTimeStampAttributePath *string `json:"pageTimeStampAttributePath,omitempty"` + // SearchTheLatestTimeStampFromEventsList - Determines whether to search for the latest time stamp in the events list + SearchTheLatestTimeStampFromEventsList *string `json:"searchTheLatestTimeStampFromEventsList,omitempty"` + // PageSizeParaName - Defines the name of the page size parameter + PageSizeParaName *string `json:"pageSizeParaName,omitempty"` + // PageSize - Defines the paging size + PageSize *int32 `json:"pageSize,omitempty"` } -// MarshalJSON is the custom marshaler for CaseRelationList. -func (crl CaseRelationList) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if crl.Value != nil { - objectMap["value"] = crl.Value - } - return json.Marshal(objectMap) +// CodelessConnectorPollingRequestProperties describe the request properties needed to successfully pull +// from the server +type CodelessConnectorPollingRequestProperties struct { + // APIEndpoint - Describe the endpoint we should pull the data from + APIEndpoint *string `json:"apiEndpoint,omitempty"` + // RateLimitQPS - Defines the rate limit QPS + RateLimitQPS *int32 `json:"rateLimitQps,omitempty"` + // QueryWindowInMin - The window interval we will use the pull the data + QueryWindowInMin *int32 `json:"queryWindowInMin,omitempty"` + // HTTPMethod - The http method type we will use in the poll request, GET or POST + HTTPMethod *string `json:"httpMethod,omitempty"` + // QueryTimeFormat - The time format will be used the query events in a specific window + QueryTimeFormat *string `json:"queryTimeFormat,omitempty"` + // RetryCount - Describe the amount of time we should try and poll the data in case of failure + RetryCount *int32 `json:"retryCount,omitempty"` + // TimeoutInSeconds - The number of seconds we will consider as a request timeout + TimeoutInSeconds *int32 `json:"timeoutInSeconds,omitempty"` + // Headers - Describe the headers sent in the poll request + Headers interface{} `json:"headers,omitempty"` + // QueryParameters - Describe the query parameters sent in the poll request + QueryParameters interface{} `json:"queryParameters,omitempty"` + // QueryParametersTemplate - For advanced scenarios for example user name/password embedded in nested JSON payload + QueryParametersTemplate *string `json:"queryParametersTemplate,omitempty"` + // StartTimeAttributeName - This will be used the query events from a start of the time window + StartTimeAttributeName *string `json:"startTimeAttributeName,omitempty"` + // EndTimeAttributeName - This will be used the query events from the end of the time window + EndTimeAttributeName *string `json:"endTimeAttributeName,omitempty"` +} + +// CodelessConnectorPollingResponseProperties describes the response from the external server +type CodelessConnectorPollingResponseProperties struct { + // EventsJSONPaths - Describes the path we should extract the data in the response + EventsJSONPaths *[]string `json:"eventsJsonPaths,omitempty"` + // SuccessStatusJSONPath - Describes the path we should extract the status code in the response + SuccessStatusJSONPath *string `json:"successStatusJsonPath,omitempty"` + // SuccessStatusValue - Describes the path we should extract the status value in the response + SuccessStatusValue *string `json:"successStatusValue,omitempty"` + // IsGzipCompressed - Describes if the data in the response is Gzip + IsGzipCompressed *bool `json:"isGzipCompressed,omitempty"` +} + +// CodelessParameters represents Codeless UI data connector +type CodelessParameters struct { + // ConnectorUIConfig - Config to describe the instructions blade + ConnectorUIConfig *CodelessUIConnectorConfigProperties `json:"connectorUiConfig,omitempty"` +} + +// CodelessUIConnectorConfigProperties config to describe the instructions blade +type CodelessUIConnectorConfigProperties struct { + // Title - Connector blade title + Title *string `json:"title,omitempty"` + // Publisher - Connector publisher name + Publisher *string `json:"publisher,omitempty"` + // DescriptionMarkdown - Connector description + DescriptionMarkdown *string `json:"descriptionMarkdown,omitempty"` + // CustomImage - An optional custom image to be used when displaying the connector within Azure Sentinel's connector's gallery + CustomImage *string `json:"customImage,omitempty"` + // GraphQueriesTableName - Name of the table the connector will insert the data to + GraphQueriesTableName *string `json:"graphQueriesTableName,omitempty"` + // GraphQueries - The graph query to show the current data status + GraphQueries *[]CodelessUIConnectorConfigPropertiesGraphQueriesItem `json:"graphQueries,omitempty"` + // SampleQueries - The sample queries for the connector + SampleQueries *[]CodelessUIConnectorConfigPropertiesSampleQueriesItem `json:"sampleQueries,omitempty"` + // DataTypes - Data types to check for last data received + DataTypes *[]CodelessUIConnectorConfigPropertiesDataTypesItem `json:"dataTypes,omitempty"` + // ConnectivityCriteria - Define the way the connector check connectivity + ConnectivityCriteria *[]CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem `json:"connectivityCriteria,omitempty"` + // Availability - Connector Availability Status + Availability *Availability `json:"availability,omitempty"` + // Permissions - Permissions required for the connector + Permissions *Permissions `json:"permissions,omitempty"` + // InstructionSteps - Instruction steps to enable the connector + InstructionSteps *[]CodelessUIConnectorConfigPropertiesInstructionStepsItem `json:"instructionSteps,omitempty"` +} + +// CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem ... +type CodelessUIConnectorConfigPropertiesConnectivityCriteriaItem struct { + // Type - type of connectivity. Possible values include: 'ConnectivityTypeIsConnectedQuery' + Type ConnectivityType `json:"type,omitempty"` + // Value - Queries for checking connectivity + Value *[]string `json:"value,omitempty"` +} + +// CodelessUIConnectorConfigPropertiesDataTypesItem ... +type CodelessUIConnectorConfigPropertiesDataTypesItem struct { + // Name - Name of the data type to show in the graph. can be use with {{graphQueriesTableName}} placeholder + Name *string `json:"name,omitempty"` + // LastDataReceivedQuery - Query for indicate last data received + LastDataReceivedQuery *string `json:"lastDataReceivedQuery,omitempty"` } -// CaseRelationListIterator provides access to a complete listing of CaseRelation values. -type CaseRelationListIterator struct { - i int - page CaseRelationListPage +// CodelessUIConnectorConfigPropertiesGraphQueriesItem ... +type CodelessUIConnectorConfigPropertiesGraphQueriesItem struct { + // MetricName - the metric that the query is checking + MetricName *string `json:"metricName,omitempty"` + // Legend - The legend for the graph + Legend *string `json:"legend,omitempty"` + // BaseQuery - The base query for the graph + BaseQuery *string `json:"baseQuery,omitempty"` } -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *CaseRelationListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() +// CodelessUIConnectorConfigPropertiesInstructionStepsItem ... +type CodelessUIConnectorConfigPropertiesInstructionStepsItem struct { + // Title - Instruction step title + Title *string `json:"title,omitempty"` + // Description - Instruction step description + Description *string `json:"description,omitempty"` + // Instructions - Instruction step details + Instructions *[]InstructionStepsInstructionsItem `json:"instructions,omitempty"` +} + +// CodelessUIConnectorConfigPropertiesSampleQueriesItem ... +type CodelessUIConnectorConfigPropertiesSampleQueriesItem struct { + // Description - The sample query description + Description *string `json:"description,omitempty"` + // Query - the sample query + Query *string `json:"query,omitempty"` +} + +// CodelessUIDataConnector represents Codeless UI data connector. +type CodelessUIDataConnector struct { + // CodelessParameters - Codeless UI data connector properties + *CodelessParameters `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) MarshalJSON() ([]byte, error) { + cudc.Kind = KindBasicDataConnectorKindGenericUI + objectMap := make(map[string]interface{}) + if cudc.CodelessParameters != nil { + objectMap["properties"] = cudc.CodelessParameters } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil + if cudc.Kind != "" { + objectMap["kind"] = cudc.Kind } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err + if cudc.Etag != nil { + objectMap["etag"] = cudc.Etag } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *CaseRelationListIterator) Next() error { - return iter.NextWithContext(context.Background()) + return json.Marshal(objectMap) } -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter CaseRelationListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) +// AsAADDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { + return nil, false } -// Response returns the raw server response from the last page request. -func (iter CaseRelationListIterator) Response() CaseRelationList { - return iter.page.Response() +// AsMSTIDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { + return nil, false } -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter CaseRelationListIterator) Value() CaseRelation { - if !iter.page.NotDone() { - return CaseRelation{} - } - return iter.page.Values()[iter.i] +// AsMTPDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { + return nil, false } -// Creates a new instance of the CaseRelationListIterator type. -func NewCaseRelationListIterator(page CaseRelationListPage) CaseRelationListIterator { - return CaseRelationListIterator{page: page} +// AsAATPDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false } -// IsEmpty returns true if the ListResult contains no values. -func (crl CaseRelationList) IsEmpty() bool { - return crl.Value == nil || len(*crl.Value) == 0 +// AsASCDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { + return nil, false } -// hasNextLink returns true if the NextLink is not empty. -func (crl CaseRelationList) hasNextLink() bool { - return crl.NextLink != nil && len(*crl.NextLink) != 0 +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { + return nil, false } -// caseRelationListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (crl CaseRelationList) caseRelationListPreparer(ctx context.Context) (*http.Request, error) { - if !crl.hasNextLink() { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(crl.NextLink))) +// AsAwsS3DataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { + return nil, false } -// CaseRelationListPage contains a page of CaseRelation values. -type CaseRelationListPage struct { - fn func(context.Context, CaseRelationList) (CaseRelationList, error) - crl CaseRelationList +// AsMCASDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { + return nil, false } -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *CaseRelationListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - for { - next, err := page.fn(ctx, page.crl) - if err != nil { - return err - } - page.crl = next - if !next.hasNextLink() || !next.IsEmpty() { - break - } - } - return nil +// AsDynamics365DataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { + return nil, false } -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *CaseRelationListPage) Next() error { - return page.NextWithContext(context.Background()) +// AsOfficeATPDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { + return nil, false } -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page CaseRelationListPage) NotDone() bool { - return !page.crl.IsEmpty() +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false } -// Response returns the raw server response from the last page request. -func (page CaseRelationListPage) Response() CaseRelationList { - return page.crl +// AsMDATPDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false } -// Values returns the slice of values for the current page or nil if there are no values. -func (page CaseRelationListPage) Values() []CaseRelation { - if page.crl.IsEmpty() { - return nil - } - return *page.crl.Value +// AsOfficeDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { + return nil, false } -// Creates a new instance of the CaseRelationListPage type. -func NewCaseRelationListPage(cur CaseRelationList, getNextPage func(context.Context, CaseRelationList) (CaseRelationList, error)) CaseRelationListPage { - return CaseRelationListPage{ - fn: getNextPage, - crl: cur, - } +// AsTIDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { + return nil, false } -// CaseRelationProperties case relation properties -type CaseRelationProperties struct { - // RelationName - Name of relation - RelationName *string `json:"relationName,omitempty"` - // BookmarkID - The case related bookmark id - BookmarkID *string `json:"bookmarkId,omitempty"` - // CaseIdentifier - The case identifier - CaseIdentifier *string `json:"caseIdentifier,omitempty"` - // BookmarkName - The case related bookmark name - BookmarkName *string `json:"bookmarkName,omitempty"` -} - -// CasesAggregation represents aggregations results for cases. -type CasesAggregation struct { - // CasesAggregationProperties - Properties of aggregations results of cases. - *CasesAggregationProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindAggregations', 'KindCasesAggregation' - Kind Kind `json:"kind,omitempty"` +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for CasesAggregation. -func (ca CasesAggregation) MarshalJSON() ([]byte, error) { - ca.Kind = KindCasesAggregation - objectMap := make(map[string]interface{}) - if ca.CasesAggregationProperties != nil { - objectMap["properties"] = ca.CasesAggregationProperties - } - if ca.Kind != "" { - objectMap["kind"] = ca.Kind - } - return json.Marshal(objectMap) +// AsCodelessUIDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return &cudc, true } -// AsCasesAggregation is the BasicAggregations implementation for CasesAggregation. -func (ca CasesAggregation) AsCasesAggregation() (*CasesAggregation, bool) { - return &ca, true +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return nil, false } -// AsAggregations is the BasicAggregations implementation for CasesAggregation. -func (ca CasesAggregation) AsAggregations() (*Aggregations, bool) { +// AsDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false } -// AsBasicAggregations is the BasicAggregations implementation for CasesAggregation. -func (ca CasesAggregation) AsBasicAggregations() (BasicAggregations, bool) { - return &ca, true +// AsBasicDataConnector is the BasicDataConnector implementation for CodelessUIDataConnector. +func (cudc CodelessUIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &cudc, true } -// UnmarshalJSON is the custom unmarshaler for CasesAggregation struct. -func (ca *CasesAggregation) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for CodelessUIDataConnector struct. +func (cudc *CodelessUIDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -5127,12 +6163,30 @@ func (ca *CasesAggregation) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var casesAggregationProperties CasesAggregationProperties - err = json.Unmarshal(*v, &casesAggregationProperties) + var codelessParameters CodelessParameters + err = json.Unmarshal(*v, &codelessParameters) + if err != nil { + return err + } + cudc.CodelessParameters = &codelessParameters + } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + cudc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) if err != nil { return err } - ca.CasesAggregationProperties = &casesAggregationProperties + cudc.Etag = &etag } case "id": if v != nil { @@ -5141,7 +6195,7 @@ func (ca *CasesAggregation) UnmarshalJSON(body []byte) error { if err != nil { return err } - ca.ID = &ID + cudc.ID = &ID } case "name": if v != nil { @@ -5150,7 +6204,7 @@ func (ca *CasesAggregation) UnmarshalJSON(body []byte) error { if err != nil { return err } - ca.Name = &name + cudc.Name = &name } case "type": if v != nil { @@ -5159,16 +6213,16 @@ func (ca *CasesAggregation) UnmarshalJSON(body []byte) error { if err != nil { return err } - ca.Type = &typeVar + cudc.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind Kind - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - ca.Kind = kind + cudc.SystemData = &systemData } } } @@ -5176,212 +6230,434 @@ func (ca *CasesAggregation) UnmarshalJSON(body []byte) error { return nil } -// CasesAggregationBySeverityProperties aggregative results of cases by severity property bag. -type CasesAggregationBySeverityProperties struct { - // TotalCriticalSeverity - READ-ONLY; Total amount of open cases with severity Critical - TotalCriticalSeverity *int32 `json:"totalCriticalSeverity,omitempty"` - // TotalHighSeverity - READ-ONLY; Total amount of open cases with severity High - TotalHighSeverity *int32 `json:"totalHighSeverity,omitempty"` - // TotalInformationalSeverity - READ-ONLY; Total amount of open cases with severity Informational - TotalInformationalSeverity *int32 `json:"totalInformationalSeverity,omitempty"` - // TotalLowSeverity - READ-ONLY; Total amount of open cases with severity Low - TotalLowSeverity *int32 `json:"totalLowSeverity,omitempty"` - // TotalMediumSeverity - READ-ONLY; Total amount of open cases with severity medium - TotalMediumSeverity *int32 `json:"totalMediumSeverity,omitempty"` +// ConnectedEntity expansion result connected entities +type ConnectedEntity struct { + // TargetEntityID - Entity Id of the connected entity + TargetEntityID *string `json:"targetEntityId,omitempty"` + // AdditionalData - key-value pairs for a connected entity mapping + AdditionalData interface{} `json:"additionalData,omitempty"` } -// MarshalJSON is the custom marshaler for CasesAggregationBySeverityProperties. -func (cabsp CasesAggregationBySeverityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// ConnectivityCriteria setting for the connector check connectivity +type ConnectivityCriteria struct { + // Type - type of connectivity. Possible values include: 'ConnectivityTypeIsConnectedQuery' + Type ConnectivityType `json:"type,omitempty"` + // Value - Queries for checking connectivity + Value *[]string `json:"value,omitempty"` } -// CasesAggregationByStatusProperties aggregative results of cases by status property bag. -type CasesAggregationByStatusProperties struct { - // TotalDismissedStatus - READ-ONLY; Total amount of closed cases with status Dismissed - TotalDismissedStatus *int32 `json:"totalDismissedStatus,omitempty"` - // TotalInProgressStatus - READ-ONLY; Total amount of open cases with status InProgress - TotalInProgressStatus *int32 `json:"totalInProgressStatus,omitempty"` - // TotalNewStatus - READ-ONLY; Total amount of open cases with status New - TotalNewStatus *int32 `json:"totalNewStatus,omitempty"` - // TotalResolvedStatus - READ-ONLY; Total amount of closed cases with status Resolved - TotalResolvedStatus *int32 `json:"totalResolvedStatus,omitempty"` - // TotalFalsePositiveStatus - READ-ONLY; Total amount of closed cases with status Closed and Close reason of False positive - TotalFalsePositiveStatus *int32 `json:"totalFalsePositiveStatus,omitempty"` - // TotalTruePositiveStatus - READ-ONLY; Total amount of closed cases with status Closed and Close reason of True positive - TotalTruePositiveStatus *int32 `json:"totalTruePositiveStatus,omitempty"` -} - -// MarshalJSON is the custom marshaler for CasesAggregationByStatusProperties. -func (cabsp CasesAggregationByStatusProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// ConnectorInstructionModelBase instruction step details +type ConnectorInstructionModelBase struct { + // Parameters - The parameters for the setting + Parameters interface{} `json:"parameters,omitempty"` + // Type - The kind of the setting. Possible values include: 'SettingTypeCopyableLabel', 'SettingTypeInstructionStepsGroup', 'SettingTypeInfoMessage' + Type SettingType `json:"type,omitempty"` } -// CasesAggregationProperties aggregative results of cases property bag. -type CasesAggregationProperties struct { - // AggregationBySeverity - Aggregations results by case severity. - AggregationBySeverity *CasesAggregationBySeverityProperties `json:"aggregationBySeverity,omitempty"` - // AggregationByStatus - Aggregations results by case status. - AggregationByStatus *CasesAggregationByStatusProperties `json:"aggregationByStatus,omitempty"` +// ContentPathMap the mapping of content type to a repo path. +type ContentPathMap struct { + // ContentType - Content type. Possible values include: 'ContentTypeAnalyticRule', 'ContentTypeWorkbook' + ContentType ContentType `json:"contentType,omitempty"` + // Path - The path to the content. + Path *string `json:"path,omitempty"` } -// ClientInfo information on the client (user or application) that made some action -type ClientInfo struct { - // Email - The email of the client. - Email *string `json:"email,omitempty"` - // Name - The name of the client. - Name *string `json:"name,omitempty"` - // ObjectID - The object id of the client. - ObjectID *uuid.UUID `json:"objectId,omitempty"` - // UserPrincipalName - The user principal name of the client. - UserPrincipalName *string `json:"userPrincipalName,omitempty"` +// BasicCustomEntityQuery specific entity query that supports put requests. +type BasicCustomEntityQuery interface { + AsActivityCustomEntityQuery() (*ActivityCustomEntityQuery, bool) + AsCustomEntityQuery() (*CustomEntityQuery, bool) } -// CloudApplicationEntity represents a cloud application entity. -type CloudApplicationEntity struct { - // CloudApplicationEntityProperties - CloudApplication entity properties - *CloudApplicationEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// CustomEntityQuery specific entity query that supports put requests. +type CustomEntityQuery struct { + // Kind - Possible values include: 'KindBasicCustomEntityQueryKindCustomEntityQuery', 'KindBasicCustomEntityQueryKindActivity' + Kind KindBasicCustomEntityQuery `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for CloudApplicationEntity. -func (cae CloudApplicationEntity) MarshalJSON() ([]byte, error) { - cae.Kind = KindBasicEntityKindCloudApplication +func unmarshalBasicCustomEntityQuery(body []byte) (BasicCustomEntityQuery, error) { + var m map[string]interface{} + err := json.Unmarshal(body, &m) + if err != nil { + return nil, err + } + + switch m["kind"] { + case string(KindBasicCustomEntityQueryKindActivity): + var aceq ActivityCustomEntityQuery + err := json.Unmarshal(body, &aceq) + return aceq, err + default: + var ceq CustomEntityQuery + err := json.Unmarshal(body, &ceq) + return ceq, err + } +} +func unmarshalBasicCustomEntityQueryArray(body []byte) ([]BasicCustomEntityQuery, error) { + var rawMessages []*json.RawMessage + err := json.Unmarshal(body, &rawMessages) + if err != nil { + return nil, err + } + + ceqArray := make([]BasicCustomEntityQuery, len(rawMessages)) + + for index, rawMessage := range rawMessages { + ceq, err := unmarshalBasicCustomEntityQuery(*rawMessage) + if err != nil { + return nil, err + } + ceqArray[index] = ceq + } + return ceqArray, nil +} + +// MarshalJSON is the custom marshaler for CustomEntityQuery. +func (ceq CustomEntityQuery) MarshalJSON() ([]byte, error) { + ceq.Kind = KindBasicCustomEntityQueryKindCustomEntityQuery objectMap := make(map[string]interface{}) - if cae.CloudApplicationEntityProperties != nil { - objectMap["properties"] = cae.CloudApplicationEntityProperties + if ceq.Kind != "" { + objectMap["kind"] = ceq.Kind } - if cae.Kind != "" { - objectMap["kind"] = cae.Kind + if ceq.Etag != nil { + objectMap["etag"] = ceq.Etag } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsActivityCustomEntityQuery is the BasicCustomEntityQuery implementation for CustomEntityQuery. +func (ceq CustomEntityQuery) AsActivityCustomEntityQuery() (*ActivityCustomEntityQuery, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false +// AsCustomEntityQuery is the BasicCustomEntityQuery implementation for CustomEntityQuery. +func (ceq CustomEntityQuery) AsCustomEntityQuery() (*CustomEntityQuery, bool) { + return &ceq, true } -// AsCloudApplicationEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return &cae, true +// AsBasicCustomEntityQuery is the BasicCustomEntityQuery implementation for CustomEntityQuery. +func (ceq CustomEntityQuery) AsBasicCustomEntityQuery() (BasicCustomEntityQuery, bool) { + return &ceq, true } -// AsDNSEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false +// Customs customs permissions required for the connector +type Customs struct { + // Name - Customs permissions name + Name *string `json:"name,omitempty"` + // Description - Customs permissions description + Description *string `json:"description,omitempty"` } -// AsFileEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false +// CustomsPermission customs permissions required for the connector +type CustomsPermission struct { + // Name - Customs permissions name + Name *string `json:"name,omitempty"` + // Description - Customs permissions description + Description *string `json:"description,omitempty"` } -// AsFileHashEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// BasicDataConnector data connector +type BasicDataConnector interface { + AsAADDataConnector() (*AADDataConnector, bool) + AsMSTIDataConnector() (*MSTIDataConnector, bool) + AsMTPDataConnector() (*MTPDataConnector, bool) + AsAATPDataConnector() (*AATPDataConnector, bool) + AsASCDataConnector() (*ASCDataConnector, bool) + AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + AsAwsS3DataConnector() (*AwsS3DataConnector, bool) + AsMCASDataConnector() (*MCASDataConnector, bool) + AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) + AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) + AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) + AsMDATPDataConnector() (*MDATPDataConnector, bool) + AsOfficeDataConnector() (*OfficeDataConnector, bool) + AsTIDataConnector() (*TIDataConnector, bool) + AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) + AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) + AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) + AsDataConnector() (*DataConnector, bool) +} + +// DataConnector data connector +type DataConnector struct { + autorest.Response `json:"-"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +func unmarshalBasicDataConnector(body []byte) (BasicDataConnector, error) { + var m map[string]interface{} + err := json.Unmarshal(body, &m) + if err != nil { + return nil, err + } + + switch m["kind"] { + case string(KindBasicDataConnectorKindAzureActiveDirectory): + var adc AADDataConnector + err := json.Unmarshal(body, &adc) + return adc, err + case string(KindBasicDataConnectorKindMicrosoftThreatIntelligence): + var mdc MSTIDataConnector + err := json.Unmarshal(body, &mdc) + return mdc, err + case string(KindBasicDataConnectorKindMicrosoftThreatProtection): + var mdc MTPDataConnector + err := json.Unmarshal(body, &mdc) + return mdc, err + case string(KindBasicDataConnectorKindAzureAdvancedThreatProtection): + var adc AATPDataConnector + err := json.Unmarshal(body, &adc) + return adc, err + case string(KindBasicDataConnectorKindAzureSecurityCenter): + var adc ASCDataConnector + err := json.Unmarshal(body, &adc) + return adc, err + case string(KindBasicDataConnectorKindAmazonWebServicesCloudTrail): + var actdc AwsCloudTrailDataConnector + err := json.Unmarshal(body, &actdc) + return actdc, err + case string(KindBasicDataConnectorKindAmazonWebServicesS3): + var asdc AwsS3DataConnector + err := json.Unmarshal(body, &asdc) + return asdc, err + case string(KindBasicDataConnectorKindMicrosoftCloudAppSecurity): + var mdc MCASDataConnector + err := json.Unmarshal(body, &mdc) + return mdc, err + case string(KindBasicDataConnectorKindDynamics365): + var d3dc Dynamics365DataConnector + err := json.Unmarshal(body, &d3dc) + return d3dc, err + case string(KindBasicDataConnectorKindOfficeATP): + var oadc OfficeATPDataConnector + err := json.Unmarshal(body, &oadc) + return oadc, err + case string(KindBasicDataConnectorKindOfficeIRM): + var oidc OfficeIRMDataConnector + err := json.Unmarshal(body, &oidc) + return oidc, err + case string(KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection): + var mdc MDATPDataConnector + err := json.Unmarshal(body, &mdc) + return mdc, err + case string(KindBasicDataConnectorKindOffice365): + var odc OfficeDataConnector + err := json.Unmarshal(body, &odc) + return odc, err + case string(KindBasicDataConnectorKindThreatIntelligence): + var tdc TIDataConnector + err := json.Unmarshal(body, &tdc) + return tdc, err + case string(KindBasicDataConnectorKindThreatIntelligenceTaxii): + var ttdc TiTaxiiDataConnector + err := json.Unmarshal(body, &ttdc) + return ttdc, err + case string(KindBasicDataConnectorKindGenericUI): + var cudc CodelessUIDataConnector + err := json.Unmarshal(body, &cudc) + return cudc, err + case string(KindBasicDataConnectorKindAPIPolling): + var capdc CodelessAPIPollingDataConnector + err := json.Unmarshal(body, &capdc) + return capdc, err + default: + var dc DataConnector + err := json.Unmarshal(body, &dc) + return dc, err + } +} +func unmarshalBasicDataConnectorArray(body []byte) ([]BasicDataConnector, error) { + var rawMessages []*json.RawMessage + err := json.Unmarshal(body, &rawMessages) + if err != nil { + return nil, err + } + + dcArray := make([]BasicDataConnector, len(rawMessages)) + + for index, rawMessage := range rawMessages { + dc, err := unmarshalBasicDataConnector(*rawMessage) + if err != nil { + return nil, err + } + dcArray[index] = dc + } + return dcArray, nil +} + +// MarshalJSON is the custom marshaler for DataConnector. +func (dc DataConnector) MarshalJSON() ([]byte, error) { + dc.Kind = KindBasicDataConnectorKindDataConnector + objectMap := make(map[string]interface{}) + if dc.Kind != "" { + objectMap["kind"] = dc.Kind + } + if dc.Etag != nil { + objectMap["etag"] = dc.Etag + } + return json.Marshal(objectMap) +} + +// AsAADDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsHostEntity() (*HostEntity, bool) { +// AsMSTIDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMTPDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsAATPDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsIPEntity() (*IPEntity, bool) { +// AsASCDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false } -// AsMailboxEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsMailboxEntity() (*MailboxEntity, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsMCASDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsOfficeATPDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsMDATPDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsOfficeDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsTIDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsURLEntity() (*URLEntity, bool) { +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsCodelessUIDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsEntity() (*Entity, bool) { +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsBasicEntity() (BasicEntity, bool) { - return &cae, true +// AsDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsDataConnector() (*DataConnector, bool) { + return &dc, true } -// UnmarshalJSON is the custom unmarshaler for CloudApplicationEntity struct. -func (cae *CloudApplicationEntity) UnmarshalJSON(body []byte) error { +// AsBasicDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &dc, true +} + +// DataConnectorConnectBody represents Codeless API Polling data connector. +type DataConnectorConnectBody struct { + // Kind - The authentication kind used to poll the data. Possible values include: 'ConnectAuthKindBasic', 'ConnectAuthKindOAuth2', 'ConnectAuthKindAPIKey' + Kind ConnectAuthKind `json:"kind,omitempty"` + // APIKey - The API key of the audit server. + APIKey *string `json:"apiKey,omitempty"` + // ClientSecret - The client secret of the OAuth 2.0 application. + ClientSecret *string `json:"clientSecret,omitempty"` + // ClientID - The client id of the OAuth 2.0 application. + ClientID *string `json:"clientId,omitempty"` + // AuthorizationCode - The authorization code used in OAuth 2.0 code flow to issue a token. + AuthorizationCode *string `json:"authorizationCode,omitempty"` + // UserName - The user name in the audit log server. + UserName *string `json:"userName,omitempty"` + // Password - The user password in the audit log server. + Password *string `json:"password,omitempty"` + RequestConfigUserInputValues *[]interface{} `json:"requestConfigUserInputValues,omitempty"` +} + +// DataConnectorDataTypeCommon common field for data type in data connectors. +type DataConnectorDataTypeCommon struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' + State DataTypeState `json:"state,omitempty"` +} + +// DataConnectorList list all the data connectors. +type DataConnectorList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of data connectors. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of data connectors. + Value *[]BasicDataConnector `json:"value,omitempty"` +} + +// MarshalJSON is the custom marshaler for DataConnectorList. +func (dcl DataConnectorList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if dcl.Value != nil { + objectMap["value"] = dcl.Value + } + return json.Marshal(objectMap) +} + +// UnmarshalJSON is the custom unmarshaler for DataConnectorList struct. +func (dcl *DataConnectorList) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -5389,50 +6665,22 @@ func (cae *CloudApplicationEntity) UnmarshalJSON(body []byte) error { } for k, v := range m { switch k { - case "properties": - if v != nil { - var cloudApplicationEntityProperties CloudApplicationEntityProperties - err = json.Unmarshal(*v, &cloudApplicationEntityProperties) - if err != nil { - return err - } - cae.CloudApplicationEntityProperties = &cloudApplicationEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - cae.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - cae.Name = &name - } - case "type": + case "nextLink": if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) + var nextLink string + err = json.Unmarshal(*v, &nextLink) if err != nil { return err } - cae.Type = &typeVar + dcl.NextLink = &nextLink } - case "kind": + case "value": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + value, err := unmarshalBasicDataConnectorArray(*v) if err != nil { return err } - cae.Kind = kind + dcl.Value = &value } } } @@ -5440,871 +6688,910 @@ func (cae *CloudApplicationEntity) UnmarshalJSON(body []byte) error { return nil } -// CloudApplicationEntityProperties cloudApplication entity property bag. -type CloudApplicationEntityProperties struct { - // AppID - READ-ONLY; The technical identifier of the application. - AppID *int32 `json:"appId,omitempty"` - // AppName - READ-ONLY; The name of the related cloud application. - AppName *string `json:"appName,omitempty"` - // InstanceName - READ-ONLY; The user defined instance name of the cloud application. It is often used to distinguish between several applications of the same type that a customer has. - InstanceName *string `json:"instanceName,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` +// DataConnectorListIterator provides access to a complete listing of DataConnector values. +type DataConnectorListIterator struct { + i int + page DataConnectorListPage } -// MarshalJSON is the custom marshaler for CloudApplicationEntityProperties. -func (caep CloudApplicationEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorListIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil } -// CloudError error response structure. -type CloudError struct { - // CloudErrorBody - Error data - *CloudErrorBody `json:"error,omitempty"` +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *DataConnectorListIterator) Next() error { + return iter.NextWithContext(context.Background()) } -// MarshalJSON is the custom marshaler for CloudError. -func (ce CloudError) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if ce.CloudErrorBody != nil { - objectMap["error"] = ce.CloudErrorBody - } - return json.Marshal(objectMap) +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter DataConnectorListIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) } -// UnmarshalJSON is the custom unmarshaler for CloudError struct. -func (ce *CloudError) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "error": - if v != nil { - var cloudErrorBody CloudErrorBody - err = json.Unmarshal(*v, &cloudErrorBody) - if err != nil { - return err - } - ce.CloudErrorBody = &cloudErrorBody - } - } - } +// Response returns the raw server response from the last page request. +func (iter DataConnectorListIterator) Response() DataConnectorList { + return iter.page.Response() +} - return nil +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter DataConnectorListIterator) Value() BasicDataConnector { + if !iter.page.NotDone() { + return DataConnector{} + } + return iter.page.Values()[iter.i] } -// CloudErrorBody error details. -type CloudErrorBody struct { - // Code - READ-ONLY; An identifier for the error. Codes are invariant and are intended to be consumed programmatically. - Code *string `json:"code,omitempty"` - // Message - READ-ONLY; A message describing the error, intended to be suitable for display in a user interface. - Message *string `json:"message,omitempty"` +// Creates a new instance of the DataConnectorListIterator type. +func NewDataConnectorListIterator(page DataConnectorListPage) DataConnectorListIterator { + return DataConnectorListIterator{page: page} } -// MarshalJSON is the custom marshaler for CloudErrorBody. -func (ceb CloudErrorBody) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// IsEmpty returns true if the ListResult contains no values. +func (dcl DataConnectorList) IsEmpty() bool { + return dcl.Value == nil || len(*dcl.Value) == 0 } -// ConnectedEntity expansion result connected entities -type ConnectedEntity struct { - // TargetEntityID - Entity Id of the connected entity - TargetEntityID *string `json:"targetEntityId,omitempty"` - // AdditionalData - key-value pairs for a connected entity mapping - AdditionalData interface{} `json:"additionalData,omitempty"` +// hasNextLink returns true if the NextLink is not empty. +func (dcl DataConnectorList) hasNextLink() bool { + return dcl.NextLink != nil && len(*dcl.NextLink) != 0 } -// BasicDataConnector data connector. -type BasicDataConnector interface { - AsAADDataConnector() (*AADDataConnector, bool) - AsAATPDataConnector() (*AATPDataConnector, bool) - AsMSTIDataConnector() (*MSTIDataConnector, bool) - AsMTPDataConnector() (*MTPDataConnector, bool) - AsASCDataConnector() (*ASCDataConnector, bool) - AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) - AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) - AsMCASDataConnector() (*MCASDataConnector, bool) - AsMDATPDataConnector() (*MDATPDataConnector, bool) - AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) - AsOfficeDataConnector() (*OfficeDataConnector, bool) - AsTIDataConnector() (*TIDataConnector, bool) - AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) - AsDataConnector() (*DataConnector, bool) +// dataConnectorListPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (dcl DataConnectorList) dataConnectorListPreparer(ctx context.Context) (*http.Request, error) { + if !dcl.hasNextLink() { + return nil, nil + } + return autorest.Prepare((&http.Request{}).WithContext(ctx), + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(dcl.NextLink))) } -// DataConnector data connector. -type DataConnector struct { - autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` +// DataConnectorListPage contains a page of BasicDataConnector values. +type DataConnectorListPage struct { + fn func(context.Context, DataConnectorList) (DataConnectorList, error) + dcl DataConnectorList } -func unmarshalBasicDataConnector(body []byte) (BasicDataConnector, error) { - var m map[string]interface{} - err := json.Unmarshal(body, &m) - if err != nil { - return nil, err +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorListPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() } - - switch m["kind"] { - case string(KindBasicDataConnectorKindAzureActiveDirectory): - var adc AADDataConnector - err := json.Unmarshal(body, &adc) - return adc, err - case string(KindBasicDataConnectorKindAzureAdvancedThreatProtection): - var adc AATPDataConnector - err := json.Unmarshal(body, &adc) - return adc, err - case string(KindBasicDataConnectorKindMicrosoftThreatIntelligence): - var mdc MSTIDataConnector - err := json.Unmarshal(body, &mdc) - return mdc, err - case string(KindBasicDataConnectorKindMicrosoftThreatProtection): - var mdc MTPDataConnector - err := json.Unmarshal(body, &mdc) - return mdc, err - case string(KindBasicDataConnectorKindAzureSecurityCenter): - var adc ASCDataConnector - err := json.Unmarshal(body, &adc) - return adc, err - case string(KindBasicDataConnectorKindAmazonWebServicesCloudTrail): - var actdc AwsCloudTrailDataConnector - err := json.Unmarshal(body, &actdc) - return actdc, err - case string(KindBasicDataConnectorKindDynamics365): - var d3dc Dynamics365DataConnector - err := json.Unmarshal(body, &d3dc) - return d3dc, err - case string(KindBasicDataConnectorKindMicrosoftCloudAppSecurity): - var mdc MCASDataConnector - err := json.Unmarshal(body, &mdc) - return mdc, err - case string(KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection): - var mdc MDATPDataConnector - err := json.Unmarshal(body, &mdc) - return mdc, err - case string(KindBasicDataConnectorKindOfficeATP): - var oadc OfficeATPDataConnector - err := json.Unmarshal(body, &oadc) - return oadc, err - case string(KindBasicDataConnectorKindOffice365): - var odc OfficeDataConnector - err := json.Unmarshal(body, &odc) - return odc, err - case string(KindBasicDataConnectorKindThreatIntelligence): - var tdc TIDataConnector - err := json.Unmarshal(body, &tdc) - return tdc, err - case string(KindBasicDataConnectorKindThreatIntelligenceTaxii): - var ttdc TiTaxiiDataConnector - err := json.Unmarshal(body, &ttdc) - return ttdc, err + for { + next, err := page.fn(ctx, page.dcl) + if err != nil { + return err + } + page.dcl = next + if !next.hasNextLink() || !next.IsEmpty() { + break + } + } + return nil +} + +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *DataConnectorListPage) Next() error { + return page.NextWithContext(context.Background()) +} + +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page DataConnectorListPage) NotDone() bool { + return !page.dcl.IsEmpty() +} + +// Response returns the raw server response from the last page request. +func (page DataConnectorListPage) Response() DataConnectorList { + return page.dcl +} + +// Values returns the slice of values for the current page or nil if there are no values. +func (page DataConnectorListPage) Values() []BasicDataConnector { + if page.dcl.IsEmpty() { + return nil + } + return *page.dcl.Value +} + +// Creates a new instance of the DataConnectorListPage type. +func NewDataConnectorListPage(cur DataConnectorList, getNextPage func(context.Context, DataConnectorList) (DataConnectorList, error)) DataConnectorListPage { + return DataConnectorListPage{ + fn: getNextPage, + dcl: cur, + } +} + +// DataConnectorModel ... +type DataConnectorModel struct { + autorest.Response `json:"-"` + Value BasicDataConnector `json:"value,omitempty"` +} + +// UnmarshalJSON is the custom unmarshaler for DataConnectorModel struct. +func (dcm *DataConnectorModel) UnmarshalJSON(body []byte) error { + dc, err := unmarshalBasicDataConnector(body) + if err != nil { + return err + } + dcm.Value = dc + + return nil +} + +// DataConnectorRequirementsState data connector requirements status. +type DataConnectorRequirementsState struct { + autorest.Response `json:"-"` + // AuthorizationState - Authorization state for this connector. Possible values include: 'DataConnectorAuthorizationStateValid', 'DataConnectorAuthorizationStateInvalid' + AuthorizationState DataConnectorAuthorizationState `json:"authorizationState,omitempty"` + // LicenseState - License state for this connector. Possible values include: 'DataConnectorLicenseStateValid', 'DataConnectorLicenseStateInvalid', 'DataConnectorLicenseStateUnknown' + LicenseState DataConnectorLicenseState `json:"licenseState,omitempty"` +} + +// BasicDataConnectorsCheckRequirements data connector requirements properties. +type BasicDataConnectorsCheckRequirements interface { + AsAADCheckRequirements() (*AADCheckRequirements, bool) + AsAATPCheckRequirements() (*AATPCheckRequirements, bool) + AsASCCheckRequirements() (*ASCCheckRequirements, bool) + AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) + AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) + AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) + AsMCASCheckRequirements() (*MCASCheckRequirements, bool) + AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) + AsMSTICheckRequirements() (*MSTICheckRequirements, bool) + AsMtpCheckRequirements() (*MtpCheckRequirements, bool) + AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) + AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) + AsTICheckRequirements() (*TICheckRequirements, bool) + AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) + AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) +} + +// DataConnectorsCheckRequirements data connector requirements properties. +type DataConnectorsCheckRequirements struct { + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` +} + +func unmarshalBasicDataConnectorsCheckRequirements(body []byte) (BasicDataConnectorsCheckRequirements, error) { + var m map[string]interface{} + err := json.Unmarshal(body, &m) + if err != nil { + return nil, err + } + + switch m["kind"] { + case string(KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory): + var acr AADCheckRequirements + err := json.Unmarshal(body, &acr) + return acr, err + case string(KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection): + var acr AATPCheckRequirements + err := json.Unmarshal(body, &acr) + return acr, err + case string(KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter): + var acr ASCCheckRequirements + err := json.Unmarshal(body, &acr) + return acr, err + case string(KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail): + var actcr AwsCloudTrailCheckRequirements + err := json.Unmarshal(body, &actcr) + return actcr, err + case string(KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3): + var ascr AwsS3CheckRequirements + err := json.Unmarshal(body, &ascr) + return ascr, err + case string(KindBasicDataConnectorsCheckRequirementsKindDynamics365): + var d3cr Dynamics365CheckRequirements + err := json.Unmarshal(body, &d3cr) + return d3cr, err + case string(KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity): + var mcr MCASCheckRequirements + err := json.Unmarshal(body, &mcr) + return mcr, err + case string(KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection): + var mcr MDATPCheckRequirements + err := json.Unmarshal(body, &mcr) + return mcr, err + case string(KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence): + var mcr MSTICheckRequirements + err := json.Unmarshal(body, &mcr) + return mcr, err + case string(KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection): + var mcr MtpCheckRequirements + err := json.Unmarshal(body, &mcr) + return mcr, err + case string(KindBasicDataConnectorsCheckRequirementsKindOfficeATP): + var oacr OfficeATPCheckRequirements + err := json.Unmarshal(body, &oacr) + return oacr, err + case string(KindBasicDataConnectorsCheckRequirementsKindOfficeIRM): + var oicr OfficeIRMCheckRequirements + err := json.Unmarshal(body, &oicr) + return oicr, err + case string(KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence): + var tcr TICheckRequirements + err := json.Unmarshal(body, &tcr) + return tcr, err + case string(KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii): + var ttcr TiTaxiiCheckRequirements + err := json.Unmarshal(body, &ttcr) + return ttcr, err default: - var dc DataConnector - err := json.Unmarshal(body, &dc) - return dc, err + var dccr DataConnectorsCheckRequirements + err := json.Unmarshal(body, &dccr) + return dccr, err } } -func unmarshalBasicDataConnectorArray(body []byte) ([]BasicDataConnector, error) { +func unmarshalBasicDataConnectorsCheckRequirementsArray(body []byte) ([]BasicDataConnectorsCheckRequirements, error) { var rawMessages []*json.RawMessage err := json.Unmarshal(body, &rawMessages) if err != nil { return nil, err } - dcArray := make([]BasicDataConnector, len(rawMessages)) + dccrArray := make([]BasicDataConnectorsCheckRequirements, len(rawMessages)) for index, rawMessage := range rawMessages { - dc, err := unmarshalBasicDataConnector(*rawMessage) + dccr, err := unmarshalBasicDataConnectorsCheckRequirements(*rawMessage) if err != nil { return nil, err } - dcArray[index] = dc + dccrArray[index] = dccr } - return dcArray, nil + return dccrArray, nil } -// MarshalJSON is the custom marshaler for DataConnector. -func (dc DataConnector) MarshalJSON() ([]byte, error) { - dc.Kind = KindBasicDataConnectorKindDataConnector +// MarshalJSON is the custom marshaler for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) MarshalJSON() ([]byte, error) { + dccr.Kind = KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements objectMap := make(map[string]interface{}) - if dc.Etag != nil { - objectMap["etag"] = dc.Etag - } - if dc.Kind != "" { - objectMap["kind"] = dc.Kind + if dccr.Kind != "" { + objectMap["kind"] = dccr.Kind } return json.Marshal(objectMap) } -// AsAADDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool) { +// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { return nil, false } -// AsAATPDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { +// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { return nil, false } -// AsMSTIDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { +// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false } -// AsMTPDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { +// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { return nil, false } -// AsASCDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { return nil, false } -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { +// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false } -// AsDynamics365DataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { return nil, false } -// AsMCASDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { +// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { return nil, false } -// AsOfficeATPDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { return nil, false } -// AsOfficeDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { +// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } -// AsTIDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool) { +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { return nil, false } -// AsTiTaxiiDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { +// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return nil, false } -// AsDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsDataConnector() (*DataConnector, bool) { - return &dc, true +// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { + return nil, false } -// AsBasicDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &dc, true +// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { + return &dccr, true } -// DataConnectorDataTypeCommon common field for data type in data connectors. -type DataConnectorDataTypeCommon struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' - State DataTypeState `json:"state,omitempty"` +// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. +func (dccr DataConnectorsCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { + return &dccr, true } -// DataConnectorKind1 describes an Azure resource with kind. -type DataConnectorKind1 struct { - // Kind - The kind of the data connector. Possible values include: 'DataConnectorKindAzureActiveDirectory', 'DataConnectorKindAzureSecurityCenter', 'DataConnectorKindMicrosoftCloudAppSecurity', 'DataConnectorKindThreatIntelligence', 'DataConnectorKindThreatIntelligenceTaxii', 'DataConnectorKindOffice365', 'DataConnectorKindOfficeATP', 'DataConnectorKindAmazonWebServicesCloudTrail', 'DataConnectorKindAzureAdvancedThreatProtection', 'DataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'DataConnectorKindDynamics365', 'DataConnectorKindMicrosoftThreatProtection', 'DataConnectorKindMicrosoftThreatIntelligence' - Kind DataConnectorKind `json:"kind,omitempty"` +// DataConnectorTenantID properties data connector on tenant level. +type DataConnectorTenantID struct { + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` } -// DataConnectorList list all the data connectors. -type DataConnectorList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of data connectors. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of data connectors. - Value *[]BasicDataConnector `json:"value,omitempty"` +// DataConnectorWithAlertsProperties data connector properties. +type DataConnectorWithAlertsProperties struct { + // DataTypes - The available data types for the connector. + DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` } -// MarshalJSON is the custom marshaler for DataConnectorList. -func (dcl DataConnectorList) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if dcl.Value != nil { - objectMap["value"] = dcl.Value - } - return json.Marshal(objectMap) +// DataTypeDefinitions the data type definition +type DataTypeDefinitions struct { + // DataType - The data type name + DataType *string `json:"dataType,omitempty"` } -// UnmarshalJSON is the custom unmarshaler for DataConnectorList struct. -func (dcl *DataConnectorList) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err +// DNSEntity represents a dns entity. +type DNSEntity struct { + // DNSEntityProperties - Dns entity properties + *DNSEntityProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for DNSEntity. +func (de DNSEntity) MarshalJSON() ([]byte, error) { + de.Kind = KindBasicEntityKindDNSResolution + objectMap := make(map[string]interface{}) + if de.DNSEntityProperties != nil { + objectMap["properties"] = de.DNSEntityProperties } - for k, v := range m { - switch k { - case "nextLink": - if v != nil { - var nextLink string - err = json.Unmarshal(*v, &nextLink) - if err != nil { - return err - } - dcl.NextLink = &nextLink - } - case "value": - if v != nil { - value, err := unmarshalBasicDataConnectorArray(*v) - if err != nil { - return err - } - dcl.Value = &value - } - } + if de.Kind != "" { + objectMap["kind"] = de.Kind } + return json.Marshal(objectMap) +} - return nil +// AsURLEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsURLEntity() (*URLEntity, bool) { + return nil, false } -// DataConnectorListIterator provides access to a complete listing of DataConnector values. -type DataConnectorListIterator struct { - i int - page DataConnectorListPage +// AsSubmissionMailEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { + return nil, false } -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil +// AsSecurityGroupEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { + return nil, false } -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *DataConnectorListIterator) Next() error { - return iter.NextWithContext(context.Background()) +// AsSecurityAlert is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsSecurityAlert() (*SecurityAlert, bool) { + return nil, false } -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter DataConnectorListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) +// AsRegistryValueEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { + return nil, false } -// Response returns the raw server response from the last page request. -func (iter DataConnectorListIterator) Response() DataConnectorList { - return iter.page.Response() +// AsRegistryKeyEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { + return nil, false } -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter DataConnectorListIterator) Value() BasicDataConnector { - if !iter.page.NotDone() { - return DataConnector{} - } - return iter.page.Values()[iter.i] +// AsProcessEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsProcessEntity() (*ProcessEntity, bool) { + return nil, false } -// Creates a new instance of the DataConnectorListIterator type. -func NewDataConnectorListIterator(page DataConnectorListPage) DataConnectorListIterator { - return DataConnectorListIterator{page: page} +// AsMalwareEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsMalwareEntity() (*MalwareEntity, bool) { + return nil, false } -// IsEmpty returns true if the ListResult contains no values. -func (dcl DataConnectorList) IsEmpty() bool { - return dcl.Value == nil || len(*dcl.Value) == 0 +// AsMailMessageEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { + return nil, false } -// hasNextLink returns true if the NextLink is not empty. -func (dcl DataConnectorList) hasNextLink() bool { - return dcl.NextLink != nil && len(*dcl.NextLink) != 0 +// AsMailClusterEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { + return nil, false } -// dataConnectorListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (dcl DataConnectorList) dataConnectorListPreparer(ctx context.Context) (*http.Request, error) { - if !dcl.hasNextLink() { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(dcl.NextLink))) +// AsMailboxEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsMailboxEntity() (*MailboxEntity, bool) { + return nil, false } -// DataConnectorListPage contains a page of BasicDataConnector values. -type DataConnectorListPage struct { - fn func(context.Context, DataConnectorList) (DataConnectorList, error) - dcl DataConnectorList +// AsIPEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsIPEntity() (*IPEntity, bool) { + return nil, false } -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - for { - next, err := page.fn(ctx, page.dcl) - if err != nil { - return err - } - page.dcl = next - if !next.hasNextLink() || !next.IsEmpty() { - break - } - } - return nil +// AsIoTDeviceEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { + return nil, false } -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *DataConnectorListPage) Next() error { - return page.NextWithContext(context.Background()) +// AsHuntingBookmark is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { + return nil, false } -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page DataConnectorListPage) NotDone() bool { - return !page.dcl.IsEmpty() +// AsHostEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsHostEntity() (*HostEntity, bool) { + return nil, false } -// Response returns the raw server response from the last page request. -func (page DataConnectorListPage) Response() DataConnectorList { - return page.dcl +// AsFileHashEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsFileHashEntity() (*FileHashEntity, bool) { + return nil, false } -// Values returns the slice of values for the current page or nil if there are no values. -func (page DataConnectorListPage) Values() []BasicDataConnector { - if page.dcl.IsEmpty() { - return nil - } - return *page.dcl.Value +// AsFileEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsFileEntity() (*FileEntity, bool) { + return nil, false } -// Creates a new instance of the DataConnectorListPage type. -func NewDataConnectorListPage(cur DataConnectorList, getNextPage func(context.Context, DataConnectorList) (DataConnectorList, error)) DataConnectorListPage { - return DataConnectorListPage{ - fn: getNextPage, - dcl: cur, - } +// AsDNSEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsDNSEntity() (*DNSEntity, bool) { + return &de, true } -// DataConnectorModel ... -type DataConnectorModel struct { - autorest.Response `json:"-"` - Value BasicDataConnector `json:"value,omitempty"` +// AsCloudApplicationEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for DataConnectorModel struct. -func (dcm *DataConnectorModel) UnmarshalJSON(body []byte) error { - dc, err := unmarshalBasicDataConnector(body) - if err != nil { - return err - } - dcm.Value = dc - - return nil +// AsAzureResourceEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { + return nil, false } -// DataConnectorRequirementsState data connector requirements status. -type DataConnectorRequirementsState struct { - autorest.Response `json:"-"` - // AuthorizationState - Authorization state for this connector. Possible values include: 'DataConnectorAuthorizationStateValid', 'DataConnectorAuthorizationStateInvalid' - AuthorizationState DataConnectorAuthorizationState `json:"authorizationState,omitempty"` - // LicenseState - License state for this connector. Possible values include: 'DataConnectorLicenseStateValid', 'DataConnectorLicenseStateInvalid', 'DataConnectorLicenseStateUnknown' - LicenseState DataConnectorLicenseState `json:"licenseState,omitempty"` +// AsAccountEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsAccountEntity() (*AccountEntity, bool) { + return nil, false } -// BasicDataConnectorsCheckRequirements data connector requirements properties. -type BasicDataConnectorsCheckRequirements interface { - AsAADCheckRequirements() (*AADCheckRequirements, bool) - AsAATPCheckRequirements() (*AATPCheckRequirements, bool) - AsMSTICheckRequirements() (*MSTICheckRequirements, bool) - AsMtpCheckRequirements() (*MtpCheckRequirements, bool) - AsASCCheckRequirements() (*ASCCheckRequirements, bool) - AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) - AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) - AsMCASCheckRequirements() (*MCASCheckRequirements, bool) - AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) - AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) - AsTICheckRequirements() (*TICheckRequirements, bool) - AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) - AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) +// AsEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsEntity() (*Entity, bool) { + return nil, false } -// DataConnectorsCheckRequirements data connector requirements properties. -type DataConnectorsCheckRequirements struct { - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' - Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` +// AsBasicEntity is the BasicEntity implementation for DNSEntity. +func (de DNSEntity) AsBasicEntity() (BasicEntity, bool) { + return &de, true } -func unmarshalBasicDataConnectorsCheckRequirements(body []byte) (BasicDataConnectorsCheckRequirements, error) { - var m map[string]interface{} +// UnmarshalJSON is the custom unmarshaler for DNSEntity struct. +func (de *DNSEntity) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { - return nil, err + return err } - - switch m["kind"] { - case string(KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory): - var acr AADCheckRequirements - err := json.Unmarshal(body, &acr) - return acr, err - case string(KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection): - var acr AATPCheckRequirements - err := json.Unmarshal(body, &acr) - return acr, err - case string(KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence): - var mcr MSTICheckRequirements - err := json.Unmarshal(body, &mcr) - return mcr, err - case string(KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection): - var mcr MtpCheckRequirements - err := json.Unmarshal(body, &mcr) - return mcr, err - case string(KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter): - var acr ASCCheckRequirements - err := json.Unmarshal(body, &acr) - return acr, err - case string(KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail): - var actcr AwsCloudTrailCheckRequirements - err := json.Unmarshal(body, &actcr) - return actcr, err - case string(KindBasicDataConnectorsCheckRequirementsKindDynamics365): - var d3cr Dynamics365CheckRequirements - err := json.Unmarshal(body, &d3cr) - return d3cr, err - case string(KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity): - var mcr MCASCheckRequirements - err := json.Unmarshal(body, &mcr) - return mcr, err - case string(KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection): - var mcr MDATPCheckRequirements - err := json.Unmarshal(body, &mcr) - return mcr, err - case string(KindBasicDataConnectorsCheckRequirementsKindOfficeATP): - var oacr OfficeATPCheckRequirements - err := json.Unmarshal(body, &oacr) - return oacr, err - case string(KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence): - var tcr TICheckRequirements - err := json.Unmarshal(body, &tcr) - return tcr, err - case string(KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii): - var ttcr TiTaxiiCheckRequirements - err := json.Unmarshal(body, &ttcr) - return ttcr, err - default: - var dccr DataConnectorsCheckRequirements - err := json.Unmarshal(body, &dccr) - return dccr, err + for k, v := range m { + switch k { + case "properties": + if v != nil { + var DNSEntityProperties DNSEntityProperties + err = json.Unmarshal(*v, &DNSEntityProperties) + if err != nil { + return err + } + de.DNSEntityProperties = &DNSEntityProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + de.Kind = kind + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + de.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + de.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + de.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + de.SystemData = &systemData + } + } } + + return nil } -func unmarshalBasicDataConnectorsCheckRequirementsArray(body []byte) ([]BasicDataConnectorsCheckRequirements, error) { - var rawMessages []*json.RawMessage - err := json.Unmarshal(body, &rawMessages) - if err != nil { - return nil, err - } - dccrArray := make([]BasicDataConnectorsCheckRequirements, len(rawMessages)) +// DNSEntityProperties dns entity property bag. +type DNSEntityProperties struct { + // DNSServerIPEntityID - READ-ONLY; An ip entity id for the dns server resolving the request + DNSServerIPEntityID *string `json:"dnsServerIpEntityId,omitempty"` + // DomainName - READ-ONLY; The name of the dns record associated with the alert + DomainName *string `json:"domainName,omitempty"` + // HostIPAddressEntityID - READ-ONLY; An ip entity id for the dns request client + HostIPAddressEntityID *string `json:"hostIpAddressEntityId,omitempty"` + // IPAddressEntityIds - READ-ONLY; Ip entity identifiers for the resolved ip address. + IPAddressEntityIds *[]string `json:"ipAddressEntityIds,omitempty"` + // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` + // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + FriendlyName *string `json:"friendlyName,omitempty"` +} - for index, rawMessage := range rawMessages { - dccr, err := unmarshalBasicDataConnectorsCheckRequirements(*rawMessage) - if err != nil { - return nil, err - } - dccrArray[index] = dccr - } - return dccrArray, nil +// MarshalJSON is the custom marshaler for DNSEntityProperties. +func (dep DNSEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) } -// MarshalJSON is the custom marshaler for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) MarshalJSON() ([]byte, error) { - dccr.Kind = KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements +// Dynamics365CheckRequirements represents Dynamics365 requirements check request. +type Dynamics365CheckRequirements struct { + // Dynamics365CheckRequirementsProperties - Dynamics365 requirements check properties. + *Dynamics365CheckRequirementsProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) MarshalJSON() ([]byte, error) { + d3cr.Kind = KindBasicDataConnectorsCheckRequirementsKindDynamics365 objectMap := make(map[string]interface{}) - if dccr.Kind != "" { - objectMap["kind"] = dccr.Kind + if d3cr.Dynamics365CheckRequirementsProperties != nil { + objectMap["properties"] = d3cr.Dynamics365CheckRequirementsProperties + } + if d3cr.Kind != "" { + objectMap["kind"] = d3cr.Kind } return json.Marshal(objectMap) } -// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { +// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { return nil, false } -// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { +// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { return nil, false } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { +// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false } -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { +// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { return nil, false } -// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { return nil, false } -// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { +// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { + return &d3cr, true +} + +// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { return nil, false } -// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { +// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { return nil, false } -// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { return nil, false } -// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { return nil, false } -// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { +// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } -// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { return nil, false } -// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { +// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return nil, false } -// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { - return &dccr, true +// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { + return nil, false } -// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for DataConnectorsCheckRequirements. -func (dccr DataConnectorsCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { - return &dccr, true +// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { + return nil, false } -// DataConnectorTenantID properties data connector on tenant level. -type DataConnectorTenantID struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` +// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. +func (d3cr Dynamics365CheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { + return &d3cr, true } -// DataConnectorWithAlertsProperties data connector properties. -type DataConnectorWithAlertsProperties struct { - // DataTypes - The available data types for the connector. - DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` +// UnmarshalJSON is the custom unmarshaler for Dynamics365CheckRequirements struct. +func (d3cr *Dynamics365CheckRequirements) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var dynamics365CheckRequirementsProperties Dynamics365CheckRequirementsProperties + err = json.Unmarshal(*v, &dynamics365CheckRequirementsProperties) + if err != nil { + return err + } + d3cr.Dynamics365CheckRequirementsProperties = &dynamics365CheckRequirementsProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnectorsCheckRequirements + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + d3cr.Kind = kind + } + } + } + + return nil } -// DNSEntity represents a dns entity. -type DNSEntity struct { - // DNSEntityProperties - Dns entity properties - *DNSEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// Dynamics365CheckRequirementsProperties dynamics365 requirements check properties. +type Dynamics365CheckRequirementsProperties struct { + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` +} + +// Dynamics365DataConnector represents Dynamics365 data connector. +type Dynamics365DataConnector struct { + // Dynamics365DataConnectorProperties - Dynamics365 data connector properties. + *Dynamics365DataConnectorProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for DNSEntity. -func (de DNSEntity) MarshalJSON() ([]byte, error) { - de.Kind = KindBasicEntityKindDNSResolution +// MarshalJSON is the custom marshaler for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) MarshalJSON() ([]byte, error) { + d3dc.Kind = KindBasicDataConnectorKindDynamics365 objectMap := make(map[string]interface{}) - if de.DNSEntityProperties != nil { - objectMap["properties"] = de.DNSEntityProperties + if d3dc.Dynamics365DataConnectorProperties != nil { + objectMap["properties"] = d3dc.Dynamics365DataConnectorProperties } - if de.Kind != "" { - objectMap["kind"] = de.Kind + if d3dc.Kind != "" { + objectMap["kind"] = d3dc.Kind + } + if d3dc.Etag != nil { + objectMap["etag"] = d3dc.Etag } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsDNSEntity() (*DNSEntity, bool) { - return &de, true -} - -// AsFileEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsFileEntity() (*FileEntity, bool) { +// AsAADDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsMSTIDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsHostEntity() (*HostEntity, bool) { +// AsMTPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsAATPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsASCDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsIPEntity() (*IPEntity, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsMailboxEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsMailboxEntity() (*MailboxEntity, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsMCASDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { - return nil, false +// AsDynamics365DataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { + return &d3dc, true } -// AsSubmissionMailEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsOfficeATPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsMDATPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsOfficeDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsTIDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsTIDataConnector() (*TIDataConnector, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsURLEntity() (*URLEntity, bool) { +// AsCodelessUIDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsEntity() (*Entity, bool) { +// AsDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsBasicEntity() (BasicEntity, bool) { - return &de, true +// AsBasicDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. +func (d3dc Dynamics365DataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &d3dc, true } -// UnmarshalJSON is the custom unmarshaler for DNSEntity struct. -func (de *DNSEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for Dynamics365DataConnector struct. +func (d3dc *Dynamics365DataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -6314,12 +7601,30 @@ func (de *DNSEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var DNSEntityProperties DNSEntityProperties - err = json.Unmarshal(*v, &DNSEntityProperties) + var dynamics365DataConnectorProperties Dynamics365DataConnectorProperties + err = json.Unmarshal(*v, &dynamics365DataConnectorProperties) if err != nil { return err } - de.DNSEntityProperties = &DNSEntityProperties + d3dc.Dynamics365DataConnectorProperties = &dynamics365DataConnectorProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + d3dc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + d3dc.Etag = &etag } case "id": if v != nil { @@ -6328,7 +7633,7 @@ func (de *DNSEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - de.ID = &ID + d3dc.ID = &ID } case "name": if v != nil { @@ -6337,7 +7642,7 @@ func (de *DNSEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - de.Name = &name + d3dc.Name = &name } case "type": if v != nil { @@ -6346,16 +7651,16 @@ func (de *DNSEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - de.Type = &typeVar + d3dc.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - de.Kind = kind + d3dc.SystemData = &systemData } } } @@ -6363,267 +7668,495 @@ func (de *DNSEntity) UnmarshalJSON(body []byte) error { return nil } -// DNSEntityProperties dns entity property bag. -type DNSEntityProperties struct { - // DNSServerIPEntityID - READ-ONLY; An ip entity id for the dns server resolving the request - DNSServerIPEntityID *string `json:"dnsServerIpEntityId,omitempty"` - // DomainName - READ-ONLY; The name of the dns record associated with the alert - DomainName *string `json:"domainName,omitempty"` - // HostIPAddressEntityID - READ-ONLY; An ip entity id for the dns request client - HostIPAddressEntityID *string `json:"hostIpAddressEntityId,omitempty"` - // IPAddressEntityIds - READ-ONLY; Ip entity identifiers for the resolved ip address. - IPAddressEntityIds *[]string `json:"ipAddressEntityIds,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` +// Dynamics365DataConnectorDataTypes the available data types for Dynamics365 data connector. +type Dynamics365DataConnectorDataTypes struct { + // Dynamics365CdsActivities - Common Data Service data type connection. + Dynamics365CdsActivities *Dynamics365DataConnectorDataTypesDynamics365CdsActivities `json:"dynamics365CdsActivities,omitempty"` } -// MarshalJSON is the custom marshaler for DNSEntityProperties. -func (dep DNSEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// Dynamics365DataConnectorDataTypesDynamics365CdsActivities common Data Service data type connection. +type Dynamics365DataConnectorDataTypesDynamics365CdsActivities struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' + State DataTypeState `json:"state,omitempty"` } -// Dynamics365CheckRequirements represents Dynamics365 requirements check request. -type Dynamics365CheckRequirements struct { - // Dynamics365CheckRequirementsProperties - Dynamics365 requirements check properties. - *Dynamics365CheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' - Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` +// Dynamics365DataConnectorProperties dynamics365 data connector properties. +type Dynamics365DataConnectorProperties struct { + // DataTypes - The available data types for the connector. + DataTypes *Dynamics365DataConnectorDataTypes `json:"dataTypes,omitempty"` + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` } -// MarshalJSON is the custom marshaler for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) MarshalJSON() ([]byte, error) { - d3cr.Kind = KindBasicDataConnectorsCheckRequirementsKindDynamics365 - objectMap := make(map[string]interface{}) - if d3cr.Dynamics365CheckRequirementsProperties != nil { - objectMap["properties"] = d3cr.Dynamics365CheckRequirementsProperties - } - if d3cr.Kind != "" { - objectMap["kind"] = d3cr.Kind - } - return json.Marshal(objectMap) +// EnrichmentDomainWhois whois information for a given domain and associated metadata +type EnrichmentDomainWhois struct { + autorest.Response `json:"-"` + // Domain - The domain for this whois record + Domain *string `json:"domain,omitempty"` + // Server - The hostname of this registrar's whois server + Server *string `json:"server,omitempty"` + // Created - The timestamp at which this record was created + Created *date.Time `json:"created,omitempty"` + // Updated - The timestamp at which this record was last updated + Updated *date.Time `json:"updated,omitempty"` + // Expires - The timestamp at which this record will expire + Expires *date.Time `json:"expires,omitempty"` + // ParsedWhois - The whois record for a given domain + ParsedWhois *EnrichmentDomainWhoisDetails `json:"parsedWhois,omitempty"` } -// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { - return nil, false +// EnrichmentDomainWhoisContact an individual contact associated with this domain +type EnrichmentDomainWhoisContact struct { + // Name - The name of this contact + Name *string `json:"name,omitempty"` + // Org - The organization for this contact + Org *string `json:"org,omitempty"` + // Street - A list describing the street address for this contact + Street *[]string `json:"street,omitempty"` + // City - The city for this contact + City *string `json:"city,omitempty"` + // State - The state for this contact + State *string `json:"state,omitempty"` + // Postal - The postal code for this contact + Postal *string `json:"postal,omitempty"` + // Country - The country for this contact + Country *string `json:"country,omitempty"` + // Phone - The phone number for this contact + Phone *string `json:"phone,omitempty"` + // Fax - The fax number for this contact + Fax *string `json:"fax,omitempty"` + // Email - The email address for this contact + Email *string `json:"email,omitempty"` } -// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { - return nil, false +// EnrichmentDomainWhoisContacts the set of contacts associated with this domain +type EnrichmentDomainWhoisContacts struct { + // Admin - The admin contact for this whois record + Admin *EnrichmentDomainWhoisContact `json:"admin,omitempty"` + // Billing - The billing contact for this whois record + Billing *EnrichmentDomainWhoisContact `json:"billing,omitempty"` + // Registrant - The registrant contact for this whois record + Registrant *EnrichmentDomainWhoisContact `json:"registrant,omitempty"` + // Tech - The technical contact for this whois record + Tech *EnrichmentDomainWhoisContact `json:"tech,omitempty"` +} + +// EnrichmentDomainWhoisDetails the whois record for a given domain +type EnrichmentDomainWhoisDetails struct { + // Registrar - The registrar associated with this domain + Registrar *EnrichmentDomainWhoisRegistrarDetails `json:"registrar,omitempty"` + // Contacts - The set of contacts associated with this domain + Contacts *EnrichmentDomainWhoisContacts `json:"contacts,omitempty"` + // NameServers - A list of name servers associated with this domain + NameServers *[]string `json:"nameServers,omitempty"` + // Statuses - The set of status flags for this whois record + Statuses *[]string `json:"statuses,omitempty"` +} + +// EnrichmentDomainWhoisRegistrarDetails the registrar associated with this domain +type EnrichmentDomainWhoisRegistrarDetails struct { + // Name - The name of this registrar + Name *string `json:"name,omitempty"` + // AbuseContactEmail - This registrar's abuse contact email + AbuseContactEmail *string `json:"abuseContactEmail,omitempty"` + // AbuseContactPhone - This registrar's abuse contact phone number + AbuseContactPhone *string `json:"abuseContactPhone,omitempty"` + // IanaID - This registrar's Internet Assigned Numbers Authority id + IanaID *string `json:"ianaId,omitempty"` + // URL - This registrar's URL + URL *string `json:"url,omitempty"` + // WhoisServer - The hostname of this registrar's whois server + WhoisServer *string `json:"whoisServer,omitempty"` } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return nil, false +// EnrichmentIPGeodata geodata information for a given IP address +type EnrichmentIPGeodata struct { + autorest.Response `json:"-"` + // Asn - The autonomous system number associated with this IP address + Asn *string `json:"asn,omitempty"` + // Carrier - The name of the carrier for this IP address + Carrier *string `json:"carrier,omitempty"` + // City - The city this IP address is located in + City *string `json:"city,omitempty"` + // CityCf - A numeric rating of confidence that the value in the 'city' field is correct, on a scale of 0-100 + CityCf *int32 `json:"cityCf,omitempty"` + // Continent - The continent this IP address is located on + Continent *string `json:"continent,omitempty"` + // Country - The county this IP address is located in + Country *string `json:"country,omitempty"` + // CountryCf - A numeric rating of confidence that the value in the 'country' field is correct on a scale of 0-100 + CountryCf *int32 `json:"countryCf,omitempty"` + // IPAddr - The dotted-decimal or colon-separated string representation of the IP address + IPAddr *string `json:"ipAddr,omitempty"` + // IPRoutingType - A description of the connection type of this IP address + IPRoutingType *string `json:"ipRoutingType,omitempty"` + // Latitude - The latitude of this IP address + Latitude *string `json:"latitude,omitempty"` + // Longitude - The longitude of this IP address + Longitude *string `json:"longitude,omitempty"` + // Organization - The name of the organization for this IP address + Organization *string `json:"organization,omitempty"` + // OrganizationType - The type of the organization for this IP address + OrganizationType *string `json:"organizationType,omitempty"` + // Region - The geographic region this IP address is located in + Region *string `json:"region,omitempty"` + // State - The state this IP address is located in + State *string `json:"state,omitempty"` + // StateCf - A numeric rating of confidence that the value in the 'state' field is correct on a scale of 0-100 + StateCf *int32 `json:"stateCf,omitempty"` + // StateCode - The abbreviated name for the state this IP address is located in + StateCode *string `json:"stateCode,omitempty"` } -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false +// BasicEntity specific entity. +type BasicEntity interface { + AsURLEntity() (*URLEntity, bool) + AsSubmissionMailEntity() (*SubmissionMailEntity, bool) + AsSecurityGroupEntity() (*SecurityGroupEntity, bool) + AsSecurityAlert() (*SecurityAlert, bool) + AsRegistryValueEntity() (*RegistryValueEntity, bool) + AsRegistryKeyEntity() (*RegistryKeyEntity, bool) + AsProcessEntity() (*ProcessEntity, bool) + AsMalwareEntity() (*MalwareEntity, bool) + AsMailMessageEntity() (*MailMessageEntity, bool) + AsMailClusterEntity() (*MailClusterEntity, bool) + AsMailboxEntity() (*MailboxEntity, bool) + AsIPEntity() (*IPEntity, bool) + AsIoTDeviceEntity() (*IoTDeviceEntity, bool) + AsHuntingBookmark() (*HuntingBookmark, bool) + AsHostEntity() (*HostEntity, bool) + AsFileHashEntity() (*FileHashEntity, bool) + AsFileEntity() (*FileEntity, bool) + AsDNSEntity() (*DNSEntity, bool) + AsCloudApplicationEntity() (*CloudApplicationEntity, bool) + AsAzureResourceEntity() (*AzureResourceEntity, bool) + AsAccountEntity() (*AccountEntity, bool) + AsEntity() (*Entity, bool) } -// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { - return nil, false +// Entity specific entity. +type Entity struct { + autorest.Response `json:"-"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { - return nil, false +func unmarshalBasicEntity(body []byte) (BasicEntity, error) { + var m map[string]interface{} + err := json.Unmarshal(body, &m) + if err != nil { + return nil, err + } + + switch m["kind"] { + case string(KindBasicEntityKindURL): + var ue URLEntity + err := json.Unmarshal(body, &ue) + return ue, err + case string(KindBasicEntityKindSubmissionMail): + var sme SubmissionMailEntity + err := json.Unmarshal(body, &sme) + return sme, err + case string(KindBasicEntityKindSecurityGroup): + var sge SecurityGroupEntity + err := json.Unmarshal(body, &sge) + return sge, err + case string(KindBasicEntityKindSecurityAlert): + var sa SecurityAlert + err := json.Unmarshal(body, &sa) + return sa, err + case string(KindBasicEntityKindRegistryValue): + var rve RegistryValueEntity + err := json.Unmarshal(body, &rve) + return rve, err + case string(KindBasicEntityKindRegistryKey): + var rke RegistryKeyEntity + err := json.Unmarshal(body, &rke) + return rke, err + case string(KindBasicEntityKindProcess): + var peVar ProcessEntity + err := json.Unmarshal(body, &peVar) + return peVar, err + case string(KindBasicEntityKindMalware): + var me MalwareEntity + err := json.Unmarshal(body, &me) + return me, err + case string(KindBasicEntityKindMailMessage): + var mme MailMessageEntity + err := json.Unmarshal(body, &mme) + return mme, err + case string(KindBasicEntityKindMailCluster): + var mce MailClusterEntity + err := json.Unmarshal(body, &mce) + return mce, err + case string(KindBasicEntityKindMailbox): + var me MailboxEntity + err := json.Unmarshal(body, &me) + return me, err + case string(KindBasicEntityKindIP): + var ie IPEntity + err := json.Unmarshal(body, &ie) + return ie, err + case string(KindBasicEntityKindIoTDevice): + var itde IoTDeviceEntity + err := json.Unmarshal(body, &itde) + return itde, err + case string(KindBasicEntityKindBookmark): + var hb HuntingBookmark + err := json.Unmarshal(body, &hb) + return hb, err + case string(KindBasicEntityKindHost): + var he HostEntity + err := json.Unmarshal(body, &he) + return he, err + case string(KindBasicEntityKindFileHash): + var fhe FileHashEntity + err := json.Unmarshal(body, &fhe) + return fhe, err + case string(KindBasicEntityKindFile): + var fe FileEntity + err := json.Unmarshal(body, &fe) + return fe, err + case string(KindBasicEntityKindDNSResolution): + var de DNSEntity + err := json.Unmarshal(body, &de) + return de, err + case string(KindBasicEntityKindCloudApplication): + var cae CloudApplicationEntity + err := json.Unmarshal(body, &cae) + return cae, err + case string(KindBasicEntityKindAzureResource): + var are AzureResourceEntity + err := json.Unmarshal(body, &are) + return are, err + case string(KindBasicEntityKindAccount): + var ae AccountEntity + err := json.Unmarshal(body, &ae) + return ae, err + default: + var e Entity + err := json.Unmarshal(body, &e) + return e, err + } } +func unmarshalBasicEntityArray(body []byte) ([]BasicEntity, error) { + var rawMessages []*json.RawMessage + err := json.Unmarshal(body, &rawMessages) + if err != nil { + return nil, err + } -// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { - return &d3cr, true + eArray := make([]BasicEntity, len(rawMessages)) + + for index, rawMessage := range rawMessages { + e, err := unmarshalBasicEntity(*rawMessage) + if err != nil { + return nil, err + } + eArray[index] = e + } + return eArray, nil } -// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { +// MarshalJSON is the custom marshaler for Entity. +func (e Entity) MarshalJSON() ([]byte, error) { + e.Kind = KindBasicEntityKindEntity + objectMap := make(map[string]interface{}) + if e.Kind != "" { + objectMap["kind"] = e.Kind + } + return json.Marshal(objectMap) +} + +// AsURLEntity is the BasicEntity implementation for Entity. +func (e Entity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for Entity. +func (e Entity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for Entity. +func (e Entity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { +// AsSecurityAlert is the BasicEntity implementation for Entity. +func (e Entity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for Entity. +func (e Entity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for Entity. +func (e Entity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for Dynamics365CheckRequirements. -func (d3cr Dynamics365CheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { - return &d3cr, true +// AsProcessEntity is the BasicEntity implementation for Entity. +func (e Entity) AsProcessEntity() (*ProcessEntity, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for Dynamics365CheckRequirements struct. -func (d3cr *Dynamics365CheckRequirements) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var dynamics365CheckRequirementsProperties Dynamics365CheckRequirementsProperties - err = json.Unmarshal(*v, &dynamics365CheckRequirementsProperties) - if err != nil { - return err - } - d3cr.Dynamics365CheckRequirementsProperties = &dynamics365CheckRequirementsProperties - } - case "kind": - if v != nil { - var kind KindBasicDataConnectorsCheckRequirements - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - d3cr.Kind = kind - } - } - } - - return nil +// AsMalwareEntity is the BasicEntity implementation for Entity. +func (e Entity) AsMalwareEntity() (*MalwareEntity, bool) { + return nil, false } -// Dynamics365CheckRequirementsProperties dynamics365 requirements check properties. -type Dynamics365CheckRequirementsProperties struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` +// AsMailMessageEntity is the BasicEntity implementation for Entity. +func (e Entity) AsMailMessageEntity() (*MailMessageEntity, bool) { + return nil, false } -// Dynamics365DataConnector represents Dynamics365 data connector. -type Dynamics365DataConnector struct { - // Dynamics365DataConnectorProperties - Dynamics365 data connector properties. - *Dynamics365DataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` +// AsMailClusterEntity is the BasicEntity implementation for Entity. +func (e Entity) AsMailClusterEntity() (*MailClusterEntity, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) MarshalJSON() ([]byte, error) { - d3dc.Kind = KindBasicDataConnectorKindDynamics365 - objectMap := make(map[string]interface{}) - if d3dc.Dynamics365DataConnectorProperties != nil { - objectMap["properties"] = d3dc.Dynamics365DataConnectorProperties - } - if d3dc.Etag != nil { - objectMap["etag"] = d3dc.Etag - } - if d3dc.Kind != "" { - objectMap["kind"] = d3dc.Kind - } - return json.Marshal(objectMap) +// AsMailboxEntity is the BasicEntity implementation for Entity. +func (e Entity) AsMailboxEntity() (*MailboxEntity, bool) { + return nil, false } -// AsAADDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsAADDataConnector() (*AADDataConnector, bool) { +// AsIPEntity is the BasicEntity implementation for Entity. +func (e Entity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsAATPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for Entity. +func (e Entity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsMSTIDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { +// AsHuntingBookmark is the BasicEntity implementation for Entity. +func (e Entity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMTPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { +// AsHostEntity is the BasicEntity implementation for Entity. +func (e Entity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsASCDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { +// AsFileHashEntity is the BasicEntity implementation for Entity. +func (e Entity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { +// AsFileEntity is the BasicEntity implementation for Entity. +func (e Entity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsDynamics365DataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { - return &d3dc, true +// AsDNSEntity is the BasicEntity implementation for Entity. +func (e Entity) AsDNSEntity() (*DNSEntity, bool) { + return nil, false } -// AsMCASDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for Entity. +func (e Entity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for Entity. +func (e Entity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsOfficeATPDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { +// AsAccountEntity is the BasicEntity implementation for Entity. +func (e Entity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } -// AsOfficeDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { +// AsEntity is the BasicEntity implementation for Entity. +func (e Entity) AsEntity() (*Entity, bool) { + return &e, true +} + +// AsBasicEntity is the BasicEntity implementation for Entity. +func (e Entity) AsBasicEntity() (BasicEntity, bool) { + return &e, true +} + +// EntityAnalytics settings with single toggle. +type EntityAnalytics struct { + // EntityAnalyticsProperties - EntityAnalytics properties + *EntityAnalyticsProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindAnomalies', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' + Kind KindBasicSettings `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for EntityAnalytics. +func (ea EntityAnalytics) MarshalJSON() ([]byte, error) { + ea.Kind = KindBasicSettingsKindEntityAnalytics + objectMap := make(map[string]interface{}) + if ea.EntityAnalyticsProperties != nil { + objectMap["properties"] = ea.EntityAnalyticsProperties + } + if ea.Kind != "" { + objectMap["kind"] = ea.Kind + } + if ea.Etag != nil { + objectMap["etag"] = ea.Etag + } + return json.Marshal(objectMap) +} + +// AsAnomalies is the BasicSettings implementation for EntityAnalytics. +func (ea EntityAnalytics) AsAnomalies() (*Anomalies, bool) { return nil, false } -// AsTIDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsTIDataConnector() (*TIDataConnector, bool) { +// AsEyesOn is the BasicSettings implementation for EntityAnalytics. +func (ea EntityAnalytics) AsEyesOn() (*EyesOn, bool) { return nil, false } -// AsTiTaxiiDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { +// AsEntityAnalytics is the BasicSettings implementation for EntityAnalytics. +func (ea EntityAnalytics) AsEntityAnalytics() (*EntityAnalytics, bool) { + return &ea, true +} + +// AsUeba is the BasicSettings implementation for EntityAnalytics. +func (ea EntityAnalytics) AsUeba() (*Ueba, bool) { return nil, false } -// AsDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsDataConnector() (*DataConnector, bool) { +// AsSettings is the BasicSettings implementation for EntityAnalytics. +func (ea EntityAnalytics) AsSettings() (*Settings, bool) { return nil, false } -// AsBasicDataConnector is the BasicDataConnector implementation for Dynamics365DataConnector. -func (d3dc Dynamics365DataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &d3dc, true +// AsBasicSettings is the BasicSettings implementation for EntityAnalytics. +func (ea EntityAnalytics) AsBasicSettings() (BasicSettings, bool) { + return &ea, true } -// UnmarshalJSON is the custom unmarshaler for Dynamics365DataConnector struct. -func (d3dc *Dynamics365DataConnector) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for EntityAnalytics struct. +func (ea *EntityAnalytics) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -6633,12 +8166,30 @@ func (d3dc *Dynamics365DataConnector) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var dynamics365DataConnectorProperties Dynamics365DataConnectorProperties - err = json.Unmarshal(*v, &dynamics365DataConnectorProperties) + var entityAnalyticsProperties EntityAnalyticsProperties + err = json.Unmarshal(*v, &entityAnalyticsProperties) if err != nil { return err } - d3dc.Dynamics365DataConnectorProperties = &dynamics365DataConnectorProperties + ea.EntityAnalyticsProperties = &entityAnalyticsProperties + } + case "kind": + if v != nil { + var kind KindBasicSettings + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + ea.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + ea.Etag = &etag } case "id": if v != nil { @@ -6647,7 +8198,7 @@ func (d3dc *Dynamics365DataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - d3dc.ID = &ID + ea.ID = &ID } case "name": if v != nil { @@ -6656,7 +8207,7 @@ func (d3dc *Dynamics365DataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - d3dc.Name = &name + ea.Name = &name } case "type": if v != nil { @@ -6665,25 +8216,16 @@ func (d3dc *Dynamics365DataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - d3dc.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - d3dc.Etag = &etag + ea.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - d3dc.Kind = kind + ea.SystemData = &systemData } } } @@ -6691,610 +8233,599 @@ func (d3dc *Dynamics365DataConnector) UnmarshalJSON(body []byte) error { return nil } -// Dynamics365DataConnectorDataTypes the available data types for Dynamics365 data connector. -type Dynamics365DataConnectorDataTypes struct { - // Dynamics365CdsActivities - Common Data Service data type connection. - Dynamics365CdsActivities *Dynamics365DataConnectorDataTypesDynamics365CdsActivities `json:"dynamics365CdsActivities,omitempty"` +// EntityAnalyticsProperties entityAnalytics property bag. +type EntityAnalyticsProperties struct { + // IsEnabled - READ-ONLY; Determines whether the setting is enable or disabled. + IsEnabled *bool `json:"isEnabled,omitempty"` } -// Dynamics365DataConnectorDataTypesDynamics365CdsActivities common Data Service data type connection. -type Dynamics365DataConnectorDataTypesDynamics365CdsActivities struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' - State DataTypeState `json:"state,omitempty"` +// MarshalJSON is the custom marshaler for EntityAnalyticsProperties. +func (eap EntityAnalyticsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) } -// Dynamics365DataConnectorProperties dynamics365 data connector properties. -type Dynamics365DataConnectorProperties struct { - // DataTypes - The available data types for the connector. - DataTypes *Dynamics365DataConnectorDataTypes `json:"dataTypes,omitempty"` - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` +// EntityCommonProperties entity common property bag. +type EntityCommonProperties struct { + // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` + // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + FriendlyName *string `json:"friendlyName,omitempty"` } -// BasicEntity specific entity. -type BasicEntity interface { - AsAccountEntity() (*AccountEntity, bool) - AsAzureResourceEntity() (*AzureResourceEntity, bool) - AsCloudApplicationEntity() (*CloudApplicationEntity, bool) - AsDNSEntity() (*DNSEntity, bool) - AsFileEntity() (*FileEntity, bool) - AsFileHashEntity() (*FileHashEntity, bool) - AsHostEntity() (*HostEntity, bool) - AsHuntingBookmark() (*HuntingBookmark, bool) - AsSecurityAlert() (*SecurityAlert, bool) - AsIPEntity() (*IPEntity, bool) - AsMailboxEntity() (*MailboxEntity, bool) - AsMailClusterEntity() (*MailClusterEntity, bool) - AsMailMessageEntity() (*MailMessageEntity, bool) - AsSubmissionMailEntity() (*SubmissionMailEntity, bool) - AsMalwareEntity() (*MalwareEntity, bool) - AsProcessEntity() (*ProcessEntity, bool) - AsRegistryKeyEntity() (*RegistryKeyEntity, bool) - AsRegistryValueEntity() (*RegistryValueEntity, bool) - AsSecurityGroupEntity() (*SecurityGroupEntity, bool) - AsURLEntity() (*URLEntity, bool) - AsIoTDeviceEntity() (*IoTDeviceEntity, bool) - AsEntity() (*Entity, bool) -} - -// Entity specific entity. -type Entity struct { - autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -func unmarshalBasicEntity(body []byte) (BasicEntity, error) { - var m map[string]interface{} - err := json.Unmarshal(body, &m) - if err != nil { - return nil, err - } - - switch m["kind"] { - case string(KindBasicEntityKindAccount): - var ae AccountEntity - err := json.Unmarshal(body, &ae) - return ae, err - case string(KindBasicEntityKindAzureResource): - var are AzureResourceEntity - err := json.Unmarshal(body, &are) - return are, err - case string(KindBasicEntityKindCloudApplication): - var cae CloudApplicationEntity - err := json.Unmarshal(body, &cae) - return cae, err - case string(KindBasicEntityKindDNSResolution): - var de DNSEntity - err := json.Unmarshal(body, &de) - return de, err - case string(KindBasicEntityKindFile): - var fe FileEntity - err := json.Unmarshal(body, &fe) - return fe, err - case string(KindBasicEntityKindFileHash): - var fhe FileHashEntity - err := json.Unmarshal(body, &fhe) - return fhe, err - case string(KindBasicEntityKindHost): - var he HostEntity - err := json.Unmarshal(body, &he) - return he, err - case string(KindBasicEntityKindBookmark): - var hb HuntingBookmark - err := json.Unmarshal(body, &hb) - return hb, err - case string(KindBasicEntityKindSecurityAlert): - var sa SecurityAlert - err := json.Unmarshal(body, &sa) - return sa, err - case string(KindBasicEntityKindIP): - var ie IPEntity - err := json.Unmarshal(body, &ie) - return ie, err - case string(KindBasicEntityKindMailbox): - var me MailboxEntity - err := json.Unmarshal(body, &me) - return me, err - case string(KindBasicEntityKindMailCluster): - var mce MailClusterEntity - err := json.Unmarshal(body, &mce) - return mce, err - case string(KindBasicEntityKindMailMessage): - var mme MailMessageEntity - err := json.Unmarshal(body, &mme) - return mme, err - case string(KindBasicEntityKindSubmissionMail): - var sme SubmissionMailEntity - err := json.Unmarshal(body, &sme) - return sme, err - case string(KindBasicEntityKindMalware): - var me MalwareEntity - err := json.Unmarshal(body, &me) - return me, err - case string(KindBasicEntityKindProcess): - var peVar ProcessEntity - err := json.Unmarshal(body, &peVar) - return peVar, err - case string(KindBasicEntityKindRegistryKey): - var rke RegistryKeyEntity - err := json.Unmarshal(body, &rke) - return rke, err - case string(KindBasicEntityKindRegistryValue): - var rve RegistryValueEntity - err := json.Unmarshal(body, &rve) - return rve, err - case string(KindBasicEntityKindSecurityGroup): - var sge SecurityGroupEntity - err := json.Unmarshal(body, &sge) - return sge, err - case string(KindBasicEntityKindURL): - var ue URLEntity - err := json.Unmarshal(body, &ue) - return ue, err - case string(KindBasicEntityKindIoTDevice): - var itde IoTDeviceEntity - err := json.Unmarshal(body, &itde) - return itde, err - default: - var e Entity - err := json.Unmarshal(body, &e) - return e, err - } +// MarshalJSON is the custom marshaler for EntityCommonProperties. +func (ecp EntityCommonProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) } -func unmarshalBasicEntityArray(body []byte) ([]BasicEntity, error) { - var rawMessages []*json.RawMessage - err := json.Unmarshal(body, &rawMessages) - if err != nil { - return nil, err - } - - eArray := make([]BasicEntity, len(rawMessages)) - for index, rawMessage := range rawMessages { - e, err := unmarshalBasicEntity(*rawMessage) - if err != nil { - return nil, err - } - eArray[index] = e - } - return eArray, nil +// EntityEdges the edge that connects the entity to the other entity. +type EntityEdges struct { + // TargetEntityID - The target entity Id. + TargetEntityID *string `json:"targetEntityId,omitempty"` + // AdditionalData - A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` } -// MarshalJSON is the custom marshaler for Entity. -func (e Entity) MarshalJSON() ([]byte, error) { - e.Kind = KindBasicEntityKindEntity +// MarshalJSON is the custom marshaler for EntityEdges. +func (ee EntityEdges) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if e.Kind != "" { - objectMap["kind"] = e.Kind + if ee.TargetEntityID != nil { + objectMap["targetEntityId"] = ee.TargetEntityID + } + if ee.AdditionalData != nil { + objectMap["additionalData"] = ee.AdditionalData } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for Entity. -func (e Entity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false +// EntityExpandParameters the parameters required to execute an expand operation on the given entity. +type EntityExpandParameters struct { + // EndTime - The end date filter, so the only expansion results returned are before this date. + EndTime *date.Time `json:"endTime,omitempty"` + // ExpansionID - The Id of the expansion to perform. + ExpansionID *uuid.UUID `json:"expansionId,omitempty"` + // StartTime - The start date filter, so the only expansion results returned are after this date. + StartTime *date.Time `json:"startTime,omitempty"` } -// AsAzureResourceEntity is the BasicEntity implementation for Entity. -func (e Entity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false +// EntityExpandResponse the entity expansion result operation response. +type EntityExpandResponse struct { + autorest.Response `json:"-"` + // MetaData - The metadata from the expansion operation results. + MetaData *ExpansionResultsMetadata `json:"metaData,omitempty"` + // Value - The expansion result values. + Value *EntityExpandResponseValue `json:"value,omitempty"` } -// AsCloudApplicationEntity is the BasicEntity implementation for Entity. -func (e Entity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false +// EntityExpandResponseValue the expansion result values. +type EntityExpandResponseValue struct { + // Entities - Array of the expansion result entities. + Entities *[]BasicEntity `json:"entities,omitempty"` + // Edges - Array of edges that connects the entity to the list of entities. + Edges *[]EntityEdges `json:"edges,omitempty"` } -// AsDNSEntity is the BasicEntity implementation for Entity. -func (e Entity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false +// UnmarshalJSON is the custom unmarshaler for EntityExpandResponseValue struct. +func (eer *EntityExpandResponseValue) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "entities": + if v != nil { + entities, err := unmarshalBasicEntityArray(*v) + if err != nil { + return err + } + eer.Entities = &entities + } + case "edges": + if v != nil { + var edges []EntityEdges + err = json.Unmarshal(*v, &edges) + if err != nil { + return err + } + eer.Edges = &edges + } + } + } + + return nil } -// AsFileEntity is the BasicEntity implementation for Entity. -func (e Entity) AsFileEntity() (*FileEntity, bool) { - return nil, false +// EntityGetInsightsParameters the parameters required to execute insights operation on the given entity. +type EntityGetInsightsParameters struct { + // StartTime - The start timeline date, so the results returned are after this date. + StartTime *date.Time `json:"startTime,omitempty"` + // EndTime - The end timeline date, so the results returned are before this date. + EndTime *date.Time `json:"endTime,omitempty"` + // AddDefaultExtendedTimeRange - Indicates if query time range should be extended with default time range of the query. Default value is false + AddDefaultExtendedTimeRange *bool `json:"addDefaultExtendedTimeRange,omitempty"` + // InsightQueryIds - List of Insights Query Id. If empty, default value is all insights of this entity + InsightQueryIds *[]uuid.UUID `json:"insightQueryIds,omitempty"` } -// AsFileHashEntity is the BasicEntity implementation for Entity. -func (e Entity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false +// EntityGetInsightsResponse the Get Insights result operation response. +type EntityGetInsightsResponse struct { + autorest.Response `json:"-"` + // MetaData - The metadata from the get insights operation results. + MetaData *GetInsightsResultsMetadata `json:"metaData,omitempty"` + // Value - The insights result values. + Value *[]EntityInsightItem `json:"value,omitempty"` } -// AsHostEntity is the BasicEntity implementation for Entity. -func (e Entity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsHuntingBookmark is the BasicEntity implementation for Entity. -func (e Entity) AsHuntingBookmark() (*HuntingBookmark, bool) { - return nil, false +// EntityInsightItem entity insight Item. +type EntityInsightItem struct { + // QueryID - The query id of the insight + QueryID *string `json:"queryId,omitempty"` + // QueryTimeInterval - The Time interval that the query actually executed on. + QueryTimeInterval *EntityInsightItemQueryTimeInterval `json:"queryTimeInterval,omitempty"` + // TableQueryResults - Query results for table insights query. + TableQueryResults *InsightsTableResult `json:"tableQueryResults,omitempty"` + // ChartQueryResults - Query results for table insights query. + ChartQueryResults *[]InsightsTableResult `json:"chartQueryResults,omitempty"` } -// AsSecurityAlert is the BasicEntity implementation for Entity. -func (e Entity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false +// EntityInsightItemQueryTimeInterval the Time interval that the query actually executed on. +type EntityInsightItemQueryTimeInterval struct { + // StartTime - Insight query start time + StartTime *date.Time `json:"startTime,omitempty"` + // EndTime - Insight query end time + EndTime *date.Time `json:"endTime,omitempty"` } -// AsIPEntity is the BasicEntity implementation for Entity. -func (e Entity) AsIPEntity() (*IPEntity, bool) { - return nil, false +// EntityList list of all the entities. +type EntityList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of entities. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of entities. + Value *[]BasicEntity `json:"value,omitempty"` } -// AsMailboxEntity is the BasicEntity implementation for Entity. -func (e Entity) AsMailboxEntity() (*MailboxEntity, bool) { - return nil, false +// MarshalJSON is the custom marshaler for EntityList. +func (el EntityList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if el.Value != nil { + objectMap["value"] = el.Value + } + return json.Marshal(objectMap) } -// AsMailClusterEntity is the BasicEntity implementation for Entity. -func (e Entity) AsMailClusterEntity() (*MailClusterEntity, bool) { - return nil, false -} +// UnmarshalJSON is the custom unmarshaler for EntityList struct. +func (el *EntityList) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "nextLink": + if v != nil { + var nextLink string + err = json.Unmarshal(*v, &nextLink) + if err != nil { + return err + } + el.NextLink = &nextLink + } + case "value": + if v != nil { + value, err := unmarshalBasicEntityArray(*v) + if err != nil { + return err + } + el.Value = &value + } + } + } -// AsMailMessageEntity is the BasicEntity implementation for Entity. -func (e Entity) AsMailMessageEntity() (*MailMessageEntity, bool) { - return nil, false + return nil } -// AsSubmissionMailEntity is the BasicEntity implementation for Entity. -func (e Entity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { - return nil, false +// EntityListIterator provides access to a complete listing of Entity values. +type EntityListIterator struct { + i int + page EntityListPage } -// AsMalwareEntity is the BasicEntity implementation for Entity. -func (e Entity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *EntityListIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityListIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil } -// AsProcessEntity is the BasicEntity implementation for Entity. -func (e Entity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *EntityListIterator) Next() error { + return iter.NextWithContext(context.Background()) } -// AsRegistryKeyEntity is the BasicEntity implementation for Entity. -func (e Entity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter EntityListIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) } -// AsRegistryValueEntity is the BasicEntity implementation for Entity. -func (e Entity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false +// Response returns the raw server response from the last page request. +func (iter EntityListIterator) Response() EntityList { + return iter.page.Response() } -// AsSecurityGroupEntity is the BasicEntity implementation for Entity. -func (e Entity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter EntityListIterator) Value() BasicEntity { + if !iter.page.NotDone() { + return Entity{} + } + return iter.page.Values()[iter.i] } -// AsURLEntity is the BasicEntity implementation for Entity. -func (e Entity) AsURLEntity() (*URLEntity, bool) { - return nil, false +// Creates a new instance of the EntityListIterator type. +func NewEntityListIterator(page EntityListPage) EntityListIterator { + return EntityListIterator{page: page} } -// AsIoTDeviceEntity is the BasicEntity implementation for Entity. -func (e Entity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false +// IsEmpty returns true if the ListResult contains no values. +func (el EntityList) IsEmpty() bool { + return el.Value == nil || len(*el.Value) == 0 } -// AsEntity is the BasicEntity implementation for Entity. -func (e Entity) AsEntity() (*Entity, bool) { - return &e, true +// hasNextLink returns true if the NextLink is not empty. +func (el EntityList) hasNextLink() bool { + return el.NextLink != nil && len(*el.NextLink) != 0 } -// AsBasicEntity is the BasicEntity implementation for Entity. -func (e Entity) AsBasicEntity() (BasicEntity, bool) { - return &e, true +// entityListPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (el EntityList) entityListPreparer(ctx context.Context) (*http.Request, error) { + if !el.hasNextLink() { + return nil, nil + } + return autorest.Prepare((&http.Request{}).WithContext(ctx), + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(el.NextLink))) } -// EntityAnalytics settings with single toggle. -type EntityAnalytics struct { - // EntityAnalyticsProperties - EntityAnalytics properties - *EntityAnalyticsProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindIPSyncer', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' - Kind KindBasicSettings `json:"kind,omitempty"` +// EntityListPage contains a page of BasicEntity values. +type EntityListPage struct { + fn func(context.Context, EntityList) (EntityList, error) + el EntityList } -// MarshalJSON is the custom marshaler for EntityAnalytics. -func (ea EntityAnalytics) MarshalJSON() ([]byte, error) { - ea.Kind = KindBasicSettingsKindEntityAnalytics - objectMap := make(map[string]interface{}) - if ea.EntityAnalyticsProperties != nil { - objectMap["properties"] = ea.EntityAnalyticsProperties - } - if ea.Etag != nil { - objectMap["etag"] = ea.Etag +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *EntityListPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityListPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() } - if ea.Kind != "" { - objectMap["kind"] = ea.Kind + for { + next, err := page.fn(ctx, page.el) + if err != nil { + return err + } + page.el = next + if !next.hasNextLink() || !next.IsEmpty() { + break + } } - return json.Marshal(objectMap) + return nil } -// AsIPSyncer is the BasicSettings implementation for EntityAnalytics. -func (ea EntityAnalytics) AsIPSyncer() (*IPSyncer, bool) { - return nil, false +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *EntityListPage) Next() error { + return page.NextWithContext(context.Background()) } -// AsEyesOn is the BasicSettings implementation for EntityAnalytics. -func (ea EntityAnalytics) AsEyesOn() (*EyesOn, bool) { - return nil, false +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page EntityListPage) NotDone() bool { + return !page.el.IsEmpty() } -// AsEntityAnalytics is the BasicSettings implementation for EntityAnalytics. -func (ea EntityAnalytics) AsEntityAnalytics() (*EntityAnalytics, bool) { - return &ea, true +// Response returns the raw server response from the last page request. +func (page EntityListPage) Response() EntityList { + return page.el } -// AsUeba is the BasicSettings implementation for EntityAnalytics. -func (ea EntityAnalytics) AsUeba() (*Ueba, bool) { - return nil, false +// Values returns the slice of values for the current page or nil if there are no values. +func (page EntityListPage) Values() []BasicEntity { + if page.el.IsEmpty() { + return nil + } + return *page.el.Value } -// AsSettings is the BasicSettings implementation for EntityAnalytics. -func (ea EntityAnalytics) AsSettings() (*Settings, bool) { - return nil, false +// Creates a new instance of the EntityListPage type. +func NewEntityListPage(cur EntityList, getNextPage func(context.Context, EntityList) (EntityList, error)) EntityListPage { + return EntityListPage{ + fn: getNextPage, + el: cur, + } } -// AsBasicSettings is the BasicSettings implementation for EntityAnalytics. -func (ea EntityAnalytics) AsBasicSettings() (BasicSettings, bool) { - return &ea, true +// EntityMapping single entity mapping for the alert rule +type EntityMapping struct { + // EntityType - Possible values include: 'EntityMappingTypeAccount', 'EntityMappingTypeHost', 'EntityMappingTypeIP', 'EntityMappingTypeMalware', 'EntityMappingTypeFile', 'EntityMappingTypeProcess', 'EntityMappingTypeCloudApplication', 'EntityMappingTypeDNS', 'EntityMappingTypeAzureResource', 'EntityMappingTypeFileHash', 'EntityMappingTypeRegistryKey', 'EntityMappingTypeRegistryValue', 'EntityMappingTypeSecurityGroup', 'EntityMappingTypeURL', 'EntityMappingTypeMailbox', 'EntityMappingTypeMailCluster', 'EntityMappingTypeMailMessage', 'EntityMappingTypeSubmissionMail' + EntityType EntityMappingType `json:"entityType,omitempty"` + // FieldMappings - array of field mappings for the given entity mapping + FieldMappings *[]FieldMapping `json:"fieldMappings,omitempty"` } -// UnmarshalJSON is the custom unmarshaler for EntityAnalytics struct. -func (ea *EntityAnalytics) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) +// EntityModel ... +type EntityModel struct { + autorest.Response `json:"-"` + Value BasicEntity `json:"value,omitempty"` +} + +// UnmarshalJSON is the custom unmarshaler for EntityModel struct. +func (em *EntityModel) UnmarshalJSON(body []byte) error { + e, err := unmarshalBasicEntity(body) if err != nil { return err } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var entityAnalyticsProperties EntityAnalyticsProperties - err = json.Unmarshal(*v, &entityAnalyticsProperties) - if err != nil { - return err - } - ea.EntityAnalyticsProperties = &entityAnalyticsProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - ea.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - ea.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - ea.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - ea.Etag = &etag - } - case "kind": - if v != nil { - var kind KindBasicSettings - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - ea.Kind = kind - } - } - } + em.Value = e return nil } -// EntityAnalyticsProperties entityAnalytics property bag. -type EntityAnalyticsProperties struct { - // IsEnabled - READ-ONLY; Determines whether the setting is enable or disabled. - IsEnabled *bool `json:"isEnabled,omitempty"` +// BasicEntityQuery specific entity query. +type BasicEntityQuery interface { + AsExpansionEntityQuery() (*ExpansionEntityQuery, bool) + AsActivityEntityQuery() (*ActivityEntityQuery, bool) + AsEntityQuery() (*EntityQuery, bool) } -// MarshalJSON is the custom marshaler for EntityAnalyticsProperties. -func (eap EntityAnalyticsProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// EntityQuery specific entity query. +type EntityQuery struct { + autorest.Response `json:"-"` + // Kind - Possible values include: 'KindBasicEntityQueryKindEntityQuery', 'KindBasicEntityQueryKindExpansion', 'KindBasicEntityQueryKindActivity' + Kind KindBasicEntityQuery `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// EntityCommonProperties entity common property bag. -type EntityCommonProperties struct { - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} +func unmarshalBasicEntityQuery(body []byte) (BasicEntityQuery, error) { + var m map[string]interface{} + err := json.Unmarshal(body, &m) + if err != nil { + return nil, err + } -// MarshalJSON is the custom marshaler for EntityCommonProperties. -func (ecp EntityCommonProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) + switch m["kind"] { + case string(KindBasicEntityQueryKindExpansion): + var eeq ExpansionEntityQuery + err := json.Unmarshal(body, &eeq) + return eeq, err + case string(KindBasicEntityQueryKindActivity): + var aeq ActivityEntityQuery + err := json.Unmarshal(body, &aeq) + return aeq, err + default: + var eq EntityQuery + err := json.Unmarshal(body, &eq) + return eq, err + } } +func unmarshalBasicEntityQueryArray(body []byte) ([]BasicEntityQuery, error) { + var rawMessages []*json.RawMessage + err := json.Unmarshal(body, &rawMessages) + if err != nil { + return nil, err + } -// EntityEdges the edge that connects the entity to the other entity. -type EntityEdges struct { - // TargetEntityID - The target entity Id. - TargetEntityID *string `json:"targetEntityId,omitempty"` - // AdditionalData - A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` + eqArray := make([]BasicEntityQuery, len(rawMessages)) + + for index, rawMessage := range rawMessages { + eq, err := unmarshalBasicEntityQuery(*rawMessage) + if err != nil { + return nil, err + } + eqArray[index] = eq + } + return eqArray, nil } -// MarshalJSON is the custom marshaler for EntityEdges. -func (ee EntityEdges) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for EntityQuery. +func (eq EntityQuery) MarshalJSON() ([]byte, error) { + eq.Kind = KindBasicEntityQueryKindEntityQuery objectMap := make(map[string]interface{}) - if ee.TargetEntityID != nil { - objectMap["targetEntityId"] = ee.TargetEntityID + if eq.Kind != "" { + objectMap["kind"] = eq.Kind } - if ee.AdditionalData != nil { - objectMap["additionalData"] = ee.AdditionalData + if eq.Etag != nil { + objectMap["etag"] = eq.Etag } return json.Marshal(objectMap) } -// EntityExpandParameters the parameters required to execute an expand operation on the given entity. -type EntityExpandParameters struct { - // EndTime - The end date filter, so the only expansion results returned are before this date. - EndTime *date.Time `json:"endTime,omitempty"` - // ExpansionID - The Id of the expansion to perform. - ExpansionID *uuid.UUID `json:"expansionId,omitempty"` - // StartTime - The start date filter, so the only expansion results returned are after this date. - StartTime *date.Time `json:"startTime,omitempty"` +// AsExpansionEntityQuery is the BasicEntityQuery implementation for EntityQuery. +func (eq EntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool) { + return nil, false } -// EntityExpandResponse the entity expansion result operation response. -type EntityExpandResponse struct { - autorest.Response `json:"-"` - // MetaData - The metadata from the expansion operation results. - MetaData *ExpansionResultsMetadata `json:"metaData,omitempty"` - // Value - The expansion result values. - Value *EntityExpandResponseValue `json:"value,omitempty"` +// AsActivityEntityQuery is the BasicEntityQuery implementation for EntityQuery. +func (eq EntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool) { + return nil, false } -// EntityExpandResponseValue the expansion result values. -type EntityExpandResponseValue struct { - // Entities - Array of the expansion result entities. - Entities *[]BasicEntity `json:"entities,omitempty"` - // Edges - Array of edges that connects the entity to the list of entities. - Edges *[]EntityEdges `json:"edges,omitempty"` +// AsEntityQuery is the BasicEntityQuery implementation for EntityQuery. +func (eq EntityQuery) AsEntityQuery() (*EntityQuery, bool) { + return &eq, true } -// UnmarshalJSON is the custom unmarshaler for EntityExpandResponseValue struct. -func (eer *EntityExpandResponseValue) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage +// AsBasicEntityQuery is the BasicEntityQuery implementation for EntityQuery. +func (eq EntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool) { + return &eq, true +} + +// BasicEntityQueryItem an abstract Query item for entity +type BasicEntityQueryItem interface { + AsInsightQueryItem() (*InsightQueryItem, bool) + AsEntityQueryItem() (*EntityQueryItem, bool) +} + +// EntityQueryItem an abstract Query item for entity +type EntityQueryItem struct { + // ID - READ-ONLY; Query Template ARM ID + ID *string `json:"id,omitempty"` + // Name - Query Template ARM Name + Name *string `json:"name,omitempty"` + // Type - ARM Type + Type *string `json:"type,omitempty"` + // Kind - Possible values include: 'KindBasicEntityQueryItemKindEntityQueryItem', 'KindBasicEntityQueryItemKindInsight' + Kind KindBasicEntityQueryItem `json:"kind,omitempty"` +} + +func unmarshalBasicEntityQueryItem(body []byte) (BasicEntityQueryItem, error) { + var m map[string]interface{} err := json.Unmarshal(body, &m) if err != nil { - return err - } - for k, v := range m { - switch k { - case "entities": - if v != nil { - entities, err := unmarshalBasicEntityArray(*v) - if err != nil { - return err - } - eer.Entities = &entities - } - case "edges": - if v != nil { - var edges []EntityEdges - err = json.Unmarshal(*v, &edges) - if err != nil { - return err - } - eer.Edges = &edges - } - } + return nil, err } - return nil + switch m["kind"] { + case string(KindBasicEntityQueryItemKindInsight): + var iqi InsightQueryItem + err := json.Unmarshal(body, &iqi) + return iqi, err + default: + var eqi EntityQueryItem + err := json.Unmarshal(body, &eqi) + return eqi, err + } } +func unmarshalBasicEntityQueryItemArray(body []byte) ([]BasicEntityQueryItem, error) { + var rawMessages []*json.RawMessage + err := json.Unmarshal(body, &rawMessages) + if err != nil { + return nil, err + } -// EntityGetInsightsParameters the parameters required to execute insights operation on the given entity. -type EntityGetInsightsParameters struct { - // StartTime - The start timeline date, so the results returned are after this date. - StartTime *date.Time `json:"startTime,omitempty"` - // EndTime - The end timeline date, so the results returned are before this date. - EndTime *date.Time `json:"endTime,omitempty"` - // AddDefaultExtendedTimeRange - Indicates if query time range should be extended with default time range of the query. Default value is false - AddDefaultExtendedTimeRange *bool `json:"addDefaultExtendedTimeRange,omitempty"` - // InsightQueryIds - List of Insights Query Id. If empty, default value is all insights of this entity - InsightQueryIds *[]uuid.UUID `json:"insightQueryIds,omitempty"` -} + eqiArray := make([]BasicEntityQueryItem, len(rawMessages)) -// EntityGetInsightsResponse the Get Insights result operation response. -type EntityGetInsightsResponse struct { - autorest.Response `json:"-"` - // MetaData - The metadata from the get insights operation results. - MetaData *GetInsightsResultsMetadata `json:"metaData,omitempty"` - // Value - The insights result values. - Value *[]EntityInsightItem `json:"value,omitempty"` + for index, rawMessage := range rawMessages { + eqi, err := unmarshalBasicEntityQueryItem(*rawMessage) + if err != nil { + return nil, err + } + eqiArray[index] = eqi + } + return eqiArray, nil } -// EntityInsightItem entity insight Item. -type EntityInsightItem struct { - // QueryID - The query id of the insight - QueryID *string `json:"queryId,omitempty"` - // QueryTimeInterval - The Time interval that the query actually executed on. - QueryTimeInterval *EntityInsightItemQueryTimeInterval `json:"queryTimeInterval,omitempty"` - // TableQueryResults - Query results for table insights query. - TableQueryResults *InsightsTableResult `json:"tableQueryResults,omitempty"` - // ChartQueryResults - Query results for table insights query. - ChartQueryResults *[]InsightsTableResult `json:"chartQueryResults,omitempty"` +// MarshalJSON is the custom marshaler for EntityQueryItem. +func (eqi EntityQueryItem) MarshalJSON() ([]byte, error) { + eqi.Kind = KindBasicEntityQueryItemKindEntityQueryItem + objectMap := make(map[string]interface{}) + if eqi.Name != nil { + objectMap["name"] = eqi.Name + } + if eqi.Type != nil { + objectMap["type"] = eqi.Type + } + if eqi.Kind != "" { + objectMap["kind"] = eqi.Kind + } + return json.Marshal(objectMap) } -// EntityInsightItemQueryTimeInterval the Time interval that the query actually executed on. -type EntityInsightItemQueryTimeInterval struct { - // StartTime - Insight query start time - StartTime *date.Time `json:"startTime,omitempty"` - // EndTime - Insight query end time - EndTime *date.Time `json:"endTime,omitempty"` +// AsInsightQueryItem is the BasicEntityQueryItem implementation for EntityQueryItem. +func (eqi EntityQueryItem) AsInsightQueryItem() (*InsightQueryItem, bool) { + return nil, false } -// EntityKind1 describes an entity with kind. -type EntityKind1 struct { - // Kind - The kind of the entity. Possible values include: 'EntityKindAccount', 'EntityKindHost', 'EntityKindFile', 'EntityKindAzureResource', 'EntityKindCloudApplication', 'EntityKindDNSResolution', 'EntityKindFileHash', 'EntityKindIP', 'EntityKindMalware', 'EntityKindProcess', 'EntityKindRegistryKey', 'EntityKindRegistryValue', 'EntityKindSecurityGroup', 'EntityKindURL', 'EntityKindIoTDevice', 'EntityKindSecurityAlert', 'EntityKindBookmark', 'EntityKindMailCluster', 'EntityKindMailMessage', 'EntityKindMailbox', 'EntityKindSubmissionMail' - Kind EntityKind `json:"kind,omitempty"` +// AsEntityQueryItem is the BasicEntityQueryItem implementation for EntityQueryItem. +func (eqi EntityQueryItem) AsEntityQueryItem() (*EntityQueryItem, bool) { + return &eqi, true } -// EntityList list of all the entities. -type EntityList struct { +// AsBasicEntityQueryItem is the BasicEntityQueryItem implementation for EntityQueryItem. +func (eqi EntityQueryItem) AsBasicEntityQueryItem() (BasicEntityQueryItem, bool) { + return &eqi, true +} + +// EntityQueryItemProperties an properties abstract Query item for entity +type EntityQueryItemProperties struct { + // DataTypes - Data types for template + DataTypes *[]EntityQueryItemPropertiesDataTypesItem `json:"dataTypes,omitempty"` + // InputEntityType - The type of the entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' + InputEntityType EntityType `json:"inputEntityType,omitempty"` + // RequiredInputFieldsSets - Data types for template + RequiredInputFieldsSets *[][]string `json:"requiredInputFieldsSets,omitempty"` + // EntitiesFilter - The query applied only to entities matching to all filters + EntitiesFilter interface{} `json:"entitiesFilter,omitempty"` +} + +// EntityQueryItemPropertiesDataTypesItem ... +type EntityQueryItemPropertiesDataTypesItem struct { + // DataType - Data type name + DataType *string `json:"dataType,omitempty"` +} + +// EntityQueryList list of all the entity queries. +type EntityQueryList struct { autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of entities. + // NextLink - READ-ONLY; URL to fetch the next set of entity queries. NextLink *string `json:"nextLink,omitempty"` - // Value - Array of entities. - Value *[]BasicEntity `json:"value,omitempty"` + // Value - Array of entity queries. + Value *[]BasicEntityQuery `json:"value,omitempty"` } -// MarshalJSON is the custom marshaler for EntityList. -func (el EntityList) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for EntityQueryList. +func (eql EntityQueryList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if el.Value != nil { - objectMap["value"] = el.Value + if eql.Value != nil { + objectMap["value"] = eql.Value } return json.Marshal(objectMap) } -// UnmarshalJSON is the custom unmarshaler for EntityList struct. -func (el *EntityList) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for EntityQueryList struct. +func (eql *EntityQueryList) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -7309,15 +8840,15 @@ func (el *EntityList) UnmarshalJSON(body []byte) error { if err != nil { return err } - el.NextLink = &nextLink + eql.NextLink = &nextLink } case "value": if v != nil { - value, err := unmarshalBasicEntityArray(*v) + value, err := unmarshalBasicEntityQueryArray(*v) if err != nil { return err } - el.Value = &value + eql.Value = &value } } } @@ -7325,17 +8856,17 @@ func (el *EntityList) UnmarshalJSON(body []byte) error { return nil } -// EntityListIterator provides access to a complete listing of Entity values. -type EntityListIterator struct { +// EntityQueryListIterator provides access to a complete listing of EntityQuery values. +type EntityQueryListIterator struct { i int - page EntityListPage + page EntityQueryListPage } // NextWithContext advances to the next value. If there was an error making // the request the iterator does not advance and the error is returned. -func (iter *EntityListIterator) NextWithContext(ctx context.Context) (err error) { +func (iter *EntityQueryListIterator) NextWithContext(ctx context.Context) (err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityListIterator.NextWithContext") + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryListIterator.NextWithContext") defer func() { sc := -1 if iter.Response().Response.Response != nil { @@ -7360,67 +8891,67 @@ func (iter *EntityListIterator) NextWithContext(ctx context.Context) (err error) // Next advances to the next value. If there was an error making // the request the iterator does not advance and the error is returned. // Deprecated: Use NextWithContext() instead. -func (iter *EntityListIterator) Next() error { +func (iter *EntityQueryListIterator) Next() error { return iter.NextWithContext(context.Background()) } // NotDone returns true if the enumeration should be started or is not yet complete. -func (iter EntityListIterator) NotDone() bool { +func (iter EntityQueryListIterator) NotDone() bool { return iter.page.NotDone() && iter.i < len(iter.page.Values()) } // Response returns the raw server response from the last page request. -func (iter EntityListIterator) Response() EntityList { +func (iter EntityQueryListIterator) Response() EntityQueryList { return iter.page.Response() } // Value returns the current value or a zero-initialized value if the // iterator has advanced beyond the end of the collection. -func (iter EntityListIterator) Value() BasicEntity { +func (iter EntityQueryListIterator) Value() BasicEntityQuery { if !iter.page.NotDone() { - return Entity{} + return EntityQuery{} } return iter.page.Values()[iter.i] } -// Creates a new instance of the EntityListIterator type. -func NewEntityListIterator(page EntityListPage) EntityListIterator { - return EntityListIterator{page: page} +// Creates a new instance of the EntityQueryListIterator type. +func NewEntityQueryListIterator(page EntityQueryListPage) EntityQueryListIterator { + return EntityQueryListIterator{page: page} } // IsEmpty returns true if the ListResult contains no values. -func (el EntityList) IsEmpty() bool { - return el.Value == nil || len(*el.Value) == 0 +func (eql EntityQueryList) IsEmpty() bool { + return eql.Value == nil || len(*eql.Value) == 0 } // hasNextLink returns true if the NextLink is not empty. -func (el EntityList) hasNextLink() bool { - return el.NextLink != nil && len(*el.NextLink) != 0 +func (eql EntityQueryList) hasNextLink() bool { + return eql.NextLink != nil && len(*eql.NextLink) != 0 } -// entityListPreparer prepares a request to retrieve the next set of results. +// entityQueryListPreparer prepares a request to retrieve the next set of results. // It returns nil if no more results exist. -func (el EntityList) entityListPreparer(ctx context.Context) (*http.Request, error) { - if !el.hasNextLink() { +func (eql EntityQueryList) entityQueryListPreparer(ctx context.Context) (*http.Request, error) { + if !eql.hasNextLink() { return nil, nil } return autorest.Prepare((&http.Request{}).WithContext(ctx), autorest.AsJSON(), autorest.AsGet(), - autorest.WithBaseURL(to.String(el.NextLink))) + autorest.WithBaseURL(to.String(eql.NextLink))) } -// EntityListPage contains a page of BasicEntity values. -type EntityListPage struct { - fn func(context.Context, EntityList) (EntityList, error) - el EntityList +// EntityQueryListPage contains a page of BasicEntityQuery values. +type EntityQueryListPage struct { + fn func(context.Context, EntityQueryList) (EntityQueryList, error) + eql EntityQueryList } // NextWithContext advances to the next page of values. If there was an error making // the request the page does not advance and the error is returned. -func (page *EntityListPage) NextWithContext(ctx context.Context) (err error) { +func (page *EntityQueryListPage) NextWithContext(ctx context.Context) (err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityListPage.NextWithContext") + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryListPage.NextWithContext") defer func() { sc := -1 if page.Response().Response.Response != nil { @@ -7430,11 +8961,11 @@ func (page *EntityListPage) NextWithContext(ctx context.Context) (err error) { }() } for { - next, err := page.fn(ctx, page.el) + next, err := page.fn(ctx, page.eql) if err != nil { return err } - page.el = next + page.eql = next if !next.hasNextLink() || !next.IsEmpty() { break } @@ -7445,75 +8976,75 @@ func (page *EntityListPage) NextWithContext(ctx context.Context) (err error) { // Next advances to the next page of values. If there was an error making // the request the page does not advance and the error is returned. // Deprecated: Use NextWithContext() instead. -func (page *EntityListPage) Next() error { +func (page *EntityQueryListPage) Next() error { return page.NextWithContext(context.Background()) } // NotDone returns true if the page enumeration should be started or is not yet complete. -func (page EntityListPage) NotDone() bool { - return !page.el.IsEmpty() +func (page EntityQueryListPage) NotDone() bool { + return !page.eql.IsEmpty() } // Response returns the raw server response from the last page request. -func (page EntityListPage) Response() EntityList { - return page.el +func (page EntityQueryListPage) Response() EntityQueryList { + return page.eql } // Values returns the slice of values for the current page or nil if there are no values. -func (page EntityListPage) Values() []BasicEntity { - if page.el.IsEmpty() { +func (page EntityQueryListPage) Values() []BasicEntityQuery { + if page.eql.IsEmpty() { return nil } - return *page.el.Value + return *page.eql.Value } -// Creates a new instance of the EntityListPage type. -func NewEntityListPage(cur EntityList, getNextPage func(context.Context, EntityList) (EntityList, error)) EntityListPage { - return EntityListPage{ - fn: getNextPage, - el: cur, +// Creates a new instance of the EntityQueryListPage type. +func NewEntityQueryListPage(cur EntityQueryList, getNextPage func(context.Context, EntityQueryList) (EntityQueryList, error)) EntityQueryListPage { + return EntityQueryListPage{ + fn: getNextPage, + eql: cur, } } -// EntityModel ... -type EntityModel struct { +// EntityQueryModel ... +type EntityQueryModel struct { autorest.Response `json:"-"` - Value BasicEntity `json:"value,omitempty"` + Value BasicEntityQuery `json:"value,omitempty"` } -// UnmarshalJSON is the custom unmarshaler for EntityModel struct. -func (em *EntityModel) UnmarshalJSON(body []byte) error { - e, err := unmarshalBasicEntity(body) +// UnmarshalJSON is the custom unmarshaler for EntityQueryModel struct. +func (eqm *EntityQueryModel) UnmarshalJSON(body []byte) error { + eq, err := unmarshalBasicEntityQuery(body) if err != nil { return err } - em.Value = e + eqm.Value = eq return nil } -// BasicEntityQuery specific entity query. -type BasicEntityQuery interface { - AsExpansionEntityQuery() (*ExpansionEntityQuery, bool) - AsEntityQuery() (*EntityQuery, bool) +// BasicEntityQueryTemplate specific entity query template. +type BasicEntityQueryTemplate interface { + AsActivityEntityQueryTemplate() (*ActivityEntityQueryTemplate, bool) + AsEntityQueryTemplate() (*EntityQueryTemplate, bool) } -// EntityQuery specific entity query. -type EntityQuery struct { +// EntityQueryTemplate specific entity query template. +type EntityQueryTemplate struct { autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityQueryTemplateKindEntityQueryTemplate', 'KindBasicEntityQueryTemplateKindActivity' + Kind KindBasicEntityQueryTemplate `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicEntityQueryKindEntityQuery', 'KindBasicEntityQueryKindExpansion' - Kind KindBasicEntityQuery `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -func unmarshalBasicEntityQuery(body []byte) (BasicEntityQuery, error) { +func unmarshalBasicEntityQueryTemplate(body []byte) (BasicEntityQueryTemplate, error) { var m map[string]interface{} err := json.Unmarshal(body, &m) if err != nil { @@ -7521,134 +9052,80 @@ func unmarshalBasicEntityQuery(body []byte) (BasicEntityQuery, error) { } switch m["kind"] { - case string(KindBasicEntityQueryKindExpansion): - var eeq ExpansionEntityQuery - err := json.Unmarshal(body, &eeq) - return eeq, err + case string(KindBasicEntityQueryTemplateKindActivity): + var aeqt ActivityEntityQueryTemplate + err := json.Unmarshal(body, &aeqt) + return aeqt, err default: - var eq EntityQuery - err := json.Unmarshal(body, &eq) - return eq, err + var eqt EntityQueryTemplate + err := json.Unmarshal(body, &eqt) + return eqt, err } } -func unmarshalBasicEntityQueryArray(body []byte) ([]BasicEntityQuery, error) { +func unmarshalBasicEntityQueryTemplateArray(body []byte) ([]BasicEntityQueryTemplate, error) { var rawMessages []*json.RawMessage err := json.Unmarshal(body, &rawMessages) if err != nil { return nil, err } - eqArray := make([]BasicEntityQuery, len(rawMessages)) + eqtArray := make([]BasicEntityQueryTemplate, len(rawMessages)) for index, rawMessage := range rawMessages { - eq, err := unmarshalBasicEntityQuery(*rawMessage) + eqt, err := unmarshalBasicEntityQueryTemplate(*rawMessage) if err != nil { return nil, err } - eqArray[index] = eq + eqtArray[index] = eqt } - return eqArray, nil + return eqtArray, nil } -// MarshalJSON is the custom marshaler for EntityQuery. -func (eq EntityQuery) MarshalJSON() ([]byte, error) { - eq.Kind = KindBasicEntityQueryKindEntityQuery +// MarshalJSON is the custom marshaler for EntityQueryTemplate. +func (eqt EntityQueryTemplate) MarshalJSON() ([]byte, error) { + eqt.Kind = KindBasicEntityQueryTemplateKindEntityQueryTemplate objectMap := make(map[string]interface{}) - if eq.Etag != nil { - objectMap["etag"] = eq.Etag - } - if eq.Kind != "" { - objectMap["kind"] = eq.Kind + if eqt.Kind != "" { + objectMap["kind"] = eqt.Kind } return json.Marshal(objectMap) } -// AsExpansionEntityQuery is the BasicEntityQuery implementation for EntityQuery. -func (eq EntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, bool) { +// AsActivityEntityQueryTemplate is the BasicEntityQueryTemplate implementation for EntityQueryTemplate. +func (eqt EntityQueryTemplate) AsActivityEntityQueryTemplate() (*ActivityEntityQueryTemplate, bool) { return nil, false } -// AsEntityQuery is the BasicEntityQuery implementation for EntityQuery. -func (eq EntityQuery) AsEntityQuery() (*EntityQuery, bool) { - return &eq, true +// AsEntityQueryTemplate is the BasicEntityQueryTemplate implementation for EntityQueryTemplate. +func (eqt EntityQueryTemplate) AsEntityQueryTemplate() (*EntityQueryTemplate, bool) { + return &eqt, true } -// AsBasicEntityQuery is the BasicEntityQuery implementation for EntityQuery. -func (eq EntityQuery) AsBasicEntityQuery() (BasicEntityQuery, bool) { - return &eq, true +// AsBasicEntityQueryTemplate is the BasicEntityQueryTemplate implementation for EntityQueryTemplate. +func (eqt EntityQueryTemplate) AsBasicEntityQueryTemplate() (BasicEntityQueryTemplate, bool) { + return &eqt, true } -// EntityQueryItem an abstract Query item for entity -type EntityQueryItem struct { - // ID - READ-ONLY; Query Template ARM ID - ID *string `json:"id,omitempty"` - // Name - Query Template ARM Name - Name *string `json:"name,omitempty"` - // Type - ARM Type - Type *string `json:"type,omitempty"` - // Kind - The kind of the entity query. Possible values include: 'EntityQueryKindExpansion', 'EntityQueryKindInsight' - Kind EntityQueryKind `json:"kind,omitempty"` +// EntityQueryTemplateList list of all the entity query templates. +type EntityQueryTemplateList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of entity query templates. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of entity query templates. + Value *[]BasicEntityQueryTemplate `json:"value,omitempty"` } -// MarshalJSON is the custom marshaler for EntityQueryItem. -func (eqi EntityQueryItem) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for EntityQueryTemplateList. +func (eqtl EntityQueryTemplateList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if eqi.Name != nil { - objectMap["name"] = eqi.Name - } - if eqi.Type != nil { - objectMap["type"] = eqi.Type - } - if eqi.Kind != "" { - objectMap["kind"] = eqi.Kind + if eqtl.Value != nil { + objectMap["value"] = eqtl.Value } return json.Marshal(objectMap) } -// EntityQueryItemProperties an properties abstract Query item for entity -type EntityQueryItemProperties struct { - // DataTypes - Data types for template - DataTypes *[]EntityQueryItemPropertiesDataTypesItem `json:"dataTypes,omitempty"` - // InputEntityType - The type of the entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' - InputEntityType EntityType `json:"inputEntityType,omitempty"` - // RequiredInputFieldsSets - Data types for template - RequiredInputFieldsSets *[][]string `json:"requiredInputFieldsSets,omitempty"` - // EntitiesFilter - The query applied only to entities matching to all filters - EntitiesFilter interface{} `json:"entitiesFilter,omitempty"` -} - -// EntityQueryItemPropertiesDataTypesItem ... -type EntityQueryItemPropertiesDataTypesItem struct { - // DataType - Data type name - DataType *string `json:"dataType,omitempty"` -} - -// EntityQueryKind1 describes an Entity query resource with kind. -type EntityQueryKind1 struct { - // Kind - The kind of the entity query. Possible values include: 'EntityQueryKindExpansion', 'EntityQueryKindInsight' - Kind EntityQueryKind `json:"kind,omitempty"` -} - -// EntityQueryList list of all the entity queries. -type EntityQueryList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of entity queries. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of entity queries. - Value *[]BasicEntityQuery `json:"value,omitempty"` -} - -// MarshalJSON is the custom marshaler for EntityQueryList. -func (eql EntityQueryList) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if eql.Value != nil { - objectMap["value"] = eql.Value - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for EntityQueryList struct. -func (eql *EntityQueryList) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for EntityQueryTemplateList struct. +func (eqtl *EntityQueryTemplateList) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -7663,15 +9140,15 @@ func (eql *EntityQueryList) UnmarshalJSON(body []byte) error { if err != nil { return err } - eql.NextLink = &nextLink + eqtl.NextLink = &nextLink } case "value": if v != nil { - value, err := unmarshalBasicEntityQueryArray(*v) + value, err := unmarshalBasicEntityQueryTemplateArray(*v) if err != nil { return err } - eql.Value = &value + eqtl.Value = &value } } } @@ -7679,17 +9156,17 @@ func (eql *EntityQueryList) UnmarshalJSON(body []byte) error { return nil } -// EntityQueryListIterator provides access to a complete listing of EntityQuery values. -type EntityQueryListIterator struct { +// EntityQueryTemplateListIterator provides access to a complete listing of EntityQueryTemplate values. +type EntityQueryTemplateListIterator struct { i int - page EntityQueryListPage + page EntityQueryTemplateListPage } // NextWithContext advances to the next value. If there was an error making // the request the iterator does not advance and the error is returned. -func (iter *EntityQueryListIterator) NextWithContext(ctx context.Context) (err error) { +func (iter *EntityQueryTemplateListIterator) NextWithContext(ctx context.Context) (err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryListIterator.NextWithContext") + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryTemplateListIterator.NextWithContext") defer func() { sc := -1 if iter.Response().Response.Response != nil { @@ -7714,67 +9191,67 @@ func (iter *EntityQueryListIterator) NextWithContext(ctx context.Context) (err e // Next advances to the next value. If there was an error making // the request the iterator does not advance and the error is returned. // Deprecated: Use NextWithContext() instead. -func (iter *EntityQueryListIterator) Next() error { +func (iter *EntityQueryTemplateListIterator) Next() error { return iter.NextWithContext(context.Background()) } // NotDone returns true if the enumeration should be started or is not yet complete. -func (iter EntityQueryListIterator) NotDone() bool { +func (iter EntityQueryTemplateListIterator) NotDone() bool { return iter.page.NotDone() && iter.i < len(iter.page.Values()) } // Response returns the raw server response from the last page request. -func (iter EntityQueryListIterator) Response() EntityQueryList { +func (iter EntityQueryTemplateListIterator) Response() EntityQueryTemplateList { return iter.page.Response() } // Value returns the current value or a zero-initialized value if the // iterator has advanced beyond the end of the collection. -func (iter EntityQueryListIterator) Value() BasicEntityQuery { +func (iter EntityQueryTemplateListIterator) Value() BasicEntityQueryTemplate { if !iter.page.NotDone() { - return EntityQuery{} + return EntityQueryTemplate{} } return iter.page.Values()[iter.i] } -// Creates a new instance of the EntityQueryListIterator type. -func NewEntityQueryListIterator(page EntityQueryListPage) EntityQueryListIterator { - return EntityQueryListIterator{page: page} +// Creates a new instance of the EntityQueryTemplateListIterator type. +func NewEntityQueryTemplateListIterator(page EntityQueryTemplateListPage) EntityQueryTemplateListIterator { + return EntityQueryTemplateListIterator{page: page} } // IsEmpty returns true if the ListResult contains no values. -func (eql EntityQueryList) IsEmpty() bool { - return eql.Value == nil || len(*eql.Value) == 0 +func (eqtl EntityQueryTemplateList) IsEmpty() bool { + return eqtl.Value == nil || len(*eqtl.Value) == 0 } // hasNextLink returns true if the NextLink is not empty. -func (eql EntityQueryList) hasNextLink() bool { - return eql.NextLink != nil && len(*eql.NextLink) != 0 +func (eqtl EntityQueryTemplateList) hasNextLink() bool { + return eqtl.NextLink != nil && len(*eqtl.NextLink) != 0 } -// entityQueryListPreparer prepares a request to retrieve the next set of results. +// entityQueryTemplateListPreparer prepares a request to retrieve the next set of results. // It returns nil if no more results exist. -func (eql EntityQueryList) entityQueryListPreparer(ctx context.Context) (*http.Request, error) { - if !eql.hasNextLink() { +func (eqtl EntityQueryTemplateList) entityQueryTemplateListPreparer(ctx context.Context) (*http.Request, error) { + if !eqtl.hasNextLink() { return nil, nil } return autorest.Prepare((&http.Request{}).WithContext(ctx), autorest.AsJSON(), autorest.AsGet(), - autorest.WithBaseURL(to.String(eql.NextLink))) + autorest.WithBaseURL(to.String(eqtl.NextLink))) } -// EntityQueryListPage contains a page of BasicEntityQuery values. -type EntityQueryListPage struct { - fn func(context.Context, EntityQueryList) (EntityQueryList, error) - eql EntityQueryList +// EntityQueryTemplateListPage contains a page of BasicEntityQueryTemplate values. +type EntityQueryTemplateListPage struct { + fn func(context.Context, EntityQueryTemplateList) (EntityQueryTemplateList, error) + eqtl EntityQueryTemplateList } // NextWithContext advances to the next page of values. If there was an error making // the request the page does not advance and the error is returned. -func (page *EntityQueryListPage) NextWithContext(ctx context.Context) (err error) { +func (page *EntityQueryTemplateListPage) NextWithContext(ctx context.Context) (err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryListPage.NextWithContext") + ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryTemplateListPage.NextWithContext") defer func() { sc := -1 if page.Response().Response.Response != nil { @@ -7784,11 +9261,11 @@ func (page *EntityQueryListPage) NextWithContext(ctx context.Context) (err error }() } for { - next, err := page.fn(ctx, page.eql) + next, err := page.fn(ctx, page.eqtl) if err != nil { return err } - page.eql = next + page.eqtl = next if !next.hasNextLink() || !next.IsEmpty() { break } @@ -7799,49 +9276,49 @@ func (page *EntityQueryListPage) NextWithContext(ctx context.Context) (err error // Next advances to the next page of values. If there was an error making // the request the page does not advance and the error is returned. // Deprecated: Use NextWithContext() instead. -func (page *EntityQueryListPage) Next() error { +func (page *EntityQueryTemplateListPage) Next() error { return page.NextWithContext(context.Background()) } // NotDone returns true if the page enumeration should be started or is not yet complete. -func (page EntityQueryListPage) NotDone() bool { - return !page.eql.IsEmpty() +func (page EntityQueryTemplateListPage) NotDone() bool { + return !page.eqtl.IsEmpty() } // Response returns the raw server response from the last page request. -func (page EntityQueryListPage) Response() EntityQueryList { - return page.eql +func (page EntityQueryTemplateListPage) Response() EntityQueryTemplateList { + return page.eqtl } // Values returns the slice of values for the current page or nil if there are no values. -func (page EntityQueryListPage) Values() []BasicEntityQuery { - if page.eql.IsEmpty() { +func (page EntityQueryTemplateListPage) Values() []BasicEntityQueryTemplate { + if page.eqtl.IsEmpty() { return nil } - return *page.eql.Value + return *page.eqtl.Value } -// Creates a new instance of the EntityQueryListPage type. -func NewEntityQueryListPage(cur EntityQueryList, getNextPage func(context.Context, EntityQueryList) (EntityQueryList, error)) EntityQueryListPage { - return EntityQueryListPage{ - fn: getNextPage, - eql: cur, +// Creates a new instance of the EntityQueryTemplateListPage type. +func NewEntityQueryTemplateListPage(cur EntityQueryTemplateList, getNextPage func(context.Context, EntityQueryTemplateList) (EntityQueryTemplateList, error)) EntityQueryTemplateListPage { + return EntityQueryTemplateListPage{ + fn: getNextPage, + eqtl: cur, } } -// EntityQueryModel ... -type EntityQueryModel struct { +// EntityQueryTemplateModel ... +type EntityQueryTemplateModel struct { autorest.Response `json:"-"` - Value BasicEntityQuery `json:"value,omitempty"` + Value BasicEntityQueryTemplate `json:"value,omitempty"` } -// UnmarshalJSON is the custom unmarshaler for EntityQueryModel struct. -func (eqm *EntityQueryModel) UnmarshalJSON(body []byte) error { - eq, err := unmarshalBasicEntityQuery(body) +// UnmarshalJSON is the custom unmarshaler for EntityQueryTemplateModel struct. +func (eqtm *EntityQueryTemplateModel) UnmarshalJSON(body []byte) error { + eqt, err := unmarshalBasicEntityQueryTemplate(body) if err != nil { return err } - eqm.Value = eq + eqtm.Value = eqt return nil } @@ -7849,14 +9326,14 @@ func (eqm *EntityQueryModel) UnmarshalJSON(body []byte) error { // BasicEntityTimelineItem entity timeline Item. type BasicEntityTimelineItem interface { AsActivityTimelineItem() (*ActivityTimelineItem, bool) - AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool) + AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) AsEntityTimelineItem() (*EntityTimelineItem, bool) } // EntityTimelineItem entity timeline Item. type EntityTimelineItem struct { - // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindSecurityAlert', 'KindBasicEntityTimelineItemKindBookmark' + // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindBookmark', 'KindBasicEntityTimelineItemKindSecurityAlert' Kind KindBasicEntityTimelineItem `json:"kind,omitempty"` } @@ -7872,14 +9349,14 @@ func unmarshalBasicEntityTimelineItem(body []byte) (BasicEntityTimelineItem, err var ati ActivityTimelineItem err := json.Unmarshal(body, &ati) return ati, err - case string(KindBasicEntityTimelineItemKindSecurityAlert): - var sati SecurityAlertTimelineItem - err := json.Unmarshal(body, &sati) - return sati, err case string(KindBasicEntityTimelineItemKindBookmark): var bti BookmarkTimelineItem err := json.Unmarshal(body, &bti) return bti, err + case string(KindBasicEntityTimelineItemKindSecurityAlert): + var sati SecurityAlertTimelineItem + err := json.Unmarshal(body, &sati) + return sati, err default: var eti EntityTimelineItem err := json.Unmarshal(body, &eti) @@ -7920,13 +9397,13 @@ func (eti EntityTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, b return nil, false } -// AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for EntityTimelineItem. -func (eti EntityTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) { +// AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for EntityTimelineItem. +func (eti EntityTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool) { return nil, false } -// AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for EntityTimelineItem. -func (eti EntityTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool) { +// AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for EntityTimelineItem. +func (eti EntityTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) { return nil, false } @@ -7993,6 +9470,47 @@ func (etr *EntityTimelineResponse) UnmarshalJSON(body []byte) error { return nil } +// ErrorAdditionalInfo the resource management error additional info. +type ErrorAdditionalInfo struct { + // Type - READ-ONLY; The additional info type. + Type *string `json:"type,omitempty"` + // Info - READ-ONLY; The additional info. + Info interface{} `json:"info,omitempty"` +} + +// MarshalJSON is the custom marshaler for ErrorAdditionalInfo. +func (eai ErrorAdditionalInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) +} + +// ErrorDetail the error detail. +type ErrorDetail struct { + // Code - READ-ONLY; The error code. + Code *string `json:"code,omitempty"` + // Message - READ-ONLY; The error message. + Message *string `json:"message,omitempty"` + // Target - READ-ONLY; The error target. + Target *string `json:"target,omitempty"` + // Details - READ-ONLY; The error details. + Details *[]ErrorDetail `json:"details,omitempty"` + // AdditionalInfo - READ-ONLY; The error additional info. + AdditionalInfo *[]ErrorAdditionalInfo `json:"additionalInfo,omitempty"` +} + +// MarshalJSON is the custom marshaler for ErrorDetail. +func (ed ErrorDetail) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) +} + +// ErrorResponse common error response for all Azure Resource Manager APIs to return error details for +// failed operations. (This also follows the OData error response format.). +type ErrorResponse struct { + // Error - The error object. + Error *ErrorDetail `json:"error,omitempty"` +} + // EventGroupingSettings event grouping settings property bag. type EventGroupingSettings struct { // AggregationKind - Possible values include: 'EventGroupingAggregationKindSingleAlert', 'EventGroupingAggregationKindAlertPerResult' @@ -8019,16 +9537,18 @@ type ExpansionEntityQueriesProperties struct { type ExpansionEntityQuery struct { // ExpansionEntityQueriesProperties - Expansion entity query properties *ExpansionEntityQueriesProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityQueryKindEntityQuery', 'KindBasicEntityQueryKindExpansion', 'KindBasicEntityQueryKindActivity' + Kind KindBasicEntityQuery `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicEntityQueryKindEntityQuery', 'KindBasicEntityQueryKindExpansion' - Kind KindBasicEntityQuery `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for ExpansionEntityQuery. @@ -8038,12 +9558,12 @@ func (eeq ExpansionEntityQuery) MarshalJSON() ([]byte, error) { if eeq.ExpansionEntityQueriesProperties != nil { objectMap["properties"] = eeq.ExpansionEntityQueriesProperties } - if eeq.Etag != nil { - objectMap["etag"] = eeq.Etag - } if eeq.Kind != "" { objectMap["kind"] = eeq.Kind } + if eeq.Etag != nil { + objectMap["etag"] = eeq.Etag + } return json.Marshal(objectMap) } @@ -8052,6 +9572,11 @@ func (eeq ExpansionEntityQuery) AsExpansionEntityQuery() (*ExpansionEntityQuery, return &eeq, true } +// AsActivityEntityQuery is the BasicEntityQuery implementation for ExpansionEntityQuery. +func (eeq ExpansionEntityQuery) AsActivityEntityQuery() (*ActivityEntityQuery, bool) { + return nil, false +} + // AsEntityQuery is the BasicEntityQuery implementation for ExpansionEntityQuery. func (eeq ExpansionEntityQuery) AsEntityQuery() (*EntityQuery, bool) { return nil, false @@ -8080,6 +9605,24 @@ func (eeq *ExpansionEntityQuery) UnmarshalJSON(body []byte) error { } eeq.ExpansionEntityQueriesProperties = &expansionEntityQueriesProperties } + case "kind": + if v != nil { + var kind KindBasicEntityQuery + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + eeq.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + eeq.Etag = &etag + } case "id": if v != nil { var ID string @@ -8107,23 +9650,14 @@ func (eeq *ExpansionEntityQuery) UnmarshalJSON(body []byte) error { } eeq.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - eeq.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntityQuery - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - eeq.Kind = kind + eeq.SystemData = &systemData } } } @@ -8153,16 +9687,18 @@ type ExpansionResultsMetadata struct { type EyesOn struct { // EyesOnSettingsProperties - EyesOn properties *EyesOnSettingsProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindAnomalies', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' + Kind KindBasicSettings `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindIPSyncer', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' - Kind KindBasicSettings `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for EyesOn. @@ -8172,17 +9708,17 @@ func (eo EyesOn) MarshalJSON() ([]byte, error) { if eo.EyesOnSettingsProperties != nil { objectMap["properties"] = eo.EyesOnSettingsProperties } - if eo.Etag != nil { - objectMap["etag"] = eo.Etag - } if eo.Kind != "" { objectMap["kind"] = eo.Kind } + if eo.Etag != nil { + objectMap["etag"] = eo.Etag + } return json.Marshal(objectMap) } -// AsIPSyncer is the BasicSettings implementation for EyesOn. -func (eo EyesOn) AsIPSyncer() (*IPSyncer, bool) { +// AsAnomalies is the BasicSettings implementation for EyesOn. +func (eo EyesOn) AsAnomalies() (*Anomalies, bool) { return nil, false } @@ -8229,6 +9765,24 @@ func (eo *EyesOn) UnmarshalJSON(body []byte) error { } eo.EyesOnSettingsProperties = &eyesOnSettingsProperties } + case "kind": + if v != nil { + var kind KindBasicSettings + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + eo.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + eo.Etag = &etag + } case "id": if v != nil { var ID string @@ -8256,23 +9810,14 @@ func (eo *EyesOn) UnmarshalJSON(body []byte) error { } eo.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - eo.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicSettings - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - eo.Kind = kind + eo.SystemData = &systemData } } } @@ -8292,18 +9837,28 @@ func (eosp EyesOnSettingsProperties) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } +// FieldMapping a single field mapping of the mapped entity +type FieldMapping struct { + // Identifier - the V3 identifier of the entity + Identifier *string `json:"identifier,omitempty"` + // ColumnName - the column name to be mapped to the identifier + ColumnName *string `json:"columnName,omitempty"` +} + // FileEntity represents a file entity. type FileEntity struct { // FileEntityProperties - File entity properties *FileEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for FileEntity. @@ -8319,53 +9874,53 @@ func (fe FileEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsFileEntity() (*FileEntity, bool) { - return &fe, true +// AsRegistryValueEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { + return nil, false } -// AsFileHashEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } @@ -8374,53 +9929,53 @@ func (fe FileEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { - return nil, false +// AsIPEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsIPEntity() (*IPEntity, bool) { + return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false +// AsFileEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsFileEntity() (*FileEntity, bool) { + return &fe, true } -// AsRegistryValueEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for FileEntity. +func (fe FileEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } @@ -8452,6 +10007,15 @@ func (fe *FileEntity) UnmarshalJSON(body []byte) error { } fe.FileEntityProperties = &fileEntityProperties } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + fe.Kind = kind + } case "id": if v != nil { var ID string @@ -8479,14 +10043,14 @@ func (fe *FileEntity) UnmarshalJSON(body []byte) error { } fe.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - fe.Kind = kind + fe.SystemData = &systemData } } } @@ -8520,14 +10084,16 @@ func (fep FileEntityProperties) MarshalJSON() ([]byte, error) { type FileHashEntity struct { // FileHashEntityProperties - FileHash entity properties *FileHashEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for FileHashEntity. @@ -8543,53 +10109,53 @@ func (fhe FileHashEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return &fhe, true +// AsRegistryKeyEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { + return nil, false } -// AsHostEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } @@ -8598,53 +10164,53 @@ func (fhe FileHashEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false +// AsFileHashEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsFileHashEntity() (*FileHashEntity, bool) { + return &fhe, true } -// AsRegistryKeyEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for FileHashEntity. +func (fhe FileHashEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } @@ -8676,6 +10242,15 @@ func (fhe *FileHashEntity) UnmarshalJSON(body []byte) error { } fhe.FileHashEntityProperties = &fileHashEntityProperties } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + fhe.Kind = kind + } case "id": if v != nil { var ID string @@ -8703,14 +10278,14 @@ func (fhe *FileHashEntity) UnmarshalJSON(body []byte) error { } fhe.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - fhe.Kind = kind + fhe.SystemData = &systemData } } } @@ -8740,16 +10315,18 @@ func (fhep FileHashEntityProperties) MarshalJSON() ([]byte, error) { type FusionAlertRule struct { // FusionAlertRuleProperties - Fusion alert rule properties *FusionAlertRuleProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' + Kind KindBasicAlertRule `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled' - Kind KindBasicAlertRule `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for FusionAlertRule. @@ -8759,12 +10336,12 @@ func (far FusionAlertRule) MarshalJSON() ([]byte, error) { if far.FusionAlertRuleProperties != nil { objectMap["properties"] = far.FusionAlertRuleProperties } - if far.Etag != nil { - objectMap["etag"] = far.Etag - } if far.Kind != "" { objectMap["kind"] = far.Kind } + if far.Etag != nil { + objectMap["etag"] = far.Etag + } return json.Marshal(objectMap) } @@ -8793,6 +10370,11 @@ func (far FusionAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { return nil, false } +// AsNrtAlertRule is the BasicAlertRule implementation for FusionAlertRule. +func (far FusionAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool) { + return nil, false +} + // AsAlertRule is the BasicAlertRule implementation for FusionAlertRule. func (far FusionAlertRule) AsAlertRule() (*AlertRule, bool) { return nil, false @@ -8821,6 +10403,24 @@ func (far *FusionAlertRule) UnmarshalJSON(body []byte) error { } far.FusionAlertRuleProperties = &fusionAlertRuleProperties } + case "kind": + if v != nil { + var kind KindBasicAlertRule + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + far.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + far.Etag = &etag + } case "id": if v != nil { var ID string @@ -8848,23 +10448,14 @@ func (far *FusionAlertRule) UnmarshalJSON(body []byte) error { } far.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - far.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicAlertRule - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - far.Kind = kind + far.SystemData = &systemData } } } @@ -8906,14 +10497,16 @@ func (farp FusionAlertRuleProperties) MarshalJSON() ([]byte, error) { type FusionAlertRuleTemplate struct { // FusionAlertRuleTemplateProperties - Fusion alert rule template properties *FusionAlertRuleTemplateProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' + Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' - Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for FusionAlertRuleTemplate. @@ -8954,6 +10547,11 @@ func (fart FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAl return nil, false } +// AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. +func (fart FusionAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool) { + return nil, false +} + // AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. func (fart FusionAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { return nil, false @@ -8982,6 +10580,15 @@ func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error { } fart.FusionAlertRuleTemplateProperties = &fusionAlertRuleTemplateProperties } + case "kind": + if v != nil { + var kind KindBasicAlertRuleTemplate + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + fart.Kind = kind + } case "id": if v != nil { var ID string @@ -9009,14 +10616,14 @@ func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error { } fart.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicAlertRuleTemplate - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - fart.Kind = kind + fart.SystemData = &systemData } } } @@ -9119,7 +10726,40 @@ type GetInsightsResultsMetadata struct { type GetQueriesResponse struct { autorest.Response `json:"-"` // Value - The query result values. - Value *[]EntityQueryItem `json:"value,omitempty"` + Value *[]BasicEntityQueryItem `json:"value,omitempty"` +} + +// UnmarshalJSON is the custom unmarshaler for GetQueriesResponse struct. +func (gqr *GetQueriesResponse) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "value": + if v != nil { + value, err := unmarshalBasicEntityQueryItemArray(*v) + if err != nil { + return err + } + gqr.Value = &value + } + } + } + + return nil +} + +// GraphQueries the graph query to show the current data status +type GraphQueries struct { + // MetricName - the metric that the query is checking + MetricName *string `json:"metricName,omitempty"` + // Legend - The legend for the graph + Legend *string `json:"legend,omitempty"` + // BaseQuery - The base query for the graph + BaseQuery *string `json:"baseQuery,omitempty"` } // GroupingConfiguration grouping configuration property bag. @@ -9130,24 +10770,30 @@ type GroupingConfiguration struct { ReopenClosedIncident *bool `json:"reopenClosedIncident,omitempty"` // LookbackDuration - Limit the group to alerts created within the lookback duration (in ISO 8601 duration format) LookbackDuration *string `json:"lookbackDuration,omitempty"` - // EntitiesMatchingMethod - Grouping matching method. Possible values include: 'EntitiesMatchingMethodAll', 'EntitiesMatchingMethodNone', 'EntitiesMatchingMethodCustom' - EntitiesMatchingMethod EntitiesMatchingMethod `json:"entitiesMatchingMethod,omitempty"` - // GroupByEntities - A list of entity types to group by (when entitiesMatchingMethod is Custom) - GroupByEntities *[]GroupingEntityType `json:"groupByEntities,omitempty"` + // MatchingMethod - Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty. Possible values include: 'MatchingMethodAllEntities', 'MatchingMethodAnyAlert', 'MatchingMethodSelected' + MatchingMethod MatchingMethod `json:"matchingMethod,omitempty"` + // GroupByEntities - A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used. + GroupByEntities *[]EntityMappingType `json:"groupByEntities,omitempty"` + // GroupByAlertDetails - A list of alert details to group by (when matchingMethod is Selected) + GroupByAlertDetails *[]AlertDetail `json:"groupByAlertDetails,omitempty"` + // GroupByCustomDetails - A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used. + GroupByCustomDetails *[]string `json:"groupByCustomDetails,omitempty"` } // HostEntity represents a host entity. type HostEntity struct { // HostEntityProperties - Host entity properties *HostEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for HostEntity. @@ -9163,53 +10809,53 @@ func (he HostEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsHostEntity() (*HostEntity, bool) { - return &he, true +// AsProcessEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsProcessEntity() (*ProcessEntity, bool) { + return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } @@ -9218,53 +10864,53 @@ func (he HostEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false +// AsHostEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsHostEntity() (*HostEntity, bool) { + return &he, true } -// AsProcessEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for HostEntity. +func (he HostEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } @@ -9296,6 +10942,15 @@ func (he *HostEntity) UnmarshalJSON(body []byte) error { } he.HostEntityProperties = &hostEntityProperties } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + he.Kind = kind + } case "id": if v != nil { var ID string @@ -9323,14 +10978,14 @@ func (he *HostEntity) UnmarshalJSON(body []byte) error { } he.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - he.Kind = kind + he.SystemData = &systemData } } } @@ -9377,14 +11032,16 @@ func (hep HostEntityProperties) MarshalJSON() ([]byte, error) { type HuntingBookmark struct { // HuntingBookmarkProperties - HuntingBookmark entity properties *HuntingBookmarkProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for HuntingBookmark. @@ -9400,53 +11057,53 @@ func (hb HuntingBookmark) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsHuntingBookmark() (*HuntingBookmark, bool) { - return &hb, true +// AsMalwareEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsMalwareEntity() (*MalwareEntity, bool) { + return nil, false } -// AsSecurityAlert is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } @@ -9455,53 +11112,53 @@ func (hb HuntingBookmark) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { - return nil, false +// AsHuntingBookmark is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsHuntingBookmark() (*HuntingBookmark, bool) { + return &hb, true } -// AsMalwareEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for HuntingBookmark. -func (hb HuntingBookmark) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for HuntingBookmark. +func (hb HuntingBookmark) AsAccountEntity() (*AccountEntity, bool) { return nil, false } @@ -9533,6 +11190,15 @@ func (hb *HuntingBookmark) UnmarshalJSON(body []byte) error { } hb.HuntingBookmarkProperties = &huntingBookmarkProperties } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + hb.Kind = kind + } case "id": if v != nil { var ID string @@ -9560,14 +11226,14 @@ func (hb *HuntingBookmark) UnmarshalJSON(body []byte) error { } hb.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - hb.Kind = kind + hb.SystemData = &systemData } } } @@ -9649,14 +11315,16 @@ type Incident struct { autorest.Response `json:"-"` // IncidentProperties - Incident properties *IncidentProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for Incident. @@ -9689,6 +11357,15 @@ func (i *Incident) UnmarshalJSON(body []byte) error { } i.IncidentProperties = &incidentProperties } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + i.Etag = &etag + } case "id": if v != nil { var ID string @@ -9716,14 +11393,14 @@ func (i *Incident) UnmarshalJSON(body []byte) error { } i.Type = &typeVar } - case "etag": + case "systemData": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - i.Etag = &etag + i.SystemData = &systemData } } } @@ -9770,14 +11447,16 @@ type IncidentComment struct { autorest.Response `json:"-"` // IncidentCommentProperties - Incident comment properties *IncidentCommentProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for IncidentComment. @@ -9810,6 +11489,15 @@ func (ic *IncidentComment) UnmarshalJSON(body []byte) error { } ic.IncidentCommentProperties = &incidentCommentProperties } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + ic.Etag = &etag + } case "id": if v != nil { var ID string @@ -9837,14 +11525,14 @@ func (ic *IncidentComment) UnmarshalJSON(body []byte) error { } ic.Type = &typeVar } - case "etag": + case "systemData": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - ic.Etag = &etag + ic.SystemData = &systemData } } } @@ -10103,8 +11791,8 @@ type IncidentEntitiesResultsMetadata struct { type IncidentInfo struct { // IncidentID - Incident Id IncidentID *string `json:"incidentId,omitempty"` - // Severity - The severity of the incident. Possible values include: 'CaseSeverityCritical', 'CaseSeverityHigh', 'CaseSeverityMedium', 'CaseSeverityLow', 'CaseSeverityInformational' - Severity CaseSeverity `json:"severity,omitempty"` + // Severity - The severity of the incident. Possible values include: 'IncidentSeverityHigh', 'IncidentSeverityMedium', 'IncidentSeverityLow', 'IncidentSeverityInformational' + Severity IncidentSeverity `json:"severity,omitempty"` // Title - The title of the incident Title *string `json:"title,omitempty"` // RelationName - Relation Name @@ -10306,6 +11994,26 @@ type IncidentOwnerInfo struct { ObjectID *uuid.UUID `json:"objectId,omitempty"` // UserPrincipalName - The user principal name of the user the incident is assigned to. UserPrincipalName *string `json:"userPrincipalName,omitempty"` + // OwnerType - READ-ONLY; The type of the owner the incident is assigned to. Possible values include: 'OwnerTypeUnknown', 'OwnerTypeUser', 'OwnerTypeGroup' + OwnerType OwnerType `json:"ownerType,omitempty"` +} + +// MarshalJSON is the custom marshaler for IncidentOwnerInfo. +func (ioi IncidentOwnerInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if ioi.Email != nil { + objectMap["email"] = ioi.Email + } + if ioi.AssignedTo != nil { + objectMap["assignedTo"] = ioi.AssignedTo + } + if ioi.ObjectID != nil { + objectMap["objectId"] = ioi.ObjectID + } + if ioi.UserPrincipalName != nil { + objectMap["userPrincipalName"] = ioi.UserPrincipalName + } + return json.Marshal(objectMap) } // IncidentProperties describes incident properties @@ -10346,6 +12054,8 @@ type IncidentProperties struct { Severity IncidentSeverity `json:"severity,omitempty"` // Status - The status of the incident. Possible values include: 'IncidentStatusNew', 'IncidentStatusActive', 'IncidentStatusClosed' Status IncidentStatus `json:"status,omitempty"` + // TeamInformation - Describes a team for the incident + TeamInformation *TeamInformation `json:"teamInformation,omitempty"` // Title - The title of the incident Title *string `json:"title,omitempty"` } @@ -10389,292 +12099,836 @@ func (IP IncidentProperties) MarshalJSON() ([]byte, error) { if IP.Status != "" { objectMap["status"] = IP.Status } + if IP.TeamInformation != nil { + objectMap["teamInformation"] = IP.TeamInformation + } if IP.Title != nil { objectMap["title"] = IP.Title } return json.Marshal(objectMap) } -// InsightQueryItem represents Insight Query. -type InsightQueryItem struct { - // Properties - Properties bag for InsightQueryItem - Properties *InsightQueryItemProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Query Template ARM ID +// InsightQueryItem represents Insight Query. +type InsightQueryItem struct { + // Properties - Properties bag for InsightQueryItem + Properties *InsightQueryItemProperties `json:"properties,omitempty"` + // ID - READ-ONLY; Query Template ARM ID + ID *string `json:"id,omitempty"` + // Name - Query Template ARM Name + Name *string `json:"name,omitempty"` + // Type - ARM Type + Type *string `json:"type,omitempty"` + // Kind - Possible values include: 'KindBasicEntityQueryItemKindEntityQueryItem', 'KindBasicEntityQueryItemKindInsight' + Kind KindBasicEntityQueryItem `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for InsightQueryItem. +func (iqi InsightQueryItem) MarshalJSON() ([]byte, error) { + iqi.Kind = KindBasicEntityQueryItemKindInsight + objectMap := make(map[string]interface{}) + if iqi.Properties != nil { + objectMap["properties"] = iqi.Properties + } + if iqi.Name != nil { + objectMap["name"] = iqi.Name + } + if iqi.Type != nil { + objectMap["type"] = iqi.Type + } + if iqi.Kind != "" { + objectMap["kind"] = iqi.Kind + } + return json.Marshal(objectMap) +} + +// AsInsightQueryItem is the BasicEntityQueryItem implementation for InsightQueryItem. +func (iqi InsightQueryItem) AsInsightQueryItem() (*InsightQueryItem, bool) { + return &iqi, true +} + +// AsEntityQueryItem is the BasicEntityQueryItem implementation for InsightQueryItem. +func (iqi InsightQueryItem) AsEntityQueryItem() (*EntityQueryItem, bool) { + return nil, false +} + +// AsBasicEntityQueryItem is the BasicEntityQueryItem implementation for InsightQueryItem. +func (iqi InsightQueryItem) AsBasicEntityQueryItem() (BasicEntityQueryItem, bool) { + return &iqi, true +} + +// InsightQueryItemProperties represents Insight Query. +type InsightQueryItemProperties struct { + // DisplayName - The insight display name. + DisplayName *string `json:"displayName,omitempty"` + // Description - The insight description. + Description *string `json:"description,omitempty"` + // BaseQuery - The base query of the insight. + BaseQuery *string `json:"baseQuery,omitempty"` + // TableQuery - The insight table query. + TableQuery *InsightQueryItemPropertiesTableQuery `json:"tableQuery,omitempty"` + // ChartQuery - The insight chart query. + ChartQuery interface{} `json:"chartQuery,omitempty"` + // AdditionalQuery - The activity query definitions. + AdditionalQuery *InsightQueryItemPropertiesAdditionalQuery `json:"additionalQuery,omitempty"` + // DefaultTimeRange - The insight chart query. + DefaultTimeRange *InsightQueryItemPropertiesDefaultTimeRange `json:"defaultTimeRange,omitempty"` + // ReferenceTimeRange - The insight chart query. + ReferenceTimeRange *InsightQueryItemPropertiesReferenceTimeRange `json:"referenceTimeRange,omitempty"` + // DataTypes - Data types for template + DataTypes *[]EntityQueryItemPropertiesDataTypesItem `json:"dataTypes,omitempty"` + // InputEntityType - The type of the entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' + InputEntityType EntityType `json:"inputEntityType,omitempty"` + // RequiredInputFieldsSets - Data types for template + RequiredInputFieldsSets *[][]string `json:"requiredInputFieldsSets,omitempty"` + // EntitiesFilter - The query applied only to entities matching to all filters + EntitiesFilter interface{} `json:"entitiesFilter,omitempty"` +} + +// InsightQueryItemPropertiesAdditionalQuery the activity query definitions. +type InsightQueryItemPropertiesAdditionalQuery struct { + // Query - The insight query. + Query *string `json:"query,omitempty"` + // Text - The insight text. + Text *string `json:"text,omitempty"` +} + +// InsightQueryItemPropertiesDefaultTimeRange the insight chart query. +type InsightQueryItemPropertiesDefaultTimeRange struct { + // BeforeRange - The padding for the start time of the query. + BeforeRange *string `json:"beforeRange,omitempty"` + // AfterRange - The padding for the end time of the query. + AfterRange *string `json:"afterRange,omitempty"` +} + +// InsightQueryItemPropertiesReferenceTimeRange the insight chart query. +type InsightQueryItemPropertiesReferenceTimeRange struct { + // BeforeRange - Additional query time for looking back. + BeforeRange *string `json:"beforeRange,omitempty"` +} + +// InsightQueryItemPropertiesTableQuery the insight table query. +type InsightQueryItemPropertiesTableQuery struct { + // ColumnsDefinitions - List of insight column definitions. + ColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem `json:"columnsDefinitions,omitempty"` + // QueriesDefinitions - List of insight queries definitions. + QueriesDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem `json:"queriesDefinitions,omitempty"` +} + +// InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem ... +type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem struct { + // Header - Insight column header. + Header *string `json:"header,omitempty"` + // OutputType - Insights Column type. Possible values include: 'OutputTypeNumber', 'OutputTypeString', 'OutputTypeDate', 'OutputTypeEntity' + OutputType OutputType `json:"outputType,omitempty"` + // SupportDeepLink - Is query supports deep-link. + SupportDeepLink *bool `json:"supportDeepLink,omitempty"` +} + +// InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem ... +type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem struct { + // Filter - Insight column header. + Filter *string `json:"filter,omitempty"` + // Summarize - Insight column header. + Summarize *string `json:"summarize,omitempty"` + // Project - Insight column header. + Project *string `json:"project,omitempty"` + // LinkColumnsDefinitions - Insight column header. + LinkColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem `json:"linkColumnsDefinitions,omitempty"` +} + +// InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem ... +type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem struct { + // ProjectedName - Insight Link Definition Projected Name. + ProjectedName *string `json:"projectedName,omitempty"` + // Query - Insight Link Definition Query. + Query *string `json:"Query,omitempty"` +} + +// InsightsTableResult query results for table insights query. +type InsightsTableResult struct { + // Columns - Columns Metadata of the table + Columns *[]InsightsTableResultColumnsItem `json:"columns,omitempty"` + // Rows - Rows data of the table + Rows *[][]string `json:"rows,omitempty"` +} + +// InsightsTableResultColumnsItem ... +type InsightsTableResultColumnsItem struct { + // Type - the type of the colum + Type *string `json:"type,omitempty"` + // Name - the name of the colum + Name *string `json:"name,omitempty"` +} + +// InstructionSteps instruction steps to enable the connector +type InstructionSteps struct { + // Title - Instruction step title + Title *string `json:"title,omitempty"` + // Description - Instruction step description + Description *string `json:"description,omitempty"` + // Instructions - Instruction step details + Instructions *[]InstructionStepsInstructionsItem `json:"instructions,omitempty"` +} + +// InstructionStepsInstructionsItem ... +type InstructionStepsInstructionsItem struct { + // Parameters - The parameters for the setting + Parameters interface{} `json:"parameters,omitempty"` + // Type - The kind of the setting. Possible values include: 'SettingTypeCopyableLabel', 'SettingTypeInstructionStepsGroup', 'SettingTypeInfoMessage' + Type SettingType `json:"type,omitempty"` +} + +// IoTDeviceEntity represents an IoT device entity. +type IoTDeviceEntity struct { + // IoTDeviceEntityProperties - IoTDevice entity properties + *IoTDeviceEntityProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for IoTDeviceEntity. +func (itde IoTDeviceEntity) MarshalJSON() ([]byte, error) { + itde.Kind = KindBasicEntityKindIoTDevice + objectMap := make(map[string]interface{}) + if itde.IoTDeviceEntityProperties != nil { + objectMap["properties"] = itde.IoTDeviceEntityProperties + } + if itde.Kind != "" { + objectMap["kind"] = itde.Kind + } + return json.Marshal(objectMap) +} + +// AsURLEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsURLEntity() (*URLEntity, bool) { + return nil, false +} + +// AsSubmissionMailEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { + return nil, false +} + +// AsSecurityGroupEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { + return nil, false +} + +// AsSecurityAlert is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsSecurityAlert() (*SecurityAlert, bool) { + return nil, false +} + +// AsRegistryValueEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { + return nil, false +} + +// AsRegistryKeyEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { + return nil, false +} + +// AsProcessEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsProcessEntity() (*ProcessEntity, bool) { + return nil, false +} + +// AsMalwareEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsMalwareEntity() (*MalwareEntity, bool) { + return nil, false +} + +// AsMailMessageEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { + return nil, false +} + +// AsMailClusterEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { + return nil, false +} + +// AsMailboxEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsMailboxEntity() (*MailboxEntity, bool) { + return nil, false +} + +// AsIPEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsIPEntity() (*IPEntity, bool) { + return nil, false +} + +// AsIoTDeviceEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { + return &itde, true +} + +// AsHuntingBookmark is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { + return nil, false +} + +// AsHostEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsHostEntity() (*HostEntity, bool) { + return nil, false +} + +// AsFileHashEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsFileHashEntity() (*FileHashEntity, bool) { + return nil, false +} + +// AsFileEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsFileEntity() (*FileEntity, bool) { + return nil, false +} + +// AsDNSEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsDNSEntity() (*DNSEntity, bool) { + return nil, false +} + +// AsCloudApplicationEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { + return nil, false +} + +// AsAzureResourceEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { + return nil, false +} + +// AsAccountEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsAccountEntity() (*AccountEntity, bool) { + return nil, false +} + +// AsEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsEntity() (*Entity, bool) { + return nil, false +} + +// AsBasicEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsBasicEntity() (BasicEntity, bool) { + return &itde, true +} + +// UnmarshalJSON is the custom unmarshaler for IoTDeviceEntity struct. +func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var ioTDeviceEntityProperties IoTDeviceEntityProperties + err = json.Unmarshal(*v, &ioTDeviceEntityProperties) + if err != nil { + return err + } + itde.IoTDeviceEntityProperties = &ioTDeviceEntityProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + itde.Kind = kind + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + itde.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + itde.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + itde.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + itde.SystemData = &systemData + } + } + } + + return nil +} + +// IoTDeviceEntityProperties ioTDevice entity property bag. +type IoTDeviceEntityProperties struct { + // DeviceID - READ-ONLY; The ID of the IoT Device in the IoT Hub + DeviceID *string `json:"deviceId,omitempty"` + // DeviceName - READ-ONLY; The friendly name of the device + DeviceName *string `json:"deviceName,omitempty"` + // Source - READ-ONLY; The source of the device + Source *string `json:"source,omitempty"` + // IotSecurityAgentID - READ-ONLY; The ID of the security agent running on the device + IotSecurityAgentID *uuid.UUID `json:"iotSecurityAgentId,omitempty"` + // DeviceType - READ-ONLY; The type of the device + DeviceType *string `json:"deviceType,omitempty"` + // Vendor - READ-ONLY; The vendor of the device + Vendor *string `json:"vendor,omitempty"` + // EdgeID - READ-ONLY; The ID of the edge device + EdgeID *string `json:"edgeId,omitempty"` + // MacAddress - READ-ONLY; The MAC address of the device + MacAddress *string `json:"macAddress,omitempty"` + // Model - READ-ONLY; The model of the device + Model *string `json:"model,omitempty"` + // SerialNumber - READ-ONLY; The serial number of the device + SerialNumber *string `json:"serialNumber,omitempty"` + // FirmwareVersion - READ-ONLY; The firmware version of the device + FirmwareVersion *string `json:"firmwareVersion,omitempty"` + // OperatingSystem - READ-ONLY; The operating system of the device + OperatingSystem *string `json:"operatingSystem,omitempty"` + // IotHubEntityID - READ-ONLY; The AzureResource entity id of the IoT Hub + IotHubEntityID *string `json:"iotHubEntityId,omitempty"` + // HostEntityID - READ-ONLY; The Host entity id of this device + HostEntityID *string `json:"hostEntityId,omitempty"` + // IPAddressEntityID - READ-ONLY; The IP entity if of this device + IPAddressEntityID *string `json:"ipAddressEntityId,omitempty"` + // ThreatIntelligence - READ-ONLY; A list of TI contexts attached to the IoTDevice entity. + ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` + // Protocols - READ-ONLY; A list of protocols of the IoTDevice entity. + Protocols *[]string `json:"protocols,omitempty"` + // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` + // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + FriendlyName *string `json:"friendlyName,omitempty"` +} + +// MarshalJSON is the custom marshaler for IoTDeviceEntityProperties. +func (itdep IoTDeviceEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) +} + +// IPEntity represents an ip entity. +type IPEntity struct { + // IPEntityProperties - Ip entity properties + *IPEntityProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - Query Template ARM Name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - ARM Type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - The kind of the entity query. Possible values include: 'EntityQueryKindExpansion', 'EntityQueryKindInsight' - Kind EntityQueryKind `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for InsightQueryItem. -func (iqi InsightQueryItem) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for IPEntity. +func (ie IPEntity) MarshalJSON() ([]byte, error) { + ie.Kind = KindBasicEntityKindIP objectMap := make(map[string]interface{}) - if iqi.Properties != nil { - objectMap["properties"] = iqi.Properties - } - if iqi.Name != nil { - objectMap["name"] = iqi.Name - } - if iqi.Type != nil { - objectMap["type"] = iqi.Type + if ie.IPEntityProperties != nil { + objectMap["properties"] = ie.IPEntityProperties } - if iqi.Kind != "" { - objectMap["kind"] = iqi.Kind + if ie.Kind != "" { + objectMap["kind"] = ie.Kind } return json.Marshal(objectMap) } -// InsightQueryItemProperties represents Insight Query. -type InsightQueryItemProperties struct { - // DisplayName - The insight display name. - DisplayName *string `json:"displayName,omitempty"` - // Description - The insight description. - Description *string `json:"description,omitempty"` - // BaseQuery - The base query of the insight. - BaseQuery *string `json:"baseQuery,omitempty"` - // TableQuery - The insight table query. - TableQuery *InsightQueryItemPropertiesTableQuery `json:"tableQuery,omitempty"` - // ChartQuery - The insight chart query. - ChartQuery interface{} `json:"chartQuery,omitempty"` - // AdditionalQuery - The activity query definitions. - AdditionalQuery *InsightQueryItemPropertiesAdditionalQuery `json:"additionalQuery,omitempty"` - // DefaultTimeRange - The insight chart query. - DefaultTimeRange *InsightQueryItemPropertiesDefaultTimeRange `json:"defaultTimeRange,omitempty"` - // ReferenceTimeRange - The insight chart query. - ReferenceTimeRange *InsightQueryItemPropertiesReferenceTimeRange `json:"referenceTimeRange,omitempty"` - // DataTypes - Data types for template - DataTypes *[]EntityQueryItemPropertiesDataTypesItem `json:"dataTypes,omitempty"` - // InputEntityType - The type of the entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark', 'EntityTypeMailCluster', 'EntityTypeMailMessage', 'EntityTypeMailbox', 'EntityTypeSubmissionMail' - InputEntityType EntityType `json:"inputEntityType,omitempty"` - // RequiredInputFieldsSets - Data types for template - RequiredInputFieldsSets *[][]string `json:"requiredInputFieldsSets,omitempty"` - // EntitiesFilter - The query applied only to entities matching to all filters - EntitiesFilter interface{} `json:"entitiesFilter,omitempty"` +// AsURLEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsURLEntity() (*URLEntity, bool) { + return nil, false } -// InsightQueryItemPropertiesAdditionalQuery the activity query definitions. -type InsightQueryItemPropertiesAdditionalQuery struct { - // Query - The insight query. - Query *string `json:"query,omitempty"` - // Text - The insight text. - Text *string `json:"text,omitempty"` +// AsSubmissionMailEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { + return nil, false } -// InsightQueryItemPropertiesDefaultTimeRange the insight chart query. -type InsightQueryItemPropertiesDefaultTimeRange struct { - // BeforeRange - The padding for the start time of the query. - BeforeRange *string `json:"beforeRange,omitempty"` - // AfterRange - The padding for the end time of the query. - AfterRange *string `json:"afterRange,omitempty"` +// AsSecurityGroupEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { + return nil, false } -// InsightQueryItemPropertiesReferenceTimeRange the insight chart query. -type InsightQueryItemPropertiesReferenceTimeRange struct { - // BeforeRange - Additional query time for looking back. - BeforeRange *string `json:"beforeRange,omitempty"` +// AsSecurityAlert is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsSecurityAlert() (*SecurityAlert, bool) { + return nil, false } -// InsightQueryItemPropertiesTableQuery the insight table query. -type InsightQueryItemPropertiesTableQuery struct { - // ColumnsDefinitions - List of insight column definitions. - ColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem `json:"columnsDefinitions,omitempty"` - // QueriesDefinitions - List of insight queries definitions. - QueriesDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem `json:"queriesDefinitions,omitempty"` +// AsRegistryValueEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { + return nil, false } -// InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem ... -type InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem struct { - // Header - Insight column header. - Header *string `json:"header,omitempty"` - // OutputType - Insights Column type. Possible values include: 'OutputTypeNumber', 'OutputTypeString', 'OutputTypeDate', 'OutputTypeEntity' - OutputType OutputType `json:"outputType,omitempty"` - // SupportDeepLink - Is query supports deep-link. - SupportDeepLink *bool `json:"supportDeepLink,omitempty"` +// AsRegistryKeyEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { + return nil, false +} + +// AsProcessEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsProcessEntity() (*ProcessEntity, bool) { + return nil, false +} + +// AsMalwareEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsMalwareEntity() (*MalwareEntity, bool) { + return nil, false +} + +// AsMailMessageEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { + return nil, false +} + +// AsMailClusterEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { + return nil, false +} + +// AsMailboxEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsMailboxEntity() (*MailboxEntity, bool) { + return nil, false +} + +// AsIPEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsIPEntity() (*IPEntity, bool) { + return &ie, true +} + +// AsIoTDeviceEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { + return nil, false +} + +// AsHuntingBookmark is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { + return nil, false +} + +// AsHostEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsHostEntity() (*HostEntity, bool) { + return nil, false +} + +// AsFileHashEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsFileHashEntity() (*FileHashEntity, bool) { + return nil, false +} + +// AsFileEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsFileEntity() (*FileEntity, bool) { + return nil, false +} + +// AsDNSEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsDNSEntity() (*DNSEntity, bool) { + return nil, false +} + +// AsCloudApplicationEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { + return nil, false +} + +// AsAzureResourceEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { + return nil, false +} + +// AsAccountEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsAccountEntity() (*AccountEntity, bool) { + return nil, false +} + +// AsEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsEntity() (*Entity, bool) { + return nil, false +} + +// AsBasicEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsBasicEntity() (BasicEntity, bool) { + return &ie, true } -// InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem ... -type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem struct { - // Filter - Insight column header. - Filter *string `json:"filter,omitempty"` - // Summarize - Insight column header. - Summarize *string `json:"summarize,omitempty"` - // Project - Insight column header. - Project *string `json:"project,omitempty"` - // LinkColumnsDefinitions - Insight column header. - LinkColumnsDefinitions *[]InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem `json:"linkColumnsDefinitions,omitempty"` +// UnmarshalJSON is the custom unmarshaler for IPEntity struct. +func (ie *IPEntity) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var IPEntityProperties IPEntityProperties + err = json.Unmarshal(*v, &IPEntityProperties) + if err != nil { + return err + } + ie.IPEntityProperties = &IPEntityProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + ie.Kind = kind + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + ie.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + ie.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + ie.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + ie.SystemData = &systemData + } + } + } + + return nil } -// InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem ... -type InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem struct { - // ProjectedName - Insight Link Definition Projected Name. - ProjectedName *string `json:"projectedName,omitempty"` - // Query - Insight Link Definition Query. - Query *string `json:"Query,omitempty"` +// IPEntityProperties ip entity property bag. +type IPEntityProperties struct { + // Address - READ-ONLY; The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or Ipv6) + Address *string `json:"address,omitempty"` + // Location - The geo-location context attached to the ip entity + Location *GeoLocation `json:"location,omitempty"` + // ThreatIntelligence - READ-ONLY; A list of TI contexts attached to the ip entity. + ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` + // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` + // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + FriendlyName *string `json:"friendlyName,omitempty"` } -// InsightsTableResult query results for table insights query. -type InsightsTableResult struct { - // Columns - Columns Metadata of the table - Columns *[]InsightsTableResultColumnsItem `json:"columns,omitempty"` - // Rows - Rows data of the table - Rows *[][]string `json:"rows,omitempty"` +// MarshalJSON is the custom marshaler for IPEntityProperties. +func (iep IPEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if iep.Location != nil { + objectMap["location"] = iep.Location + } + return json.Marshal(objectMap) } -// InsightsTableResultColumnsItem ... -type InsightsTableResultColumnsItem struct { - // Type - the type of the colum - Type *string `json:"type,omitempty"` - // Name - the name of the colum +// LastDataReceivedDataType data type for last data received +type LastDataReceivedDataType struct { + // Name - Name of the data type to show in the graph. can be use with {{graphQueriesTableName}} placeholder Name *string `json:"name,omitempty"` + // LastDataReceivedQuery - Query for indicate last data received + LastDataReceivedQuery *string `json:"lastDataReceivedQuery,omitempty"` } -// IoTDeviceEntity represents an IoT device entity. -type IoTDeviceEntity struct { - // IoTDeviceEntityProperties - IoTDevice entity properties - *IoTDeviceEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// MailboxEntity represents a mailbox entity. +type MailboxEntity struct { + // MailboxEntityProperties - Mailbox entity properties + *MailboxEntityProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for IoTDeviceEntity. -func (itde IoTDeviceEntity) MarshalJSON() ([]byte, error) { - itde.Kind = KindBasicEntityKindIoTDevice +// MarshalJSON is the custom marshaler for MailboxEntity. +func (me MailboxEntity) MarshalJSON() ([]byte, error) { + me.Kind = KindBasicEntityKindMailbox objectMap := make(map[string]interface{}) - if itde.IoTDeviceEntityProperties != nil { - objectMap["properties"] = itde.IoTDeviceEntityProperties + if me.MailboxEntityProperties != nil { + objectMap["properties"] = me.MailboxEntityProperties } - if itde.Kind != "" { - objectMap["kind"] = itde.Kind + if me.Kind != "" { + objectMap["kind"] = me.Kind } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } -// AsMailboxEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsMailboxEntity() (*MailboxEntity, bool) { - return nil, false +// AsMailboxEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsMailboxEntity() (*MailboxEntity, bool) { + return &me, true } -// AsMailClusterEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return &itde, true +// AsAccountEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsAccountEntity() (*AccountEntity, bool) { + return nil, false } -// AsEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsEntity() (*Entity, bool) { +// AsEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsEntity() (*Entity, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsBasicEntity() (BasicEntity, bool) { - return &itde, true +// AsBasicEntity is the BasicEntity implementation for MailboxEntity. +func (me MailboxEntity) AsBasicEntity() (BasicEntity, bool) { + return &me, true } -// UnmarshalJSON is the custom unmarshaler for IoTDeviceEntity struct. -func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MailboxEntity struct. +func (me *MailboxEntity) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -10684,12 +12938,21 @@ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var ioTDeviceEntityProperties IoTDeviceEntityProperties - err = json.Unmarshal(*v, &ioTDeviceEntityProperties) + var mailboxEntityProperties MailboxEntityProperties + err = json.Unmarshal(*v, &mailboxEntityProperties) if err != nil { return err } - itde.IoTDeviceEntityProperties = &ioTDeviceEntityProperties + me.MailboxEntityProperties = &mailboxEntityProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + me.Kind = kind } case "id": if v != nil { @@ -10698,7 +12961,7 @@ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - itde.ID = &ID + me.ID = &ID } case "name": if v != nil { @@ -10707,7 +12970,7 @@ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - itde.Name = &name + me.Name = &name } case "type": if v != nil { @@ -10716,16 +12979,16 @@ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - itde.Type = &typeVar + me.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - itde.Kind = kind + me.SystemData = &systemData } } } @@ -10733,198 +12996,174 @@ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { return nil } -// IoTDeviceEntityProperties ioTDevice entity property bag. -type IoTDeviceEntityProperties struct { - // DeviceID - READ-ONLY; The ID of the IoT Device in the IoT Hub - DeviceID *string `json:"deviceId,omitempty"` - // DeviceName - READ-ONLY; The friendly name of the device - DeviceName *string `json:"deviceName,omitempty"` - // Source - READ-ONLY; The source of the device - Source *string `json:"source,omitempty"` - // IotSecurityAgentID - READ-ONLY; The ID of the security agent running on the device - IotSecurityAgentID *uuid.UUID `json:"iotSecurityAgentId,omitempty"` - // DeviceType - READ-ONLY; The type of the device - DeviceType *string `json:"deviceType,omitempty"` - // Vendor - READ-ONLY; The vendor of the device - Vendor *string `json:"vendor,omitempty"` - // EdgeID - READ-ONLY; The ID of the edge device - EdgeID *string `json:"edgeId,omitempty"` - // MacAddress - READ-ONLY; The MAC address of the device - MacAddress *string `json:"macAddress,omitempty"` - // Model - READ-ONLY; The model of the device - Model *string `json:"model,omitempty"` - // SerialNumber - READ-ONLY; The serial number of the device - SerialNumber *string `json:"serialNumber,omitempty"` - // FirmwareVersion - READ-ONLY; The firmware version of the device - FirmwareVersion *string `json:"firmwareVersion,omitempty"` - // OperatingSystem - READ-ONLY; The operating system of the device - OperatingSystem *string `json:"operatingSystem,omitempty"` - // IotHubEntityID - READ-ONLY; The AzureResource entity id of the IoT Hub - IotHubEntityID *string `json:"iotHubEntityId,omitempty"` - // HostEntityID - READ-ONLY; The Host entity id of this device - HostEntityID *string `json:"hostEntityId,omitempty"` - // IPAddressEntityID - READ-ONLY; The IP entity if of this device - IPAddressEntityID *string `json:"ipAddressEntityId,omitempty"` - // ThreatIntelligence - READ-ONLY; A list of TI contexts attached to the IoTDevice entity. - ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` - // Protocols - READ-ONLY; A list of protocols of the IoTDevice entity. - Protocols *[]string `json:"protocols,omitempty"` +// MailboxEntityProperties mailbox entity property bag. +type MailboxEntityProperties struct { + // MailboxPrimaryAddress - READ-ONLY; The mailbox's primary address + MailboxPrimaryAddress *string `json:"mailboxPrimaryAddress,omitempty"` + // DisplayName - READ-ONLY; The mailbox's display name + DisplayName *string `json:"displayName,omitempty"` + // Upn - READ-ONLY; The mailbox's UPN + Upn *string `json:"upn,omitempty"` + // ExternalDirectoryObjectID - READ-ONLY; The AzureAD identifier of mailbox. Similar to AadUserId in account entity but this property is specific to mailbox object on office side + ExternalDirectoryObjectID *uuid.UUID `json:"externalDirectoryObjectId,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` } -// MarshalJSON is the custom marshaler for IoTDeviceEntityProperties. -func (itdep IoTDeviceEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for MailboxEntityProperties. +func (mep MailboxEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) return json.Marshal(objectMap) } -// IPEntity represents an ip entity. -type IPEntity struct { - // IPEntityProperties - Ip entity properties - *IPEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// MailClusterEntity represents a mail cluster entity. +type MailClusterEntity struct { + // MailClusterEntityProperties - Mail cluster entity properties + *MailClusterEntityProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for IPEntity. -func (ie IPEntity) MarshalJSON() ([]byte, error) { - ie.Kind = KindBasicEntityKindIP +// MarshalJSON is the custom marshaler for MailClusterEntity. +func (mce MailClusterEntity) MarshalJSON() ([]byte, error) { + mce.Kind = KindBasicEntityKindMailCluster objectMap := make(map[string]interface{}) - if ie.IPEntityProperties != nil { - objectMap["properties"] = ie.IPEntityProperties + if mce.MailClusterEntityProperties != nil { + objectMap["properties"] = mce.MailClusterEntityProperties } - if ie.Kind != "" { - objectMap["kind"] = ie.Kind + if mce.Kind != "" { + objectMap["kind"] = mce.Kind } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsIPEntity() (*IPEntity, bool) { - return &ie, true +// AsMailClusterEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { + return &mce, true } -// AsMailboxEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsMailboxEntity() (*MailboxEntity, bool) { +// AsMailboxEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsEntity() (*Entity, bool) { +// AsEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsEntity() (*Entity, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsBasicEntity() (BasicEntity, bool) { - return &ie, true +// AsBasicEntity is the BasicEntity implementation for MailClusterEntity. +func (mce MailClusterEntity) AsBasicEntity() (BasicEntity, bool) { + return &mce, true } -// UnmarshalJSON is the custom unmarshaler for IPEntity struct. -func (ie *IPEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MailClusterEntity struct. +func (mce *MailClusterEntity) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -10934,12 +13173,21 @@ func (ie *IPEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var IPEntityProperties IPEntityProperties - err = json.Unmarshal(*v, &IPEntityProperties) + var mailClusterEntityProperties MailClusterEntityProperties + err = json.Unmarshal(*v, &mailClusterEntityProperties) if err != nil { return err } - ie.IPEntityProperties = &IPEntityProperties + mce.MailClusterEntityProperties = &mailClusterEntityProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + mce.Kind = kind } case "id": if v != nil { @@ -10948,7 +13196,7 @@ func (ie *IPEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - ie.ID = &ID + mce.ID = &ID } case "name": if v != nil { @@ -10957,7 +13205,7 @@ func (ie *IPEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - ie.Name = &name + mce.Name = &name } case "type": if v != nil { @@ -10966,110 +13214,213 @@ func (ie *IPEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - ie.Type = &typeVar + mce.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - ie.Kind = kind + mce.SystemData = &systemData } } } - return nil + return nil +} + +// MailClusterEntityProperties mail cluster entity property bag. +type MailClusterEntityProperties struct { + // NetworkMessageIds - READ-ONLY; The mail message IDs that are part of the mail cluster + NetworkMessageIds *[]string `json:"networkMessageIds,omitempty"` + // CountByDeliveryStatus - READ-ONLY; Count of mail messages by DeliveryStatus string representation + CountByDeliveryStatus interface{} `json:"countByDeliveryStatus,omitempty"` + // CountByThreatType - READ-ONLY; Count of mail messages by ThreatType string representation + CountByThreatType interface{} `json:"countByThreatType,omitempty"` + // CountByProtectionStatus - READ-ONLY; Count of mail messages by ProtectionStatus string representation + CountByProtectionStatus interface{} `json:"countByProtectionStatus,omitempty"` + // Threats - READ-ONLY; The threats of mail messages that are part of the mail cluster + Threats *[]string `json:"threats,omitempty"` + // Query - READ-ONLY; The query that was used to identify the messages of the mail cluster + Query *string `json:"query,omitempty"` + // QueryTime - READ-ONLY; The query time + QueryTime *date.Time `json:"queryTime,omitempty"` + // MailCount - READ-ONLY; The number of mail messages that are part of the mail cluster + MailCount *int32 `json:"mailCount,omitempty"` + // IsVolumeAnomaly - READ-ONLY; Is this a volume anomaly mail cluster + IsVolumeAnomaly *bool `json:"isVolumeAnomaly,omitempty"` + // Source - READ-ONLY; The source of the mail cluster (default is 'O365 ATP') + Source *string `json:"source,omitempty"` + // ClusterSourceIdentifier - READ-ONLY; The id of the cluster source + ClusterSourceIdentifier *string `json:"clusterSourceIdentifier,omitempty"` + // ClusterSourceType - READ-ONLY; The type of the cluster source + ClusterSourceType *string `json:"clusterSourceType,omitempty"` + // ClusterQueryStartTime - READ-ONLY; The cluster query start time + ClusterQueryStartTime *date.Time `json:"clusterQueryStartTime,omitempty"` + // ClusterQueryEndTime - READ-ONLY; The cluster query end time + ClusterQueryEndTime *date.Time `json:"clusterQueryEndTime,omitempty"` + // ClusterGroup - READ-ONLY; The cluster group + ClusterGroup *string `json:"clusterGroup,omitempty"` + // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` + // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + FriendlyName *string `json:"friendlyName,omitempty"` +} + +// MarshalJSON is the custom marshaler for MailClusterEntityProperties. +func (mcep MailClusterEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) +} + +// MailMessageEntity represents a mail message entity. +type MailMessageEntity struct { + // MailMessageEntityProperties - Mail message entity properties + *MailMessageEntityProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for MailMessageEntity. +func (mme MailMessageEntity) MarshalJSON() ([]byte, error) { + mme.Kind = KindBasicEntityKindMailMessage + objectMap := make(map[string]interface{}) + if mme.MailMessageEntityProperties != nil { + objectMap["properties"] = mme.MailMessageEntityProperties + } + if mme.Kind != "" { + objectMap["kind"] = mme.Kind + } + return json.Marshal(objectMap) +} + +// AsURLEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsURLEntity() (*URLEntity, bool) { + return nil, false +} + +// AsSubmissionMailEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { + return nil, false +} + +// AsSecurityGroupEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { + return nil, false +} + +// AsSecurityAlert is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsSecurityAlert() (*SecurityAlert, bool) { + return nil, false +} + +// AsRegistryValueEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { + return nil, false +} + +// AsRegistryKeyEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { + return nil, false +} + +// AsProcessEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsProcessEntity() (*ProcessEntity, bool) { + return nil, false +} + +// AsMalwareEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsMalwareEntity() (*MalwareEntity, bool) { + return nil, false +} + +// AsMailMessageEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { + return &mme, true +} + +// AsMailClusterEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { + return nil, false } -// IPEntityProperties ip entity property bag. -type IPEntityProperties struct { - // Address - READ-ONLY; The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or Ipv6) - Address *string `json:"address,omitempty"` - // Location - The geo-location context attached to the ip entity - Location *GeoLocation `json:"location,omitempty"` - // ThreatIntelligence - READ-ONLY; A list of TI contexts attached to the ip entity. - ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` +// AsMailboxEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsMailboxEntity() (*MailboxEntity, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for IPEntityProperties. -func (iep IPEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if iep.Location != nil { - objectMap["location"] = iep.Location - } - return json.Marshal(objectMap) +// AsIPEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsIPEntity() (*IPEntity, bool) { + return nil, false } -// IPSyncer settings with single toggle. -type IPSyncer struct { - // IPSyncerSettingsProperties - IPSyncer properties - *IPSyncerSettingsProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindIPSyncer', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' - Kind KindBasicSettings `json:"kind,omitempty"` +// AsIoTDeviceEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for IPSyncer. -func (is IPSyncer) MarshalJSON() ([]byte, error) { - is.Kind = KindBasicSettingsKindIPSyncer - objectMap := make(map[string]interface{}) - if is.IPSyncerSettingsProperties != nil { - objectMap["properties"] = is.IPSyncerSettingsProperties - } - if is.Etag != nil { - objectMap["etag"] = is.Etag - } - if is.Kind != "" { - objectMap["kind"] = is.Kind - } - return json.Marshal(objectMap) +// AsHuntingBookmark is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { + return nil, false +} + +// AsHostEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsHostEntity() (*HostEntity, bool) { + return nil, false +} + +// AsFileHashEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsFileHashEntity() (*FileHashEntity, bool) { + return nil, false +} + +// AsFileEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsFileEntity() (*FileEntity, bool) { + return nil, false } -// AsIPSyncer is the BasicSettings implementation for IPSyncer. -func (is IPSyncer) AsIPSyncer() (*IPSyncer, bool) { - return &is, true +// AsDNSEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsDNSEntity() (*DNSEntity, bool) { + return nil, false } -// AsEyesOn is the BasicSettings implementation for IPSyncer. -func (is IPSyncer) AsEyesOn() (*EyesOn, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsEntityAnalytics is the BasicSettings implementation for IPSyncer. -func (is IPSyncer) AsEntityAnalytics() (*EntityAnalytics, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsUeba is the BasicSettings implementation for IPSyncer. -func (is IPSyncer) AsUeba() (*Ueba, bool) { +// AsAccountEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } -// AsSettings is the BasicSettings implementation for IPSyncer. -func (is IPSyncer) AsSettings() (*Settings, bool) { +// AsEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsEntity() (*Entity, bool) { return nil, false } -// AsBasicSettings is the BasicSettings implementation for IPSyncer. -func (is IPSyncer) AsBasicSettings() (BasicSettings, bool) { - return &is, true +// AsBasicEntity is the BasicEntity implementation for MailMessageEntity. +func (mme MailMessageEntity) AsBasicEntity() (BasicEntity, bool) { + return &mme, true } -// UnmarshalJSON is the custom unmarshaler for IPSyncer struct. -func (is *IPSyncer) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MailMessageEntity struct. +func (mme *MailMessageEntity) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -11079,12 +13430,21 @@ func (is *IPSyncer) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var IPSyncerSettingsProperties IPSyncerSettingsProperties - err = json.Unmarshal(*v, &IPSyncerSettingsProperties) + var mailMessageEntityProperties MailMessageEntityProperties + err = json.Unmarshal(*v, &mailMessageEntityProperties) + if err != nil { + return err + } + mme.MailMessageEntityProperties = &mailMessageEntityProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) if err != nil { return err } - is.IPSyncerSettingsProperties = &IPSyncerSettingsProperties + mme.Kind = kind } case "id": if v != nil { @@ -11093,7 +13453,7 @@ func (is *IPSyncer) UnmarshalJSON(body []byte) error { if err != nil { return err } - is.ID = &ID + mme.ID = &ID } case "name": if v != nil { @@ -11102,7 +13462,7 @@ func (is *IPSyncer) UnmarshalJSON(body []byte) error { if err != nil { return err } - is.Name = &name + mme.Name = &name } case "type": if v != nil { @@ -11111,25 +13471,16 @@ func (is *IPSyncer) UnmarshalJSON(body []byte) error { if err != nil { return err } - is.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - is.Etag = &etag + mme.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicSettings - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - is.Kind = kind + mme.SystemData = &systemData } } } @@ -11137,38 +13488,116 @@ func (is *IPSyncer) UnmarshalJSON(body []byte) error { return nil } -// IPSyncerSettingsProperties iPSyncer property bag. -type IPSyncerSettingsProperties struct { - // IsEnabled - READ-ONLY; Determines whether the setting is enable or disabled. - IsEnabled *bool `json:"isEnabled,omitempty"` +// MailMessageEntityProperties mail message entity property bag. +type MailMessageEntityProperties struct { + // FileEntityIds - READ-ONLY; The File entity ids of this mail message's attachments + FileEntityIds *[]string `json:"fileEntityIds,omitempty"` + // Recipient - READ-ONLY; The recipient of this mail message. Note that in case of multiple recipients the mail message is forked and each copy has one recipient + Recipient *string `json:"recipient,omitempty"` + // Urls - READ-ONLY; The Urls contained in this mail message + Urls *[]string `json:"urls,omitempty"` + // Threats - READ-ONLY; The threats of this mail message + Threats *[]string `json:"threats,omitempty"` + // P1Sender - READ-ONLY; The p1 sender's email address + P1Sender *string `json:"p1Sender,omitempty"` + // P1SenderDisplayName - READ-ONLY; The p1 sender's display name + P1SenderDisplayName *string `json:"p1SenderDisplayName,omitempty"` + // P1SenderDomain - READ-ONLY; The p1 sender's domain + P1SenderDomain *string `json:"p1SenderDomain,omitempty"` + // SenderIP - READ-ONLY; The sender's IP address + SenderIP *string `json:"senderIP,omitempty"` + // P2Sender - READ-ONLY; The p2 sender's email address + P2Sender *string `json:"p2Sender,omitempty"` + // P2SenderDisplayName - READ-ONLY; The p2 sender's display name + P2SenderDisplayName *string `json:"p2SenderDisplayName,omitempty"` + // P2SenderDomain - READ-ONLY; The p2 sender's domain + P2SenderDomain *string `json:"p2SenderDomain,omitempty"` + // ReceiveDate - READ-ONLY; The receive date of this message + ReceiveDate *date.Time `json:"receiveDate,omitempty"` + // NetworkMessageID - READ-ONLY; The network message id of this mail message + NetworkMessageID *uuid.UUID `json:"networkMessageId,omitempty"` + // InternetMessageID - READ-ONLY; The internet message id of this mail message + InternetMessageID *string `json:"internetMessageId,omitempty"` + // Subject - READ-ONLY; The subject of this mail message + Subject *string `json:"subject,omitempty"` + // Language - READ-ONLY; The language of this mail message + Language *string `json:"language,omitempty"` + // ThreatDetectionMethods - READ-ONLY; The threat detection methods + ThreatDetectionMethods *[]string `json:"threatDetectionMethods,omitempty"` + // BodyFingerprintBin1 - The bodyFingerprintBin1 + BodyFingerprintBin1 *int32 `json:"bodyFingerprintBin1,omitempty"` + // BodyFingerprintBin2 - The bodyFingerprintBin2 + BodyFingerprintBin2 *int32 `json:"bodyFingerprintBin2,omitempty"` + // BodyFingerprintBin3 - The bodyFingerprintBin3 + BodyFingerprintBin3 *int32 `json:"bodyFingerprintBin3,omitempty"` + // BodyFingerprintBin4 - The bodyFingerprintBin4 + BodyFingerprintBin4 *int32 `json:"bodyFingerprintBin4,omitempty"` + // BodyFingerprintBin5 - The bodyFingerprintBin5 + BodyFingerprintBin5 *int32 `json:"bodyFingerprintBin5,omitempty"` + // AntispamDirection - The directionality of this mail message. Possible values include: 'AntispamMailDirectionUnknown', 'AntispamMailDirectionInbound', 'AntispamMailDirectionOutbound', 'AntispamMailDirectionIntraorg' + AntispamDirection AntispamMailDirection `json:"antispamDirection,omitempty"` + // DeliveryAction - The delivery action of this mail message like Delivered, Blocked, Replaced etc. Possible values include: 'DeliveryActionUnknown', 'DeliveryActionDeliveredAsSpam', 'DeliveryActionDelivered', 'DeliveryActionBlocked', 'DeliveryActionReplaced' + DeliveryAction DeliveryAction `json:"deliveryAction,omitempty"` + // DeliveryLocation - The delivery location of this mail message like Inbox, JunkFolder etc. Possible values include: 'DeliveryLocationUnknown', 'DeliveryLocationInbox', 'DeliveryLocationJunkFolder', 'DeliveryLocationDeletedFolder', 'DeliveryLocationQuarantine', 'DeliveryLocationExternal', 'DeliveryLocationFailed', 'DeliveryLocationDropped', 'DeliveryLocationForwarded' + DeliveryLocation DeliveryLocation `json:"deliveryLocation,omitempty"` + // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` + // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + FriendlyName *string `json:"friendlyName,omitempty"` } -// MarshalJSON is the custom marshaler for IPSyncerSettingsProperties. -func (issp IPSyncerSettingsProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for MailMessageEntityProperties. +func (mmep MailMessageEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) + if mmep.BodyFingerprintBin1 != nil { + objectMap["bodyFingerprintBin1"] = mmep.BodyFingerprintBin1 + } + if mmep.BodyFingerprintBin2 != nil { + objectMap["bodyFingerprintBin2"] = mmep.BodyFingerprintBin2 + } + if mmep.BodyFingerprintBin3 != nil { + objectMap["bodyFingerprintBin3"] = mmep.BodyFingerprintBin3 + } + if mmep.BodyFingerprintBin4 != nil { + objectMap["bodyFingerprintBin4"] = mmep.BodyFingerprintBin4 + } + if mmep.BodyFingerprintBin5 != nil { + objectMap["bodyFingerprintBin5"] = mmep.BodyFingerprintBin5 + } + if mmep.AntispamDirection != "" { + objectMap["antispamDirection"] = mmep.AntispamDirection + } + if mmep.DeliveryAction != "" { + objectMap["deliveryAction"] = mmep.DeliveryAction + } + if mmep.DeliveryLocation != "" { + objectMap["deliveryLocation"] = mmep.DeliveryLocation + } return json.Marshal(objectMap) } -// MailboxEntity represents a mailbox entity. -type MailboxEntity struct { - // MailboxEntityProperties - Mailbox entity properties - *MailboxEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// MalwareEntity represents a malware entity. +type MalwareEntity struct { + // MalwareEntityProperties - File entity properties + *MalwareEntityProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for MailboxEntity. -func (me MailboxEntity) MarshalJSON() ([]byte, error) { - me.Kind = KindBasicEntityKindMailbox +// MarshalJSON is the custom marshaler for MalwareEntity. +func (me MalwareEntity) MarshalJSON() ([]byte, error) { + me.Kind = KindBasicEntityKindMalware objectMap := make(map[string]interface{}) - if me.MailboxEntityProperties != nil { - objectMap["properties"] = me.MailboxEntityProperties + if me.MalwareEntityProperties != nil { + objectMap["properties"] = me.MalwareEntityProperties } if me.Kind != "" { objectMap["kind"] = me.Kind @@ -11176,123 +13605,123 @@ func (me MailboxEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { - return nil, false +// AsMalwareEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsMalwareEntity() (*MalwareEntity, bool) { + return &me, true } -// AsSecurityAlert is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } -// AsMailboxEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsMailboxEntity() (*MailboxEntity, bool) { - return &me, true +// AsMailboxEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsMailboxEntity() (*MailboxEntity, bool) { + return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsEntity() (*Entity, bool) { +// AsEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsEntity() (*Entity, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for MailboxEntity. -func (me MailboxEntity) AsBasicEntity() (BasicEntity, bool) { +// AsBasicEntity is the BasicEntity implementation for MalwareEntity. +func (me MalwareEntity) AsBasicEntity() (BasicEntity, bool) { return &me, true } -// UnmarshalJSON is the custom unmarshaler for MailboxEntity struct. -func (me *MailboxEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MalwareEntity struct. +func (me *MalwareEntity) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -11302,12 +13731,21 @@ func (me *MailboxEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mailboxEntityProperties MailboxEntityProperties - err = json.Unmarshal(*v, &mailboxEntityProperties) + var malwareEntityProperties MalwareEntityProperties + err = json.Unmarshal(*v, &malwareEntityProperties) if err != nil { return err } - me.MailboxEntityProperties = &mailboxEntityProperties + me.MalwareEntityProperties = &malwareEntityProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + me.Kind = kind } case "id": if v != nil { @@ -11336,14 +13774,14 @@ func (me *MailboxEntity) UnmarshalJSON(body []byte) error { } me.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - me.Kind = kind + me.SystemData = &systemData } } } @@ -11351,172 +13789,299 @@ func (me *MailboxEntity) UnmarshalJSON(body []byte) error { return nil } -// MailboxEntityProperties mailbox entity property bag. -type MailboxEntityProperties struct { - // MailboxPrimaryAddress - READ-ONLY; The mailbox's primary address - MailboxPrimaryAddress *string `json:"mailboxPrimaryAddress,omitempty"` - // DisplayName - READ-ONLY; The mailbox's display name - DisplayName *string `json:"displayName,omitempty"` - // Upn - READ-ONLY; The mailbox's UPN - Upn *string `json:"upn,omitempty"` - // ExternalDirectoryObjectID - READ-ONLY; The AzureAD identifier of mailbox. Similar to AadUserId in account entity but this property is specific to mailbox object on office side - ExternalDirectoryObjectID *uuid.UUID `json:"externalDirectoryObjectId,omitempty"` +// MalwareEntityProperties malware entity property bag. +type MalwareEntityProperties struct { + // Category - READ-ONLY; The malware category by the vendor, e.g. Trojan + Category *string `json:"category,omitempty"` + // FileEntityIds - READ-ONLY; List of linked file entity identifiers on which the malware was found + FileEntityIds *[]string `json:"fileEntityIds,omitempty"` + // MalwareName - READ-ONLY; The malware name by the vendor, e.g. Win32/Toga!rfn + MalwareName *string `json:"malwareName,omitempty"` + // ProcessEntityIds - READ-ONLY; List of linked process entity identifiers on which the malware was found. + ProcessEntityIds *[]string `json:"processEntityIds,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` } -// MarshalJSON is the custom marshaler for MailboxEntityProperties. -func (mep MailboxEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for MalwareEntityProperties. +func (mep MalwareEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) return json.Marshal(objectMap) } -// MailClusterEntity represents a mail cluster entity. -type MailClusterEntity struct { - // MailClusterEntityProperties - Mail cluster entity properties - *MailClusterEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` +// MCASCheckRequirements represents MCAS (Microsoft Cloud App Security) requirements check request. +type MCASCheckRequirements struct { + // MCASCheckRequirementsProperties - MCAS (Microsoft Cloud App Security) requirements check properties. + *MCASCheckRequirementsProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for MailClusterEntity. -func (mce MailClusterEntity) MarshalJSON() ([]byte, error) { - mce.Kind = KindBasicEntityKindMailCluster +// MarshalJSON is the custom marshaler for MCASCheckRequirements. +func (mcr MCASCheckRequirements) MarshalJSON() ([]byte, error) { + mcr.Kind = KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity objectMap := make(map[string]interface{}) - if mce.MailClusterEntityProperties != nil { - objectMap["properties"] = mce.MailClusterEntityProperties + if mcr.MCASCheckRequirementsProperties != nil { + objectMap["properties"] = mcr.MCASCheckRequirementsProperties } - if mce.Kind != "" { - objectMap["kind"] = mce.Kind + if mcr.Kind != "" { + objectMap["kind"] = mcr.Kind } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { + return nil, false +} + +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { + return nil, false +} + +// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { + return nil, false +} + +// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { + return &mcr, true +} + +// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { + return nil, false +} + +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { + return nil, false +} + +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { + return nil, false +} + +// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { + return nil, false +} + +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { + return nil, false +} + +// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { + return nil, false +} + +// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsFileEntity() (*FileEntity, bool) { +// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { + return nil, false +} + +// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. +func (mcr MCASCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { + return &mcr, true +} + +// UnmarshalJSON is the custom unmarshaler for MCASCheckRequirements struct. +func (mcr *MCASCheckRequirements) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var mCASCheckRequirementsProperties MCASCheckRequirementsProperties + err = json.Unmarshal(*v, &mCASCheckRequirementsProperties) + if err != nil { + return err + } + mcr.MCASCheckRequirementsProperties = &mCASCheckRequirementsProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnectorsCheckRequirements + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + mcr.Kind = kind + } + } + } + + return nil +} + +// MCASCheckRequirementsProperties MCAS (Microsoft Cloud App Security) requirements check properties. +type MCASCheckRequirementsProperties struct { + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` +} + +// MCASDataConnector represents MCAS (Microsoft Cloud App Security) data connector. +type MCASDataConnector struct { + // MCASDataConnectorProperties - MCAS (Microsoft Cloud App Security) data connector properties. + *MCASDataConnectorProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for MCASDataConnector. +func (mdc MCASDataConnector) MarshalJSON() ([]byte, error) { + mdc.Kind = KindBasicDataConnectorKindMicrosoftCloudAppSecurity + objectMap := make(map[string]interface{}) + if mdc.MCASDataConnectorProperties != nil { + objectMap["properties"] = mdc.MCASDataConnectorProperties + } + if mdc.Kind != "" { + objectMap["kind"] = mdc.Kind + } + if mdc.Etag != nil { + objectMap["etag"] = mdc.Etag + } + return json.Marshal(objectMap) +} + +// AsAADDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsMSTIDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsHostEntity() (*HostEntity, bool) { +// AsMTPDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsAATPDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsASCDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsIPEntity() (*IPEntity, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsMailboxEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsMailboxEntity() (*MailboxEntity, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { - return &mce, true +// AsMCASDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { + return &mdc, true } -// AsMailMessageEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsOfficeATPDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsMDATPDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsOfficeDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsTIDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsURLEntity() (*URLEntity, bool) { +// AsCodelessUIDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsEntity() (*Entity, bool) { +// AsDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for MailClusterEntity. -func (mce MailClusterEntity) AsBasicEntity() (BasicEntity, bool) { - return &mce, true +// AsBasicDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &mdc, true } -// UnmarshalJSON is the custom unmarshaler for MailClusterEntity struct. -func (mce *MailClusterEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MCASDataConnector struct. +func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -11526,12 +14091,30 @@ func (mce *MailClusterEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mailClusterEntityProperties MailClusterEntityProperties - err = json.Unmarshal(*v, &mailClusterEntityProperties) + var mCASDataConnectorProperties MCASDataConnectorProperties + err = json.Unmarshal(*v, &mCASDataConnectorProperties) if err != nil { return err } - mce.MailClusterEntityProperties = &mailClusterEntityProperties + mdc.MCASDataConnectorProperties = &mCASDataConnectorProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + mdc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + mdc.Etag = &etag } case "id": if v != nil { @@ -11540,7 +14123,7 @@ func (mce *MailClusterEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - mce.ID = &ID + mdc.ID = &ID } case "name": if v != nil { @@ -11549,7 +14132,7 @@ func (mce *MailClusterEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - mce.Name = &name + mdc.Name = &name } case "type": if v != nil { @@ -11558,16 +14141,16 @@ func (mce *MailClusterEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - mce.Type = &typeVar + mdc.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - mce.Kind = kind + mdc.SystemData = &systemData } } } @@ -11575,194 +14158,127 @@ func (mce *MailClusterEntity) UnmarshalJSON(body []byte) error { return nil } -// MailClusterEntityProperties mail cluster entity property bag. -type MailClusterEntityProperties struct { - // NetworkMessageIds - READ-ONLY; The mail message IDs that are part of the mail cluster - NetworkMessageIds *[]string `json:"networkMessageIds,omitempty"` - // CountByDeliveryStatus - READ-ONLY; Count of mail messages by DeliveryStatus string representation - CountByDeliveryStatus interface{} `json:"countByDeliveryStatus,omitempty"` - // CountByThreatType - READ-ONLY; Count of mail messages by ThreatType string representation - CountByThreatType interface{} `json:"countByThreatType,omitempty"` - // CountByProtectionStatus - READ-ONLY; Count of mail messages by ProtectionStatus string representation - CountByProtectionStatus interface{} `json:"countByProtectionStatus,omitempty"` - // Threats - READ-ONLY; The threats of mail messages that are part of the mail cluster - Threats *[]string `json:"threats,omitempty"` - // Query - READ-ONLY; The query that was used to identify the messages of the mail cluster - Query *string `json:"query,omitempty"` - // QueryTime - READ-ONLY; The query time - QueryTime *date.Time `json:"queryTime,omitempty"` - // MailCount - READ-ONLY; The number of mail messages that are part of the mail cluster - MailCount *int32 `json:"mailCount,omitempty"` - // IsVolumeAnomaly - READ-ONLY; Is this a volume anomaly mail cluster - IsVolumeAnomaly *bool `json:"isVolumeAnomaly,omitempty"` - // Source - READ-ONLY; The source of the mail cluster (default is 'O365 ATP') - Source *string `json:"source,omitempty"` - // ClusterSourceIdentifier - READ-ONLY; The id of the cluster source - ClusterSourceIdentifier *string `json:"clusterSourceIdentifier,omitempty"` - // ClusterSourceType - READ-ONLY; The type of the cluster source - ClusterSourceType *string `json:"clusterSourceType,omitempty"` - // ClusterQueryStartTime - READ-ONLY; The cluster query start time - ClusterQueryStartTime *date.Time `json:"clusterQueryStartTime,omitempty"` - // ClusterQueryEndTime - READ-ONLY; The cluster query end time - ClusterQueryEndTime *date.Time `json:"clusterQueryEndTime,omitempty"` - // ClusterGroup - READ-ONLY; The cluster group - ClusterGroup *string `json:"clusterGroup,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` +// MCASDataConnectorDataTypes the available data types for MCAS (Microsoft Cloud App Security) data +// connector. +type MCASDataConnectorDataTypes struct { + // DiscoveryLogs - Discovery log data type connection. + DiscoveryLogs *DataConnectorDataTypeCommon `json:"discoveryLogs,omitempty"` + // Alerts - Alerts data type connection. + Alerts *DataConnectorDataTypeCommon `json:"alerts,omitempty"` } -// MarshalJSON is the custom marshaler for MailClusterEntityProperties. -func (mcep MailClusterEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// MCASDataConnectorProperties MCAS (Microsoft Cloud App Security) data connector properties. +type MCASDataConnectorProperties struct { + // DataTypes - The available data types for the connector. + DataTypes *MCASDataConnectorDataTypes `json:"dataTypes,omitempty"` + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` } -// MailMessageEntity represents a mail message entity. -type MailMessageEntity struct { - // MailMessageEntityProperties - Mail message entity properties - *MailMessageEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` +// MDATPCheckRequirements represents MDATP (Microsoft Defender Advanced Threat Protection) requirements +// check request. +type MDATPCheckRequirements struct { + // MDATPCheckRequirementsProperties - MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties. + *MDATPCheckRequirementsProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for MailMessageEntity. -func (mme MailMessageEntity) MarshalJSON() ([]byte, error) { - mme.Kind = KindBasicEntityKindMailMessage +// MarshalJSON is the custom marshaler for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) MarshalJSON() ([]byte, error) { + mcr.Kind = KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection objectMap := make(map[string]interface{}) - if mme.MailMessageEntityProperties != nil { - objectMap["properties"] = mme.MailMessageEntityProperties + if mcr.MDATPCheckRequirementsProperties != nil { + objectMap["properties"] = mcr.MDATPCheckRequirementsProperties } - if mme.Kind != "" { - objectMap["kind"] = mme.Kind + if mcr.Kind != "" { + objectMap["kind"] = mcr.Kind } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsHuntingBookmark is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsIPEntity() (*IPEntity, bool) { +// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false } -// AsMailboxEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsMailboxEntity() (*MailboxEntity, bool) { +// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { - return &mme, true -} - -// AsSubmissionMailEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { + return &mcr, true +} + +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsURLEntity() (*URLEntity, bool) { +// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsEntity() (*Entity, bool) { +// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for MailMessageEntity. -func (mme MailMessageEntity) AsBasicEntity() (BasicEntity, bool) { - return &mme, true +// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. +func (mcr MDATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { + return &mcr, true } -// UnmarshalJSON is the custom unmarshaler for MailMessageEntity struct. -func (mme *MailMessageEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MDATPCheckRequirements struct. +func (mcr *MDATPCheckRequirements) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -11772,48 +14288,21 @@ func (mme *MailMessageEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mailMessageEntityProperties MailMessageEntityProperties - err = json.Unmarshal(*v, &mailMessageEntityProperties) - if err != nil { - return err - } - mme.MailMessageEntityProperties = &mailMessageEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - mme.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - mme.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) + var mDATPCheckRequirementsProperties MDATPCheckRequirementsProperties + err = json.Unmarshal(*v, &mDATPCheckRequirementsProperties) if err != nil { return err } - mme.Type = &typeVar + mcr.MDATPCheckRequirementsProperties = &mDATPCheckRequirementsProperties } case "kind": if v != nil { - var kind KindBasicEntity + var kind KindBasicDataConnectorsCheckRequirements err = json.Unmarshal(*v, &kind) if err != nil { return err } - mme.Kind = kind + mcr.Kind = kind } } } @@ -11821,238 +14310,464 @@ func (mme *MailMessageEntity) UnmarshalJSON(body []byte) error { return nil } -// MailMessageEntityProperties mail message entity property bag. -type MailMessageEntityProperties struct { - // FileEntityIds - READ-ONLY; The File entity ids of this mail message's attachments - FileEntityIds *[]string `json:"fileEntityIds,omitempty"` - // Recipient - READ-ONLY; The recipient of this mail message. Note that in case of multiple recipients the mail message is forked and each copy has one recipient - Recipient *string `json:"recipient,omitempty"` - // Urls - READ-ONLY; The Urls contained in this mail message - Urls *[]string `json:"urls,omitempty"` - // Threats - READ-ONLY; The threats of this mail message - Threats *[]string `json:"threats,omitempty"` - // P1Sender - READ-ONLY; The p1 sender's email address - P1Sender *string `json:"p1Sender,omitempty"` - // P1SenderDisplayName - READ-ONLY; The p1 sender's display name - P1SenderDisplayName *string `json:"p1SenderDisplayName,omitempty"` - // P1SenderDomain - READ-ONLY; The p1 sender's domain - P1SenderDomain *string `json:"p1SenderDomain,omitempty"` - // SenderIP - READ-ONLY; The sender's IP address - SenderIP *string `json:"senderIP,omitempty"` - // P2Sender - READ-ONLY; The p2 sender's email address - P2Sender *string `json:"p2Sender,omitempty"` - // P2SenderDisplayName - READ-ONLY; The p2 sender's display name - P2SenderDisplayName *string `json:"p2SenderDisplayName,omitempty"` - // P2SenderDomain - READ-ONLY; The p2 sender's domain - P2SenderDomain *string `json:"p2SenderDomain,omitempty"` - // ReceiveDate - READ-ONLY; The receive date of this message - ReceiveDate *date.Time `json:"receiveDate,omitempty"` - // NetworkMessageID - READ-ONLY; The network message id of this mail message - NetworkMessageID *uuid.UUID `json:"networkMessageId,omitempty"` - // InternetMessageID - READ-ONLY; The internet message id of this mail message - InternetMessageID *string `json:"internetMessageId,omitempty"` - // Subject - READ-ONLY; The subject of this mail message - Subject *string `json:"subject,omitempty"` - // Language - READ-ONLY; The language of this mail message - Language *string `json:"language,omitempty"` - // ThreatDetectionMethods - READ-ONLY; The threat detection methods - ThreatDetectionMethods *[]string `json:"threatDetectionMethods,omitempty"` - // BodyFingerprintBin1 - The bodyFingerprintBin1 - BodyFingerprintBin1 *int32 `json:"bodyFingerprintBin1,omitempty"` - // BodyFingerprintBin2 - The bodyFingerprintBin2 - BodyFingerprintBin2 *int32 `json:"bodyFingerprintBin2,omitempty"` - // BodyFingerprintBin3 - The bodyFingerprintBin3 - BodyFingerprintBin3 *int32 `json:"bodyFingerprintBin3,omitempty"` - // BodyFingerprintBin4 - The bodyFingerprintBin4 - BodyFingerprintBin4 *int32 `json:"bodyFingerprintBin4,omitempty"` - // BodyFingerprintBin5 - The bodyFingerprintBin5 - BodyFingerprintBin5 *int32 `json:"bodyFingerprintBin5,omitempty"` - // AntispamDirection - The directionality of this mail message. Possible values include: 'AntispamMailDirectionUnknown', 'AntispamMailDirectionInbound', 'AntispamMailDirectionOutbound', 'AntispamMailDirectionIntraorg' - AntispamDirection AntispamMailDirection `json:"antispamDirection,omitempty"` - // DeliveryAction - The delivery action of this mail message like Delivered, Blocked, Replaced etc. Possible values include: 'DeliveryActionUnknown', 'DeliveryActionDeliveredAsSpam', 'DeliveryActionDelivered', 'DeliveryActionBlocked', 'DeliveryActionReplaced' - DeliveryAction DeliveryAction `json:"deliveryAction,omitempty"` - // DeliveryLocation - The delivery location of this mail message like Inbox, JunkFolder etc. Possible values include: 'DeliveryLocationUnknown', 'DeliveryLocationInbox', 'DeliveryLocationJunkFolder', 'DeliveryLocationDeletedFolder', 'DeliveryLocationQuarantine', 'DeliveryLocationExternal', 'DeliveryLocationFailed', 'DeliveryLocationDropped', 'DeliveryLocationForwarded' - DeliveryLocation DeliveryLocation `json:"deliveryLocation,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for MailMessageEntityProperties. -func (mmep MailMessageEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if mmep.BodyFingerprintBin1 != nil { - objectMap["bodyFingerprintBin1"] = mmep.BodyFingerprintBin1 - } - if mmep.BodyFingerprintBin2 != nil { - objectMap["bodyFingerprintBin2"] = mmep.BodyFingerprintBin2 - } - if mmep.BodyFingerprintBin3 != nil { - objectMap["bodyFingerprintBin3"] = mmep.BodyFingerprintBin3 - } - if mmep.BodyFingerprintBin4 != nil { - objectMap["bodyFingerprintBin4"] = mmep.BodyFingerprintBin4 - } - if mmep.BodyFingerprintBin5 != nil { - objectMap["bodyFingerprintBin5"] = mmep.BodyFingerprintBin5 - } - if mmep.AntispamDirection != "" { - objectMap["antispamDirection"] = mmep.AntispamDirection - } - if mmep.DeliveryAction != "" { - objectMap["deliveryAction"] = mmep.DeliveryAction - } - if mmep.DeliveryLocation != "" { - objectMap["deliveryLocation"] = mmep.DeliveryLocation - } - return json.Marshal(objectMap) +// MDATPCheckRequirementsProperties MDATP (Microsoft Defender Advanced Threat Protection) requirements +// check properties. +type MDATPCheckRequirementsProperties struct { + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` } -// MalwareEntity represents a malware entity. -type MalwareEntity struct { - // MalwareEntityProperties - File entity properties - *MalwareEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// MDATPDataConnector represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. +type MDATPDataConnector struct { + // MDATPDataConnectorProperties - MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. + *MDATPDataConnectorProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for MalwareEntity. -func (me MalwareEntity) MarshalJSON() ([]byte, error) { - me.Kind = KindBasicEntityKindMalware +// MarshalJSON is the custom marshaler for MDATPDataConnector. +func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error) { + mdc.Kind = KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection objectMap := make(map[string]interface{}) - if me.MalwareEntityProperties != nil { - objectMap["properties"] = me.MalwareEntityProperties + if mdc.MDATPDataConnectorProperties != nil { + objectMap["properties"] = mdc.MDATPDataConnectorProperties } - if me.Kind != "" { - objectMap["kind"] = me.Kind + if mdc.Kind != "" { + objectMap["kind"] = mdc.Kind + } + if mdc.Etag != nil { + objectMap["etag"] = mdc.Etag } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsAADDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { + return nil, false +} + +// AsMSTIDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { + return nil, false +} + +// AsMTPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { + return nil, false +} + +// AsAATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false +} + +// AsASCDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { + return nil, false +} + +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { + return nil, false +} + +// AsAwsS3DataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { + return nil, false +} + +// AsMCASDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { + return nil, false +} + +// AsDynamics365DataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { + return nil, false +} + +// AsOfficeATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { + return nil, false +} + +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return &mdc, true +} + +// AsOfficeDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsTIDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsCodelessUIDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsFileEntity() (*FileEntity, bool) { +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false +// AsBasicDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &mdc, true } -// AsHuntingBookmark is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { - return nil, false +// UnmarshalJSON is the custom unmarshaler for MDATPDataConnector struct. +func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var mDATPDataConnectorProperties MDATPDataConnectorProperties + err = json.Unmarshal(*v, &mDATPDataConnectorProperties) + if err != nil { + return err + } + mdc.MDATPDataConnectorProperties = &mDATPDataConnectorProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + mdc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + mdc.Etag = &etag + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + mdc.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + mdc.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + mdc.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + mdc.SystemData = &systemData + } + } + } + + return nil } -// AsSecurityAlert is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false +// MDATPDataConnectorProperties MDATP (Microsoft Defender Advanced Threat Protection) data connector +// properties. +type MDATPDataConnectorProperties struct { + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` + // DataTypes - The available data types for the connector. + DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` } -// AsIPEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false +// MetadataAuthor publisher or creator of the content item. +type MetadataAuthor struct { + // Name - Name of the author. Company or person. + Name *string `json:"name,omitempty"` + // Email - Email of author contact + Email *string `json:"email,omitempty"` + // Link - Link for author/vendor page + Link *string `json:"link,omitempty"` } -// AsMailboxEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsMailboxEntity() (*MailboxEntity, bool) { - return nil, false +// MetadataCategories ies for the solution content item +type MetadataCategories struct { + // Domains - domain for the solution content item + Domains *[]string `json:"domains,omitempty"` + // Verticals - Industry verticals for the solution content item + Verticals *[]string `json:"verticals,omitempty"` } -// AsMailClusterEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { - return nil, false +// MetadataDependencies dependencies for the content item, what other content items it requires to work. +// Can describe more complex dependencies using a recursive/nested structure. For a single dependency an +// id/kind/version can be supplied or operator/criteria for complex dependencies. +type MetadataDependencies struct { + // ContentID - Id of the content item we depend on + ContentID *string `json:"contentId,omitempty"` + // Kind - Type of the content item we depend on. Possible values include: 'KindDataConnector', 'KindDataType', 'KindWorkbook', 'KindWorkbookTemplate', 'KindPlaybook', 'KindPlaybookTemplate', 'KindAnalyticsRuleTemplate', 'KindAnalyticsRule', 'KindHuntingQuery', 'KindInvestigationQuery', 'KindParser', 'KindWatchlist', 'KindWatchlistTemplate', 'KindSolution' + Kind Kind `json:"kind,omitempty"` + // Version - Version of the the content item we depend on. Can be blank, * or missing to indicate any version fulfills the dependency. If version does not match our defined numeric format then an exact match is required. + Version *string `json:"version,omitempty"` + // Name - Name of the content item + Name *string `json:"name,omitempty"` + // Operator - Operator used for list of dependencies in criteria array. Possible values include: 'OperatorAND', 'OperatorOR' + Operator Operator `json:"operator,omitempty"` + // Criteria - This is the list of dependencies we must fulfill, according to the AND/OR operator + Criteria *[]MetadataDependencies `json:"criteria,omitempty"` } -// AsMailMessageEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { - return nil, false +// MetadataList list of all the metadata. +type MetadataList struct { + autorest.Response `json:"-"` + // Value - Array of metadata. + Value *[]MetadataModel `json:"value,omitempty"` + // NextLink - READ-ONLY; URL to fetch the next page of metadata. + NextLink *string `json:"nextLink,omitempty"` } -// AsSubmissionMailEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { - return nil, false +// MarshalJSON is the custom marshaler for MetadataList. +func (ml MetadataList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if ml.Value != nil { + objectMap["value"] = ml.Value + } + return json.Marshal(objectMap) } -// AsMalwareEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return &me, true +// MetadataListIterator provides access to a complete listing of MetadataModel values. +type MetadataListIterator struct { + i int + page MetadataListPage } -// AsProcessEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *MetadataListIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/MetadataListIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil } -// AsRegistryKeyEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *MetadataListIterator) Next() error { + return iter.NextWithContext(context.Background()) } -// AsRegistryValueEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter MetadataListIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) } -// AsSecurityGroupEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false +// Response returns the raw server response from the last page request. +func (iter MetadataListIterator) Response() MetadataList { + return iter.page.Response() } -// AsURLEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter MetadataListIterator) Value() MetadataModel { + if !iter.page.NotDone() { + return MetadataModel{} + } + return iter.page.Values()[iter.i] } -// AsIoTDeviceEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false +// Creates a new instance of the MetadataListIterator type. +func NewMetadataListIterator(page MetadataListPage) MetadataListIterator { + return MetadataListIterator{page: page} } -// AsEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsEntity() (*Entity, bool) { - return nil, false +// IsEmpty returns true if the ListResult contains no values. +func (ml MetadataList) IsEmpty() bool { + return ml.Value == nil || len(*ml.Value) == 0 +} + +// hasNextLink returns true if the NextLink is not empty. +func (ml MetadataList) hasNextLink() bool { + return ml.NextLink != nil && len(*ml.NextLink) != 0 +} + +// metadataListPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (ml MetadataList) metadataListPreparer(ctx context.Context) (*http.Request, error) { + if !ml.hasNextLink() { + return nil, nil + } + return autorest.Prepare((&http.Request{}).WithContext(ctx), + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(ml.NextLink))) +} + +// MetadataListPage contains a page of MetadataModel values. +type MetadataListPage struct { + fn func(context.Context, MetadataList) (MetadataList, error) + ml MetadataList +} + +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *MetadataListPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/MetadataListPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + for { + next, err := page.fn(ctx, page.ml) + if err != nil { + return err + } + page.ml = next + if !next.hasNextLink() || !next.IsEmpty() { + break + } + } + return nil +} + +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *MetadataListPage) Next() error { + return page.NextWithContext(context.Background()) +} + +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page MetadataListPage) NotDone() bool { + return !page.ml.IsEmpty() +} + +// Response returns the raw server response from the last page request. +func (page MetadataListPage) Response() MetadataList { + return page.ml +} + +// Values returns the slice of values for the current page or nil if there are no values. +func (page MetadataListPage) Values() []MetadataModel { + if page.ml.IsEmpty() { + return nil + } + return *page.ml.Value +} + +// Creates a new instance of the MetadataListPage type. +func NewMetadataListPage(cur MetadataList, getNextPage func(context.Context, MetadataList) (MetadataList, error)) MetadataListPage { + return MetadataListPage{ + fn: getNextPage, + ml: cur, + } +} + +// MetadataModel metadata resource definition. +type MetadataModel struct { + autorest.Response `json:"-"` + // MetadataProperties - Metadata properties + *MetadataProperties `json:"properties,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// AsBasicEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsBasicEntity() (BasicEntity, bool) { - return &me, true +// MarshalJSON is the custom marshaler for MetadataModel. +func (mm MetadataModel) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if mm.MetadataProperties != nil { + objectMap["properties"] = mm.MetadataProperties + } + if mm.Etag != nil { + objectMap["etag"] = mm.Etag + } + return json.Marshal(objectMap) } -// UnmarshalJSON is the custom unmarshaler for MalwareEntity struct. -func (me *MalwareEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MetadataModel struct. +func (mm *MetadataModel) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -12062,12 +14777,21 @@ func (me *MalwareEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var malwareEntityProperties MalwareEntityProperties - err = json.Unmarshal(*v, &malwareEntityProperties) + var metadataProperties MetadataProperties + err = json.Unmarshal(*v, &metadataProperties) if err != nil { return err } - me.MalwareEntityProperties = &malwareEntityProperties + mm.MetadataProperties = &metadataProperties + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + mm.Etag = &etag } case "id": if v != nil { @@ -12076,7 +14800,7 @@ func (me *MalwareEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - me.ID = &ID + mm.ID = &ID } case "name": if v != nil { @@ -12085,7 +14809,7 @@ func (me *MalwareEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - me.Name = &name + mm.Name = &name } case "type": if v != nil { @@ -12094,16 +14818,16 @@ func (me *MalwareEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - me.Type = &typeVar + mm.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - me.Kind = kind + mm.SystemData = &systemData } } } @@ -12111,121 +14835,36 @@ func (me *MalwareEntity) UnmarshalJSON(body []byte) error { return nil } -// MalwareEntityProperties malware entity property bag. -type MalwareEntityProperties struct { - // Category - READ-ONLY; The malware category by the vendor, e.g. Trojan - Category *string `json:"category,omitempty"` - // FileEntityIds - READ-ONLY; List of linked file entity identifiers on which the malware was found - FileEntityIds *[]string `json:"fileEntityIds,omitempty"` - // MalwareName - READ-ONLY; The malware name by the vendor, e.g. Win32/Toga!rfn - MalwareName *string `json:"malwareName,omitempty"` - // ProcessEntityIds - READ-ONLY; List of linked process entity identifiers on which the malware was found. - ProcessEntityIds *[]string `json:"processEntityIds,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for MalwareEntityProperties. -func (mep MalwareEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// MCASCheckRequirements represents MCAS (Microsoft Cloud App Security) requirements check request. -type MCASCheckRequirements struct { - // MCASCheckRequirementsProperties - MCAS (Microsoft Cloud App Security) requirements check properties. - *MCASCheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' - Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` +// MetadataPatch metadata patch request body. +type MetadataPatch struct { + // MetadataPropertiesPatch - Metadata patch request body + *MetadataPropertiesPatch `json:"properties,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for MCASCheckRequirements. -func (mcr MCASCheckRequirements) MarshalJSON() ([]byte, error) { - mcr.Kind = KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity +// MarshalJSON is the custom marshaler for MetadataPatch. +func (mp MetadataPatch) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if mcr.MCASCheckRequirementsProperties != nil { - objectMap["properties"] = mcr.MCASCheckRequirementsProperties + if mp.MetadataPropertiesPatch != nil { + objectMap["properties"] = mp.MetadataPropertiesPatch } - if mcr.Kind != "" { - objectMap["kind"] = mcr.Kind + if mp.Etag != nil { + objectMap["etag"] = mp.Etag } return json.Marshal(objectMap) } -// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { - return nil, false -} - -// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { - return nil, false -} - -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return nil, false -} - -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false -} - -// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { - return nil, false -} - -// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { - return nil, false -} - -// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { - return nil, false -} - -// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { - return &mcr, true -} - -// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { - return nil, false -} - -// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { - return nil, false -} - -// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { - return nil, false -} - -// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { - return nil, false -} - -// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { - return nil, false -} - -// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MCASCheckRequirements. -func (mcr MCASCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { - return &mcr, true -} - -// UnmarshalJSON is the custom unmarshaler for MCASCheckRequirements struct. -func (mcr *MCASCheckRequirements) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MetadataPatch struct. +func (mp *MetadataPatch) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -12235,21 +14874,57 @@ func (mcr *MCASCheckRequirements) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mCASCheckRequirementsProperties MCASCheckRequirementsProperties - err = json.Unmarshal(*v, &mCASCheckRequirementsProperties) + var metadataPropertiesPatch MetadataPropertiesPatch + err = json.Unmarshal(*v, &metadataPropertiesPatch) if err != nil { return err } - mcr.MCASCheckRequirementsProperties = &mCASCheckRequirementsProperties + mp.MetadataPropertiesPatch = &metadataPropertiesPatch } - case "kind": + case "etag": if v != nil { - var kind KindBasicDataConnectorsCheckRequirements - err = json.Unmarshal(*v, &kind) + var etag string + err = json.Unmarshal(*v, &etag) if err != nil { return err } - mcr.Kind = kind + mp.Etag = &etag + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + mp.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + mp.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + mp.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + mp.SystemData = &systemData } } } @@ -12257,121 +14932,161 @@ func (mcr *MCASCheckRequirements) UnmarshalJSON(body []byte) error { return nil } -// MCASCheckRequirementsProperties MCAS (Microsoft Cloud App Security) requirements check properties. -type MCASCheckRequirementsProperties struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` +// MetadataProperties metadata property bag. +type MetadataProperties struct { + // ContentID - Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic for user-created. This is the resource name + ContentID *string `json:"contentId,omitempty"` + // ParentID - Full parent resource ID of the content item the metadata is for. This is the full resource ID including the scope (subscription and resource group) + ParentID *string `json:"parentId,omitempty"` + // Version - Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks + Version *string `json:"version,omitempty"` + // Kind - The kind of content the metadata is for. Possible values include: 'KindDataConnector', 'KindDataType', 'KindWorkbook', 'KindWorkbookTemplate', 'KindPlaybook', 'KindPlaybookTemplate', 'KindAnalyticsRuleTemplate', 'KindAnalyticsRule', 'KindHuntingQuery', 'KindInvestigationQuery', 'KindParser', 'KindWatchlist', 'KindWatchlistTemplate', 'KindSolution' + Kind Kind `json:"kind,omitempty"` + // Source - Source of the content. This is where/how it was created. + Source *MetadataSource `json:"source,omitempty"` + // Author - The creator of the content item. + Author *MetadataAuthor `json:"author,omitempty"` + // Support - Support information for the metadata - type, name, contact information + Support *MetadataSupport `json:"support,omitempty"` + // Dependencies - Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex formats. + Dependencies *MetadataDependencies `json:"dependencies,omitempty"` + // Categories - Categories for the solution content item + Categories *MetadataCategories `json:"categories,omitempty"` + // Providers - Providers for the solution content item + Providers *[]string `json:"providers,omitempty"` + // FirstPublishDate - first publish date solution content item + FirstPublishDate *date.Date `json:"firstPublishDate,omitempty"` + // LastPublishDate - last publish date for the solution content item + LastPublishDate *date.Date `json:"lastPublishDate,omitempty"` +} + +// MetadataPropertiesPatch metadata property bag for patch requests. This is the same as the +// MetadataProperties, but with nothing required +type MetadataPropertiesPatch struct { + // ContentID - Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic for user-created. This is the resource name + ContentID *string `json:"contentId,omitempty"` + // ParentID - Full parent resource ID of the content item the metadata is for. This is the full resource ID including the scope (subscription and resource group) + ParentID *string `json:"parentId,omitempty"` + // Version - Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks + Version *string `json:"version,omitempty"` + // Kind - The kind of content the metadata is for. Possible values include: 'KindDataConnector', 'KindDataType', 'KindWorkbook', 'KindWorkbookTemplate', 'KindPlaybook', 'KindPlaybookTemplate', 'KindAnalyticsRuleTemplate', 'KindAnalyticsRule', 'KindHuntingQuery', 'KindInvestigationQuery', 'KindParser', 'KindWatchlist', 'KindWatchlistTemplate', 'KindSolution' + Kind Kind `json:"kind,omitempty"` + // Source - Source of the content. This is where/how it was created. + Source *MetadataSource `json:"source,omitempty"` + // Author - The creator of the content item. + Author *MetadataAuthor `json:"author,omitempty"` + // Support - Support information for the metadata - type, name, contact information + Support *MetadataSupport `json:"support,omitempty"` + // Dependencies - Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex formats. + Dependencies *MetadataDependencies `json:"dependencies,omitempty"` + // Categories - Categories for the solution content item + Categories *MetadataCategories `json:"categories,omitempty"` + // Providers - Providers for the solution content item + Providers *[]string `json:"providers,omitempty"` + // FirstPublishDate - first publish date solution content item + FirstPublishDate *date.Date `json:"firstPublishDate,omitempty"` + // LastPublishDate - last publish date for the solution content item + LastPublishDate *date.Date `json:"lastPublishDate,omitempty"` +} + +// MetadataSource the original source of the content item, where it comes from. +type MetadataSource struct { + // Kind - Source type of the content. Possible values include: 'SourceKindLocalWorkspace', 'SourceKindCommunity', 'SourceKindSolution', 'SourceKindSourceRepository' + Kind SourceKind `json:"kind,omitempty"` + // Name - Name of the content source. The repo name, solution name, LA workspace name etc. + Name *string `json:"name,omitempty"` + // SourceID - ID of the content source. The solution ID, workspace ID, etc + SourceID *string `json:"sourceId,omitempty"` } -// MCASDataConnector represents MCAS (Microsoft Cloud App Security) data connector. -type MCASDataConnector struct { - // MCASDataConnectorProperties - MCAS (Microsoft Cloud App Security) data connector properties. - *MCASDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name +// MetadataSupport support information for the content item. +type MetadataSupport struct { + // Tier - Type of support for content item. Possible values include: 'SupportTierMicrosoft', 'SupportTierPartner', 'SupportTierCommunity' + Tier SupportTier `json:"tier,omitempty"` + // Name - Name of the support contact. Company or person. Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` + // Email - Email of support contact + Email *string `json:"email,omitempty"` + // Link - Link for support help, like to support page to open a ticket etc. + Link *string `json:"link,omitempty"` +} + +// MicrosoftSecurityIncidentCreationAlertRule represents MicrosoftSecurityIncidentCreation rule. +type MicrosoftSecurityIncidentCreationAlertRule struct { + // MicrosoftSecurityIncidentCreationAlertRuleProperties - MicrosoftSecurityIncidentCreation rule properties + *MicrosoftSecurityIncidentCreationAlertRuleProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' + Kind KindBasicAlertRule `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for MCASDataConnector. -func (mdc MCASDataConnector) MarshalJSON() ([]byte, error) { - mdc.Kind = KindBasicDataConnectorKindMicrosoftCloudAppSecurity +// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error) { + msicar.Kind = KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation objectMap := make(map[string]interface{}) - if mdc.MCASDataConnectorProperties != nil { - objectMap["properties"] = mdc.MCASDataConnectorProperties - } - if mdc.Etag != nil { - objectMap["etag"] = mdc.Etag - } - if mdc.Kind != "" { - objectMap["kind"] = mdc.Kind + if msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties != nil { + objectMap["properties"] = msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties } - return json.Marshal(objectMap) -} - -// AsAADDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { - return nil, false -} - -// AsAATPDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - -// AsMSTIDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { - return nil, false -} - -// AsMTPDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { - return nil, false -} - -// AsASCDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { - return nil, false -} - -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { - return nil, false + if msicar.Kind != "" { + objectMap["kind"] = msicar.Kind + } + if msicar.Etag != nil { + objectMap["etag"] = msicar.Etag + } + return json.Marshal(objectMap) } -// AsDynamics365DataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool) { return nil, false } -// AsMCASDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { - return &mdc, true -} - -// AsMDATPDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsFusionAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { return nil, false } -// AsOfficeATPDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { +// AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool) { return nil, false } -// AsOfficeDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { - return nil, false +// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { + return &msicar, true } -// AsTIDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { +// AsScheduledAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { return nil, false } -// AsTiTaxiiDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { +// AsNrtAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool) { return nil, false } -// AsDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool) { +// AsAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool) { return nil, false } -// AsBasicDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &mdc, true +// AsBasicAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { + return &msicar, true } -// UnmarshalJSON is the custom unmarshaler for MCASDataConnector struct. -func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRule struct. +func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -12381,12 +15096,30 @@ func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mCASDataConnectorProperties MCASDataConnectorProperties - err = json.Unmarshal(*v, &mCASDataConnectorProperties) + var microsoftSecurityIncidentCreationAlertRuleProperties MicrosoftSecurityIncidentCreationAlertRuleProperties + err = json.Unmarshal(*v, µsoftSecurityIncidentCreationAlertRuleProperties) if err != nil { return err } - mdc.MCASDataConnectorProperties = &mCASDataConnectorProperties + msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties = µsoftSecurityIncidentCreationAlertRuleProperties + } + case "kind": + if v != nil { + var kind KindBasicAlertRule + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + msicar.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + msicar.Etag = &etag } case "id": if v != nil { @@ -12395,7 +15128,7 @@ func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.ID = &ID + msicar.ID = &ID } case "name": if v != nil { @@ -12404,7 +15137,7 @@ func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.Name = &name + msicar.Name = &name } case "type": if v != nil { @@ -12413,25 +15146,16 @@ func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - mdc.Etag = &etag + msicar.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - mdc.Kind = kind + msicar.SystemData = &systemData } } } @@ -12439,123 +15163,144 @@ func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error { return nil } -// MCASDataConnectorDataTypes the available data types for MCAS (Microsoft Cloud App Security) data -// connector. -type MCASDataConnectorDataTypes struct { - // DiscoveryLogs - Discovery log data type connection. - DiscoveryLogs *MCASDataConnectorDataTypesDiscoveryLogs `json:"discoveryLogs,omitempty"` - // Alerts - Alerts data type connection. - Alerts *AlertsDataTypeOfDataConnectorAlerts `json:"alerts,omitempty"` -} - -// MCASDataConnectorDataTypesDiscoveryLogs discovery log data type connection. -type MCASDataConnectorDataTypesDiscoveryLogs struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' - State DataTypeState `json:"state,omitempty"` -} - -// MCASDataConnectorProperties MCAS (Microsoft Cloud App Security) data connector properties. -type MCASDataConnectorProperties struct { - // DataTypes - The available data types for the connector. - DataTypes *MCASDataConnectorDataTypes `json:"dataTypes,omitempty"` - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` +// MicrosoftSecurityIncidentCreationAlertRuleCommonProperties microsoftSecurityIncidentCreation rule common +// property bag. +type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties struct { + // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated + DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` + // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated + DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` + // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftSecurityProductNameMicrosoftCloudAppSecurity', 'MicrosoftSecurityProductNameAzureSecurityCenter', 'MicrosoftSecurityProductNameAzureAdvancedThreatProtection', 'MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection', 'MicrosoftSecurityProductNameAzureSecurityCenterforIoT', 'MicrosoftSecurityProductNameOffice365AdvancedThreatProtection', 'MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection' + ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` + // SeveritiesFilter - the alerts' severities on which the cases will be generated + SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` } -// MDATPCheckRequirements represents MDATP (Microsoft Defender Advanced Threat Protection) requirements -// check request. -type MDATPCheckRequirements struct { - // MDATPCheckRequirementsProperties - MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties. - *MDATPCheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' - Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` +// MicrosoftSecurityIncidentCreationAlertRuleProperties microsoftSecurityIncidentCreation rule property +// bag. +type MicrosoftSecurityIncidentCreationAlertRuleProperties struct { + // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` + // Description - The description of the alert rule. + Description *string `json:"description,omitempty"` + // DisplayName - The display name for alerts created by this alert rule. + DisplayName *string `json:"displayName,omitempty"` + // Enabled - Determines whether this alert rule is enabled or disabled. + Enabled *bool `json:"enabled,omitempty"` + // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. + LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` + // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated + DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` + // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated + DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` + // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftSecurityProductNameMicrosoftCloudAppSecurity', 'MicrosoftSecurityProductNameAzureSecurityCenter', 'MicrosoftSecurityProductNameAzureAdvancedThreatProtection', 'MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection', 'MicrosoftSecurityProductNameAzureSecurityCenterforIoT', 'MicrosoftSecurityProductNameOffice365AdvancedThreatProtection', 'MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection' + ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` + // SeveritiesFilter - the alerts' severities on which the cases will be generated + SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` } -// MarshalJSON is the custom marshaler for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) MarshalJSON() ([]byte, error) { - mcr.Kind = KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection +// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleProperties. +func (msicarp MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if mcr.MDATPCheckRequirementsProperties != nil { - objectMap["properties"] = mcr.MDATPCheckRequirementsProperties + if msicarp.AlertRuleTemplateName != nil { + objectMap["alertRuleTemplateName"] = msicarp.AlertRuleTemplateName } - if mcr.Kind != "" { - objectMap["kind"] = mcr.Kind + if msicarp.Description != nil { + objectMap["description"] = msicarp.Description + } + if msicarp.DisplayName != nil { + objectMap["displayName"] = msicarp.DisplayName + } + if msicarp.Enabled != nil { + objectMap["enabled"] = msicarp.Enabled + } + if msicarp.DisplayNamesFilter != nil { + objectMap["displayNamesFilter"] = msicarp.DisplayNamesFilter + } + if msicarp.DisplayNamesExcludeFilter != nil { + objectMap["displayNamesExcludeFilter"] = msicarp.DisplayNamesExcludeFilter + } + if msicarp.ProductFilter != "" { + objectMap["productFilter"] = msicarp.ProductFilter + } + if msicarp.SeveritiesFilter != nil { + objectMap["severitiesFilter"] = msicarp.SeveritiesFilter } return json.Marshal(objectMap) } -// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { - return nil, false -} - -// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { - return nil, false -} - -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return nil, false -} - -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false +// MicrosoftSecurityIncidentCreationAlertRuleTemplate represents MicrosoftSecurityIncidentCreation rule +// template. +type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct { + // MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - MicrosoftSecurityIncidentCreation rule template properties + *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' + Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { - return nil, false +// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error) { + msicart.Kind = KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation + objectMap := make(map[string]interface{}) + if msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties != nil { + objectMap["properties"] = msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties + } + if msicart.Kind != "" { + objectMap["kind"] = msicart.Kind + } + return json.Marshal(objectMap) } -// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { +// AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool) { return nil, false } -// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { +// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { return nil, false } -// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { +// AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool) { return nil, false } -// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { - return &mcr, true -} - -// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { - return nil, false +// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { + return &msicart, true } -// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { +// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { return nil, false } -// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { +// AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool) { return nil, false } -// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { +// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { return nil, false } - -// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MDATPCheckRequirements. -func (mcr MDATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { - return &mcr, true + +// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { + return &msicart, true } -// UnmarshalJSON is the custom unmarshaler for MDATPCheckRequirements struct. -func (mcr *MDATPCheckRequirements) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate struct. +func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -12565,21 +15310,57 @@ func (mcr *MDATPCheckRequirements) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mDATPCheckRequirementsProperties MDATPCheckRequirementsProperties - err = json.Unmarshal(*v, &mDATPCheckRequirementsProperties) + var microsoftSecurityIncidentCreationAlertRuleTemplateProperties MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties + err = json.Unmarshal(*v, µsoftSecurityIncidentCreationAlertRuleTemplateProperties) if err != nil { return err } - mcr.MDATPCheckRequirementsProperties = &mDATPCheckRequirementsProperties + msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties = µsoftSecurityIncidentCreationAlertRuleTemplateProperties } case "kind": if v != nil { - var kind KindBasicDataConnectorsCheckRequirements + var kind KindBasicAlertRuleTemplate err = json.Unmarshal(*v, &kind) if err != nil { return err } - mcr.Kind = kind + msicart.Kind = kind + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + msicart.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + msicart.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + msicart.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + msicart.SystemData = &systemData } } } @@ -12587,122 +15368,142 @@ func (mcr *MDATPCheckRequirements) UnmarshalJSON(body []byte) error { return nil } -// MDATPCheckRequirementsProperties MDATP (Microsoft Defender Advanced Threat Protection) requirements -// check properties. -type MDATPCheckRequirementsProperties struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` +// MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties microsoftSecurityIncidentCreation rule +// template properties +type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct { + // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` + // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. + LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` + // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` + // Description - The description of the alert rule template. + Description *string `json:"description,omitempty"` + // DisplayName - The display name for alert rule template. + DisplayName *string `json:"displayName,omitempty"` + // RequiredDataConnectors - The required data sources for this template + RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` + // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' + Status TemplateStatus `json:"status,omitempty"` + // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated + DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` + // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated + DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` + // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftSecurityProductNameMicrosoftCloudAppSecurity', 'MicrosoftSecurityProductNameAzureSecurityCenter', 'MicrosoftSecurityProductNameAzureAdvancedThreatProtection', 'MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection', 'MicrosoftSecurityProductNameAzureSecurityCenterforIoT', 'MicrosoftSecurityProductNameOffice365AdvancedThreatProtection', 'MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection' + ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` + // SeveritiesFilter - the alerts' severities on which the cases will be generated + SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` } -// MDATPDataConnector represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. -type MDATPDataConnector struct { - // MDATPDataConnectorProperties - MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. - *MDATPDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if msicart.AlertRulesCreatedByTemplateCount != nil { + objectMap["alertRulesCreatedByTemplateCount"] = msicart.AlertRulesCreatedByTemplateCount + } + if msicart.Description != nil { + objectMap["description"] = msicart.Description + } + if msicart.DisplayName != nil { + objectMap["displayName"] = msicart.DisplayName + } + if msicart.RequiredDataConnectors != nil { + objectMap["requiredDataConnectors"] = msicart.RequiredDataConnectors + } + if msicart.Status != "" { + objectMap["status"] = msicart.Status + } + if msicart.DisplayNamesFilter != nil { + objectMap["displayNamesFilter"] = msicart.DisplayNamesFilter + } + if msicart.DisplayNamesExcludeFilter != nil { + objectMap["displayNamesExcludeFilter"] = msicart.DisplayNamesExcludeFilter + } + if msicart.ProductFilter != "" { + objectMap["productFilter"] = msicart.ProductFilter + } + if msicart.SeveritiesFilter != nil { + objectMap["severitiesFilter"] = msicart.SeveritiesFilter + } + return json.Marshal(objectMap) +} + +// MLBehaviorAnalyticsAlertRule represents MLBehaviorAnalytics alert rule. +type MLBehaviorAnalyticsAlertRule struct { + // MLBehaviorAnalyticsAlertRuleProperties - MLBehaviorAnalytics alert rule properties + *MLBehaviorAnalyticsAlertRuleProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' + Kind KindBasicAlertRule `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for MDATPDataConnector. -func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error) { - mdc.Kind = KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection +// MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRule. +func (mbaar MLBehaviorAnalyticsAlertRule) MarshalJSON() ([]byte, error) { + mbaar.Kind = KindBasicAlertRuleKindMLBehaviorAnalytics objectMap := make(map[string]interface{}) - if mdc.MDATPDataConnectorProperties != nil { - objectMap["properties"] = mdc.MDATPDataConnectorProperties + if mbaar.MLBehaviorAnalyticsAlertRuleProperties != nil { + objectMap["properties"] = mbaar.MLBehaviorAnalyticsAlertRuleProperties } - if mdc.Etag != nil { - objectMap["etag"] = mdc.Etag + if mbaar.Kind != "" { + objectMap["kind"] = mbaar.Kind } - if mdc.Kind != "" { - objectMap["kind"] = mdc.Kind + if mbaar.Etag != nil { + objectMap["etag"] = mbaar.Etag } return json.Marshal(objectMap) } -// AsAADDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { - return nil, false -} - -// AsAATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - -// AsMSTIDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { - return nil, false -} - -// AsMTPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { - return nil, false -} - -// AsASCDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { - return nil, false -} - -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { - return nil, false -} - -// AsDynamics365DataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { - return nil, false +// AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. +func (mbaar MLBehaviorAnalyticsAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool) { + return &mbaar, true } -// AsMCASDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { +// AsFusionAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. +func (mbaar MLBehaviorAnalyticsAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { - return &mdc, true -} - -// AsOfficeATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { +// AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. +func (mbaar MLBehaviorAnalyticsAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool) { return nil, false } -// AsOfficeDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { +// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. +func (mbaar MLBehaviorAnalyticsAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { return nil, false } -// AsTIDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { +// AsScheduledAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. +func (mbaar MLBehaviorAnalyticsAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { return nil, false } -// AsTiTaxiiDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { +// AsNrtAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. +func (mbaar MLBehaviorAnalyticsAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool) { return nil, false } -// AsDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool) { +// AsAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. +func (mbaar MLBehaviorAnalyticsAlertRule) AsAlertRule() (*AlertRule, bool) { return nil, false } -// AsBasicDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &mdc, true +// AsBasicAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. +func (mbaar MLBehaviorAnalyticsAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { + return &mbaar, true } -// UnmarshalJSON is the custom unmarshaler for MDATPDataConnector struct. -func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MLBehaviorAnalyticsAlertRule struct. +func (mbaar *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -12712,12 +15513,30 @@ func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mDATPDataConnectorProperties MDATPDataConnectorProperties - err = json.Unmarshal(*v, &mDATPDataConnectorProperties) + var mLBehaviorAnalyticsAlertRuleProperties MLBehaviorAnalyticsAlertRuleProperties + err = json.Unmarshal(*v, &mLBehaviorAnalyticsAlertRuleProperties) if err != nil { return err } - mdc.MDATPDataConnectorProperties = &mDATPDataConnectorProperties + mbaar.MLBehaviorAnalyticsAlertRuleProperties = &mLBehaviorAnalyticsAlertRuleProperties + } + case "kind": + if v != nil { + var kind KindBasicAlertRule + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + mbaar.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + mbaar.Etag = &etag } case "id": if v != nil { @@ -12726,7 +15545,7 @@ func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.ID = &ID + mbaar.ID = &ID } case "name": if v != nil { @@ -12735,34 +15554,25 @@ func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.Name = &name + mbaar.Name = &name } case "type": if v != nil { var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - mdc.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + err = json.Unmarshal(*v, &typeVar) if err != nil { return err } - mdc.Etag = &etag + mbaar.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - mdc.Kind = kind + mbaar.SystemData = &systemData } } } @@ -12770,84 +15580,107 @@ func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error { return nil } -// MDATPDataConnectorProperties MDATP (Microsoft Defender Advanced Threat Protection) data connector -// properties. -type MDATPDataConnectorProperties struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` - // DataTypes - The available data types for the connector. - DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` +// MLBehaviorAnalyticsAlertRuleProperties mLBehaviorAnalytics alert rule base property bag. +type MLBehaviorAnalyticsAlertRuleProperties struct { + // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` + // Description - READ-ONLY; The description of the alert rule. + Description *string `json:"description,omitempty"` + // DisplayName - READ-ONLY; The display name for alerts created by this alert rule. + DisplayName *string `json:"displayName,omitempty"` + // Enabled - Determines whether this alert rule is enabled or disabled. + Enabled *bool `json:"enabled,omitempty"` + // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. + LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` + // Severity - READ-ONLY; The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' + Severity AlertSeverity `json:"severity,omitempty"` + // Tactics - READ-ONLY; The tactics of the alert rule + Tactics *[]AttackTactic `json:"tactics,omitempty"` } -// MicrosoftSecurityIncidentCreationAlertRule represents MicrosoftSecurityIncidentCreation rule. -type MicrosoftSecurityIncidentCreationAlertRule struct { - // MicrosoftSecurityIncidentCreationAlertRuleProperties - MicrosoftSecurityIncidentCreation rule properties - *MicrosoftSecurityIncidentCreationAlertRuleProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRuleProperties. +func (mbaarp MLBehaviorAnalyticsAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if mbaarp.AlertRuleTemplateName != nil { + objectMap["alertRuleTemplateName"] = mbaarp.AlertRuleTemplateName + } + if mbaarp.Enabled != nil { + objectMap["enabled"] = mbaarp.Enabled + } + return json.Marshal(objectMap) +} + +// MLBehaviorAnalyticsAlertRuleTemplate represents MLBehaviorAnalytics alert rule template. +type MLBehaviorAnalyticsAlertRuleTemplate struct { + // MLBehaviorAnalyticsAlertRuleTemplateProperties - MLBehaviorAnalytics alert rule template properties. + *MLBehaviorAnalyticsAlertRuleTemplateProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' + Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled' - Kind KindBasicAlertRule `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error) { - msicar.Kind = KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation +// MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRuleTemplate. +func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error) { + mbaart.Kind = KindBasicAlertRuleTemplateKindMLBehaviorAnalytics objectMap := make(map[string]interface{}) - if msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties != nil { - objectMap["properties"] = msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties - } - if msicar.Etag != nil { - objectMap["etag"] = msicar.Etag + if mbaart.MLBehaviorAnalyticsAlertRuleTemplateProperties != nil { + objectMap["properties"] = mbaart.MLBehaviorAnalyticsAlertRuleTemplateProperties } - if msicar.Kind != "" { - objectMap["kind"] = msicar.Kind + if mbaart.Kind != "" { + objectMap["kind"] = mbaart.Kind } return json.Marshal(objectMap) } -// AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool) { +// AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. +func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool) { + return &mbaart, true +} + +// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. +func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { return nil, false } -// AsFusionAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { +// AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. +func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool) { return nil, false } -// AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool) { +// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. +func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { return nil, false } -// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { - return &msicar, true +// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. +func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { + return nil, false } -// AsScheduledAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { +// AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. +func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool) { return nil, false } -// AsAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool) { +// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. +func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { return nil, false } -// AsBasicAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { - return &msicar, true +// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. +func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { + return &mbaart, true } -// UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRule struct. -func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MLBehaviorAnalyticsAlertRuleTemplate struct. +func (mbaart *MLBehaviorAnalyticsAlertRuleTemplate) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -12857,12 +15690,21 @@ func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []b switch k { case "properties": if v != nil { - var microsoftSecurityIncidentCreationAlertRuleProperties MicrosoftSecurityIncidentCreationAlertRuleProperties - err = json.Unmarshal(*v, µsoftSecurityIncidentCreationAlertRuleProperties) + var mLBehaviorAnalyticsAlertRuleTemplateProperties MLBehaviorAnalyticsAlertRuleTemplateProperties + err = json.Unmarshal(*v, &mLBehaviorAnalyticsAlertRuleTemplateProperties) if err != nil { return err } - msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties = µsoftSecurityIncidentCreationAlertRuleProperties + mbaart.MLBehaviorAnalyticsAlertRuleTemplateProperties = &mLBehaviorAnalyticsAlertRuleTemplateProperties + } + case "kind": + if v != nil { + var kind KindBasicAlertRuleTemplate + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + mbaart.Kind = kind } case "id": if v != nil { @@ -12871,7 +15713,7 @@ func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []b if err != nil { return err } - msicar.ID = &ID + mbaart.ID = &ID } case "name": if v != nil { @@ -12880,7 +15722,7 @@ func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []b if err != nil { return err } - msicar.Name = &name + mbaart.Name = &name } case "type": if v != nil { @@ -12889,25 +15731,16 @@ func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []b if err != nil { return err } - msicar.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - msicar.Etag = &etag + mbaart.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicAlertRule - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - msicar.Kind = kind + mbaart.SystemData = &systemData } } } @@ -12915,137 +15748,158 @@ func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []b return nil } -// MicrosoftSecurityIncidentCreationAlertRuleCommonProperties microsoftSecurityIncidentCreation rule common -// property bag. -type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties struct { - // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated - DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` - // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated - DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` - // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftSecurityProductNameMicrosoftCloudAppSecurity', 'MicrosoftSecurityProductNameAzureSecurityCenter', 'MicrosoftSecurityProductNameAzureAdvancedThreatProtection', 'MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection', 'MicrosoftSecurityProductNameAzureSecurityCenterforIoT', 'MicrosoftSecurityProductNameOffice365AdvancedThreatProtection', 'MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection' - ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` - // SeveritiesFilter - the alerts' severities on which the cases will be generated - SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` -} - -// MicrosoftSecurityIncidentCreationAlertRuleProperties microsoftSecurityIncidentCreation rule property -// bag. -type MicrosoftSecurityIncidentCreationAlertRuleProperties struct { - // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. - AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` - // Description - The description of the alert rule. +// MLBehaviorAnalyticsAlertRuleTemplateProperties mLBehaviorAnalytics alert rule template properties. +type MLBehaviorAnalyticsAlertRuleTemplateProperties struct { + // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' + Severity AlertSeverity `json:"severity,omitempty"` + // Tactics - The tactics of the alert rule template. + Tactics *[]AttackTactic `json:"tactics,omitempty"` + // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` + // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. + LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` + // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` + // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` - // DisplayName - The display name for alerts created by this alert rule. + // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` - // Enabled - Determines whether this alert rule is enabled or disabled. - Enabled *bool `json:"enabled,omitempty"` - // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. - LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` - // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated - DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` - // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated - DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` - // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftSecurityProductNameMicrosoftCloudAppSecurity', 'MicrosoftSecurityProductNameAzureSecurityCenter', 'MicrosoftSecurityProductNameAzureAdvancedThreatProtection', 'MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection', 'MicrosoftSecurityProductNameAzureSecurityCenterforIoT', 'MicrosoftSecurityProductNameOffice365AdvancedThreatProtection', 'MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection' - ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` - // SeveritiesFilter - the alerts' severities on which the cases will be generated - SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` + // RequiredDataConnectors - The required data sources for this template + RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` + // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' + Status TemplateStatus `json:"status,omitempty"` } -// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleProperties. -func (msicarp MicrosoftSecurityIncidentCreationAlertRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRuleTemplateProperties. +func (mbaart MLBehaviorAnalyticsAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if msicarp.AlertRuleTemplateName != nil { - objectMap["alertRuleTemplateName"] = msicarp.AlertRuleTemplateName + if mbaart.Severity != "" { + objectMap["severity"] = mbaart.Severity } - if msicarp.Description != nil { - objectMap["description"] = msicarp.Description + if mbaart.Tactics != nil { + objectMap["tactics"] = mbaart.Tactics } - if msicarp.DisplayName != nil { - objectMap["displayName"] = msicarp.DisplayName + if mbaart.AlertRulesCreatedByTemplateCount != nil { + objectMap["alertRulesCreatedByTemplateCount"] = mbaart.AlertRulesCreatedByTemplateCount } - if msicarp.Enabled != nil { - objectMap["enabled"] = msicarp.Enabled + if mbaart.Description != nil { + objectMap["description"] = mbaart.Description } - if msicarp.DisplayNamesFilter != nil { - objectMap["displayNamesFilter"] = msicarp.DisplayNamesFilter + if mbaart.DisplayName != nil { + objectMap["displayName"] = mbaart.DisplayName } - if msicarp.DisplayNamesExcludeFilter != nil { - objectMap["displayNamesExcludeFilter"] = msicarp.DisplayNamesExcludeFilter + if mbaart.RequiredDataConnectors != nil { + objectMap["requiredDataConnectors"] = mbaart.RequiredDataConnectors } - if msicarp.ProductFilter != "" { - objectMap["productFilter"] = msicarp.ProductFilter + if mbaart.Status != "" { + objectMap["status"] = mbaart.Status } - if msicarp.SeveritiesFilter != nil { - objectMap["severitiesFilter"] = msicarp.SeveritiesFilter + return json.Marshal(objectMap) +} + +// MSTICheckRequirements represents Microsoft Threat Intelligence requirements check request. +type MSTICheckRequirements struct { + // MSTICheckRequirementsProperties - Microsoft Threat Intelligence requirements check properties. + *MSTICheckRequirementsProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for MSTICheckRequirements. +func (mcr MSTICheckRequirements) MarshalJSON() ([]byte, error) { + mcr.Kind = KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence + objectMap := make(map[string]interface{}) + if mcr.MSTICheckRequirementsProperties != nil { + objectMap["properties"] = mcr.MSTICheckRequirementsProperties + } + if mcr.Kind != "" { + objectMap["kind"] = mcr.Kind } return json.Marshal(objectMap) } -// MicrosoftSecurityIncidentCreationAlertRuleTemplate represents MicrosoftSecurityIncidentCreation rule -// template. -type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct { - // MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - MicrosoftSecurityIncidentCreation rule template properties - *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' - Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` +// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { + return nil, false +} + +// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { + return nil, false +} + +// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error) { - msicart.Kind = KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation - objectMap := make(map[string]interface{}) - if msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties != nil { - objectMap["properties"] = msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - } - if msicart.Kind != "" { - objectMap["kind"] = msicart.Kind - } - return json.Marshal(objectMap) +// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { + return nil, false } -// AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool) { +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { return nil, false } -// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { +// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false } -// AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool) { +// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { return nil, false } -// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { - return &msicart, true +// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { + return nil, false } -// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { + return &mcr, true +} + +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { return nil, false } -// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { +// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } -// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { - return &msicart, true +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate struct. -func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error { +// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { + return nil, false +} + +// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { + return nil, false +} + +// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { + return nil, false +} + +// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. +func (mcr MSTICheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { + return &mcr, true +} + +// UnmarshalJSON is the custom unmarshaler for MSTICheckRequirements struct. +func (mcr *MSTICheckRequirements) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -13055,48 +15909,21 @@ func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON switch k { case "properties": if v != nil { - var microsoftSecurityIncidentCreationAlertRuleTemplateProperties MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - err = json.Unmarshal(*v, µsoftSecurityIncidentCreationAlertRuleTemplateProperties) - if err != nil { - return err - } - msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties = µsoftSecurityIncidentCreationAlertRuleTemplateProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - msicart.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - msicart.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) + var mSTICheckRequirementsProperties MSTICheckRequirementsProperties + err = json.Unmarshal(*v, &mSTICheckRequirementsProperties) if err != nil { return err } - msicart.Type = &typeVar + mcr.MSTICheckRequirementsProperties = &mSTICheckRequirementsProperties } case "kind": if v != nil { - var kind KindBasicAlertRuleTemplate + var kind KindBasicDataConnectorsCheckRequirements err = json.Unmarshal(*v, &kind) if err != nil { return err } - msicart.Kind = kind + mcr.Kind = kind } } } @@ -13104,135 +15931,143 @@ func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON return nil } -// MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties microsoftSecurityIncidentCreation rule -// template properties -type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct { - // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template - AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` - // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. - LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` - // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. - CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` - // Description - The description of the alert rule template. - Description *string `json:"description,omitempty"` - // DisplayName - The display name for alert rule template. - DisplayName *string `json:"displayName,omitempty"` - // RequiredDataConnectors - The required data sources for this template - RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` - // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' - Status TemplateStatus `json:"status,omitempty"` - // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated - DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` - // DisplayNamesExcludeFilter - the alerts' displayNames on which the cases will not be generated - DisplayNamesExcludeFilter *[]string `json:"displayNamesExcludeFilter,omitempty"` - // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftSecurityProductNameMicrosoftCloudAppSecurity', 'MicrosoftSecurityProductNameAzureSecurityCenter', 'MicrosoftSecurityProductNameAzureAdvancedThreatProtection', 'MicrosoftSecurityProductNameAzureActiveDirectoryIdentityProtection', 'MicrosoftSecurityProductNameAzureSecurityCenterforIoT', 'MicrosoftSecurityProductNameOffice365AdvancedThreatProtection', 'MicrosoftSecurityProductNameMicrosoftDefenderAdvancedThreatProtection' - ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` - // SeveritiesFilter - the alerts' severities on which the cases will be generated - SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` +// MSTICheckRequirementsProperties microsoft Threat Intelligence requirements check properties. +type MSTICheckRequirementsProperties struct { + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` } -// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { +// MSTIDataConnector represents Microsoft Threat Intelligence data connector. +type MSTIDataConnector struct { + // MSTIDataConnectorProperties - Microsoft Threat Intelligence data connector properties. + *MSTIDataConnectorProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for MSTIDataConnector. +func (mdc MSTIDataConnector) MarshalJSON() ([]byte, error) { + mdc.Kind = KindBasicDataConnectorKindMicrosoftThreatIntelligence objectMap := make(map[string]interface{}) - if msicart.AlertRulesCreatedByTemplateCount != nil { - objectMap["alertRulesCreatedByTemplateCount"] = msicart.AlertRulesCreatedByTemplateCount - } - if msicart.Description != nil { - objectMap["description"] = msicart.Description - } - if msicart.DisplayName != nil { - objectMap["displayName"] = msicart.DisplayName - } - if msicart.RequiredDataConnectors != nil { - objectMap["requiredDataConnectors"] = msicart.RequiredDataConnectors - } - if msicart.Status != "" { - objectMap["status"] = msicart.Status - } - if msicart.DisplayNamesFilter != nil { - objectMap["displayNamesFilter"] = msicart.DisplayNamesFilter - } - if msicart.DisplayNamesExcludeFilter != nil { - objectMap["displayNamesExcludeFilter"] = msicart.DisplayNamesExcludeFilter + if mdc.MSTIDataConnectorProperties != nil { + objectMap["properties"] = mdc.MSTIDataConnectorProperties } - if msicart.ProductFilter != "" { - objectMap["productFilter"] = msicart.ProductFilter + if mdc.Kind != "" { + objectMap["kind"] = mdc.Kind } - if msicart.SeveritiesFilter != nil { - objectMap["severitiesFilter"] = msicart.SeveritiesFilter + if mdc.Etag != nil { + objectMap["etag"] = mdc.Etag } return json.Marshal(objectMap) } -// MLBehaviorAnalyticsAlertRule represents MLBehaviorAnalytics alert rule. -type MLBehaviorAnalyticsAlertRule struct { - // MLBehaviorAnalyticsAlertRuleProperties - MLBehaviorAnalytics alert rule properties - *MLBehaviorAnalyticsAlertRuleProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled' - Kind KindBasicAlertRule `json:"kind,omitempty"` +// AsAADDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { + return nil, false +} + +// AsMSTIDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { + return &mdc, true +} + +// AsMTPDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { + return nil, false +} + +// AsAATPDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false +} + +// AsASCDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { + return nil, false +} + +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { + return nil, false +} + +// AsAwsS3DataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { + return nil, false +} + +// AsMCASDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { + return nil, false +} + +// AsDynamics365DataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { + return nil, false +} + +// AsOfficeATPDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { + return nil, false +} + +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRule. -func (mbaar MLBehaviorAnalyticsAlertRule) MarshalJSON() ([]byte, error) { - mbaar.Kind = KindBasicAlertRuleKindMLBehaviorAnalytics - objectMap := make(map[string]interface{}) - if mbaar.MLBehaviorAnalyticsAlertRuleProperties != nil { - objectMap["properties"] = mbaar.MLBehaviorAnalyticsAlertRuleProperties - } - if mbaar.Etag != nil { - objectMap["etag"] = mbaar.Etag - } - if mbaar.Kind != "" { - objectMap["kind"] = mbaar.Kind - } - return json.Marshal(objectMap) +// AsMDATPDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false } -// AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. -func (mbaar MLBehaviorAnalyticsAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool) { - return &mbaar, true +// AsOfficeDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { + return nil, false } -// AsFusionAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. -func (mbaar MLBehaviorAnalyticsAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { +// AsTIDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { return nil, false } -// AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. -func (mbaar MLBehaviorAnalyticsAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool) { +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { return nil, false } -// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. -func (mbaar MLBehaviorAnalyticsAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { +// AsCodelessUIDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { return nil, false } -// AsScheduledAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. -func (mbaar MLBehaviorAnalyticsAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { return nil, false } -// AsAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. -func (mbaar MLBehaviorAnalyticsAlertRule) AsAlertRule() (*AlertRule, bool) { +// AsDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false } -// AsBasicAlertRule is the BasicAlertRule implementation for MLBehaviorAnalyticsAlertRule. -func (mbaar MLBehaviorAnalyticsAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { - return &mbaar, true +// AsBasicDataConnector is the BasicDataConnector implementation for MSTIDataConnector. +func (mdc MSTIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &mdc, true } -// UnmarshalJSON is the custom unmarshaler for MLBehaviorAnalyticsAlertRule struct. -func (mbaar *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MSTIDataConnector struct. +func (mdc *MSTIDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -13242,12 +16077,30 @@ func (mbaar *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mLBehaviorAnalyticsAlertRuleProperties MLBehaviorAnalyticsAlertRuleProperties - err = json.Unmarshal(*v, &mLBehaviorAnalyticsAlertRuleProperties) + var mSTIDataConnectorProperties MSTIDataConnectorProperties + err = json.Unmarshal(*v, &mSTIDataConnectorProperties) if err != nil { return err } - mbaar.MLBehaviorAnalyticsAlertRuleProperties = &mLBehaviorAnalyticsAlertRuleProperties + mdc.MSTIDataConnectorProperties = &mSTIDataConnectorProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + mdc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + mdc.Etag = &etag } case "id": if v != nil { @@ -13256,7 +16109,7 @@ func (mbaar *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(body []byte) error { if err != nil { return err } - mbaar.ID = &ID + mdc.ID = &ID } case "name": if v != nil { @@ -13265,7 +16118,7 @@ func (mbaar *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(body []byte) error { if err != nil { return err } - mbaar.Name = &name + mdc.Name = &name } case "type": if v != nil { @@ -13274,25 +16127,16 @@ func (mbaar *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(body []byte) error { if err != nil { return err } - mbaar.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - mbaar.Etag = &etag + mdc.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicAlertRule - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - mbaar.Kind = kind + mdc.SystemData = &systemData } } } @@ -13300,100 +16144,312 @@ func (mbaar *MLBehaviorAnalyticsAlertRule) UnmarshalJSON(body []byte) error { return nil } -// MLBehaviorAnalyticsAlertRuleProperties mLBehaviorAnalytics alert rule base property bag. -type MLBehaviorAnalyticsAlertRuleProperties struct { - // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. - AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` - // Description - READ-ONLY; The description of the alert rule. - Description *string `json:"description,omitempty"` - // DisplayName - READ-ONLY; The display name for alerts created by this alert rule. - DisplayName *string `json:"displayName,omitempty"` - // Enabled - Determines whether this alert rule is enabled or disabled. - Enabled *bool `json:"enabled,omitempty"` - // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. - LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` - // Severity - READ-ONLY; The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' - Severity AlertSeverity `json:"severity,omitempty"` - // Tactics - READ-ONLY; The tactics of the alert rule - Tactics *[]AttackTactic `json:"tactics,omitempty"` +// MSTIDataConnectorDataTypes the available data types for Microsoft Threat Intelligence Platforms data +// connector. +type MSTIDataConnectorDataTypes struct { + // BingSafetyPhishingURL - Data type for Microsoft Threat Intelligence Platforms data connector. + BingSafetyPhishingURL *MSTIDataConnectorDataTypesBingSafetyPhishingURL `json:"bingSafetyPhishingURL,omitempty"` + // MicrosoftEmergingThreatFeed - Data type for Microsoft Threat Intelligence Platforms data connector. + MicrosoftEmergingThreatFeed *MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed `json:"microsoftEmergingThreatFeed,omitempty"` +} + +// MSTIDataConnectorDataTypesBingSafetyPhishingURL data type for Microsoft Threat Intelligence Platforms +// data connector. +type MSTIDataConnectorDataTypesBingSafetyPhishingURL struct { + // LookbackPeriod - lookback period + LookbackPeriod *string `json:"lookbackPeriod,omitempty"` + // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' + State DataTypeState `json:"state,omitempty"` +} + +// MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed data type for Microsoft Threat Intelligence +// Platforms data connector. +type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed struct { + // LookbackPeriod - lookback period + LookbackPeriod *string `json:"lookbackPeriod,omitempty"` + // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' + State DataTypeState `json:"state,omitempty"` +} + +// MSTIDataConnectorProperties microsoft Threat Intelligence data connector properties. +type MSTIDataConnectorProperties struct { + // DataTypes - The available data types for the connector. + DataTypes *MSTIDataConnectorDataTypes `json:"dataTypes,omitempty"` + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` +} + +// MtpCheckRequirements represents MTP (Microsoft Threat Protection) requirements check request. +type MtpCheckRequirements struct { + // MTPCheckRequirementsProperties - MTP (Microsoft Threat Protection) requirements check properties. + *MTPCheckRequirementsProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for MtpCheckRequirements. +func (mcr MtpCheckRequirements) MarshalJSON() ([]byte, error) { + mcr.Kind = KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection + objectMap := make(map[string]interface{}) + if mcr.MTPCheckRequirementsProperties != nil { + objectMap["properties"] = mcr.MTPCheckRequirementsProperties + } + if mcr.Kind != "" { + objectMap["kind"] = mcr.Kind + } + return json.Marshal(objectMap) +} + +// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { + return nil, false +} + +// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { + return nil, false +} + +// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { + return nil, false +} + +// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { + return nil, false +} + +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { + return nil, false +} + +// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { + return nil, false +} + +// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { + return nil, false +} + +// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { + return nil, false +} + +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { + return nil, false +} + +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { + return &mcr, true +} + +// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { + return nil, false +} + +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { + return nil, false +} + +// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { + return nil, false +} + +// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { + return nil, false +} + +// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { + return nil, false +} + +// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. +func (mcr MtpCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { + return &mcr, true +} + +// UnmarshalJSON is the custom unmarshaler for MtpCheckRequirements struct. +func (mcr *MtpCheckRequirements) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var mTPCheckRequirementsProperties MTPCheckRequirementsProperties + err = json.Unmarshal(*v, &mTPCheckRequirementsProperties) + if err != nil { + return err + } + mcr.MTPCheckRequirementsProperties = &mTPCheckRequirementsProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnectorsCheckRequirements + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + mcr.Kind = kind + } + } + } + + return nil } -// MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRuleProperties. -func (mbaarp MLBehaviorAnalyticsAlertRuleProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if mbaarp.AlertRuleTemplateName != nil { - objectMap["alertRuleTemplateName"] = mbaarp.AlertRuleTemplateName - } - if mbaarp.Enabled != nil { - objectMap["enabled"] = mbaarp.Enabled - } - return json.Marshal(objectMap) +// MTPCheckRequirementsProperties MTP (Microsoft Threat Protection) requirements check properties. +type MTPCheckRequirementsProperties struct { + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` } -// MLBehaviorAnalyticsAlertRuleTemplate represents MLBehaviorAnalytics alert rule template. -type MLBehaviorAnalyticsAlertRuleTemplate struct { - // MLBehaviorAnalyticsAlertRuleTemplateProperties - MLBehaviorAnalytics alert rule template properties. - *MLBehaviorAnalyticsAlertRuleTemplateProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// MTPDataConnector represents MTP (Microsoft Threat Protection) data connector. +type MTPDataConnector struct { + // MTPDataConnectorProperties - MTP (Microsoft Threat Protection) data connector properties. + *MTPDataConnectorProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' - Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRuleTemplate. -func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) MarshalJSON() ([]byte, error) { - mbaart.Kind = KindBasicAlertRuleTemplateKindMLBehaviorAnalytics +// MarshalJSON is the custom marshaler for MTPDataConnector. +func (mdc MTPDataConnector) MarshalJSON() ([]byte, error) { + mdc.Kind = KindBasicDataConnectorKindMicrosoftThreatProtection objectMap := make(map[string]interface{}) - if mbaart.MLBehaviorAnalyticsAlertRuleTemplateProperties != nil { - objectMap["properties"] = mbaart.MLBehaviorAnalyticsAlertRuleTemplateProperties + if mdc.MTPDataConnectorProperties != nil { + objectMap["properties"] = mdc.MTPDataConnectorProperties } - if mbaart.Kind != "" { - objectMap["kind"] = mbaart.Kind + if mdc.Kind != "" { + objectMap["kind"] = mdc.Kind + } + if mdc.Etag != nil { + objectMap["etag"] = mdc.Etag } return json.Marshal(objectMap) } -// AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. -func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool) { - return &mbaart, true +// AsAADDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { + return nil, false } -// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. -func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { +// AsMSTIDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false } -// AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. -func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool) { +// AsMTPDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { + return &mdc, true +} + +// AsAATPDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { return nil, false } -// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. -func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { +// AsASCDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false } -// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. -func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. -func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } -// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MLBehaviorAnalyticsAlertRuleTemplate. -func (mbaart MLBehaviorAnalyticsAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { - return &mbaart, true +// AsMCASDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for MLBehaviorAnalyticsAlertRuleTemplate struct. -func (mbaart *MLBehaviorAnalyticsAlertRuleTemplate) UnmarshalJSON(body []byte) error { +// AsDynamics365DataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { + return nil, false +} + +// AsOfficeATPDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { + return nil, false +} + +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + +// AsOfficeDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { + return nil, false +} + +// AsTIDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { + return nil, false +} + +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { + return nil, false +} + +// AsCodelessUIDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return nil, false +} + +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return nil, false +} + +// AsDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsDataConnector() (*DataConnector, bool) { + return nil, false +} + +// AsBasicDataConnector is the BasicDataConnector implementation for MTPDataConnector. +func (mdc MTPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &mdc, true +} + +// UnmarshalJSON is the custom unmarshaler for MTPDataConnector struct. +func (mdc *MTPDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -13403,197 +16459,170 @@ func (mbaart *MLBehaviorAnalyticsAlertRuleTemplate) UnmarshalJSON(body []byte) e switch k { case "properties": if v != nil { - var mLBehaviorAnalyticsAlertRuleTemplateProperties MLBehaviorAnalyticsAlertRuleTemplateProperties - err = json.Unmarshal(*v, &mLBehaviorAnalyticsAlertRuleTemplateProperties) - if err != nil { - return err - } - mbaart.MLBehaviorAnalyticsAlertRuleTemplateProperties = &mLBehaviorAnalyticsAlertRuleTemplateProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - mbaart.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) + var mTPDataConnectorProperties MTPDataConnectorProperties + err = json.Unmarshal(*v, &mTPDataConnectorProperties) if err != nil { return err } - mbaart.Name = &name + mdc.MTPDataConnectorProperties = &mTPDataConnectorProperties } - case "type": + case "kind": if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) if err != nil { return err } - mbaart.Type = &typeVar + mdc.Kind = kind } - case "kind": + case "etag": if v != nil { - var kind KindBasicAlertRuleTemplate - err = json.Unmarshal(*v, &kind) + var etag string + err = json.Unmarshal(*v, &etag) if err != nil { return err } - mbaart.Kind = kind + mdc.Etag = &etag } - } - } - - return nil -} - -// MLBehaviorAnalyticsAlertRuleTemplateProperties mLBehaviorAnalytics alert rule template properties. -type MLBehaviorAnalyticsAlertRuleTemplateProperties struct { - // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' - Severity AlertSeverity `json:"severity,omitempty"` - // Tactics - The tactics of the alert rule template. - Tactics *[]AttackTactic `json:"tactics,omitempty"` - // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template - AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` - // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. - LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` - // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. - CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` - // Description - The description of the alert rule template. - Description *string `json:"description,omitempty"` - // DisplayName - The display name for alert rule template. - DisplayName *string `json:"displayName,omitempty"` - // RequiredDataConnectors - The required data sources for this template - RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` - // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' - Status TemplateStatus `json:"status,omitempty"` -} - -// MarshalJSON is the custom marshaler for MLBehaviorAnalyticsAlertRuleTemplateProperties. -func (mbaart MLBehaviorAnalyticsAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if mbaart.Severity != "" { - objectMap["severity"] = mbaart.Severity - } - if mbaart.Tactics != nil { - objectMap["tactics"] = mbaart.Tactics - } - if mbaart.AlertRulesCreatedByTemplateCount != nil { - objectMap["alertRulesCreatedByTemplateCount"] = mbaart.AlertRulesCreatedByTemplateCount - } - if mbaart.Description != nil { - objectMap["description"] = mbaart.Description - } - if mbaart.DisplayName != nil { - objectMap["displayName"] = mbaart.DisplayName - } - if mbaart.RequiredDataConnectors != nil { - objectMap["requiredDataConnectors"] = mbaart.RequiredDataConnectors - } - if mbaart.Status != "" { - objectMap["status"] = mbaart.Status - } - return json.Marshal(objectMap) -} - -// MSTICheckRequirements represents Microsoft Threat Intelligence requirements check request. -type MSTICheckRequirements struct { - // MSTICheckRequirementsProperties - Microsoft Threat Intelligence requirements check properties. - *MSTICheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' - Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for MSTICheckRequirements. -func (mcr MSTICheckRequirements) MarshalJSON() ([]byte, error) { - mcr.Kind = KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence - objectMap := make(map[string]interface{}) - if mcr.MSTICheckRequirementsProperties != nil { - objectMap["properties"] = mcr.MSTICheckRequirementsProperties - } - if mcr.Kind != "" { - objectMap["kind"] = mcr.Kind + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + mdc.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + mdc.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + mdc.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + mdc.SystemData = &systemData + } + } } - return json.Marshal(objectMap) -} -// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { - return nil, false + return nil } -// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { - return nil, false +// MTPDataConnectorDataTypes the available data types for Microsoft Threat Protection Platforms data +// connector. +type MTPDataConnectorDataTypes struct { + // Incidents - Data type for Microsoft Threat Protection Platforms data connector. + Incidents *MTPDataConnectorDataTypesIncidents `json:"incidents,omitempty"` } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return &mcr, true +// MTPDataConnectorDataTypesIncidents data type for Microsoft Threat Protection Platforms data connector. +type MTPDataConnectorDataTypesIncidents struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' + State DataTypeState `json:"state,omitempty"` } -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false +// MTPDataConnectorProperties MTP (Microsoft Threat Protection) data connector properties. +type MTPDataConnectorProperties struct { + // DataTypes - The available data types for the connector. + DataTypes *MTPDataConnectorDataTypes `json:"dataTypes,omitempty"` + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` } -// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { - return nil, false +// NrtAlertRule represents NRT alert rule. +type NrtAlertRule struct { + // NrtAlertRuleProperties - NRT alert rule properties + *NrtAlertRuleProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' + Kind KindBasicAlertRule `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { - return nil, false +// MarshalJSON is the custom marshaler for NrtAlertRule. +func (nar NrtAlertRule) MarshalJSON() ([]byte, error) { + nar.Kind = KindBasicAlertRuleKindNRT + objectMap := make(map[string]interface{}) + if nar.NrtAlertRuleProperties != nil { + objectMap["properties"] = nar.NrtAlertRuleProperties + } + if nar.Kind != "" { + objectMap["kind"] = nar.Kind + } + if nar.Etag != nil { + objectMap["etag"] = nar.Etag + } + return json.Marshal(objectMap) } -// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { +// AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for NrtAlertRule. +func (nar NrtAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool) { return nil, false } -// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { +// AsFusionAlertRule is the BasicAlertRule implementation for NrtAlertRule. +func (nar NrtAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { return nil, false } -// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { +// AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for NrtAlertRule. +func (nar NrtAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool) { return nil, false } -// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { +// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for NrtAlertRule. +func (nar NrtAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { return nil, false } -// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { +// AsScheduledAlertRule is the BasicAlertRule implementation for NrtAlertRule. +func (nar NrtAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { return nil, false } -// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { - return nil, false +// AsNrtAlertRule is the BasicAlertRule implementation for NrtAlertRule. +func (nar NrtAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool) { + return &nar, true } -// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { +// AsAlertRule is the BasicAlertRule implementation for NrtAlertRule. +func (nar NrtAlertRule) AsAlertRule() (*AlertRule, bool) { return nil, false } -// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MSTICheckRequirements. -func (mcr MSTICheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { - return &mcr, true +// AsBasicAlertRule is the BasicAlertRule implementation for NrtAlertRule. +func (nar NrtAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { + return &nar, true } -// UnmarshalJSON is the custom unmarshaler for MSTICheckRequirements struct. -func (mcr *MSTICheckRequirements) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for NrtAlertRule struct. +func (nar *NrtAlertRule) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -13603,21 +16632,66 @@ func (mcr *MSTICheckRequirements) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mSTICheckRequirementsProperties MSTICheckRequirementsProperties - err = json.Unmarshal(*v, &mSTICheckRequirementsProperties) + var nrtAlertRuleProperties NrtAlertRuleProperties + err = json.Unmarshal(*v, &nrtAlertRuleProperties) if err != nil { return err } - mcr.MSTICheckRequirementsProperties = &mSTICheckRequirementsProperties + nar.NrtAlertRuleProperties = &nrtAlertRuleProperties } case "kind": if v != nil { - var kind KindBasicDataConnectorsCheckRequirements + var kind KindBasicAlertRule err = json.Unmarshal(*v, &kind) if err != nil { return err } - mcr.Kind = kind + nar.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + nar.Etag = &etag + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + nar.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + nar.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + nar.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + nar.SystemData = &systemData } } } @@ -13625,121 +16699,159 @@ func (mcr *MSTICheckRequirements) UnmarshalJSON(body []byte) error { return nil } -// MSTICheckRequirementsProperties microsoft Threat Intelligence requirements check properties. -type MSTICheckRequirementsProperties struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` -} - -// MSTIDataConnector represents Microsoft Threat Intelligence data connector. -type MSTIDataConnector struct { - // MSTIDataConnectorProperties - Microsoft Threat Intelligence data connector properties. - *MSTIDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` +// NrtAlertRuleProperties nrt alert rule base property bag. +type NrtAlertRuleProperties struct { + // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` + // TemplateVersion - The version of the alert rule template used to create this rule - in format , where all are numbers, for example 0 <1.0.2> + TemplateVersion *string `json:"templateVersion,omitempty"` + // Description - The description of the alert rule. + Description *string `json:"description,omitempty"` + // Query - The query that creates alerts for this rule. + Query *string `json:"query,omitempty"` + // DisplayName - The display name for alerts created by this alert rule. + DisplayName *string `json:"displayName,omitempty"` + // Enabled - Determines whether this alert rule is enabled or disabled. + Enabled *bool `json:"enabled,omitempty"` + // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. + LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` + // SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. + SuppressionDuration *string `json:"suppressionDuration,omitempty"` + // SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled. + SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"` + // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' + Severity AlertSeverity `json:"severity,omitempty"` + // Tactics - The tactics of the alert rule + Tactics *[]AttackTactic `json:"tactics,omitempty"` + // IncidentConfiguration - The settings of the incidents that created from alerts triggered by this analytics rule + IncidentConfiguration *IncidentConfiguration `json:"incidentConfiguration,omitempty"` + // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert + CustomDetails map[string]*string `json:"customDetails"` + // EntityMappings - Array of the entity mappings of the alert rule + EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` + // AlertDetailsOverride - The alert details override settings + AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` } -// MarshalJSON is the custom marshaler for MSTIDataConnector. -func (mdc MSTIDataConnector) MarshalJSON() ([]byte, error) { - mdc.Kind = KindBasicDataConnectorKindMicrosoftThreatIntelligence +// MarshalJSON is the custom marshaler for NrtAlertRuleProperties. +func (narp NrtAlertRuleProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if mdc.MSTIDataConnectorProperties != nil { - objectMap["properties"] = mdc.MSTIDataConnectorProperties + if narp.AlertRuleTemplateName != nil { + objectMap["alertRuleTemplateName"] = narp.AlertRuleTemplateName } - if mdc.Etag != nil { - objectMap["etag"] = mdc.Etag + if narp.TemplateVersion != nil { + objectMap["templateVersion"] = narp.TemplateVersion } - if mdc.Kind != "" { - objectMap["kind"] = mdc.Kind + if narp.Description != nil { + objectMap["description"] = narp.Description + } + if narp.Query != nil { + objectMap["query"] = narp.Query + } + if narp.DisplayName != nil { + objectMap["displayName"] = narp.DisplayName + } + if narp.Enabled != nil { + objectMap["enabled"] = narp.Enabled + } + if narp.SuppressionDuration != nil { + objectMap["suppressionDuration"] = narp.SuppressionDuration + } + if narp.SuppressionEnabled != nil { + objectMap["suppressionEnabled"] = narp.SuppressionEnabled + } + if narp.Severity != "" { + objectMap["severity"] = narp.Severity + } + if narp.Tactics != nil { + objectMap["tactics"] = narp.Tactics + } + if narp.IncidentConfiguration != nil { + objectMap["incidentConfiguration"] = narp.IncidentConfiguration + } + if narp.CustomDetails != nil { + objectMap["customDetails"] = narp.CustomDetails + } + if narp.EntityMappings != nil { + objectMap["entityMappings"] = narp.EntityMappings + } + if narp.AlertDetailsOverride != nil { + objectMap["alertDetailsOverride"] = narp.AlertDetailsOverride } return json.Marshal(objectMap) } -// AsAADDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { - return nil, false -} - -// AsAATPDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - -// AsMSTIDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { - return &mdc, true -} - -// AsMTPDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { - return nil, false -} - -// AsASCDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { - return nil, false -} - -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { - return nil, false +// NrtAlertRuleTemplate represents NRT alert rule template. +type NrtAlertRuleTemplate struct { + // NrtAlertRuleTemplateProperties - NRT alert rule template properties + *NrtAlertRuleTemplateProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' + Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// AsDynamics365DataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { - return nil, false +// MarshalJSON is the custom marshaler for NrtAlertRuleTemplate. +func (nart NrtAlertRuleTemplate) MarshalJSON() ([]byte, error) { + nart.Kind = KindBasicAlertRuleTemplateKindNRT + objectMap := make(map[string]interface{}) + if nart.NrtAlertRuleTemplateProperties != nil { + objectMap["properties"] = nart.NrtAlertRuleTemplateProperties + } + if nart.Kind != "" { + objectMap["kind"] = nart.Kind + } + return json.Marshal(objectMap) } -// AsMCASDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { +// AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate. +func (nart NrtAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate. +func (nart NrtAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { return nil, false } -// AsOfficeATPDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { +// AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate. +func (nart NrtAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool) { return nil, false } -// AsOfficeDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { +// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate. +func (nart NrtAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { return nil, false } -// AsTIDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { +// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate. +func (nart NrtAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { return nil, false } -// AsTiTaxiiDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { - return nil, false +// AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate. +func (nart NrtAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool) { + return &nart, true } - -// AsDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsDataConnector() (*DataConnector, bool) { + +// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate. +func (nart NrtAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { return nil, false } -// AsBasicDataConnector is the BasicDataConnector implementation for MSTIDataConnector. -func (mdc MSTIDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &mdc, true +// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for NrtAlertRuleTemplate. +func (nart NrtAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { + return &nart, true } -// UnmarshalJSON is the custom unmarshaler for MSTIDataConnector struct. -func (mdc *MSTIDataConnector) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for NrtAlertRuleTemplate struct. +func (nart *NrtAlertRuleTemplate) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -13749,12 +16861,21 @@ func (mdc *MSTIDataConnector) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mSTIDataConnectorProperties MSTIDataConnectorProperties - err = json.Unmarshal(*v, &mSTIDataConnectorProperties) + var nrtAlertRuleTemplateProperties NrtAlertRuleTemplateProperties + err = json.Unmarshal(*v, &nrtAlertRuleTemplateProperties) if err != nil { return err } - mdc.MSTIDataConnectorProperties = &mSTIDataConnectorProperties + nart.NrtAlertRuleTemplateProperties = &nrtAlertRuleTemplateProperties + } + case "kind": + if v != nil { + var kind KindBasicAlertRuleTemplate + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + nart.Kind = kind } case "id": if v != nil { @@ -13763,7 +16884,7 @@ func (mdc *MSTIDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.ID = &ID + nart.ID = &ID } case "name": if v != nil { @@ -13772,7 +16893,7 @@ func (mdc *MSTIDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.Name = &name + nart.Name = &name } case "type": if v != nil { @@ -13781,25 +16902,16 @@ func (mdc *MSTIDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - mdc.Etag = &etag + nart.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - mdc.Kind = kind + nart.SystemData = &systemData } } } @@ -13807,134 +16919,184 @@ func (mdc *MSTIDataConnector) UnmarshalJSON(body []byte) error { return nil } -// MSTIDataConnectorDataTypes the available data types for Microsoft Threat Intelligence Platforms data -// connector. -type MSTIDataConnectorDataTypes struct { - // BingSafetyPhishingURL - Data type for Microsoft Threat Intelligence Platforms data connector. - BingSafetyPhishingURL *MSTIDataConnectorDataTypesBingSafetyPhishingURL `json:"bingSafetyPhishingURL,omitempty"` - // MicrosoftEmergingThreatFeed - Data type for Microsoft Threat Intelligence Platforms data connector. - MicrosoftEmergingThreatFeed *MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed `json:"microsoftEmergingThreatFeed,omitempty"` -} - -// MSTIDataConnectorDataTypesBingSafetyPhishingURL data type for Microsoft Threat Intelligence Platforms -// data connector. -type MSTIDataConnectorDataTypesBingSafetyPhishingURL struct { - // LookbackPeriod - lookback period - LookbackPeriod *string `json:"lookbackPeriod,omitempty"` - // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' - State DataTypeState `json:"state,omitempty"` -} - -// MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed data type for Microsoft Threat Intelligence -// Platforms data connector. -type MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed struct { - // LookbackPeriod - lookback period - LookbackPeriod *string `json:"lookbackPeriod,omitempty"` - // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' - State DataTypeState `json:"state,omitempty"` -} - -// MSTIDataConnectorProperties microsoft Threat Intelligence data connector properties. -type MSTIDataConnectorProperties struct { - // DataTypes - The available data types for the connector. - DataTypes *MSTIDataConnectorDataTypes `json:"dataTypes,omitempty"` - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` +// NrtAlertRuleTemplateProperties NRT alert rule template properties +type NrtAlertRuleTemplateProperties struct { + // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` + // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. + LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` + // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` + // Description - The description of the alert rule template. + Description *string `json:"description,omitempty"` + // DisplayName - The display name for alert rule template. + DisplayName *string `json:"displayName,omitempty"` + // RequiredDataConnectors - The required data sources for this template + RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` + // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' + Status TemplateStatus `json:"status,omitempty"` + // Query - The query that creates alerts for this rule. + Query *string `json:"query,omitempty"` + // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' + Severity AlertSeverity `json:"severity,omitempty"` + // Tactics - The tactics of the alert rule + Tactics *[]AttackTactic `json:"tactics,omitempty"` + // Version - The version of this template - in format , where all are numbers. For example <1.0.2>. + Version *string `json:"version,omitempty"` + // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert + CustomDetails map[string]*string `json:"customDetails"` + // EntityMappings - Array of the entity mappings of the alert rule + EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` + // AlertDetailsOverride - The alert details override settings + AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` +} + +// MarshalJSON is the custom marshaler for NrtAlertRuleTemplateProperties. +func (nart NrtAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if nart.AlertRulesCreatedByTemplateCount != nil { + objectMap["alertRulesCreatedByTemplateCount"] = nart.AlertRulesCreatedByTemplateCount + } + if nart.Description != nil { + objectMap["description"] = nart.Description + } + if nart.DisplayName != nil { + objectMap["displayName"] = nart.DisplayName + } + if nart.RequiredDataConnectors != nil { + objectMap["requiredDataConnectors"] = nart.RequiredDataConnectors + } + if nart.Status != "" { + objectMap["status"] = nart.Status + } + if nart.Query != nil { + objectMap["query"] = nart.Query + } + if nart.Severity != "" { + objectMap["severity"] = nart.Severity + } + if nart.Tactics != nil { + objectMap["tactics"] = nart.Tactics + } + if nart.Version != nil { + objectMap["version"] = nart.Version + } + if nart.CustomDetails != nil { + objectMap["customDetails"] = nart.CustomDetails + } + if nart.EntityMappings != nil { + objectMap["entityMappings"] = nart.EntityMappings + } + if nart.AlertDetailsOverride != nil { + objectMap["alertDetailsOverride"] = nart.AlertDetailsOverride + } + return json.Marshal(objectMap) } -// MtpCheckRequirements represents MTP (Microsoft Threat Protection) requirements check request. -type MtpCheckRequirements struct { - // MTPCheckRequirementsProperties - MTP (Microsoft Threat Protection) requirements check properties. - *MTPCheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' +// OfficeATPCheckRequirements represents OfficeATP (Office 365 Advanced Threat Protection) requirements +// check request. +type OfficeATPCheckRequirements struct { + // OfficeATPCheckRequirementsProperties - OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. + *OfficeATPCheckRequirementsProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for MtpCheckRequirements. -func (mcr MtpCheckRequirements) MarshalJSON() ([]byte, error) { - mcr.Kind = KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection +// MarshalJSON is the custom marshaler for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) MarshalJSON() ([]byte, error) { + oacr.Kind = KindBasicDataConnectorsCheckRequirementsKindOfficeATP objectMap := make(map[string]interface{}) - if mcr.MTPCheckRequirementsProperties != nil { - objectMap["properties"] = mcr.MTPCheckRequirementsProperties + if oacr.OfficeATPCheckRequirementsProperties != nil { + objectMap["properties"] = oacr.OfficeATPCheckRequirementsProperties } - if mcr.Kind != "" { - objectMap["kind"] = mcr.Kind + if oacr.Kind != "" { + objectMap["kind"] = oacr.Kind } return json.Marshal(objectMap) } -// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { +// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { return nil, false } -// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { +// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { return nil, false } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { +// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false } -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return &mcr, true +// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { + return nil, false } -// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { return nil, false } -// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { +// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false } -// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { +// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { return nil, false } -// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { +// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { return nil, false } -// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { return nil, false } -// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { return nil, false } -// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { +// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { + return &oacr, true +} + +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { return nil, false } -// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { +// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return nil, false } -// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { +// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { return nil, false } -// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for MtpCheckRequirements. -func (mcr MtpCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { - return &mcr, true +// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for MtpCheckRequirements struct. -func (mcr *MtpCheckRequirements) UnmarshalJSON(body []byte) error { +// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. +func (oacr OfficeATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { + return &oacr, true +} + +// UnmarshalJSON is the custom unmarshaler for OfficeATPCheckRequirements struct. +func (oacr *OfficeATPCheckRequirements) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -13944,12 +17106,12 @@ func (mcr *MtpCheckRequirements) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mTPCheckRequirementsProperties MTPCheckRequirementsProperties - err = json.Unmarshal(*v, &mTPCheckRequirementsProperties) + var officeATPCheckRequirementsProperties OfficeATPCheckRequirementsProperties + err = json.Unmarshal(*v, &officeATPCheckRequirementsProperties) if err != nil { return err } - mcr.MTPCheckRequirementsProperties = &mTPCheckRequirementsProperties + oacr.OfficeATPCheckRequirementsProperties = &officeATPCheckRequirementsProperties } case "kind": if v != nil { @@ -13958,7 +17120,7 @@ func (mcr *MtpCheckRequirements) UnmarshalJSON(body []byte) error { if err != nil { return err } - mcr.Kind = kind + oacr.Kind = kind } } } @@ -13966,121 +17128,144 @@ func (mcr *MtpCheckRequirements) UnmarshalJSON(body []byte) error { return nil } -// MTPCheckRequirementsProperties MTP (Microsoft Threat Protection) requirements check properties. -type MTPCheckRequirementsProperties struct { +// OfficeATPCheckRequirementsProperties officeATP (Office 365 Advanced Threat Protection) requirements +// check properties. +type OfficeATPCheckRequirementsProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` } -// MTPDataConnector represents MTP (Microsoft Threat Protection) data connector. -type MTPDataConnector struct { - // MTPDataConnectorProperties - MTP (Microsoft Threat Protection) data connector properties. - *MTPDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// OfficeATPDataConnector represents OfficeATP (Office 365 Advanced Threat Protection) data connector. +type OfficeATPDataConnector struct { + // OfficeATPDataConnectorProperties - OfficeATP (Office 365 Advanced Threat Protection) data connector properties. + *OfficeATPDataConnectorProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for MTPDataConnector. -func (mdc MTPDataConnector) MarshalJSON() ([]byte, error) { - mdc.Kind = KindBasicDataConnectorKindMicrosoftThreatProtection +// MarshalJSON is the custom marshaler for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) MarshalJSON() ([]byte, error) { + oadc.Kind = KindBasicDataConnectorKindOfficeATP objectMap := make(map[string]interface{}) - if mdc.MTPDataConnectorProperties != nil { - objectMap["properties"] = mdc.MTPDataConnectorProperties + if oadc.OfficeATPDataConnectorProperties != nil { + objectMap["properties"] = oadc.OfficeATPDataConnectorProperties } - if mdc.Etag != nil { - objectMap["etag"] = mdc.Etag + if oadc.Kind != "" { + objectMap["kind"] = oadc.Kind } - if mdc.Kind != "" { - objectMap["kind"] = mdc.Kind + if oadc.Etag != nil { + objectMap["etag"] = oadc.Etag } return json.Marshal(objectMap) } -// AsAADDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { +// AsAADDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { + return nil, false +} + +// AsMSTIDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { + return nil, false +} + +// AsMTPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { + return nil, false +} + +// AsAATPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false +} + +// AsASCDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false } -// AsAATPDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsMSTIDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } -// AsMTPDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { - return &mdc, true +// AsMCASDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { + return nil, false } -// AsASCDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { - return nil, false +// AsOfficeATPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { + return &oadc, true } -// AsDynamics365DataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { return nil, false } -// AsMCASDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { +// AsMDATPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsOfficeDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false } -// AsOfficeATPDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { +// AsTIDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { return nil, false } -// AsOfficeDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { return nil, false } -// AsTIDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { +// AsCodelessUIDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { return nil, false } -// AsTiTaxiiDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { return nil, false } -// AsDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsDataConnector() (*DataConnector, bool) { +// AsDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false } -// AsBasicDataConnector is the BasicDataConnector implementation for MTPDataConnector. -func (mdc MTPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &mdc, true +// AsBasicDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. +func (oadc OfficeATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &oadc, true } -// UnmarshalJSON is the custom unmarshaler for MTPDataConnector struct. -func (mdc *MTPDataConnector) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for OfficeATPDataConnector struct. +func (oadc *OfficeATPDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -14090,12 +17275,30 @@ func (mdc *MTPDataConnector) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var mTPDataConnectorProperties MTPDataConnectorProperties - err = json.Unmarshal(*v, &mTPDataConnectorProperties) + var officeATPDataConnectorProperties OfficeATPDataConnectorProperties + err = json.Unmarshal(*v, &officeATPDataConnectorProperties) if err != nil { return err } - mdc.MTPDataConnectorProperties = &mTPDataConnectorProperties + oadc.OfficeATPDataConnectorProperties = &officeATPDataConnectorProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + oadc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + oadc.Etag = &etag } case "id": if v != nil { @@ -14104,7 +17307,7 @@ func (mdc *MTPDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.ID = &ID + oadc.ID = &ID } case "name": if v != nil { @@ -14113,7 +17316,7 @@ func (mdc *MTPDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.Name = &name + oadc.Name = &name } case "type": if v != nil { @@ -14122,25 +17325,16 @@ func (mdc *MTPDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - mdc.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - mdc.Etag = &etag + oadc.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - mdc.Kind = kind + oadc.SystemData = &systemData } } } @@ -14148,268 +17342,406 @@ func (mdc *MTPDataConnector) UnmarshalJSON(body []byte) error { return nil } -// MTPDataConnectorDataTypes the available data types for Microsoft Threat Protection Platforms data -// connector. -type MTPDataConnectorDataTypes struct { - // Incidents - Data type for Microsoft Threat Protection Platforms data connector. - Incidents *MTPDataConnectorDataTypesIncidents `json:"incidents,omitempty"` +// OfficeATPDataConnectorProperties officeATP (Office 365 Advanced Threat Protection) data connector +// properties. +type OfficeATPDataConnectorProperties struct { + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` + // DataTypes - The available data types for the connector. + DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` } -// MTPDataConnectorDataTypesIncidents data type for Microsoft Threat Protection Platforms data connector. -type MTPDataConnectorDataTypesIncidents struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' - State DataTypeState `json:"state,omitempty"` +// OfficeConsent consent for Office365 tenant that already made. +type OfficeConsent struct { + autorest.Response `json:"-"` + // OfficeConsentProperties - Office consent properties + *OfficeConsentProperties `json:"properties,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MTPDataConnectorProperties MTP (Microsoft Threat Protection) data connector properties. -type MTPDataConnectorProperties struct { - // DataTypes - The available data types for the connector. - DataTypes *MTPDataConnectorDataTypes `json:"dataTypes,omitempty"` - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` +// MarshalJSON is the custom marshaler for OfficeConsent. +func (oc OfficeConsent) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if oc.OfficeConsentProperties != nil { + objectMap["properties"] = oc.OfficeConsentProperties + } + return json.Marshal(objectMap) } -// OfficeATPCheckRequirements represents OfficeATP (Office 365 Advanced Threat Protection) requirements -// check request. -type OfficeATPCheckRequirements struct { - // OfficeATPCheckRequirementsProperties - OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. - *OfficeATPCheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' - Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` +// UnmarshalJSON is the custom unmarshaler for OfficeConsent struct. +func (oc *OfficeConsent) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var officeConsentProperties OfficeConsentProperties + err = json.Unmarshal(*v, &officeConsentProperties) + if err != nil { + return err + } + oc.OfficeConsentProperties = &officeConsentProperties + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + oc.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + oc.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + oc.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + oc.SystemData = &systemData + } + } + } + + return nil } -// MarshalJSON is the custom marshaler for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) MarshalJSON() ([]byte, error) { - oacr.Kind = KindBasicDataConnectorsCheckRequirementsKindOfficeATP +// OfficeConsentList list of all the office365 consents. +type OfficeConsentList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of office consents. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of the consents. + Value *[]OfficeConsent `json:"value,omitempty"` +} + +// MarshalJSON is the custom marshaler for OfficeConsentList. +func (ocl OfficeConsentList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if oacr.OfficeATPCheckRequirementsProperties != nil { - objectMap["properties"] = oacr.OfficeATPCheckRequirementsProperties - } - if oacr.Kind != "" { - objectMap["kind"] = oacr.Kind + if ocl.Value != nil { + objectMap["value"] = ocl.Value } return json.Marshal(objectMap) } -// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { - return nil, false +// OfficeConsentListIterator provides access to a complete listing of OfficeConsent values. +type OfficeConsentListIterator struct { + i int + page OfficeConsentListPage +} + +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *OfficeConsentListIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentListIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil } -// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { - return nil, false +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *OfficeConsentListIterator) Next() error { + return iter.NextWithContext(context.Background()) } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return nil, false +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter OfficeConsentListIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) } -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false +// Response returns the raw server response from the last page request. +func (iter OfficeConsentListIterator) Response() OfficeConsentList { + return iter.page.Response() } -// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { - return nil, false +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter OfficeConsentListIterator) Value() OfficeConsent { + if !iter.page.NotDone() { + return OfficeConsent{} + } + return iter.page.Values()[iter.i] } -// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { - return nil, false +// Creates a new instance of the OfficeConsentListIterator type. +func NewOfficeConsentListIterator(page OfficeConsentListPage) OfficeConsentListIterator { + return OfficeConsentListIterator{page: page} } -// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { - return nil, false +// IsEmpty returns true if the ListResult contains no values. +func (ocl OfficeConsentList) IsEmpty() bool { + return ocl.Value == nil || len(*ocl.Value) == 0 } -// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { - return nil, false +// hasNextLink returns true if the NextLink is not empty. +func (ocl OfficeConsentList) hasNextLink() bool { + return ocl.NextLink != nil && len(*ocl.NextLink) != 0 } -// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { - return nil, false +// officeConsentListPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (ocl OfficeConsentList) officeConsentListPreparer(ctx context.Context) (*http.Request, error) { + if !ocl.hasNextLink() { + return nil, nil + } + return autorest.Prepare((&http.Request{}).WithContext(ctx), + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(ocl.NextLink))) } -// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { - return &oacr, true +// OfficeConsentListPage contains a page of OfficeConsent values. +type OfficeConsentListPage struct { + fn func(context.Context, OfficeConsentList) (OfficeConsentList, error) + ocl OfficeConsentList } -// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { - return nil, false +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *OfficeConsentListPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentListPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + for { + next, err := page.fn(ctx, page.ocl) + if err != nil { + return err + } + page.ocl = next + if !next.hasNextLink() || !next.IsEmpty() { + break + } + } + return nil } -// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { - return nil, false +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *OfficeConsentListPage) Next() error { + return page.NextWithContext(context.Background()) } -// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { - return nil, false +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page OfficeConsentListPage) NotDone() bool { + return !page.ocl.IsEmpty() } -// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeATPCheckRequirements. -func (oacr OfficeATPCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { - return &oacr, true +// Response returns the raw server response from the last page request. +func (page OfficeConsentListPage) Response() OfficeConsentList { + return page.ocl } -// UnmarshalJSON is the custom unmarshaler for OfficeATPCheckRequirements struct. -func (oacr *OfficeATPCheckRequirements) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var officeATPCheckRequirementsProperties OfficeATPCheckRequirementsProperties - err = json.Unmarshal(*v, &officeATPCheckRequirementsProperties) - if err != nil { - return err - } - oacr.OfficeATPCheckRequirementsProperties = &officeATPCheckRequirementsProperties - } - case "kind": - if v != nil { - var kind KindBasicDataConnectorsCheckRequirements - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - oacr.Kind = kind - } - } +// Values returns the slice of values for the current page or nil if there are no values. +func (page OfficeConsentListPage) Values() []OfficeConsent { + if page.ocl.IsEmpty() { + return nil } + return *page.ocl.Value +} - return nil +// Creates a new instance of the OfficeConsentListPage type. +func NewOfficeConsentListPage(cur OfficeConsentList, getNextPage func(context.Context, OfficeConsentList) (OfficeConsentList, error)) OfficeConsentListPage { + return OfficeConsentListPage{ + fn: getNextPage, + ocl: cur, + } } -// OfficeATPCheckRequirementsProperties officeATP (Office 365 Advanced Threat Protection) requirements -// check properties. -type OfficeATPCheckRequirementsProperties struct { - // TenantID - The tenant id to connect to, and get the data from. +// OfficeConsentProperties consent property bag. +type OfficeConsentProperties struct { + // TenantID - The tenantId of the Office365 with the consent. TenantID *string `json:"tenantId,omitempty"` + // ConsentID - Help to easily cascade among the data layers. + ConsentID *string `json:"consentId,omitempty"` } -// OfficeATPDataConnector represents OfficeATP (Office 365 Advanced Threat Protection) data connector. -type OfficeATPDataConnector struct { - // OfficeATPDataConnectorProperties - OfficeATP (Office 365 Advanced Threat Protection) data connector properties. - *OfficeATPDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// OfficeDataConnector represents office data connector. +type OfficeDataConnector struct { + // OfficeDataConnectorProperties - Office data connector properties. + *OfficeDataConnectorProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) MarshalJSON() ([]byte, error) { - oadc.Kind = KindBasicDataConnectorKindOfficeATP +// MarshalJSON is the custom marshaler for OfficeDataConnector. +func (odc OfficeDataConnector) MarshalJSON() ([]byte, error) { + odc.Kind = KindBasicDataConnectorKindOffice365 objectMap := make(map[string]interface{}) - if oadc.OfficeATPDataConnectorProperties != nil { - objectMap["properties"] = oadc.OfficeATPDataConnectorProperties + if odc.OfficeDataConnectorProperties != nil { + objectMap["properties"] = odc.OfficeDataConnectorProperties } - if oadc.Etag != nil { - objectMap["etag"] = oadc.Etag + if odc.Kind != "" { + objectMap["kind"] = odc.Kind } - if oadc.Kind != "" { - objectMap["kind"] = oadc.Kind + if odc.Etag != nil { + objectMap["etag"] = odc.Etag } return json.Marshal(objectMap) } -// AsAADDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { +// AsAADDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsAATPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { +// AsMSTIDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false } -// AsMSTIDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { +// AsMTPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { return nil, false } -// AsMTPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { +// AsAATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { return nil, false } -// AsASCDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { +// AsASCDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false } -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsDynamics365DataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } -// AsMCASDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { +// AsMCASDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { + return nil, false +} + +// AsOfficeATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { + return nil, false +} + +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + +// AsOfficeDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { + return &odc, true +} + +// AsTIDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { return nil, false } -// AsOfficeATPDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { - return &oadc, true -} - -// AsOfficeDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { return nil, false } -// AsTIDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { +// AsCodelessUIDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { return nil, false } -// AsTiTaxiiDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { return nil, false } -// AsDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsDataConnector() (*DataConnector, bool) { +// AsDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false } -// AsBasicDataConnector is the BasicDataConnector implementation for OfficeATPDataConnector. -func (oadc OfficeATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &oadc, true +// AsBasicDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &odc, true } -// UnmarshalJSON is the custom unmarshaler for OfficeATPDataConnector struct. -func (oadc *OfficeATPDataConnector) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for OfficeDataConnector struct. +func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -14419,48 +17751,12 @@ func (oadc *OfficeATPDataConnector) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var officeATPDataConnectorProperties OfficeATPDataConnectorProperties - err = json.Unmarshal(*v, &officeATPDataConnectorProperties) - if err != nil { - return err - } - oadc.OfficeATPDataConnectorProperties = &officeATPDataConnectorProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - oadc.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - oadc.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - oadc.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var officeDataConnectorProperties OfficeDataConnectorProperties + err = json.Unmarshal(*v, &officeDataConnectorProperties) if err != nil { return err } - oadc.Etag = &etag + odc.OfficeDataConnectorProperties = &officeDataConnectorProperties } case "kind": if v != nil { @@ -14469,62 +17765,16 @@ func (oadc *OfficeATPDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - oadc.Kind = kind + odc.Kind = kind } - } - } - - return nil -} - -// OfficeATPDataConnectorProperties officeATP (Office 365 Advanced Threat Protection) data connector -// properties. -type OfficeATPDataConnectorProperties struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` - // DataTypes - The available data types for the connector. - DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` -} - -// OfficeConsent consent for Office365 tenant that already made. -type OfficeConsent struct { - autorest.Response `json:"-"` - // OfficeConsentProperties - Office consent properties - *OfficeConsentProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for OfficeConsent. -func (oc OfficeConsent) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if oc.OfficeConsentProperties != nil { - objectMap["properties"] = oc.OfficeConsentProperties - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for OfficeConsent struct. -func (oc *OfficeConsent) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": + case "etag": if v != nil { - var officeConsentProperties OfficeConsentProperties - err = json.Unmarshal(*v, &officeConsentProperties) + var etag string + err = json.Unmarshal(*v, &etag) if err != nil { return err } - oc.OfficeConsentProperties = &officeConsentProperties + odc.Etag = &etag } case "id": if v != nil { @@ -14533,7 +17783,7 @@ func (oc *OfficeConsent) UnmarshalJSON(body []byte) error { if err != nil { return err } - oc.ID = &ID + odc.ID = &ID } case "name": if v != nil { @@ -14542,7 +17792,7 @@ func (oc *OfficeConsent) UnmarshalJSON(body []byte) error { if err != nil { return err } - oc.Name = &name + odc.Name = &name } case "type": if v != nil { @@ -14551,7 +17801,16 @@ func (oc *OfficeConsent) UnmarshalJSON(body []byte) error { if err != nil { return err } - oc.Type = &typeVar + odc.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + odc.SystemData = &systemData } } } @@ -14559,291 +17818,315 @@ func (oc *OfficeConsent) UnmarshalJSON(body []byte) error { return nil } -// OfficeConsentList list of all the office365 consents. -type OfficeConsentList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of office consents. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of the consents. - Value *[]OfficeConsent `json:"value,omitempty"` +// OfficeDataConnectorDataTypes the available data types for office data connector. +type OfficeDataConnectorDataTypes struct { + // Exchange - Exchange data type connection. + Exchange *OfficeDataConnectorDataTypesExchange `json:"exchange,omitempty"` + // SharePoint - SharePoint data type connection. + SharePoint *OfficeDataConnectorDataTypesSharePoint `json:"sharePoint,omitempty"` + // Teams - Teams data type connection. + Teams *OfficeDataConnectorDataTypesTeams `json:"teams,omitempty"` } -// MarshalJSON is the custom marshaler for OfficeConsentList. -func (ocl OfficeConsentList) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if ocl.Value != nil { - objectMap["value"] = ocl.Value - } - return json.Marshal(objectMap) +// OfficeDataConnectorDataTypesExchange exchange data type connection. +type OfficeDataConnectorDataTypesExchange struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' + State DataTypeState `json:"state,omitempty"` } -// OfficeConsentListIterator provides access to a complete listing of OfficeConsent values. -type OfficeConsentListIterator struct { - i int - page OfficeConsentListPage +// OfficeDataConnectorDataTypesSharePoint sharePoint data type connection. +type OfficeDataConnectorDataTypesSharePoint struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' + State DataTypeState `json:"state,omitempty"` } -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *OfficeConsentListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil +// OfficeDataConnectorDataTypesTeams teams data type connection. +type OfficeDataConnectorDataTypesTeams struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' + State DataTypeState `json:"state,omitempty"` +} + +// OfficeDataConnectorProperties office data connector properties. +type OfficeDataConnectorProperties struct { + // DataTypes - The available data types for the connector. + DataTypes *OfficeDataConnectorDataTypes `json:"dataTypes,omitempty"` + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` +} + +// OfficeIRMCheckRequirements represents OfficeIRM (Microsoft Insider Risk Management) requirements check +// request. +type OfficeIRMCheckRequirements struct { + // OfficeIRMCheckRequirementsProperties - OfficeIRM (Microsoft Insider Risk Management) requirements check properties. + *OfficeIRMCheckRequirementsProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) MarshalJSON() ([]byte, error) { + oicr.Kind = KindBasicDataConnectorsCheckRequirementsKindOfficeIRM + objectMap := make(map[string]interface{}) + if oicr.OfficeIRMCheckRequirementsProperties != nil { + objectMap["properties"] = oicr.OfficeIRMCheckRequirementsProperties } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err + if oicr.Kind != "" { + objectMap["kind"] = oicr.Kind } - iter.i = 0 - return nil + return json.Marshal(objectMap) } -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *OfficeConsentListIterator) Next() error { - return iter.NextWithContext(context.Background()) +// AsAADCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsAADCheckRequirements() (*AADCheckRequirements, bool) { + return nil, false } -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter OfficeConsentListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) +// AsAATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements, bool) { + return nil, false } -// Response returns the raw server response from the last page request. -func (iter OfficeConsentListIterator) Response() OfficeConsentList { - return iter.page.Response() +// AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { + return nil, false } -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter OfficeConsentListIterator) Value() OfficeConsent { - if !iter.page.NotDone() { - return OfficeConsent{} - } - return iter.page.Values()[iter.i] +// AsAwsCloudTrailCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrailCheckRequirements, bool) { + return nil, false } -// Creates a new instance of the OfficeConsentListIterator type. -func NewOfficeConsentListIterator(page OfficeConsentListPage) OfficeConsentListIterator { - return OfficeConsentListIterator{page: page} +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { + return nil, false } -// IsEmpty returns true if the ListResult contains no values. -func (ocl OfficeConsentList) IsEmpty() bool { - return ocl.Value == nil || len(*ocl.Value) == 0 +// AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { + return nil, false } -// hasNextLink returns true if the NextLink is not empty. -func (ocl OfficeConsentList) hasNextLink() bool { - return ocl.NextLink != nil && len(*ocl.NextLink) != 0 +// AsMCASCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsMCASCheckRequirements() (*MCASCheckRequirements, bool) { + return nil, false } -// officeConsentListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (ocl OfficeConsentList) officeConsentListPreparer(ctx context.Context) (*http.Request, error) { - if !ocl.hasNextLink() { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(ocl.NextLink))) +// AsMDATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequirements, bool) { + return nil, false +} + +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { + return nil, false } -// OfficeConsentListPage contains a page of OfficeConsent values. -type OfficeConsentListPage struct { - fn func(context.Context, OfficeConsentList) (OfficeConsentList, error) - ocl OfficeConsentList +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { + return nil, false } -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *OfficeConsentListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - for { - next, err := page.fn(ctx, page.ocl) - if err != nil { - return err - } - page.ocl = next - if !next.hasNextLink() || !next.IsEmpty() { - break - } - } - return nil +// AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { + return nil, false } -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *OfficeConsentListPage) Next() error { - return page.NextWithContext(context.Background()) +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { + return &oicr, true } -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page OfficeConsentListPage) NotDone() bool { - return !page.ocl.IsEmpty() +// AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { + return nil, false } -// Response returns the raw server response from the last page request. -func (page OfficeConsentListPage) Response() OfficeConsentList { - return page.ocl +// AsTiTaxiiCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsTiTaxiiCheckRequirements() (*TiTaxiiCheckRequirements, bool) { + return nil, false } -// Values returns the slice of values for the current page or nil if there are no values. -func (page OfficeConsentListPage) Values() []OfficeConsent { - if page.ocl.IsEmpty() { - return nil - } - return *page.ocl.Value +// AsDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsDataConnectorsCheckRequirements() (*DataConnectorsCheckRequirements, bool) { + return nil, false } -// Creates a new instance of the OfficeConsentListPage type. -func NewOfficeConsentListPage(cur OfficeConsentList, getNextPage func(context.Context, OfficeConsentList) (OfficeConsentList, error)) OfficeConsentListPage { - return OfficeConsentListPage{ - fn: getNextPage, - ocl: cur, +// AsBasicDataConnectorsCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for OfficeIRMCheckRequirements. +func (oicr OfficeIRMCheckRequirements) AsBasicDataConnectorsCheckRequirements() (BasicDataConnectorsCheckRequirements, bool) { + return &oicr, true +} + +// UnmarshalJSON is the custom unmarshaler for OfficeIRMCheckRequirements struct. +func (oicr *OfficeIRMCheckRequirements) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var officeIRMCheckRequirementsProperties OfficeIRMCheckRequirementsProperties + err = json.Unmarshal(*v, &officeIRMCheckRequirementsProperties) + if err != nil { + return err + } + oicr.OfficeIRMCheckRequirementsProperties = &officeIRMCheckRequirementsProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnectorsCheckRequirements + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + oicr.Kind = kind + } + } } + + return nil } -// OfficeConsentProperties consent property bag. -type OfficeConsentProperties struct { - // TenantID - The tenantId of the Office365 with the consent. +// OfficeIRMCheckRequirementsProperties officeIRM (Microsoft Insider Risk Management) requirements check +// properties. +type OfficeIRMCheckRequirementsProperties struct { + // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` - // ConsentID - Help to easily cascade among the data layers. - ConsentID *string `json:"consentId,omitempty"` } -// OfficeDataConnector represents office data connector. -type OfficeDataConnector struct { - // OfficeDataConnectorProperties - Office data connector properties. - *OfficeDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// OfficeIRMDataConnector represents OfficeIRM (Microsoft Insider Risk Management) data connector. +type OfficeIRMDataConnector struct { + // OfficeIRMDataConnectorProperties - OfficeIRM (Microsoft Insider Risk Management) data connector properties. + *OfficeIRMDataConnectorProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for OfficeDataConnector. -func (odc OfficeDataConnector) MarshalJSON() ([]byte, error) { - odc.Kind = KindBasicDataConnectorKindOffice365 +// MarshalJSON is the custom marshaler for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) MarshalJSON() ([]byte, error) { + oidc.Kind = KindBasicDataConnectorKindOfficeIRM objectMap := make(map[string]interface{}) - if odc.OfficeDataConnectorProperties != nil { - objectMap["properties"] = odc.OfficeDataConnectorProperties + if oidc.OfficeIRMDataConnectorProperties != nil { + objectMap["properties"] = oidc.OfficeIRMDataConnectorProperties } - if odc.Etag != nil { - objectMap["etag"] = odc.Etag + if oidc.Kind != "" { + objectMap["kind"] = oidc.Kind } - if odc.Kind != "" { - objectMap["kind"] = odc.Kind + if oidc.Etag != nil { + objectMap["etag"] = oidc.Etag } return json.Marshal(objectMap) } -// AsAADDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { +// AsAADDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsAATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { +// AsMSTIDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false } -// AsMSTIDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { +// AsMTPDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { return nil, false } -// AsMTPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { +// AsAATPDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { return nil, false } -// AsASCDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { +// AsASCDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false } -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsDynamics365DataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } -// AsMCASDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { +// AsMCASDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } -// AsOfficeATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { +// AsOfficeATPDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, bool) { return nil, false } -// AsOfficeDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { - return &odc, true +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return &oidc, true } -// AsTIDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { +// AsMDATPDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { return nil, false } -// AsTiTaxiiDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { +// AsOfficeDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false } -// AsDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool) { +// AsTIDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { return nil, false } -// AsBasicDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &odc, true +// AsTiTaxiiDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for OfficeDataConnector struct. -func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error { +// AsCodelessUIDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return nil, false +} + +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return nil, false +} + +// AsDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsDataConnector() (*DataConnector, bool) { + return nil, false +} + +// AsBasicDataConnector is the BasicDataConnector implementation for OfficeIRMDataConnector. +func (oidc OfficeIRMDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &oidc, true +} + +// UnmarshalJSON is the custom unmarshaler for OfficeIRMDataConnector struct. +func (oidc *OfficeIRMDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -14853,12 +18136,30 @@ func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var officeDataConnectorProperties OfficeDataConnectorProperties - err = json.Unmarshal(*v, &officeDataConnectorProperties) + var officeIRMDataConnectorProperties OfficeIRMDataConnectorProperties + err = json.Unmarshal(*v, &officeIRMDataConnectorProperties) if err != nil { return err } - odc.OfficeDataConnectorProperties = &officeDataConnectorProperties + oidc.OfficeIRMDataConnectorProperties = &officeIRMDataConnectorProperties + } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + oidc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + oidc.Etag = &etag } case "id": if v != nil { @@ -14867,7 +18168,7 @@ func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - odc.ID = &ID + oidc.ID = &ID } case "name": if v != nil { @@ -14876,7 +18177,7 @@ func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - odc.Name = &name + oidc.Name = &name } case "type": if v != nil { @@ -14885,25 +18186,16 @@ func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error { if err != nil { return err } - odc.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - odc.Etag = &etag + oidc.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - odc.Kind = kind + oidc.SystemData = &systemData } } } @@ -14911,40 +18203,13 @@ func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error { return nil } -// OfficeDataConnectorDataTypes the available data types for office data connector. -type OfficeDataConnectorDataTypes struct { - // Exchange - Exchange data type connection. - Exchange *OfficeDataConnectorDataTypesExchange `json:"exchange,omitempty"` - // SharePoint - SharePoint data type connection. - SharePoint *OfficeDataConnectorDataTypesSharePoint `json:"sharePoint,omitempty"` - // Teams - Teams data type connection. - Teams *OfficeDataConnectorDataTypesTeams `json:"teams,omitempty"` -} - -// OfficeDataConnectorDataTypesExchange exchange data type connection. -type OfficeDataConnectorDataTypesExchange struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' - State DataTypeState `json:"state,omitempty"` -} - -// OfficeDataConnectorDataTypesSharePoint sharePoint data type connection. -type OfficeDataConnectorDataTypesSharePoint struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' - State DataTypeState `json:"state,omitempty"` -} - -// OfficeDataConnectorDataTypesTeams teams data type connection. -type OfficeDataConnectorDataTypesTeams struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' - State DataTypeState `json:"state,omitempty"` -} - -// OfficeDataConnectorProperties office data connector properties. -type OfficeDataConnectorProperties struct { - // DataTypes - The available data types for the connector. - DataTypes *OfficeDataConnectorDataTypes `json:"dataTypes,omitempty"` +// OfficeIRMDataConnectorProperties officeIRM (Microsoft Insider Risk Management) data connector +// properties. +type OfficeIRMDataConnectorProperties struct { // TenantID - The tenant id to connect to, and get the data from. TenantID *string `json:"tenantId,omitempty"` + // DataTypes - The available data types for the connector. + DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` } // Operation operation provided by provider @@ -14955,6 +18220,8 @@ type Operation struct { Name *string `json:"name,omitempty"` // Origin - The origin of the operation Origin *string `json:"origin,omitempty"` + // IsDataAction - Indicates whether the operation is a data action + IsDataAction *bool `json:"isDataAction,omitempty"` } // OperationDisplay properties of the operation @@ -14972,12 +18239,21 @@ type OperationDisplay struct { // OperationsList lists the operations available in the SecurityInsights RP. type OperationsList struct { autorest.Response `json:"-"` - // NextLink - URL to fetch the next set of operations. + // NextLink - READ-ONLY; URL to fetch the next set of operations. NextLink *string `json:"nextLink,omitempty"` // Value - Array of operations Value *[]Operation `json:"value,omitempty"` } +// MarshalJSON is the custom marshaler for OperationsList. +func (ol OperationsList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if ol.Value != nil { + objectMap["value"] = ol.Value + } + return json.Marshal(objectMap) +} + // OperationsListIterator provides access to a complete listing of Operation values. type OperationsListIterator struct { i int @@ -15128,18 +18404,50 @@ func NewOperationsListPage(cur OperationsList, getNextPage func(context.Context, } } +// Permissions permissions required for the connector +type Permissions struct { + // ResourceProvider - Resource provider permissions required for the connector + ResourceProvider *[]PermissionsResourceProviderItem `json:"resourceProvider,omitempty"` + // Customs - Customs permissions required for the connector + Customs *[]PermissionsCustomsItem `json:"customs,omitempty"` +} + +// PermissionsCustomsItem ... +type PermissionsCustomsItem struct { + // Name - Customs permissions name + Name *string `json:"name,omitempty"` + // Description - Customs permissions description + Description *string `json:"description,omitempty"` +} + +// PermissionsResourceProviderItem ... +type PermissionsResourceProviderItem struct { + // Provider - Provider name. Possible values include: 'ProviderNameMicrosoftOperationalInsightssolutions', 'ProviderNameMicrosoftOperationalInsightsworkspaces', 'ProviderNameMicrosoftOperationalInsightsworkspacesdatasources', 'ProviderNameMicrosoftaadiamdiagnosticSettings', 'ProviderNameMicrosoftOperationalInsightsworkspacessharedKeys', 'ProviderNameMicrosoftAuthorizationpolicyAssignments' + Provider ProviderName `json:"provider,omitempty"` + // PermissionsDisplayText - Permission description text + PermissionsDisplayText *string `json:"permissionsDisplayText,omitempty"` + // ProviderDisplayName - Permission provider display name + ProviderDisplayName *string `json:"providerDisplayName,omitempty"` + // Scope - Permission provider scope. Possible values include: 'PermissionProviderScopeResourceGroup', 'PermissionProviderScopeSubscription', 'PermissionProviderScopeWorkspace' + Scope PermissionProviderScope `json:"scope,omitempty"` + // RequiredPermissions - Required permissions for the connector + RequiredPermissions *RequiredPermissions `json:"requiredPermissions,omitempty"` +} + // ProcessEntity represents a process entity. type ProcessEntity struct { // ProcessEntityProperties - Process entity properties *ProcessEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for ProcessEntity. @@ -15155,53 +18463,53 @@ func (peVar ProcessEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false +// AsProcessEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsProcessEntity() (*ProcessEntity, bool) { + return &peVar, true } -// AsHuntingBookmark is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } @@ -15210,53 +18518,53 @@ func (peVar ProcessEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsProcessEntity() (*ProcessEntity, bool) { - return &peVar, true +// AsFileHashEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsFileHashEntity() (*FileHashEntity, bool) { + return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for ProcessEntity. +func (peVar ProcessEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } @@ -15288,6 +18596,15 @@ func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error { } peVar.ProcessEntityProperties = &processEntityProperties } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + peVar.Kind = kind + } case "id": if v != nil { var ID string @@ -15315,14 +18632,14 @@ func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error { } peVar.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - peVar.Kind = kind + peVar.SystemData = &systemData } } } @@ -15365,18 +18682,166 @@ func (pep ProcessEntityProperties) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } +// ProxyResource the resource model definition for a Azure Resource Manager proxy resource. It will not +// have tags and a location +type ProxyResource struct { + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for ProxyResource. +func (pr ProxyResource) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) +} + +// QueryBasedAlertRuleProperties query based alert rule base property bag. +type QueryBasedAlertRuleProperties struct { + // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` + // TemplateVersion - The version of the alert rule template used to create this rule - in format , where all are numbers, for example 0 <1.0.2> + TemplateVersion *string `json:"templateVersion,omitempty"` + // Description - The description of the alert rule. + Description *string `json:"description,omitempty"` + // Query - The query that creates alerts for this rule. + Query *string `json:"query,omitempty"` + // DisplayName - The display name for alerts created by this alert rule. + DisplayName *string `json:"displayName,omitempty"` + // Enabled - Determines whether this alert rule is enabled or disabled. + Enabled *bool `json:"enabled,omitempty"` + // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. + LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` + // SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. + SuppressionDuration *string `json:"suppressionDuration,omitempty"` + // SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled. + SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"` + // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' + Severity AlertSeverity `json:"severity,omitempty"` + // Tactics - The tactics of the alert rule + Tactics *[]AttackTactic `json:"tactics,omitempty"` + // IncidentConfiguration - The settings of the incidents that created from alerts triggered by this analytics rule + IncidentConfiguration *IncidentConfiguration `json:"incidentConfiguration,omitempty"` + // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert + CustomDetails map[string]*string `json:"customDetails"` + // EntityMappings - Array of the entity mappings of the alert rule + EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` + // AlertDetailsOverride - The alert details override settings + AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` +} + +// MarshalJSON is the custom marshaler for QueryBasedAlertRuleProperties. +func (qbarp QueryBasedAlertRuleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if qbarp.AlertRuleTemplateName != nil { + objectMap["alertRuleTemplateName"] = qbarp.AlertRuleTemplateName + } + if qbarp.TemplateVersion != nil { + objectMap["templateVersion"] = qbarp.TemplateVersion + } + if qbarp.Description != nil { + objectMap["description"] = qbarp.Description + } + if qbarp.Query != nil { + objectMap["query"] = qbarp.Query + } + if qbarp.DisplayName != nil { + objectMap["displayName"] = qbarp.DisplayName + } + if qbarp.Enabled != nil { + objectMap["enabled"] = qbarp.Enabled + } + if qbarp.SuppressionDuration != nil { + objectMap["suppressionDuration"] = qbarp.SuppressionDuration + } + if qbarp.SuppressionEnabled != nil { + objectMap["suppressionEnabled"] = qbarp.SuppressionEnabled + } + if qbarp.Severity != "" { + objectMap["severity"] = qbarp.Severity + } + if qbarp.Tactics != nil { + objectMap["tactics"] = qbarp.Tactics + } + if qbarp.IncidentConfiguration != nil { + objectMap["incidentConfiguration"] = qbarp.IncidentConfiguration + } + if qbarp.CustomDetails != nil { + objectMap["customDetails"] = qbarp.CustomDetails + } + if qbarp.EntityMappings != nil { + objectMap["entityMappings"] = qbarp.EntityMappings + } + if qbarp.AlertDetailsOverride != nil { + objectMap["alertDetailsOverride"] = qbarp.AlertDetailsOverride + } + return json.Marshal(objectMap) +} + +// QueryBasedAlertRuleTemplateProperties query based alert rule template base property bag. +type QueryBasedAlertRuleTemplateProperties struct { + // Query - The query that creates alerts for this rule. + Query *string `json:"query,omitempty"` + // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' + Severity AlertSeverity `json:"severity,omitempty"` + // Tactics - The tactics of the alert rule + Tactics *[]AttackTactic `json:"tactics,omitempty"` + // Version - The version of this template - in format , where all are numbers. For example <1.0.2>. + Version *string `json:"version,omitempty"` + // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert + CustomDetails map[string]*string `json:"customDetails"` + // EntityMappings - Array of the entity mappings of the alert rule + EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` + // AlertDetailsOverride - The alert details override settings + AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` +} + +// MarshalJSON is the custom marshaler for QueryBasedAlertRuleTemplateProperties. +func (qbartp QueryBasedAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if qbartp.Query != nil { + objectMap["query"] = qbartp.Query + } + if qbartp.Severity != "" { + objectMap["severity"] = qbartp.Severity + } + if qbartp.Tactics != nil { + objectMap["tactics"] = qbartp.Tactics + } + if qbartp.Version != nil { + objectMap["version"] = qbartp.Version + } + if qbartp.CustomDetails != nil { + objectMap["customDetails"] = qbartp.CustomDetails + } + if qbartp.EntityMappings != nil { + objectMap["entityMappings"] = qbartp.EntityMappings + } + if qbartp.AlertDetailsOverride != nil { + objectMap["alertDetailsOverride"] = qbartp.AlertDetailsOverride + } + return json.Marshal(objectMap) +} + // RegistryKeyEntity represents a registry key entity. type RegistryKeyEntity struct { // RegistryKeyEntityProperties - RegistryKey entity properties *RegistryKeyEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for RegistryKeyEntity. @@ -15392,53 +18857,53 @@ func (rke RegistryKeyEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false +// AsRegistryKeyEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { + return &rke, true } -// AsHostEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } @@ -15447,53 +18912,53 @@ func (rke RegistryKeyEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return &rke, true +// AsFileEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsFileEntity() (*FileEntity, bool) { + return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for RegistryKeyEntity. +func (rke RegistryKeyEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } @@ -15525,6 +18990,15 @@ func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error { } rke.RegistryKeyEntityProperties = ®istryKeyEntityProperties } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + rke.Kind = kind + } case "id": if v != nil { var ID string @@ -15552,14 +19026,14 @@ func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error { } rke.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - rke.Kind = kind + rke.SystemData = &systemData } } } @@ -15589,14 +19063,16 @@ func (rkep RegistryKeyEntityProperties) MarshalJSON() ([]byte, error) { type RegistryValueEntity struct { // RegistryValueEntityProperties - RegistryKey entity properties *RegistryValueEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for RegistryValueEntity. @@ -15612,53 +19088,53 @@ func (rve RegistryValueEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false +// AsRegistryValueEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { + return &rve, true } -// AsFileHashEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } @@ -15667,53 +19143,53 @@ func (rve RegistryValueEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return &rve, true +// AsDNSEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsDNSEntity() (*DNSEntity, bool) { + return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for RegistryValueEntity. +func (rve RegistryValueEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } @@ -15745,6 +19221,15 @@ func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error { } rve.RegistryValueEntityProperties = ®istryValueEntityProperties } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + rve.Kind = kind + } case "id": if v != nil { var ID string @@ -15772,14 +19257,14 @@ func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error { } rve.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - rve.Kind = kind + rve.SystemData = &systemData } } } @@ -15814,14 +19299,16 @@ type Relation struct { autorest.Response `json:"-"` // RelationProperties - Relation properties *RelationProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for Relation. @@ -15854,6 +19341,15 @@ func (r *Relation) UnmarshalJSON(body []byte) error { } r.RelationProperties = &relationProperties } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + r.Etag = &etag + } case "id": if v != nil { var ID string @@ -15881,55 +19377,231 @@ func (r *Relation) UnmarshalJSON(body []byte) error { } r.Type = &typeVar } - case "etag": + case "systemData": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - r.Etag = &etag + r.SystemData = &systemData + } + } + } + + return nil +} + +// RelationList list of relations. +type RelationList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of relations. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of relations. + Value *[]Relation `json:"value,omitempty"` +} + +// MarshalJSON is the custom marshaler for RelationList. +func (rl RelationList) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if rl.Value != nil { + objectMap["value"] = rl.Value + } + return json.Marshal(objectMap) +} + +// RelationListIterator provides access to a complete listing of Relation values. +type RelationListIterator struct { + i int + page RelationListPage +} + +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *RelationListIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/RelationListIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil +} + +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *RelationListIterator) Next() error { + return iter.NextWithContext(context.Background()) +} + +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter RelationListIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) +} + +// Response returns the raw server response from the last page request. +func (iter RelationListIterator) Response() RelationList { + return iter.page.Response() +} + +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter RelationListIterator) Value() Relation { + if !iter.page.NotDone() { + return Relation{} + } + return iter.page.Values()[iter.i] +} + +// Creates a new instance of the RelationListIterator type. +func NewRelationListIterator(page RelationListPage) RelationListIterator { + return RelationListIterator{page: page} +} + +// IsEmpty returns true if the ListResult contains no values. +func (rl RelationList) IsEmpty() bool { + return rl.Value == nil || len(*rl.Value) == 0 +} + +// hasNextLink returns true if the NextLink is not empty. +func (rl RelationList) hasNextLink() bool { + return rl.NextLink != nil && len(*rl.NextLink) != 0 +} + +// relationListPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (rl RelationList) relationListPreparer(ctx context.Context) (*http.Request, error) { + if !rl.hasNextLink() { + return nil, nil + } + return autorest.Prepare((&http.Request{}).WithContext(ctx), + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(rl.NextLink))) +} + +// RelationListPage contains a page of Relation values. +type RelationListPage struct { + fn func(context.Context, RelationList) (RelationList, error) + rl RelationList +} + +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *RelationListPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/RelationListPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode } + tracing.EndSpan(ctx, sc, err) + }() + } + for { + next, err := page.fn(ctx, page.rl) + if err != nil { + return err + } + page.rl = next + if !next.hasNextLink() || !next.IsEmpty() { + break } } + return nil +} + +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *RelationListPage) Next() error { + return page.NextWithContext(context.Background()) +} + +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page RelationListPage) NotDone() bool { + return !page.rl.IsEmpty() +} + +// Response returns the raw server response from the last page request. +func (page RelationListPage) Response() RelationList { + return page.rl +} + +// Values returns the slice of values for the current page or nil if there are no values. +func (page RelationListPage) Values() []Relation { + if page.rl.IsEmpty() { + return nil + } + return *page.rl.Value +} - return nil +// Creates a new instance of the RelationListPage type. +func NewRelationListPage(cur RelationList, getNextPage func(context.Context, RelationList) (RelationList, error)) RelationListPage { + return RelationListPage{ + fn: getNextPage, + rl: cur, + } } -// RelationBase represents a relation -type RelationBase struct { - // Kind - READ-ONLY; The type of relation node. Possible values include: 'RelationTypesCasesToBookmarks' - Kind RelationTypes `json:"kind,omitempty"` - // Etag - ETag for relation - Etag *string `json:"etag,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` +// RelationProperties relation property bag. +type RelationProperties struct { + // RelatedResourceID - The resource ID of the related resource + RelatedResourceID *string `json:"relatedResourceId,omitempty"` + // RelatedResourceName - READ-ONLY; The name of the related resource + RelatedResourceName *string `json:"relatedResourceName,omitempty"` + // RelatedResourceType - READ-ONLY; The resource type of the related resource + RelatedResourceType *string `json:"relatedResourceType,omitempty"` + // RelatedResourceKind - READ-ONLY; The resource kind of the related resource + RelatedResourceKind *string `json:"relatedResourceKind,omitempty"` } -// MarshalJSON is the custom marshaler for RelationBase. -func (rb RelationBase) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for RelationProperties. +func (rp RelationProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if rb.Etag != nil { - objectMap["etag"] = rb.Etag + if rp.RelatedResourceID != nil { + objectMap["relatedResourceId"] = rp.RelatedResourceID } return json.Marshal(objectMap) } -// RelationList list of relations. -type RelationList struct { +// Repo represents a repository. +type Repo struct { + // URL - The url to access the repository. + URL *string `json:"url,omitempty"` + // FullName - The name of the repository. + FullName *string `json:"fullName,omitempty"` + // Branches - Array of branches. + Branches *[]string `json:"branches,omitempty"` +} + +// RepoList list all the source controls. +type RepoList struct { autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of relations. + // NextLink - READ-ONLY; URL to fetch the next set of repositories. NextLink *string `json:"nextLink,omitempty"` - // Value - Array of relations. - Value *[]Relation `json:"value,omitempty"` + // Value - Array of repositories. + Value *[]Repo `json:"value,omitempty"` } -// MarshalJSON is the custom marshaler for RelationList. -func (rl RelationList) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for RepoList. +func (rl RepoList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) if rl.Value != nil { objectMap["value"] = rl.Value @@ -15937,17 +19609,17 @@ func (rl RelationList) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// RelationListIterator provides access to a complete listing of Relation values. -type RelationListIterator struct { +// RepoListIterator provides access to a complete listing of Repo values. +type RepoListIterator struct { i int - page RelationListPage + page RepoListPage } // NextWithContext advances to the next value. If there was an error making // the request the iterator does not advance and the error is returned. -func (iter *RelationListIterator) NextWithContext(ctx context.Context) (err error) { +func (iter *RepoListIterator) NextWithContext(ctx context.Context) (err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RelationListIterator.NextWithContext") + ctx = tracing.StartSpan(ctx, fqdn+"/RepoListIterator.NextWithContext") defer func() { sc := -1 if iter.Response().Response.Response != nil { @@ -15972,47 +19644,47 @@ func (iter *RelationListIterator) NextWithContext(ctx context.Context) (err erro // Next advances to the next value. If there was an error making // the request the iterator does not advance and the error is returned. // Deprecated: Use NextWithContext() instead. -func (iter *RelationListIterator) Next() error { +func (iter *RepoListIterator) Next() error { return iter.NextWithContext(context.Background()) } // NotDone returns true if the enumeration should be started or is not yet complete. -func (iter RelationListIterator) NotDone() bool { +func (iter RepoListIterator) NotDone() bool { return iter.page.NotDone() && iter.i < len(iter.page.Values()) } // Response returns the raw server response from the last page request. -func (iter RelationListIterator) Response() RelationList { +func (iter RepoListIterator) Response() RepoList { return iter.page.Response() } // Value returns the current value or a zero-initialized value if the // iterator has advanced beyond the end of the collection. -func (iter RelationListIterator) Value() Relation { +func (iter RepoListIterator) Value() Repo { if !iter.page.NotDone() { - return Relation{} + return Repo{} } return iter.page.Values()[iter.i] } -// Creates a new instance of the RelationListIterator type. -func NewRelationListIterator(page RelationListPage) RelationListIterator { - return RelationListIterator{page: page} +// Creates a new instance of the RepoListIterator type. +func NewRepoListIterator(page RepoListPage) RepoListIterator { + return RepoListIterator{page: page} } // IsEmpty returns true if the ListResult contains no values. -func (rl RelationList) IsEmpty() bool { +func (rl RepoList) IsEmpty() bool { return rl.Value == nil || len(*rl.Value) == 0 } // hasNextLink returns true if the NextLink is not empty. -func (rl RelationList) hasNextLink() bool { +func (rl RepoList) hasNextLink() bool { return rl.NextLink != nil && len(*rl.NextLink) != 0 } -// relationListPreparer prepares a request to retrieve the next set of results. +// repoListPreparer prepares a request to retrieve the next set of results. // It returns nil if no more results exist. -func (rl RelationList) relationListPreparer(ctx context.Context) (*http.Request, error) { +func (rl RepoList) repoListPreparer(ctx context.Context) (*http.Request, error) { if !rl.hasNextLink() { return nil, nil } @@ -16022,17 +19694,17 @@ func (rl RelationList) relationListPreparer(ctx context.Context) (*http.Request, autorest.WithBaseURL(to.String(rl.NextLink))) } -// RelationListPage contains a page of Relation values. -type RelationListPage struct { - fn func(context.Context, RelationList) (RelationList, error) - rl RelationList +// RepoListPage contains a page of Repo values. +type RepoListPage struct { + fn func(context.Context, RepoList) (RepoList, error) + rl RepoList } // NextWithContext advances to the next page of values. If there was an error making // the request the page does not advance and the error is returned. -func (page *RelationListPage) NextWithContext(ctx context.Context) (err error) { +func (page *RepoListPage) NextWithContext(ctx context.Context) (err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RelationListPage.NextWithContext") + ctx = tracing.StartSpan(ctx, fqdn+"/RepoListPage.NextWithContext") defer func() { sc := -1 if page.Response().Response.Response != nil { @@ -16057,114 +19729,201 @@ func (page *RelationListPage) NextWithContext(ctx context.Context) (err error) { // Next advances to the next page of values. If there was an error making // the request the page does not advance and the error is returned. // Deprecated: Use NextWithContext() instead. -func (page *RelationListPage) Next() error { +func (page *RepoListPage) Next() error { return page.NextWithContext(context.Background()) } // NotDone returns true if the page enumeration should be started or is not yet complete. -func (page RelationListPage) NotDone() bool { +func (page RepoListPage) NotDone() bool { return !page.rl.IsEmpty() } // Response returns the raw server response from the last page request. -func (page RelationListPage) Response() RelationList { +func (page RepoListPage) Response() RepoList { return page.rl } // Values returns the slice of values for the current page or nil if there are no values. -func (page RelationListPage) Values() []Relation { +func (page RepoListPage) Values() []Repo { if page.rl.IsEmpty() { return nil } return *page.rl.Value } -// Creates a new instance of the RelationListPage type. -func NewRelationListPage(cur RelationList, getNextPage func(context.Context, RelationList) (RelationList, error)) RelationListPage { - return RelationListPage{ +// Creates a new instance of the RepoListPage type. +func NewRepoListPage(cur RepoList, getNextPage func(context.Context, RepoList) (RepoList, error)) RepoListPage { + return RepoListPage{ fn: getNextPage, rl: cur, } } -// RelationNode relation node -type RelationNode struct { - // RelationNodeID - Relation Node Id - RelationNodeID *string `json:"relationNodeId,omitempty"` - // RelationNodeKind - READ-ONLY; The type of relation node. Possible values include: 'RelationNodeKindCase', 'RelationNodeKindBookmark' - RelationNodeKind RelationNodeKind `json:"relationNodeKind,omitempty"` - // Etag - Etag for relation node - Etag *string `json:"etag,omitempty"` - // RelationAdditionalProperties - Additional set of properties - RelationAdditionalProperties map[string]*string `json:"relationAdditionalProperties"` +// Repository metadata of a repository. +type Repository struct { + // URL - Url of repository. + URL *string `json:"url,omitempty"` + // Branch - Branch name of repository. + Branch *string `json:"branch,omitempty"` + // DisplayURL - Display url of repository. + DisplayURL *string `json:"displayUrl,omitempty"` + // DeploymentLogsURL - Url to access repository action logs. + DeploymentLogsURL *string `json:"deploymentLogsUrl,omitempty"` + // PathMapping - Dictionary of source control content type and path mapping. + PathMapping *[]ContentPathMap `json:"pathMapping,omitempty"` +} + +// RequiredPermissions required permissions for the connector +type RequiredPermissions struct { + // Action - action permission + Action *bool `json:"action,omitempty"` + // Write - write permission + Write *bool `json:"write,omitempty"` + // Read - read permission + Read *bool `json:"read,omitempty"` + // Delete - delete permission + Delete *bool `json:"delete,omitempty"` +} + +// Resource common fields that are returned in the response for all Azure Resource Manager resources +type Resource struct { + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for RelationNode. -func (rn RelationNode) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for Resource. +func (r Resource) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if rn.RelationNodeID != nil { - objectMap["relationNodeId"] = rn.RelationNodeID - } - if rn.Etag != nil { - objectMap["etag"] = rn.Etag - } - if rn.RelationAdditionalProperties != nil { - objectMap["relationAdditionalProperties"] = rn.RelationAdditionalProperties - } return json.Marshal(objectMap) } -// RelationProperties relation property bag. -type RelationProperties struct { - // RelatedResourceID - The resource ID of the related resource - RelatedResourceID *string `json:"relatedResourceId,omitempty"` - // RelatedResourceName - READ-ONLY; The name of the related resource - RelatedResourceName *string `json:"relatedResourceName,omitempty"` - // RelatedResourceType - READ-ONLY; The resource type of the related resource - RelatedResourceType *string `json:"relatedResourceType,omitempty"` - // RelatedResourceKind - READ-ONLY; The resource kind of the related resource - RelatedResourceKind *string `json:"relatedResourceKind,omitempty"` +// ResourceProvider resource provider permissions required for the connector +type ResourceProvider struct { + // Provider - Provider name. Possible values include: 'ProviderNameMicrosoftOperationalInsightssolutions', 'ProviderNameMicrosoftOperationalInsightsworkspaces', 'ProviderNameMicrosoftOperationalInsightsworkspacesdatasources', 'ProviderNameMicrosoftaadiamdiagnosticSettings', 'ProviderNameMicrosoftOperationalInsightsworkspacessharedKeys', 'ProviderNameMicrosoftAuthorizationpolicyAssignments' + Provider ProviderName `json:"provider,omitempty"` + // PermissionsDisplayText - Permission description text + PermissionsDisplayText *string `json:"permissionsDisplayText,omitempty"` + // ProviderDisplayName - Permission provider display name + ProviderDisplayName *string `json:"providerDisplayName,omitempty"` + // Scope - Permission provider scope. Possible values include: 'PermissionProviderScopeResourceGroup', 'PermissionProviderScopeSubscription', 'PermissionProviderScopeWorkspace' + Scope PermissionProviderScope `json:"scope,omitempty"` + // RequiredPermissions - Required permissions for the connector + RequiredPermissions *RequiredPermissions `json:"requiredPermissions,omitempty"` } -// MarshalJSON is the custom marshaler for RelationProperties. -func (rp RelationProperties) MarshalJSON() ([]byte, error) { +// ResourceWithEtag an azure resource object with an Etag property +type ResourceWithEtag struct { + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for ResourceWithEtag. +func (rwe ResourceWithEtag) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if rp.RelatedResourceID != nil { - objectMap["relatedResourceId"] = rp.RelatedResourceID + if rwe.Etag != nil { + objectMap["etag"] = rwe.Etag } return json.Marshal(objectMap) } -// RelationsModelInput relation input model -type RelationsModelInput struct { - // RelationsModelInputProperties - Relation input properties - *RelationsModelInputProperties `json:"properties,omitempty"` - // Kind - READ-ONLY; The type of relation node. Possible values include: 'RelationTypesCasesToBookmarks' - Kind RelationTypes `json:"kind,omitempty"` - // Etag - ETag for relation +// SampleQueries the sample queries for the connector +type SampleQueries struct { + // Description - The sample query description + Description *string `json:"description,omitempty"` + // Query - the sample query + Query *string `json:"query,omitempty"` +} + +// ScheduledAlertRule represents scheduled alert rule. +type ScheduledAlertRule struct { + // ScheduledAlertRuleProperties - Scheduled alert rule properties + *ScheduledAlertRuleProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' + Kind KindBasicAlertRule `json:"kind,omitempty"` + // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` - // ID - READ-ONLY; Azure resource Id + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for RelationsModelInput. -func (rmi RelationsModelInput) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for ScheduledAlertRule. +func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error) { + sar.Kind = KindBasicAlertRuleKindScheduled objectMap := make(map[string]interface{}) - if rmi.RelationsModelInputProperties != nil { - objectMap["properties"] = rmi.RelationsModelInputProperties + if sar.ScheduledAlertRuleProperties != nil { + objectMap["properties"] = sar.ScheduledAlertRuleProperties + } + if sar.Kind != "" { + objectMap["kind"] = sar.Kind } - if rmi.Etag != nil { - objectMap["etag"] = rmi.Etag + if sar.Etag != nil { + objectMap["etag"] = sar.Etag } return json.Marshal(objectMap) } -// UnmarshalJSON is the custom unmarshaler for RelationsModelInput struct. -func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { +// AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool) { + return nil, false +} + +// AsFusionAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { + return nil, false +} + +// AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool) { + return nil, false +} + +// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { + return nil, false +} + +// AsScheduledAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { + return &sar, true +} + +// AsNrtAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool) { + return nil, false +} + +// AsAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool) { + return nil, false +} + +// AsBasicAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { + return &sar, true +} + +// UnmarshalJSON is the custom unmarshaler for ScheduledAlertRule struct. +func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -16174,21 +19933,21 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var relationsModelInputProperties RelationsModelInputProperties - err = json.Unmarshal(*v, &relationsModelInputProperties) + var scheduledAlertRuleProperties ScheduledAlertRuleProperties + err = json.Unmarshal(*v, &scheduledAlertRuleProperties) if err != nil { return err } - rmi.RelationsModelInputProperties = &relationsModelInputProperties + sar.ScheduledAlertRuleProperties = &scheduledAlertRuleProperties } case "kind": if v != nil { - var kind RelationTypes + var kind KindBasicAlertRule err = json.Unmarshal(*v, &kind) if err != nil { return err } - rmi.Kind = kind + sar.Kind = kind } case "etag": if v != nil { @@ -16197,7 +19956,7 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { if err != nil { return err } - rmi.Etag = &etag + sar.Etag = &etag } case "id": if v != nil { @@ -16206,7 +19965,7 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { if err != nil { return err } - rmi.ID = &ID + sar.ID = &ID } case "name": if v != nil { @@ -16215,7 +19974,7 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { if err != nil { return err } - rmi.Name = &name + sar.Name = &name } case "type": if v != nil { @@ -16224,7 +19983,16 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { if err != nil { return err } - rmi.Type = &typeVar + sar.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + sar.SystemData = &systemData } } } @@ -16232,122 +20000,198 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { return nil } -// RelationsModelInputProperties relation input properties -type RelationsModelInputProperties struct { - // RelationName - Name of relation - RelationName *string `json:"relationName,omitempty"` - // SourceRelationNode - Relation source node - SourceRelationNode *RelationNode `json:"sourceRelationNode,omitempty"` - // TargetRelationNode - Relation target node - TargetRelationNode *RelationNode `json:"targetRelationNode,omitempty"` -} - -// Resource an azure resource object -type Resource struct { - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for Resource. -func (r Resource) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// ScheduledAlertRuleCommonProperties scheduled alert rule template property bag. +type ScheduledAlertRuleCommonProperties struct { + // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. + QueryFrequency *string `json:"queryFrequency,omitempty"` + // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. + QueryPeriod *string `json:"queryPeriod,omitempty"` + // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'TriggerOperatorGreaterThan', 'TriggerOperatorLessThan', 'TriggerOperatorEqual', 'TriggerOperatorNotEqual' + TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` + // TriggerThreshold - The threshold triggers this alert rule. + TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` + // EventGroupingSettings - The event grouping settings. + EventGroupingSettings *EventGroupingSettings `json:"eventGroupingSettings,omitempty"` } -// ResourceWithEtag an azure resource object with an Etag property -type ResourceWithEtag struct { - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` +// ScheduledAlertRuleProperties scheduled alert rule base property bag. +type ScheduledAlertRuleProperties struct { + // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. + QueryFrequency *string `json:"queryFrequency,omitempty"` + // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. + QueryPeriod *string `json:"queryPeriod,omitempty"` + // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'TriggerOperatorGreaterThan', 'TriggerOperatorLessThan', 'TriggerOperatorEqual', 'TriggerOperatorNotEqual' + TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` + // TriggerThreshold - The threshold triggers this alert rule. + TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` + // EventGroupingSettings - The event grouping settings. + EventGroupingSettings *EventGroupingSettings `json:"eventGroupingSettings,omitempty"` + // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` + // TemplateVersion - The version of the alert rule template used to create this rule - in format , where all are numbers, for example 0 <1.0.2> + TemplateVersion *string `json:"templateVersion,omitempty"` + // Description - The description of the alert rule. + Description *string `json:"description,omitempty"` + // Query - The query that creates alerts for this rule. + Query *string `json:"query,omitempty"` + // DisplayName - The display name for alerts created by this alert rule. + DisplayName *string `json:"displayName,omitempty"` + // Enabled - Determines whether this alert rule is enabled or disabled. + Enabled *bool `json:"enabled,omitempty"` + // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. + LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` + // SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. + SuppressionDuration *string `json:"suppressionDuration,omitempty"` + // SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled. + SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"` + // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' + Severity AlertSeverity `json:"severity,omitempty"` + // Tactics - The tactics of the alert rule + Tactics *[]AttackTactic `json:"tactics,omitempty"` + // IncidentConfiguration - The settings of the incidents that created from alerts triggered by this analytics rule + IncidentConfiguration *IncidentConfiguration `json:"incidentConfiguration,omitempty"` + // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert + CustomDetails map[string]*string `json:"customDetails"` + // EntityMappings - Array of the entity mappings of the alert rule + EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` + // AlertDetailsOverride - The alert details override settings + AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` } -// MarshalJSON is the custom marshaler for ResourceWithEtag. -func (rwe ResourceWithEtag) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for ScheduledAlertRuleProperties. +func (sarp ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if rwe.Etag != nil { - objectMap["etag"] = rwe.Etag + if sarp.QueryFrequency != nil { + objectMap["queryFrequency"] = sarp.QueryFrequency + } + if sarp.QueryPeriod != nil { + objectMap["queryPeriod"] = sarp.QueryPeriod + } + if sarp.TriggerOperator != "" { + objectMap["triggerOperator"] = sarp.TriggerOperator + } + if sarp.TriggerThreshold != nil { + objectMap["triggerThreshold"] = sarp.TriggerThreshold + } + if sarp.EventGroupingSettings != nil { + objectMap["eventGroupingSettings"] = sarp.EventGroupingSettings + } + if sarp.AlertRuleTemplateName != nil { + objectMap["alertRuleTemplateName"] = sarp.AlertRuleTemplateName + } + if sarp.TemplateVersion != nil { + objectMap["templateVersion"] = sarp.TemplateVersion + } + if sarp.Description != nil { + objectMap["description"] = sarp.Description + } + if sarp.Query != nil { + objectMap["query"] = sarp.Query + } + if sarp.DisplayName != nil { + objectMap["displayName"] = sarp.DisplayName + } + if sarp.Enabled != nil { + objectMap["enabled"] = sarp.Enabled + } + if sarp.SuppressionDuration != nil { + objectMap["suppressionDuration"] = sarp.SuppressionDuration + } + if sarp.SuppressionEnabled != nil { + objectMap["suppressionEnabled"] = sarp.SuppressionEnabled + } + if sarp.Severity != "" { + objectMap["severity"] = sarp.Severity + } + if sarp.Tactics != nil { + objectMap["tactics"] = sarp.Tactics + } + if sarp.IncidentConfiguration != nil { + objectMap["incidentConfiguration"] = sarp.IncidentConfiguration + } + if sarp.CustomDetails != nil { + objectMap["customDetails"] = sarp.CustomDetails + } + if sarp.EntityMappings != nil { + objectMap["entityMappings"] = sarp.EntityMappings + } + if sarp.AlertDetailsOverride != nil { + objectMap["alertDetailsOverride"] = sarp.AlertDetailsOverride } return json.Marshal(objectMap) } -// ScheduledAlertRule represents scheduled alert rule. -type ScheduledAlertRule struct { - // ScheduledAlertRuleProperties - Scheduled alert rule properties - *ScheduledAlertRuleProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// ScheduledAlertRuleTemplate represents scheduled alert rule template. +type ScheduledAlertRuleTemplate struct { + // ScheduledAlertRuleTemplateProperties - Scheduled alert rule template properties + *ScheduledAlertRuleTemplateProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' + Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled' - Kind KindBasicAlertRule `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for ScheduledAlertRule. -func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error) { - sar.Kind = KindBasicAlertRuleKindScheduled +// MarshalJSON is the custom marshaler for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error) { + sart.Kind = KindBasicAlertRuleTemplateKindScheduled objectMap := make(map[string]interface{}) - if sar.ScheduledAlertRuleProperties != nil { - objectMap["properties"] = sar.ScheduledAlertRuleProperties - } - if sar.Etag != nil { - objectMap["etag"] = sar.Etag + if sart.ScheduledAlertRuleTemplateProperties != nil { + objectMap["properties"] = sart.ScheduledAlertRuleTemplateProperties } - if sar.Kind != "" { - objectMap["kind"] = sar.Kind + if sart.Kind != "" { + objectMap["kind"] = sart.Kind } return json.Marshal(objectMap) } -// AsMLBehaviorAnalyticsAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsMLBehaviorAnalyticsAlertRule() (*MLBehaviorAnalyticsAlertRule, bool) { +// AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool) { return nil, false } -// AsFusionAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { +// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { return nil, false } -// AsThreatIntelligenceAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsThreatIntelligenceAlertRule() (*ThreatIntelligenceAlertRule, bool) { +// AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool) { return nil, false } -// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { +// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { return nil, false } -// AsScheduledAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { - return &sar, true +// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { + return &sart, true } -// AsAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool) { +// AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool) { return nil, false } -// AsBasicAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { - return &sar, true +// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for ScheduledAlertRule struct. -func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { +// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { + return &sart, true +} + +// UnmarshalJSON is the custom unmarshaler for ScheduledAlertRuleTemplate struct. +func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -16357,12 +20201,21 @@ func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var scheduledAlertRuleProperties ScheduledAlertRuleProperties - err = json.Unmarshal(*v, &scheduledAlertRuleProperties) + var scheduledAlertRuleTemplateProperties ScheduledAlertRuleTemplateProperties + err = json.Unmarshal(*v, &scheduledAlertRuleTemplateProperties) if err != nil { return err } - sar.ScheduledAlertRuleProperties = &scheduledAlertRuleProperties + sart.ScheduledAlertRuleTemplateProperties = &scheduledAlertRuleTemplateProperties + } + case "kind": + if v != nil { + var kind KindBasicAlertRuleTemplate + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + sart.Kind = kind } case "id": if v != nil { @@ -16371,7 +20224,7 @@ func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { if err != nil { return err } - sar.ID = &ID + sart.ID = &ID } case "name": if v != nil { @@ -16380,7 +20233,7 @@ func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { if err != nil { return err } - sar.Name = &name + sart.Name = &name } case "type": if v != nil { @@ -16389,25 +20242,16 @@ func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { if err != nil { return err } - sar.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - sar.Etag = &etag + sart.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicAlertRule - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - sar.Kind = kind + sart.SystemData = &systemData } } } @@ -16415,52 +20259,40 @@ func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { return nil } -// ScheduledAlertRuleCommonProperties scheduled alert rule template property bag. -type ScheduledAlertRuleCommonProperties struct { +// ScheduledAlertRuleTemplateProperties scheduled alert rule template properties +type ScheduledAlertRuleTemplateProperties struct { + // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` + // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. + LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` + // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` + // Description - The description of the alert rule template. + Description *string `json:"description,omitempty"` + // DisplayName - The display name for alert rule template. + DisplayName *string `json:"displayName,omitempty"` + // RequiredDataConnectors - The required data sources for this template + RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` + // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' + Status TemplateStatus `json:"status,omitempty"` // Query - The query that creates alerts for this rule. Query *string `json:"query,omitempty"` - // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. - QueryFrequency *string `json:"queryFrequency,omitempty"` - // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. - QueryPeriod *string `json:"queryPeriod,omitempty"` // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` - // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'TriggerOperatorGreaterThan', 'TriggerOperatorLessThan', 'TriggerOperatorEqual', 'TriggerOperatorNotEqual' - TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` - // TriggerThreshold - The threshold triggers this alert rule. - TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` - // EventGroupingSettings - The event grouping settings. - EventGroupingSettings *EventGroupingSettings `json:"eventGroupingSettings,omitempty"` -} - -// ScheduledAlertRuleProperties scheduled alert rule base property bag. -type ScheduledAlertRuleProperties struct { - // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. - AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` - // Description - The description of the alert rule. - Description *string `json:"description,omitempty"` - // DisplayName - The display name for alerts created by this alert rule. - DisplayName *string `json:"displayName,omitempty"` - // Enabled - Determines whether this alert rule is enabled or disabled. - Enabled *bool `json:"enabled,omitempty"` - // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. - LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` - // SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. - SuppressionDuration *string `json:"suppressionDuration,omitempty"` - // SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled. - SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"` // Tactics - The tactics of the alert rule Tactics *[]AttackTactic `json:"tactics,omitempty"` - // IncidentConfiguration - The settings of the incidents that created from alerts triggered by this analytics rule - IncidentConfiguration *IncidentConfiguration `json:"incidentConfiguration,omitempty"` - // Query - The query that creates alerts for this rule. - Query *string `json:"query,omitempty"` + // Version - The version of this template - in format , where all are numbers. For example <1.0.2>. + Version *string `json:"version,omitempty"` + // CustomDetails - Dictionary of string key-value pairs of columns to be attached to the alert + CustomDetails map[string]*string `json:"customDetails"` + // EntityMappings - Array of the entity mappings of the alert rule + EntityMappings *[]EntityMapping `json:"entityMappings,omitempty"` + // AlertDetailsOverride - The alert details override settings + AlertDetailsOverride *AlertDetailsOverride `json:"alertDetailsOverride,omitempty"` // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. QueryFrequency *string `json:"queryFrequency,omitempty"` // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. QueryPeriod *string `json:"queryPeriod,omitempty"` - // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' - Severity AlertSeverity `json:"severity,omitempty"` // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'TriggerOperatorGreaterThan', 'TriggerOperatorLessThan', 'TriggerOperatorEqual', 'TriggerOperatorNotEqual' TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` // TriggerThreshold - The threshold triggers this alert rule. @@ -16469,121 +20301,209 @@ type ScheduledAlertRuleProperties struct { EventGroupingSettings *EventGroupingSettings `json:"eventGroupingSettings,omitempty"` } -// MarshalJSON is the custom marshaler for ScheduledAlertRuleProperties. -func (sarp ScheduledAlertRuleProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for ScheduledAlertRuleTemplateProperties. +func (sart ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if sarp.AlertRuleTemplateName != nil { - objectMap["alertRuleTemplateName"] = sarp.AlertRuleTemplateName + if sart.AlertRulesCreatedByTemplateCount != nil { + objectMap["alertRulesCreatedByTemplateCount"] = sart.AlertRulesCreatedByTemplateCount } - if sarp.Description != nil { - objectMap["description"] = sarp.Description + if sart.Description != nil { + objectMap["description"] = sart.Description } - if sarp.DisplayName != nil { - objectMap["displayName"] = sarp.DisplayName + if sart.DisplayName != nil { + objectMap["displayName"] = sart.DisplayName } - if sarp.Enabled != nil { - objectMap["enabled"] = sarp.Enabled + if sart.RequiredDataConnectors != nil { + objectMap["requiredDataConnectors"] = sart.RequiredDataConnectors } - if sarp.SuppressionDuration != nil { - objectMap["suppressionDuration"] = sarp.SuppressionDuration + if sart.Status != "" { + objectMap["status"] = sart.Status } - if sarp.SuppressionEnabled != nil { - objectMap["suppressionEnabled"] = sarp.SuppressionEnabled + if sart.Query != nil { + objectMap["query"] = sart.Query } - if sarp.Tactics != nil { - objectMap["tactics"] = sarp.Tactics + if sart.Severity != "" { + objectMap["severity"] = sart.Severity } - if sarp.IncidentConfiguration != nil { - objectMap["incidentConfiguration"] = sarp.IncidentConfiguration + if sart.Tactics != nil { + objectMap["tactics"] = sart.Tactics } - if sarp.Query != nil { - objectMap["query"] = sarp.Query + if sart.Version != nil { + objectMap["version"] = sart.Version } - if sarp.QueryFrequency != nil { - objectMap["queryFrequency"] = sarp.QueryFrequency + if sart.CustomDetails != nil { + objectMap["customDetails"] = sart.CustomDetails } - if sarp.QueryPeriod != nil { - objectMap["queryPeriod"] = sarp.QueryPeriod + if sart.EntityMappings != nil { + objectMap["entityMappings"] = sart.EntityMappings } - if sarp.Severity != "" { - objectMap["severity"] = sarp.Severity + if sart.AlertDetailsOverride != nil { + objectMap["alertDetailsOverride"] = sart.AlertDetailsOverride + } + if sart.QueryFrequency != nil { + objectMap["queryFrequency"] = sart.QueryFrequency + } + if sart.QueryPeriod != nil { + objectMap["queryPeriod"] = sart.QueryPeriod } - if sarp.TriggerOperator != "" { - objectMap["triggerOperator"] = sarp.TriggerOperator + if sart.TriggerOperator != "" { + objectMap["triggerOperator"] = sart.TriggerOperator } - if sarp.TriggerThreshold != nil { - objectMap["triggerThreshold"] = sarp.TriggerThreshold + if sart.TriggerThreshold != nil { + objectMap["triggerThreshold"] = sart.TriggerThreshold } - if sarp.EventGroupingSettings != nil { - objectMap["eventGroupingSettings"] = sarp.EventGroupingSettings + if sart.EventGroupingSettings != nil { + objectMap["eventGroupingSettings"] = sart.EventGroupingSettings } return json.Marshal(objectMap) } -// ScheduledAlertRuleTemplate represents scheduled alert rule template. -type ScheduledAlertRuleTemplate struct { - // ScheduledAlertRuleTemplateProperties - Scheduled alert rule template properties - *ScheduledAlertRuleTemplateProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// SecurityAlert represents a security alert entity. +type SecurityAlert struct { + // SecurityAlertProperties - SecurityAlert entity properties + *SecurityAlertProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' - Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error) { - sart.Kind = KindBasicAlertRuleTemplateKindScheduled +// MarshalJSON is the custom marshaler for SecurityAlert. +func (sa SecurityAlert) MarshalJSON() ([]byte, error) { + sa.Kind = KindBasicEntityKindSecurityAlert objectMap := make(map[string]interface{}) - if sart.ScheduledAlertRuleTemplateProperties != nil { - objectMap["properties"] = sart.ScheduledAlertRuleTemplateProperties + if sa.SecurityAlertProperties != nil { + objectMap["properties"] = sa.SecurityAlertProperties } - if sart.Kind != "" { - objectMap["kind"] = sart.Kind + if sa.Kind != "" { + objectMap["kind"] = sa.Kind } return json.Marshal(objectMap) } -// AsMLBehaviorAnalyticsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsMLBehaviorAnalyticsAlertRuleTemplate() (*MLBehaviorAnalyticsAlertRuleTemplate, bool) { +// AsURLEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsThreatIntelligenceAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsThreatIntelligenceAlertRuleTemplate() (*ThreatIntelligenceAlertRuleTemplate, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { +// AsSecurityAlert is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsSecurityAlert() (*SecurityAlert, bool) { + return &sa, true +} + +// AsRegistryValueEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { - return &sart, true +// AsRegistryKeyEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { + return nil, false } -// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { +// AsProcessEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { - return &sart, true +// AsMalwareEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsMalwareEntity() (*MalwareEntity, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for ScheduledAlertRuleTemplate struct. -func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { +// AsMailMessageEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsMailMessageEntity() (*MailMessageEntity, bool) { + return nil, false +} + +// AsMailClusterEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsMailClusterEntity() (*MailClusterEntity, bool) { + return nil, false +} + +// AsMailboxEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsMailboxEntity() (*MailboxEntity, bool) { + return nil, false +} + +// AsIPEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsIPEntity() (*IPEntity, bool) { + return nil, false +} + +// AsIoTDeviceEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { + return nil, false +} + +// AsHuntingBookmark is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsHuntingBookmark() (*HuntingBookmark, bool) { + return nil, false +} + +// AsHostEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsHostEntity() (*HostEntity, bool) { + return nil, false +} + +// AsFileHashEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsFileHashEntity() (*FileHashEntity, bool) { + return nil, false +} + +// AsFileEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsFileEntity() (*FileEntity, bool) { + return nil, false +} + +// AsDNSEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsDNSEntity() (*DNSEntity, bool) { + return nil, false +} + +// AsCloudApplicationEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { + return nil, false +} + +// AsAzureResourceEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsAzureResourceEntity() (*AzureResourceEntity, bool) { + return nil, false +} + +// AsAccountEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsAccountEntity() (*AccountEntity, bool) { + return nil, false +} + +// AsEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsEntity() (*Entity, bool) { + return nil, false +} + +// AsBasicEntity is the BasicEntity implementation for SecurityAlert. +func (sa SecurityAlert) AsBasicEntity() (BasicEntity, bool) { + return &sa, true +} + +// UnmarshalJSON is the custom unmarshaler for SecurityAlert struct. +func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -16593,12 +20513,21 @@ func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var scheduledAlertRuleTemplateProperties ScheduledAlertRuleTemplateProperties - err = json.Unmarshal(*v, &scheduledAlertRuleTemplateProperties) + var securityAlertProperties SecurityAlertProperties + err = json.Unmarshal(*v, &securityAlertProperties) if err != nil { return err } - sart.ScheduledAlertRuleTemplateProperties = &scheduledAlertRuleTemplateProperties + sa.SecurityAlertProperties = &securityAlertProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + sa.Kind = kind } case "id": if v != nil { @@ -16607,7 +20536,7 @@ func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { if err != nil { return err } - sart.ID = &ID + sa.ID = &ID } case "name": if v != nil { @@ -16616,7 +20545,7 @@ func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { if err != nil { return err } - sart.Name = &name + sa.Name = &name } case "type": if v != nil { @@ -16625,246 +20554,336 @@ func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { if err != nil { return err } - sart.Type = &typeVar + sa.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicAlertRuleTemplate - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - sart.Kind = kind + sa.SystemData = &systemData } } } - return nil + return nil +} + +// SecurityAlertProperties securityAlert entity property bag. +type SecurityAlertProperties struct { + // AlertDisplayName - READ-ONLY; The display name of the alert. + AlertDisplayName *string `json:"alertDisplayName,omitempty"` + // AlertType - READ-ONLY; The type name of the alert. + AlertType *string `json:"alertType,omitempty"` + // CompromisedEntity - READ-ONLY; Display name of the main entity being reported on. + CompromisedEntity *string `json:"compromisedEntity,omitempty"` + // ConfidenceLevel - READ-ONLY; The confidence level of this alert. Possible values include: 'ConfidenceLevelUnknown', 'ConfidenceLevelLow', 'ConfidenceLevelHigh' + ConfidenceLevel ConfidenceLevel `json:"confidenceLevel,omitempty"` + // ConfidenceReasons - READ-ONLY; The confidence reasons + ConfidenceReasons *[]SecurityAlertPropertiesConfidenceReasonsItem `json:"confidenceReasons,omitempty"` + // ConfidenceScore - READ-ONLY; The confidence score of the alert. + ConfidenceScore *float64 `json:"confidenceScore,omitempty"` + // ConfidenceScoreStatus - READ-ONLY; The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final. Possible values include: 'ConfidenceScoreStatusNotApplicable', 'ConfidenceScoreStatusInProcess', 'ConfidenceScoreStatusNotFinal', 'ConfidenceScoreStatusFinal' + ConfidenceScoreStatus ConfidenceScoreStatus `json:"confidenceScoreStatus,omitempty"` + // Description - READ-ONLY; Alert description. + Description *string `json:"description,omitempty"` + // EndTimeUtc - READ-ONLY; The impact end time of the alert (the time of the last event contributing to the alert). + EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` + // Intent - READ-ONLY; Holds the alert intent stage(s) mapping for this alert. Possible values include: 'KillChainIntentUnknown', 'KillChainIntentProbing', 'KillChainIntentExploitation', 'KillChainIntentPersistence', 'KillChainIntentPrivilegeEscalation', 'KillChainIntentDefenseEvasion', 'KillChainIntentCredentialAccess', 'KillChainIntentDiscovery', 'KillChainIntentLateralMovement', 'KillChainIntentExecution', 'KillChainIntentCollection', 'KillChainIntentExfiltration', 'KillChainIntentCommandAndControl', 'KillChainIntentImpact' + Intent KillChainIntent `json:"intent,omitempty"` + // ProviderAlertID - READ-ONLY; The identifier of the alert inside the product which generated the alert. + ProviderAlertID *string `json:"providerAlertId,omitempty"` + // ProcessingEndTime - READ-ONLY; The time the alert was made available for consumption. + ProcessingEndTime *date.Time `json:"processingEndTime,omitempty"` + // ProductComponentName - READ-ONLY; The name of a component inside the product which generated the alert. + ProductComponentName *string `json:"productComponentName,omitempty"` + // ProductName - READ-ONLY; The name of the product which published this alert. + ProductName *string `json:"productName,omitempty"` + // ProductVersion - READ-ONLY; The version of the product generating the alert. + ProductVersion *string `json:"productVersion,omitempty"` + // RemediationSteps - READ-ONLY; Manual action items to take to remediate the alert. + RemediationSteps *[]string `json:"remediationSteps,omitempty"` + // Severity - The severity of the alert. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' + Severity AlertSeverity `json:"severity,omitempty"` + // StartTimeUtc - READ-ONLY; The impact start time of the alert (the time of the first event contributing to the alert). + StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` + // Status - READ-ONLY; The lifecycle status of the alert. Possible values include: 'AlertStatusUnknown', 'AlertStatusNew', 'AlertStatusResolved', 'AlertStatusDismissed', 'AlertStatusInProgress' + Status AlertStatus `json:"status,omitempty"` + // SystemAlertID - READ-ONLY; Holds the product identifier of the alert for the product. + SystemAlertID *string `json:"systemAlertId,omitempty"` + // Tactics - READ-ONLY; The tactics of the alert + Tactics *[]AttackTactic `json:"tactics,omitempty"` + // TimeGenerated - READ-ONLY; The time the alert was generated. + TimeGenerated *date.Time `json:"timeGenerated,omitempty"` + // VendorName - READ-ONLY; The name of the vendor that raise the alert. + VendorName *string `json:"vendorName,omitempty"` + // AlertLink - READ-ONLY; The uri link of the alert. + AlertLink *string `json:"alertLink,omitempty"` + // ResourceIdentifiers - READ-ONLY; The list of resource identifiers of the alert. + ResourceIdentifiers *[]interface{} `json:"resourceIdentifiers,omitempty"` + // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` + // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + FriendlyName *string `json:"friendlyName,omitempty"` +} + +// MarshalJSON is the custom marshaler for SecurityAlertProperties. +func (sap SecurityAlertProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if sap.Severity != "" { + objectMap["severity"] = sap.Severity + } + return json.Marshal(objectMap) +} + +// SecurityAlertPropertiesConfidenceReasonsItem confidence reason item +type SecurityAlertPropertiesConfidenceReasonsItem struct { + // Reason - READ-ONLY; The reason's description + Reason *string `json:"reason,omitempty"` + // ReasonType - READ-ONLY; The type (category) of the reason + ReasonType *string `json:"reasonType,omitempty"` +} + +// MarshalJSON is the custom marshaler for SecurityAlertPropertiesConfidenceReasonsItem. +func (sapRi SecurityAlertPropertiesConfidenceReasonsItem) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) } -// ScheduledAlertRuleTemplateProperties scheduled alert rule template properties -type ScheduledAlertRuleTemplateProperties struct { - // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template - AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` - // LastUpdatedDateUTC - READ-ONLY; The last time that this alert rule template has been updated. - LastUpdatedDateUTC *date.Time `json:"lastUpdatedDateUTC,omitempty"` - // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. - CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` - // Description - The description of the alert rule template. +// SecurityAlertTimelineItem represents security alert timeline item. +type SecurityAlertTimelineItem struct { + // AzureResourceID - The alert azure resource id. + AzureResourceID *string `json:"azureResourceId,omitempty"` + // ProductName - The alert product name. + ProductName *string `json:"productName,omitempty"` + // Description - The alert description. Description *string `json:"description,omitempty"` - // DisplayName - The display name for alert rule template. + // DisplayName - The alert name. DisplayName *string `json:"displayName,omitempty"` - // RequiredDataConnectors - The required data sources for this template - RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` - // Status - The alert rule template status. Possible values include: 'TemplateStatusInstalled', 'TemplateStatusAvailable', 'TemplateStatusNotAvailable' - Status TemplateStatus `json:"status,omitempty"` - // Query - The query that creates alerts for this rule. - Query *string `json:"query,omitempty"` - // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. - QueryFrequency *string `json:"queryFrequency,omitempty"` - // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. - QueryPeriod *string `json:"queryPeriod,omitempty"` - // Severity - The severity for alerts created by this alert rule. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' + // Severity - The alert severity. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' Severity AlertSeverity `json:"severity,omitempty"` - // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'TriggerOperatorGreaterThan', 'TriggerOperatorLessThan', 'TriggerOperatorEqual', 'TriggerOperatorNotEqual' - TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` - // TriggerThreshold - The threshold triggers this alert rule. - TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` - // EventGroupingSettings - The event grouping settings. - EventGroupingSettings *EventGroupingSettings `json:"eventGroupingSettings,omitempty"` - // Tactics - The tactics of the alert rule template - Tactics *[]AttackTactic `json:"tactics,omitempty"` + // EndTimeUtc - The alert end time. + EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` + // StartTimeUtc - The alert start time. + StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` + // TimeGenerated - The alert generated time. + TimeGenerated *date.Time `json:"timeGenerated,omitempty"` + // AlertType - The name of the alert type. + AlertType *string `json:"alertType,omitempty"` + // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindBookmark', 'KindBasicEntityTimelineItemKindSecurityAlert' + Kind KindBasicEntityTimelineItem `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for ScheduledAlertRuleTemplateProperties. -func (sart ScheduledAlertRuleTemplateProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for SecurityAlertTimelineItem. +func (sati SecurityAlertTimelineItem) MarshalJSON() ([]byte, error) { + sati.Kind = KindBasicEntityTimelineItemKindSecurityAlert objectMap := make(map[string]interface{}) - if sart.AlertRulesCreatedByTemplateCount != nil { - objectMap["alertRulesCreatedByTemplateCount"] = sart.AlertRulesCreatedByTemplateCount - } - if sart.Description != nil { - objectMap["description"] = sart.Description - } - if sart.DisplayName != nil { - objectMap["displayName"] = sart.DisplayName - } - if sart.RequiredDataConnectors != nil { - objectMap["requiredDataConnectors"] = sart.RequiredDataConnectors + if sati.AzureResourceID != nil { + objectMap["azureResourceId"] = sati.AzureResourceID } - if sart.Status != "" { - objectMap["status"] = sart.Status + if sati.ProductName != nil { + objectMap["productName"] = sati.ProductName } - if sart.Query != nil { - objectMap["query"] = sart.Query + if sati.Description != nil { + objectMap["description"] = sati.Description } - if sart.QueryFrequency != nil { - objectMap["queryFrequency"] = sart.QueryFrequency + if sati.DisplayName != nil { + objectMap["displayName"] = sati.DisplayName } - if sart.QueryPeriod != nil { - objectMap["queryPeriod"] = sart.QueryPeriod + if sati.Severity != "" { + objectMap["severity"] = sati.Severity } - if sart.Severity != "" { - objectMap["severity"] = sart.Severity + if sati.EndTimeUtc != nil { + objectMap["endTimeUtc"] = sati.EndTimeUtc } - if sart.TriggerOperator != "" { - objectMap["triggerOperator"] = sart.TriggerOperator + if sati.StartTimeUtc != nil { + objectMap["startTimeUtc"] = sati.StartTimeUtc } - if sart.TriggerThreshold != nil { - objectMap["triggerThreshold"] = sart.TriggerThreshold + if sati.TimeGenerated != nil { + objectMap["timeGenerated"] = sati.TimeGenerated } - if sart.EventGroupingSettings != nil { - objectMap["eventGroupingSettings"] = sart.EventGroupingSettings + if sati.AlertType != nil { + objectMap["alertType"] = sati.AlertType } - if sart.Tactics != nil { - objectMap["tactics"] = sart.Tactics + if sati.Kind != "" { + objectMap["kind"] = sati.Kind } return json.Marshal(objectMap) } -// SecurityAlert represents a security alert entity. -type SecurityAlert struct { - // SecurityAlertProperties - SecurityAlert entity properties - *SecurityAlertProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id +// AsActivityTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem. +func (sati SecurityAlertTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool) { + return nil, false +} + +// AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem. +func (sati SecurityAlertTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool) { + return nil, false +} + +// AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem. +func (sati SecurityAlertTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) { + return &sati, true +} + +// AsEntityTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem. +func (sati SecurityAlertTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool) { + return nil, false +} + +// AsBasicEntityTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem. +func (sati SecurityAlertTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool) { + return &sati, true +} + +// SecurityGroupEntity represents a security group entity. +type SecurityGroupEntity struct { + // SecurityGroupEntityProperties - SecurityGroup entity properties + *SecurityGroupEntityProperties `json:"properties,omitempty"` + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for SecurityAlert. -func (sa SecurityAlert) MarshalJSON() ([]byte, error) { - sa.Kind = KindBasicEntityKindSecurityAlert +// MarshalJSON is the custom marshaler for SecurityGroupEntity. +func (sge SecurityGroupEntity) MarshalJSON() ([]byte, error) { + sge.Kind = KindBasicEntityKindSecurityGroup objectMap := make(map[string]interface{}) - if sa.SecurityAlertProperties != nil { - objectMap["properties"] = sa.SecurityAlertProperties + if sge.SecurityGroupEntityProperties != nil { + objectMap["properties"] = sge.SecurityGroupEntityProperties } - if sa.Kind != "" { - objectMap["kind"] = sa.Kind + if sge.Kind != "" { + objectMap["kind"] = sge.Kind } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false +// AsSecurityGroupEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { + return &sge, true } -// AsDNSEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsSecurityAlert() (*SecurityAlert, bool) { - return &sa, true +// AsMailMessageEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { + return nil, false } -// AsIPEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } -// AsMailboxEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsMailboxEntity() (*MailboxEntity, bool) { +// AsMailboxEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsEntity() (*Entity, bool) { +// AsEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsEntity() (*Entity, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsBasicEntity() (BasicEntity, bool) { - return &sa, true +// AsBasicEntity is the BasicEntity implementation for SecurityGroupEntity. +func (sge SecurityGroupEntity) AsBasicEntity() (BasicEntity, bool) { + return &sge, true } -// UnmarshalJSON is the custom unmarshaler for SecurityAlert struct. -func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for SecurityGroupEntity struct. +func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -16874,12 +20893,21 @@ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var securityAlertProperties SecurityAlertProperties - err = json.Unmarshal(*v, &securityAlertProperties) + var securityGroupEntityProperties SecurityGroupEntityProperties + err = json.Unmarshal(*v, &securityGroupEntityProperties) if err != nil { return err } - sa.SecurityAlertProperties = &securityAlertProperties + sge.SecurityGroupEntityProperties = &securityGroupEntityProperties + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + sge.Kind = kind } case "id": if v != nil { @@ -16888,7 +20916,7 @@ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { if err != nil { return err } - sa.ID = &ID + sge.ID = &ID } case "name": if v != nil { @@ -16897,7 +20925,7 @@ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { if err != nil { return err } - sa.Name = &name + sge.Name = &name } case "type": if v != nil { @@ -16906,16 +20934,16 @@ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { if err != nil { return err } - sa.Type = &typeVar + sge.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - sa.Kind = kind + sge.SystemData = &systemData } } } @@ -16923,317 +20951,341 @@ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { return nil } -// SecurityAlertProperties securityAlert entity property bag. -type SecurityAlertProperties struct { - // AlertDisplayName - READ-ONLY; The display name of the alert. - AlertDisplayName *string `json:"alertDisplayName,omitempty"` - // AlertType - READ-ONLY; The type name of the alert. - AlertType *string `json:"alertType,omitempty"` - // CompromisedEntity - READ-ONLY; Display name of the main entity being reported on. - CompromisedEntity *string `json:"compromisedEntity,omitempty"` - // ConfidenceLevel - READ-ONLY; The confidence level of this alert. Possible values include: 'ConfidenceLevelUnknown', 'ConfidenceLevelLow', 'ConfidenceLevelHigh' - ConfidenceLevel ConfidenceLevel `json:"confidenceLevel,omitempty"` - // ConfidenceReasons - READ-ONLY; The confidence reasons - ConfidenceReasons *[]SecurityAlertPropertiesConfidenceReasonsItem `json:"confidenceReasons,omitempty"` - // ConfidenceScore - READ-ONLY; The confidence score of the alert. - ConfidenceScore *float64 `json:"confidenceScore,omitempty"` - // ConfidenceScoreStatus - READ-ONLY; The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final. Possible values include: 'ConfidenceScoreStatusNotApplicable', 'ConfidenceScoreStatusInProcess', 'ConfidenceScoreStatusNotFinal', 'ConfidenceScoreStatusFinal' - ConfidenceScoreStatus ConfidenceScoreStatus `json:"confidenceScoreStatus,omitempty"` - // Description - READ-ONLY; Alert description. - Description *string `json:"description,omitempty"` - // EndTimeUtc - READ-ONLY; The impact end time of the alert (the time of the last event contributing to the alert). - EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` - // Intent - READ-ONLY; Holds the alert intent stage(s) mapping for this alert. Possible values include: 'KillChainIntentUnknown', 'KillChainIntentProbing', 'KillChainIntentExploitation', 'KillChainIntentPersistence', 'KillChainIntentPrivilegeEscalation', 'KillChainIntentDefenseEvasion', 'KillChainIntentCredentialAccess', 'KillChainIntentDiscovery', 'KillChainIntentLateralMovement', 'KillChainIntentExecution', 'KillChainIntentCollection', 'KillChainIntentExfiltration', 'KillChainIntentCommandAndControl', 'KillChainIntentImpact' - Intent KillChainIntent `json:"intent,omitempty"` - // ProviderAlertID - READ-ONLY; The identifier of the alert inside the product which generated the alert. - ProviderAlertID *string `json:"providerAlertId,omitempty"` - // ProcessingEndTime - READ-ONLY; The time the alert was made available for consumption. - ProcessingEndTime *date.Time `json:"processingEndTime,omitempty"` - // ProductComponentName - READ-ONLY; The name of a component inside the product which generated the alert. - ProductComponentName *string `json:"productComponentName,omitempty"` - // ProductName - READ-ONLY; The name of the product which published this alert. - ProductName *string `json:"productName,omitempty"` - // ProductVersion - READ-ONLY; The version of the product generating the alert. - ProductVersion *string `json:"productVersion,omitempty"` - // RemediationSteps - READ-ONLY; Manual action items to take to remediate the alert. - RemediationSteps *[]string `json:"remediationSteps,omitempty"` - // Severity - The severity of the alert. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' - Severity AlertSeverity `json:"severity,omitempty"` - // StartTimeUtc - READ-ONLY; The impact start time of the alert (the time of the first event contributing to the alert). - StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` - // Status - READ-ONLY; The lifecycle status of the alert. Possible values include: 'AlertStatusUnknown', 'AlertStatusNew', 'AlertStatusResolved', 'AlertStatusDismissed', 'AlertStatusInProgress' - Status AlertStatus `json:"status,omitempty"` - // SystemAlertID - READ-ONLY; Holds the product identifier of the alert for the product. - SystemAlertID *string `json:"systemAlertId,omitempty"` - // Tactics - READ-ONLY; The tactics of the alert - Tactics *[]AttackTactic `json:"tactics,omitempty"` - // TimeGenerated - READ-ONLY; The time the alert was generated. - TimeGenerated *date.Time `json:"timeGenerated,omitempty"` - // VendorName - READ-ONLY; The name of the vendor that raise the alert. - VendorName *string `json:"vendorName,omitempty"` - // AlertLink - READ-ONLY; The uri link of the alert. - AlertLink *string `json:"alertLink,omitempty"` - // ResourceIdentifiers - READ-ONLY; The list of resource identifiers of the alert. - ResourceIdentifiers *[]interface{} `json:"resourceIdentifiers,omitempty"` +// SecurityGroupEntityProperties securityGroup entity property bag. +type SecurityGroupEntityProperties struct { + // DistinguishedName - READ-ONLY; The group distinguished name + DistinguishedName *string `json:"distinguishedName,omitempty"` + // ObjectGUID - READ-ONLY; A single-value attribute that is the unique identifier for the object, assigned by active directory. + ObjectGUID *uuid.UUID `json:"objectGuid,omitempty"` + // Sid - READ-ONLY; The SID attribute is a single-value attribute that specifies the security identifier (SID) of the group + Sid *string `json:"sid,omitempty"` // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. AdditionalData map[string]interface{} `json:"additionalData"` // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. FriendlyName *string `json:"friendlyName,omitempty"` } -// MarshalJSON is the custom marshaler for SecurityAlertProperties. -func (sap SecurityAlertProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if sap.Severity != "" { - objectMap["severity"] = sap.Severity - } - return json.Marshal(objectMap) -} - -// SecurityAlertPropertiesConfidenceReasonsItem confidence reason item -type SecurityAlertPropertiesConfidenceReasonsItem struct { - // Reason - READ-ONLY; The reason's description - Reason *string `json:"reason,omitempty"` - // ReasonType - READ-ONLY; The type (category) of the reason - ReasonType *string `json:"reasonType,omitempty"` -} - -// MarshalJSON is the custom marshaler for SecurityAlertPropertiesConfidenceReasonsItem. -func (sapRi SecurityAlertPropertiesConfidenceReasonsItem) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for SecurityGroupEntityProperties. +func (sgep SecurityGroupEntityProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) return json.Marshal(objectMap) } -// SecurityAlertTimelineItem represents security alert timeline item. -type SecurityAlertTimelineItem struct { - // AzureResourceID - The alert azure resource id. - AzureResourceID *string `json:"azureResourceId,omitempty"` - // ProductName - The alert product name. - ProductName *string `json:"productName,omitempty"` - // Description - The alert description. - Description *string `json:"description,omitempty"` - // DisplayName - The alert name. - DisplayName *string `json:"displayName,omitempty"` - // Severity - The alert severity. Possible values include: 'AlertSeverityHigh', 'AlertSeverityMedium', 'AlertSeverityLow', 'AlertSeverityInformational' - Severity AlertSeverity `json:"severity,omitempty"` - // EndTimeUtc - The alert end time. - EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` - // StartTimeUtc - The alert start time. - StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` - // TimeGenerated - The alert generated time. - TimeGenerated *date.Time `json:"timeGenerated,omitempty"` - // AlertType - The name of the alert type. - AlertType *string `json:"alertType,omitempty"` - // Kind - Possible values include: 'KindBasicEntityTimelineItemKindEntityTimelineItem', 'KindBasicEntityTimelineItemKindActivity', 'KindBasicEntityTimelineItemKindSecurityAlert', 'KindBasicEntityTimelineItemKindBookmark' - Kind KindBasicEntityTimelineItem `json:"kind,omitempty"` +// SentinelOnboardingState sentinel onboarding state +type SentinelOnboardingState struct { + autorest.Response `json:"-"` + // SentinelOnboardingStateProperties - The Sentinel onboarding state object + *SentinelOnboardingStateProperties `json:"properties,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// MarshalJSON is the custom marshaler for SecurityAlertTimelineItem. -func (sati SecurityAlertTimelineItem) MarshalJSON() ([]byte, error) { - sati.Kind = KindBasicEntityTimelineItemKindSecurityAlert +// MarshalJSON is the custom marshaler for SentinelOnboardingState. +func (sos SentinelOnboardingState) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if sati.AzureResourceID != nil { - objectMap["azureResourceId"] = sati.AzureResourceID - } - if sati.ProductName != nil { - objectMap["productName"] = sati.ProductName - } - if sati.Description != nil { - objectMap["description"] = sati.Description - } - if sati.DisplayName != nil { - objectMap["displayName"] = sati.DisplayName - } - if sati.Severity != "" { - objectMap["severity"] = sati.Severity - } - if sati.EndTimeUtc != nil { - objectMap["endTimeUtc"] = sati.EndTimeUtc - } - if sati.StartTimeUtc != nil { - objectMap["startTimeUtc"] = sati.StartTimeUtc - } - if sati.TimeGenerated != nil { - objectMap["timeGenerated"] = sati.TimeGenerated - } - if sati.AlertType != nil { - objectMap["alertType"] = sati.AlertType + if sos.SentinelOnboardingStateProperties != nil { + objectMap["properties"] = sos.SentinelOnboardingStateProperties } - if sati.Kind != "" { - objectMap["kind"] = sati.Kind + if sos.Etag != nil { + objectMap["etag"] = sos.Etag } return json.Marshal(objectMap) } -// AsActivityTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem. -func (sati SecurityAlertTimelineItem) AsActivityTimelineItem() (*ActivityTimelineItem, bool) { - return nil, false -} - -// AsSecurityAlertTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem. -func (sati SecurityAlertTimelineItem) AsSecurityAlertTimelineItem() (*SecurityAlertTimelineItem, bool) { - return &sati, true -} - -// AsBookmarkTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem. -func (sati SecurityAlertTimelineItem) AsBookmarkTimelineItem() (*BookmarkTimelineItem, bool) { - return nil, false -} - -// AsEntityTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem. -func (sati SecurityAlertTimelineItem) AsEntityTimelineItem() (*EntityTimelineItem, bool) { - return nil, false -} - -// AsBasicEntityTimelineItem is the BasicEntityTimelineItem implementation for SecurityAlertTimelineItem. -func (sati SecurityAlertTimelineItem) AsBasicEntityTimelineItem() (BasicEntityTimelineItem, bool) { - return &sati, true -} - -// SecurityGroupEntity represents a security group entity. -type SecurityGroupEntity struct { - // SecurityGroupEntityProperties - SecurityGroup entity properties - *SecurityGroupEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for SecurityGroupEntity. -func (sge SecurityGroupEntity) MarshalJSON() ([]byte, error) { - sge.Kind = KindBasicEntityKindSecurityGroup - objectMap := make(map[string]interface{}) - if sge.SecurityGroupEntityProperties != nil { - objectMap["properties"] = sge.SecurityGroupEntityProperties +// UnmarshalJSON is the custom unmarshaler for SentinelOnboardingState struct. +func (sos *SentinelOnboardingState) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err } - if sge.Kind != "" { - objectMap["kind"] = sge.Kind + for k, v := range m { + switch k { + case "properties": + if v != nil { + var sentinelOnboardingStateProperties SentinelOnboardingStateProperties + err = json.Unmarshal(*v, &sentinelOnboardingStateProperties) + if err != nil { + return err + } + sos.SentinelOnboardingStateProperties = &sentinelOnboardingStateProperties + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + sos.Etag = &etag + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + sos.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + sos.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + sos.Type = &typeVar + } + case "systemData": + if v != nil { + var systemData SystemData + err = json.Unmarshal(*v, &systemData) + if err != nil { + return err + } + sos.SystemData = &systemData + } + } } - return json.Marshal(objectMap) -} -// AsAccountEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false + return nil } -// AsAzureResourceEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false +// SentinelOnboardingStateProperties the Sentinel onboarding state properties +type SentinelOnboardingStateProperties struct { + // CustomerManagedKey - Flag that indicates the status of the CMK setting + CustomerManagedKey *bool `json:"customerManagedKey,omitempty"` } -// AsCloudApplicationEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false +// SentinelOnboardingStatesList list of the Sentinel onboarding states +type SentinelOnboardingStatesList struct { + autorest.Response `json:"-"` + // Value - Array of Sentinel onboarding states + Value *[]SentinelOnboardingState `json:"value,omitempty"` } -// AsDNSEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false +// SettingList list of all the settings. +type SettingList struct { + autorest.Response `json:"-"` + // Value - Array of settings. + Value *[]BasicSettings `json:"value,omitempty"` } -// AsFileEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} +// UnmarshalJSON is the custom unmarshaler for SettingList struct. +func (sl *SettingList) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "value": + if v != nil { + value, err := unmarshalBasicSettingsArray(*v) + if err != nil { + return err + } + sl.Value = &value + } + } + } -// AsFileHashEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false + return nil } -// AsHostEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false +// BasicSettings the Setting. +type BasicSettings interface { + AsAnomalies() (*Anomalies, bool) + AsEyesOn() (*EyesOn, bool) + AsEntityAnalytics() (*EntityAnalytics, bool) + AsUeba() (*Ueba, bool) + AsSettings() (*Settings, bool) } -// AsHuntingBookmark is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { - return nil, false +// Settings the Setting. +type Settings struct { + autorest.Response `json:"-"` + // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindAnomalies', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' + Kind KindBasicSettings `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// AsSecurityAlert is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} +func unmarshalBasicSettings(body []byte) (BasicSettings, error) { + var m map[string]interface{} + err := json.Unmarshal(body, &m) + if err != nil { + return nil, err + } -// AsIPEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false + switch m["kind"] { + case string(KindBasicSettingsKindAnomalies): + var a Anomalies + err := json.Unmarshal(body, &a) + return a, err + case string(KindBasicSettingsKindEyesOn): + var eo EyesOn + err := json.Unmarshal(body, &eo) + return eo, err + case string(KindBasicSettingsKindEntityAnalytics): + var ea EntityAnalytics + err := json.Unmarshal(body, &ea) + return ea, err + case string(KindBasicSettingsKindUeba): + var u Ueba + err := json.Unmarshal(body, &u) + return u, err + default: + var s Settings + err := json.Unmarshal(body, &s) + return s, err + } } +func unmarshalBasicSettingsArray(body []byte) ([]BasicSettings, error) { + var rawMessages []*json.RawMessage + err := json.Unmarshal(body, &rawMessages) + if err != nil { + return nil, err + } -// AsMailboxEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsMailboxEntity() (*MailboxEntity, bool) { - return nil, false + sArray := make([]BasicSettings, len(rawMessages)) + + for index, rawMessage := range rawMessages { + s, err := unmarshalBasicSettings(*rawMessage) + if err != nil { + return nil, err + } + sArray[index] = s + } + return sArray, nil } -// AsMailClusterEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { - return nil, false +// MarshalJSON is the custom marshaler for Settings. +func (s Settings) MarshalJSON() ([]byte, error) { + s.Kind = KindBasicSettingsKindSettings + objectMap := make(map[string]interface{}) + if s.Kind != "" { + objectMap["kind"] = s.Kind + } + if s.Etag != nil { + objectMap["etag"] = s.Etag + } + return json.Marshal(objectMap) } -// AsMailMessageEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsAnomalies is the BasicSettings implementation for Settings. +func (s Settings) AsAnomalies() (*Anomalies, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsEyesOn is the BasicSettings implementation for Settings. +func (s Settings) AsEyesOn() (*EyesOn, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsEntityAnalytics is the BasicSettings implementation for Settings. +func (s Settings) AsEntityAnalytics() (*EntityAnalytics, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsUeba is the BasicSettings implementation for Settings. +func (s Settings) AsUeba() (*Ueba, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false +// AsSettings is the BasicSettings implementation for Settings. +func (s Settings) AsSettings() (*Settings, bool) { + return &s, true } -// AsRegistryValueEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false +// AsBasicSettings is the BasicSettings implementation for Settings. +func (s Settings) AsBasicSettings() (BasicSettings, bool) { + return &s, true } -// AsSecurityGroupEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return &sge, true +// SettingsModel ... +type SettingsModel struct { + autorest.Response `json:"-"` + Value BasicSettings `json:"value,omitempty"` } -// AsURLEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false +// UnmarshalJSON is the custom unmarshaler for SettingsModel struct. +func (sm *SettingsModel) UnmarshalJSON(body []byte) error { + s, err := unmarshalBasicSettings(body) + if err != nil { + return err + } + sm.Value = s + + return nil } -// AsIoTDeviceEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false +// Sku the pricing tier of the solution +type Sku struct { + // Name - The kind of the tier. Possible values include: 'SkuKindPerGB', 'SkuKindCapacityReservation' + Name SkuKind `json:"name,omitempty"` + // CapacityReservationLevel - The amount of reservation level + CapacityReservationLevel *int32 `json:"capacityReservationLevel,omitempty"` } -// AsEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsEntity() (*Entity, bool) { - return nil, false +// SourceControl represents a SourceControl in Azure Security Insights. +type SourceControl struct { + autorest.Response `json:"-"` + // SourceControlProperties - source control properties + *SourceControlProperties `json:"properties,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } -// AsBasicEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsBasicEntity() (BasicEntity, bool) { - return &sge, true +// MarshalJSON is the custom marshaler for SourceControl. +func (sc SourceControl) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if sc.SourceControlProperties != nil { + objectMap["properties"] = sc.SourceControlProperties + } + if sc.Etag != nil { + objectMap["etag"] = sc.Etag + } + return json.Marshal(objectMap) } -// UnmarshalJSON is the custom unmarshaler for SecurityGroupEntity struct. -func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for SourceControl struct. +func (sc *SourceControl) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -17243,12 +21295,21 @@ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var securityGroupEntityProperties SecurityGroupEntityProperties - err = json.Unmarshal(*v, &securityGroupEntityProperties) + var sourceControlProperties SourceControlProperties + err = json.Unmarshal(*v, &sourceControlProperties) if err != nil { return err } - sge.SecurityGroupEntityProperties = &securityGroupEntityProperties + sc.SourceControlProperties = &sourceControlProperties + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + sc.Etag = &etag } case "id": if v != nil { @@ -17257,7 +21318,7 @@ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - sge.ID = &ID + sc.ID = &ID } case "name": if v != nil { @@ -17266,7 +21327,7 @@ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - sge.Name = &name + sc.Name = &name } case "type": if v != nil { @@ -17275,16 +21336,16 @@ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - sge.Type = &typeVar + sc.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - sge.Kind = kind + sc.SystemData = &systemData } } } @@ -17292,207 +21353,204 @@ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { return nil } -// SecurityGroupEntityProperties securityGroup entity property bag. -type SecurityGroupEntityProperties struct { - // DistinguishedName - READ-ONLY; The group distinguished name - DistinguishedName *string `json:"distinguishedName,omitempty"` - // ObjectGUID - READ-ONLY; A single-value attribute that is the unique identifier for the object, assigned by active directory. - ObjectGUID *uuid.UUID `json:"objectGuid,omitempty"` - // Sid - READ-ONLY; The SID attribute is a single-value attribute that specifies the security identifier (SID) of the group - Sid *string `json:"sid,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` +// SourceControlList list all the source controls. +type SourceControlList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of source controls. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of source controls. + Value *[]SourceControl `json:"value,omitempty"` } -// MarshalJSON is the custom marshaler for SecurityGroupEntityProperties. -func (sgep SecurityGroupEntityProperties) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for SourceControlList. +func (scl SourceControlList) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) + if scl.Value != nil { + objectMap["value"] = scl.Value + } return json.Marshal(objectMap) } -// SettingList list of all the settings. -type SettingList struct { - autorest.Response `json:"-"` - // Value - Array of settings. - Value *[]BasicSettings `json:"value,omitempty"` +// SourceControlListIterator provides access to a complete listing of SourceControl values. +type SourceControlListIterator struct { + i int + page SourceControlListPage } -// UnmarshalJSON is the custom unmarshaler for SettingList struct. -func (sl *SettingList) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *SourceControlListIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SourceControlListIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) if err != nil { + iter.i-- return err } - for k, v := range m { - switch k { - case "value": - if v != nil { - value, err := unmarshalBasicSettingsArray(*v) - if err != nil { - return err - } - sl.Value = &value - } - } - } - + iter.i = 0 return nil } -// BasicSettings the Setting. -type BasicSettings interface { - AsIPSyncer() (*IPSyncer, bool) - AsEyesOn() (*EyesOn, bool) - AsEntityAnalytics() (*EntityAnalytics, bool) - AsUeba() (*Ueba, bool) - AsSettings() (*Settings, bool) +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *SourceControlListIterator) Next() error { + return iter.NextWithContext(context.Background()) } -// Settings the Setting. -type Settings struct { - autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindIPSyncer', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' - Kind KindBasicSettings `json:"kind,omitempty"` +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter SourceControlListIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) } -func unmarshalBasicSettings(body []byte) (BasicSettings, error) { - var m map[string]interface{} - err := json.Unmarshal(body, &m) - if err != nil { - return nil, err - } +// Response returns the raw server response from the last page request. +func (iter SourceControlListIterator) Response() SourceControlList { + return iter.page.Response() +} - switch m["kind"] { - case string(KindBasicSettingsKindIPSyncer): - var is IPSyncer - err := json.Unmarshal(body, &is) - return is, err - case string(KindBasicSettingsKindEyesOn): - var eo EyesOn - err := json.Unmarshal(body, &eo) - return eo, err - case string(KindBasicSettingsKindEntityAnalytics): - var ea EntityAnalytics - err := json.Unmarshal(body, &ea) - return ea, err - case string(KindBasicSettingsKindUeba): - var u Ueba - err := json.Unmarshal(body, &u) - return u, err - default: - var s Settings - err := json.Unmarshal(body, &s) - return s, err +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter SourceControlListIterator) Value() SourceControl { + if !iter.page.NotDone() { + return SourceControl{} } + return iter.page.Values()[iter.i] } -func unmarshalBasicSettingsArray(body []byte) ([]BasicSettings, error) { - var rawMessages []*json.RawMessage - err := json.Unmarshal(body, &rawMessages) - if err != nil { - return nil, err - } - - sArray := make([]BasicSettings, len(rawMessages)) - for index, rawMessage := range rawMessages { - s, err := unmarshalBasicSettings(*rawMessage) - if err != nil { - return nil, err - } - sArray[index] = s - } - return sArray, nil +// Creates a new instance of the SourceControlListIterator type. +func NewSourceControlListIterator(page SourceControlListPage) SourceControlListIterator { + return SourceControlListIterator{page: page} } -// MarshalJSON is the custom marshaler for Settings. -func (s Settings) MarshalJSON() ([]byte, error) { - s.Kind = KindBasicSettingsKindSettings - objectMap := make(map[string]interface{}) - if s.Etag != nil { - objectMap["etag"] = s.Etag - } - if s.Kind != "" { - objectMap["kind"] = s.Kind - } - return json.Marshal(objectMap) +// IsEmpty returns true if the ListResult contains no values. +func (scl SourceControlList) IsEmpty() bool { + return scl.Value == nil || len(*scl.Value) == 0 } -// AsIPSyncer is the BasicSettings implementation for Settings. -func (s Settings) AsIPSyncer() (*IPSyncer, bool) { - return nil, false +// hasNextLink returns true if the NextLink is not empty. +func (scl SourceControlList) hasNextLink() bool { + return scl.NextLink != nil && len(*scl.NextLink) != 0 } -// AsEyesOn is the BasicSettings implementation for Settings. -func (s Settings) AsEyesOn() (*EyesOn, bool) { - return nil, false +// sourceControlListPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (scl SourceControlList) sourceControlListPreparer(ctx context.Context) (*http.Request, error) { + if !scl.hasNextLink() { + return nil, nil + } + return autorest.Prepare((&http.Request{}).WithContext(ctx), + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(scl.NextLink))) } -// AsEntityAnalytics is the BasicSettings implementation for Settings. -func (s Settings) AsEntityAnalytics() (*EntityAnalytics, bool) { - return nil, false +// SourceControlListPage contains a page of SourceControl values. +type SourceControlListPage struct { + fn func(context.Context, SourceControlList) (SourceControlList, error) + scl SourceControlList } -// AsUeba is the BasicSettings implementation for Settings. -func (s Settings) AsUeba() (*Ueba, bool) { - return nil, false +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *SourceControlListPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SourceControlListPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + for { + next, err := page.fn(ctx, page.scl) + if err != nil { + return err + } + page.scl = next + if !next.hasNextLink() || !next.IsEmpty() { + break + } + } + return nil } -// AsSettings is the BasicSettings implementation for Settings. -func (s Settings) AsSettings() (*Settings, bool) { - return &s, true +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *SourceControlListPage) Next() error { + return page.NextWithContext(context.Background()) } -// AsBasicSettings is the BasicSettings implementation for Settings. -func (s Settings) AsBasicSettings() (BasicSettings, bool) { - return &s, true +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page SourceControlListPage) NotDone() bool { + return !page.scl.IsEmpty() } -// SettingsKind describes an Azure resource with kind. -type SettingsKind struct { - // Kind - The kind of the setting. Possible values include: 'SettingKindEyesOn', 'SettingKindEntityAnalytics', 'SettingKindUeba' - Kind SettingKind `json:"kind,omitempty"` +// Response returns the raw server response from the last page request. +func (page SourceControlListPage) Response() SourceControlList { + return page.scl } -// SettingsModel ... -type SettingsModel struct { - autorest.Response `json:"-"` - Value BasicSettings `json:"value,omitempty"` +// Values returns the slice of values for the current page or nil if there are no values. +func (page SourceControlListPage) Values() []SourceControl { + if page.scl.IsEmpty() { + return nil + } + return *page.scl.Value } -// UnmarshalJSON is the custom unmarshaler for SettingsModel struct. -func (sm *SettingsModel) UnmarshalJSON(body []byte) error { - s, err := unmarshalBasicSettings(body) - if err != nil { - return err +// Creates a new instance of the SourceControlListPage type. +func NewSourceControlListPage(cur SourceControlList, getNextPage func(context.Context, SourceControlList) (SourceControlList, error)) SourceControlListPage { + return SourceControlListPage{ + fn: getNextPage, + scl: cur, } - sm.Value = s +} - return nil +// SourceControlProperties describes source control properties +type SourceControlProperties struct { + // ID - The id (a Guid) of the source control + ID *string `json:"id,omitempty"` + // DisplayName - The display name of the source control + DisplayName *string `json:"displayName,omitempty"` + // Description - A description of the source control + Description *string `json:"description,omitempty"` + // RepoType - The repository type of the source control. Possible values include: 'RepoTypeGithub', 'RepoTypeDevOps' + RepoType RepoType `json:"repoType,omitempty"` + // ContentTypes - Array of source control content types. + ContentTypes *[]ContentType `json:"contentTypes,omitempty"` + // Repository - Repository metadata. + Repository *Repository `json:"repository,omitempty"` } // SubmissionMailEntity represents a submission mail entity. type SubmissionMailEntity struct { // SubmissionMailEntityProperties - Submission mail entity properties *SubmissionMailEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for SubmissionMailEntity. @@ -17508,53 +21566,53 @@ func (sme SubmissionMailEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsAccountEntity() (*AccountEntity, bool) { +// AsURLEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsURLEntity() (*URLEntity, bool) { return nil, false } -// AsAzureResourceEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false +// AsSubmissionMailEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { + return &sme, true } -// AsCloudApplicationEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } @@ -17563,53 +21621,53 @@ func (sme SubmissionMailEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { - return &sme, true +// AsHuntingBookmark is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { + return nil, false } -// AsMalwareEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsURLEntity() (*URLEntity, bool) { +// AsAzureResourceEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { return nil, false } - -// AsIoTDeviceEntity is the BasicEntity implementation for SubmissionMailEntity. -func (sme SubmissionMailEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { + +// AsAccountEntity is the BasicEntity implementation for SubmissionMailEntity. +func (sme SubmissionMailEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } @@ -17641,6 +21699,15 @@ func (sme *SubmissionMailEntity) UnmarshalJSON(body []byte) error { } sme.SubmissionMailEntityProperties = &submissionMailEntityProperties } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + sme.Kind = kind + } case "id": if v != nil { var ID string @@ -17668,14 +21735,14 @@ func (sme *SubmissionMailEntity) UnmarshalJSON(body []byte) error { } sme.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - sme.Kind = kind + sme.SystemData = &systemData } } } @@ -17717,6 +21784,55 @@ func (smep SubmissionMailEntityProperties) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } +// SystemData metadata pertaining to creation and last modification of the resource. +type SystemData struct { + // CreatedBy - The identity that created the resource. + CreatedBy *string `json:"createdBy,omitempty"` + // CreatedByType - The type of identity that created the resource. Possible values include: 'CreatedByTypeUser', 'CreatedByTypeApplication', 'CreatedByTypeManagedIdentity', 'CreatedByTypeKey' + CreatedByType CreatedByType `json:"createdByType,omitempty"` + // CreatedAt - The timestamp of resource creation (UTC). + CreatedAt *date.Time `json:"createdAt,omitempty"` + // LastModifiedBy - The identity that last modified the resource. + LastModifiedBy *string `json:"lastModifiedBy,omitempty"` + // LastModifiedByType - The type of identity that last modified the resource. Possible values include: 'CreatedByTypeUser', 'CreatedByTypeApplication', 'CreatedByTypeManagedIdentity', 'CreatedByTypeKey' + LastModifiedByType CreatedByType `json:"lastModifiedByType,omitempty"` + // LastModifiedAt - The timestamp of resource last modification (UTC) + LastModifiedAt *date.Time `json:"lastModifiedAt,omitempty"` +} + +// TeamInformation describes team information +type TeamInformation struct { + autorest.Response `json:"-"` + // TeamID - READ-ONLY; Team ID + TeamID *string `json:"teamId,omitempty"` + // PrimaryChannelURL - READ-ONLY; The primary channel URL of the team + PrimaryChannelURL *string `json:"primaryChannelUrl,omitempty"` + // TeamCreationTimeUtc - READ-ONLY; The time the team was created + TeamCreationTimeUtc *date.Time `json:"teamCreationTimeUtc,omitempty"` + // Name - READ-ONLY; The name of the team + Name *string `json:"name,omitempty"` + // Description - READ-ONLY; The description of the team + Description *string `json:"description,omitempty"` +} + +// MarshalJSON is the custom marshaler for TeamInformation. +func (ti TeamInformation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) +} + +// TeamProperties describes team properties +type TeamProperties struct { + // TeamName - The name of the team + TeamName *string `json:"teamName,omitempty"` + // TeamDescription - The description of the team + TeamDescription *string `json:"teamDescription,omitempty"` + // MemberIds - List of member IDs to add to the team + MemberIds *[]uuid.UUID `json:"memberIds,omitempty"` + // GroupIds - List of group IDs to add their members to the team + GroupIds *[]uuid.UUID `json:"groupIds,omitempty"` +} + // ThreatIntelligence threatIntelligence property bag. type ThreatIntelligence struct { // Confidence - READ-ONLY; Confidence (must be between 0 and 1) @@ -17743,16 +21859,18 @@ func (ti ThreatIntelligence) MarshalJSON() ([]byte, error) { type ThreatIntelligenceAlertRule struct { // ThreatIntelligenceAlertRuleProperties - Threat Intelligence alert rule properties *ThreatIntelligenceAlertRuleProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled', 'KindBasicAlertRuleKindNRT' + Kind KindBasicAlertRule `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleKindAlertRule', 'KindBasicAlertRuleKindMLBehaviorAnalytics', 'KindBasicAlertRuleKindFusion', 'KindBasicAlertRuleKindThreatIntelligence', 'KindBasicAlertRuleKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleKindScheduled' - Kind KindBasicAlertRule `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for ThreatIntelligenceAlertRule. @@ -17762,12 +21880,12 @@ func (tiar ThreatIntelligenceAlertRule) MarshalJSON() ([]byte, error) { if tiar.ThreatIntelligenceAlertRuleProperties != nil { objectMap["properties"] = tiar.ThreatIntelligenceAlertRuleProperties } - if tiar.Etag != nil { - objectMap["etag"] = tiar.Etag - } if tiar.Kind != "" { objectMap["kind"] = tiar.Kind } + if tiar.Etag != nil { + objectMap["etag"] = tiar.Etag + } return json.Marshal(objectMap) } @@ -17796,6 +21914,11 @@ func (tiar ThreatIntelligenceAlertRule) AsScheduledAlertRule() (*ScheduledAlertR return nil, false } +// AsNrtAlertRule is the BasicAlertRule implementation for ThreatIntelligenceAlertRule. +func (tiar ThreatIntelligenceAlertRule) AsNrtAlertRule() (*NrtAlertRule, bool) { + return nil, false +} + // AsAlertRule is the BasicAlertRule implementation for ThreatIntelligenceAlertRule. func (tiar ThreatIntelligenceAlertRule) AsAlertRule() (*AlertRule, bool) { return nil, false @@ -17824,6 +21947,24 @@ func (tiar *ThreatIntelligenceAlertRule) UnmarshalJSON(body []byte) error { } tiar.ThreatIntelligenceAlertRuleProperties = &threatIntelligenceAlertRuleProperties } + case "kind": + if v != nil { + var kind KindBasicAlertRule + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + tiar.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + tiar.Etag = &etag + } case "id": if v != nil { var ID string @@ -17851,23 +21992,14 @@ func (tiar *ThreatIntelligenceAlertRule) UnmarshalJSON(body []byte) error { } tiar.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - tiar.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicAlertRule - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - tiar.Kind = kind + tiar.SystemData = &systemData } } } @@ -17909,14 +22041,16 @@ func (tiarp ThreatIntelligenceAlertRuleProperties) MarshalJSON() ([]byte, error) type ThreatIntelligenceAlertRuleTemplate struct { // ThreatIntelligenceAlertRuleTemplateProperties - Threat Intelligence alert rule template properties *ThreatIntelligenceAlertRuleTemplateProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled', 'KindBasicAlertRuleTemplateKindNRT' + Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindMLBehaviorAnalytics', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindThreatIntelligence', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' - Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for ThreatIntelligenceAlertRuleTemplate. @@ -17957,6 +22091,11 @@ func (tiart ThreatIntelligenceAlertRuleTemplate) AsScheduledAlertRuleTemplate() return nil, false } +// AsNrtAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ThreatIntelligenceAlertRuleTemplate. +func (tiart ThreatIntelligenceAlertRuleTemplate) AsNrtAlertRuleTemplate() (*NrtAlertRuleTemplate, bool) { + return nil, false +} + // AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ThreatIntelligenceAlertRuleTemplate. func (tiart ThreatIntelligenceAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { return nil, false @@ -17985,6 +22124,15 @@ func (tiart *ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON(body []byte) err } tiart.ThreatIntelligenceAlertRuleTemplateProperties = &threatIntelligenceAlertRuleTemplateProperties } + case "kind": + if v != nil { + var kind KindBasicAlertRuleTemplate + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + tiart.Kind = kind + } case "id": if v != nil { var ID string @@ -18012,14 +22160,14 @@ func (tiart *ThreatIntelligenceAlertRuleTemplate) UnmarshalJSON(body []byte) err } tiart.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicAlertRuleTemplate - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - tiart.Kind = kind + tiart.SystemData = &systemData } } } @@ -18132,7 +22280,7 @@ type ThreatIntelligenceFilteringCriteria struct { // IncludeDisabled - Parameter to include/exclude disabled indicators. IncludeDisabled *bool `json:"includeDisabled,omitempty"` // SortBy - Columns to sort by and sorting order - SortBy *[]ThreatIntelligenceSortingCriteria1 `json:"sortBy,omitempty"` + SortBy *[]ThreatIntelligenceSortingCriteria `json:"sortBy,omitempty"` // Sources - Sources of threat intelligence indicators Sources *[]string `json:"sources,omitempty"` // PatternTypes - Pattern types @@ -18161,12 +22309,6 @@ type ThreatIntelligenceGranularMarkingModel struct { type ThreatIntelligenceIndicatorModel struct { // ThreatIntelligenceIndicatorProperties - Threat Intelligence Entity properties *ThreatIntelligenceIndicatorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // Kind - Possible values include: 'KindBasicThreatIntelligenceInformationKindThreatIntelligenceInformation', 'KindBasicThreatIntelligenceInformationKindIndicator' @@ -18222,33 +22364,6 @@ func (tiim *ThreatIntelligenceIndicatorModel) UnmarshalJSON(body []byte) error { } tiim.ThreatIntelligenceIndicatorProperties = &threatIntelligenceIndicatorProperties } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - tiim.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - tiim.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - tiim.Type = &typeVar - } case "etag": if v != nil { var etag string @@ -18504,12 +22619,6 @@ type BasicThreatIntelligenceInformation interface { // ThreatIntelligenceInformation threat intelligence information object. type ThreatIntelligenceInformation struct { autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // Kind - Possible values include: 'KindBasicThreatIntelligenceInformationKindThreatIntelligenceInformation', 'KindBasicThreatIntelligenceInformationKindIndicator' @@ -18857,25 +22966,25 @@ type ThreatIntelligenceParsedPatternTypeValue struct { Value *string `json:"value,omitempty"` } -// ThreatIntelligenceResourceKind1 describes an entity with kind. -type ThreatIntelligenceResourceKind1 struct { +// ThreatIntelligenceResourceKind describes an entity with kind. +type ThreatIntelligenceResourceKind struct { // Kind - The kind of the entity. Kind *string `json:"kind,omitempty"` } -// ThreatIntelligenceSortingCriteria1 list of available columns for sorting -type ThreatIntelligenceSortingCriteria1 struct { +// ThreatIntelligenceSortingCriteria list of available columns for sorting +type ThreatIntelligenceSortingCriteria struct { // ItemKey - Column name ItemKey *string `json:"itemKey,omitempty"` - // SortOrder - Sorting order (ascending/descending/unsorted). Possible values include: 'ThreatIntelligenceSortingCriteriaUnsorted', 'ThreatIntelligenceSortingCriteriaAscending', 'ThreatIntelligenceSortingCriteriaDescending' - SortOrder ThreatIntelligenceSortingCriteria `json:"sortOrder,omitempty"` + // SortOrder - Sorting order (ascending/descending/unsorted). Possible values include: 'ThreatIntelligenceSortingCriteriaEnumUnsorted', 'ThreatIntelligenceSortingCriteriaEnumAscending', 'ThreatIntelligenceSortingCriteriaEnumDescending' + SortOrder ThreatIntelligenceSortingCriteriaEnum `json:"sortOrder,omitempty"` } // TICheckRequirements threat Intelligence Platforms data connector check requirements type TICheckRequirements struct { // TICheckRequirementsProperties - Threat Intelligence Platforms data connector check required properties *TICheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` } @@ -18902,16 +23011,6 @@ func (tcr TICheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequirements return nil, false } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements. -func (tcr TICheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return nil, false -} - -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements. -func (tcr TICheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false -} - // AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements. func (tcr TICheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false @@ -18922,6 +23021,11 @@ func (tcr TICheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsCloudTrai return nil, false } +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements. +func (tcr TICheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { + return nil, false +} + // AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements. func (tcr TICheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false @@ -18937,11 +23041,26 @@ func (tcr TICheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequiremen return nil, false } +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements. +func (tcr TICheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { + return nil, false +} + +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements. +func (tcr TICheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { + return nil, false +} + // AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements. func (tcr TICheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements. +func (tcr TICheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { + return nil, false +} + // AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TICheckRequirements. func (tcr TICheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return &tcr, true @@ -19001,20 +23120,22 @@ type TICheckRequirementsProperties struct { TenantID *string `json:"tenantId,omitempty"` } -// TIDataConnector data connector to pull threat intelligence data from TIP products. +// TIDataConnector represents threat intelligence data connector. type TIDataConnector struct { - // TIDataConnectorProperties - Threat Intelligence Platforms data connector properties. + // TIDataConnectorProperties - TI (Threat Intelligence) data connector properties. *TIDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for TIDataConnector. @@ -19024,12 +23145,12 @@ func (tdc TIDataConnector) MarshalJSON() ([]byte, error) { if tdc.TIDataConnectorProperties != nil { objectMap["properties"] = tdc.TIDataConnectorProperties } - if tdc.Etag != nil { - objectMap["etag"] = tdc.Etag - } if tdc.Kind != "" { objectMap["kind"] = tdc.Kind } + if tdc.Etag != nil { + objectMap["etag"] = tdc.Etag + } return json.Marshal(objectMap) } @@ -19038,11 +23159,6 @@ func (tdc TIDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsAATPDataConnector is the BasicDataConnector implementation for TIDataConnector. -func (tdc TIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - // AsMSTIDataConnector is the BasicDataConnector implementation for TIDataConnector. func (tdc TIDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false @@ -19053,6 +23169,11 @@ func (tdc TIDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) { return nil, false } +// AsAATPDataConnector is the BasicDataConnector implementation for TIDataConnector. +func (tdc TIDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false +} + // AsASCDataConnector is the BasicDataConnector implementation for TIDataConnector. func (tdc TIDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false @@ -19063,8 +23184,8 @@ func (tdc TIDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataCon return nil, false } -// AsDynamics365DataConnector is the BasicDataConnector implementation for TIDataConnector. -func (tdc TIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for TIDataConnector. +func (tdc TIDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } @@ -19073,8 +23194,8 @@ func (tdc TIDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for TIDataConnector. -func (tdc TIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for TIDataConnector. +func (tdc TIDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } @@ -19083,6 +23204,16 @@ func (tdc TIDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConnector, return nil, false } +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for TIDataConnector. +func (tdc TIDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for TIDataConnector. +func (tdc TIDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + // AsOfficeDataConnector is the BasicDataConnector implementation for TIDataConnector. func (tdc TIDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false @@ -19098,6 +23229,16 @@ func (tdc TIDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector, bool return nil, false } +// AsCodelessUIDataConnector is the BasicDataConnector implementation for TIDataConnector. +func (tdc TIDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return nil, false +} + +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for TIDataConnector. +func (tdc TIDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return nil, false +} + // AsDataConnector is the BasicDataConnector implementation for TIDataConnector. func (tdc TIDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false @@ -19126,6 +23267,24 @@ func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error { } tdc.TIDataConnectorProperties = &tIDataConnectorProperties } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + tdc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + tdc.Etag = &etag + } case "id": if v != nil { var ID string @@ -19153,23 +23312,14 @@ func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error { } tdc.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - tdc.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - tdc.Kind = kind + tdc.SystemData = &systemData } } } @@ -19177,13 +23327,13 @@ func (tdc *TIDataConnector) UnmarshalJSON(body []byte) error { return nil } -// TIDataConnectorDataTypes the available data types for Threat Intelligence Platforms data connector. +// TIDataConnectorDataTypes the available data types for TI (Threat Intelligence) data connector. type TIDataConnectorDataTypes struct { - // Indicators - Data type for Threat Intelligence Platforms data connector. + // Indicators - Data type for indicators connection. Indicators *TIDataConnectorDataTypesIndicators `json:"indicators,omitempty"` } -// TIDataConnectorDataTypesIndicators data type for Threat Intelligence Platforms data connector. +// TIDataConnectorDataTypesIndicators data type for indicators connection. type TIDataConnectorDataTypesIndicators struct { // State - Describe whether this data type connection is enabled or not. Possible values include: 'DataTypeStateEnabled', 'DataTypeStateDisabled' State DataTypeState `json:"state,omitempty"` @@ -19191,12 +23341,12 @@ type TIDataConnectorDataTypesIndicators struct { // TIDataConnectorProperties TI (Threat Intelligence) data connector properties. type TIDataConnectorProperties struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` // TipLookbackPeriod - The lookback period for the feed to be imported. TipLookbackPeriod *date.Time `json:"tipLookbackPeriod,omitempty"` // DataTypes - The available data types for the connector. DataTypes *TIDataConnectorDataTypes `json:"dataTypes,omitempty"` + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` } // TimelineAggregation timeline aggregation information per kind @@ -19231,7 +23381,7 @@ type TimelineResultsMetadata struct { type TiTaxiiCheckRequirements struct { // TiTaxiiCheckRequirementsProperties - Threat Intelligence TAXII check required properties. *TiTaxiiCheckRequirementsProperties `json:"properties,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' + // Kind - Possible values include: 'KindBasicDataConnectorsCheckRequirementsKindDataConnectorsCheckRequirements', 'KindBasicDataConnectorsCheckRequirementsKindAzureActiveDirectory', 'KindBasicDataConnectorsCheckRequirementsKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindAzureSecurityCenter', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorsCheckRequirementsKindAmazonWebServicesS3', 'KindBasicDataConnectorsCheckRequirementsKindDynamics365', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindMicrosoftThreatProtection', 'KindBasicDataConnectorsCheckRequirementsKindOfficeATP', 'KindBasicDataConnectorsCheckRequirementsKindOfficeIRM', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligence', 'KindBasicDataConnectorsCheckRequirementsKindThreatIntelligenceTaxii' Kind KindBasicDataConnectorsCheckRequirements `json:"kind,omitempty"` } @@ -19258,16 +23408,6 @@ func (ttcr TiTaxiiCheckRequirements) AsAATPCheckRequirements() (*AATPCheckRequir return nil, false } -// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements. -func (ttcr TiTaxiiCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { - return nil, false -} - -// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements. -func (ttcr TiTaxiiCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { - return nil, false -} - // AsASCCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements. func (ttcr TiTaxiiCheckRequirements) AsASCCheckRequirements() (*ASCCheckRequirements, bool) { return nil, false @@ -19278,6 +23418,11 @@ func (ttcr TiTaxiiCheckRequirements) AsAwsCloudTrailCheckRequirements() (*AwsClo return nil, false } +// AsAwsS3CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements. +func (ttcr TiTaxiiCheckRequirements) AsAwsS3CheckRequirements() (*AwsS3CheckRequirements, bool) { + return nil, false +} + // AsDynamics365CheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements. func (ttcr TiTaxiiCheckRequirements) AsDynamics365CheckRequirements() (*Dynamics365CheckRequirements, bool) { return nil, false @@ -19293,11 +23438,26 @@ func (ttcr TiTaxiiCheckRequirements) AsMDATPCheckRequirements() (*MDATPCheckRequ return nil, false } +// AsMSTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements. +func (ttcr TiTaxiiCheckRequirements) AsMSTICheckRequirements() (*MSTICheckRequirements, bool) { + return nil, false +} + +// AsMtpCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements. +func (ttcr TiTaxiiCheckRequirements) AsMtpCheckRequirements() (*MtpCheckRequirements, bool) { + return nil, false +} + // AsOfficeATPCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements. func (ttcr TiTaxiiCheckRequirements) AsOfficeATPCheckRequirements() (*OfficeATPCheckRequirements, bool) { return nil, false } +// AsOfficeIRMCheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements. +func (ttcr TiTaxiiCheckRequirements) AsOfficeIRMCheckRequirements() (*OfficeIRMCheckRequirements, bool) { + return nil, false +} + // AsTICheckRequirements is the BasicDataConnectorsCheckRequirements implementation for TiTaxiiCheckRequirements. func (ttcr TiTaxiiCheckRequirements) AsTICheckRequirements() (*TICheckRequirements, bool) { return nil, false @@ -19361,16 +23521,18 @@ type TiTaxiiCheckRequirementsProperties struct { type TiTaxiiDataConnector struct { // TiTaxiiDataConnectorProperties - Threat intelligence TAXII data connector properties. *TiTaxiiDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` + // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindAmazonWebServicesS3', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOfficeIRM', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii', 'KindBasicDataConnectorKindGenericUI', 'KindBasicDataConnectorKindAPIPolling' + Kind KindBasicDataConnector `json:"kind,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicDataConnectorKindDataConnector', 'KindBasicDataConnectorKindAzureActiveDirectory', 'KindBasicDataConnectorKindAzureAdvancedThreatProtection', 'KindBasicDataConnectorKindMicrosoftThreatIntelligence', 'KindBasicDataConnectorKindMicrosoftThreatProtection', 'KindBasicDataConnectorKindAzureSecurityCenter', 'KindBasicDataConnectorKindAmazonWebServicesCloudTrail', 'KindBasicDataConnectorKindDynamics365', 'KindBasicDataConnectorKindMicrosoftCloudAppSecurity', 'KindBasicDataConnectorKindMicrosoftDefenderAdvancedThreatProtection', 'KindBasicDataConnectorKindOfficeATP', 'KindBasicDataConnectorKindOffice365', 'KindBasicDataConnectorKindThreatIntelligence', 'KindBasicDataConnectorKindThreatIntelligenceTaxii' - Kind KindBasicDataConnector `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for TiTaxiiDataConnector. @@ -19380,12 +23542,12 @@ func (ttdc TiTaxiiDataConnector) MarshalJSON() ([]byte, error) { if ttdc.TiTaxiiDataConnectorProperties != nil { objectMap["properties"] = ttdc.TiTaxiiDataConnectorProperties } - if ttdc.Etag != nil { - objectMap["etag"] = ttdc.Etag - } if ttdc.Kind != "" { objectMap["kind"] = ttdc.Kind } + if ttdc.Etag != nil { + objectMap["etag"] = ttdc.Etag + } return json.Marshal(objectMap) } @@ -19394,11 +23556,6 @@ func (ttdc TiTaxiiDataConnector) AsAADDataConnector() (*AADDataConnector, bool) return nil, false } -// AsAATPDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. -func (ttdc TiTaxiiDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - // AsMSTIDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. func (ttdc TiTaxiiDataConnector) AsMSTIDataConnector() (*MSTIDataConnector, bool) { return nil, false @@ -19409,6 +23566,11 @@ func (ttdc TiTaxiiDataConnector) AsMTPDataConnector() (*MTPDataConnector, bool) return nil, false } +// AsAATPDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. +func (ttdc TiTaxiiDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false +} + // AsASCDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. func (ttdc TiTaxiiDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false @@ -19419,8 +23581,8 @@ func (ttdc TiTaxiiDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailD return nil, false } -// AsDynamics365DataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. -func (ttdc TiTaxiiDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { +// AsAwsS3DataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. +func (ttdc TiTaxiiDataConnector) AsAwsS3DataConnector() (*AwsS3DataConnector, bool) { return nil, false } @@ -19429,8 +23591,8 @@ func (ttdc TiTaxiiDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool return nil, false } -// AsMDATPDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. -func (ttdc TiTaxiiDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { +// AsDynamics365DataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. +func (ttdc TiTaxiiDataConnector) AsDynamics365DataConnector() (*Dynamics365DataConnector, bool) { return nil, false } @@ -19439,6 +23601,16 @@ func (ttdc TiTaxiiDataConnector) AsOfficeATPDataConnector() (*OfficeATPDataConne return nil, false } +// AsOfficeIRMDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. +func (ttdc TiTaxiiDataConnector) AsOfficeIRMDataConnector() (*OfficeIRMDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. +func (ttdc TiTaxiiDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + // AsOfficeDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. func (ttdc TiTaxiiDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false @@ -19454,6 +23626,16 @@ func (ttdc TiTaxiiDataConnector) AsTiTaxiiDataConnector() (*TiTaxiiDataConnector return &ttdc, true } +// AsCodelessUIDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. +func (ttdc TiTaxiiDataConnector) AsCodelessUIDataConnector() (*CodelessUIDataConnector, bool) { + return nil, false +} + +// AsCodelessAPIPollingDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. +func (ttdc TiTaxiiDataConnector) AsCodelessAPIPollingDataConnector() (*CodelessAPIPollingDataConnector, bool) { + return nil, false +} + // AsDataConnector is the BasicDataConnector implementation for TiTaxiiDataConnector. func (ttdc TiTaxiiDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false @@ -19482,6 +23664,24 @@ func (ttdc *TiTaxiiDataConnector) UnmarshalJSON(body []byte) error { } ttdc.TiTaxiiDataConnectorProperties = &tiTaxiiDataConnectorProperties } + case "kind": + if v != nil { + var kind KindBasicDataConnector + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + ttdc.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + ttdc.Etag = &etag + } case "id": if v != nil { var ID string @@ -19509,23 +23709,14 @@ func (ttdc *TiTaxiiDataConnector) UnmarshalJSON(body []byte) error { } ttdc.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - ttdc.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - ttdc.Kind = kind + ttdc.SystemData = &systemData } } } @@ -19569,20 +23760,51 @@ type TiTaxiiDataConnectorProperties struct { TenantID *string `json:"tenantId,omitempty"` } +// TrackedResource the resource model definition for an Azure Resource Manager tracked top level resource +// which has 'tags' and a 'location' +type TrackedResource struct { + // Tags - Resource tags. + Tags map[string]*string `json:"tags"` + // Location - The geo-location where the resource lives + Location *string `json:"location,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; The name of the resource + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" + Type *string `json:"type,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` +} + +// MarshalJSON is the custom marshaler for TrackedResource. +func (tr TrackedResource) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if tr.Tags != nil { + objectMap["tags"] = tr.Tags + } + if tr.Location != nil { + objectMap["location"] = tr.Location + } + return json.Marshal(objectMap) +} + // Ueba settings with single toggle. type Ueba struct { // UebaProperties - Ueba properties *UebaProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindAnomalies', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' + Kind KindBasicSettings `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindBasicSettingsKindSettings', 'KindBasicSettingsKindIPSyncer', 'KindBasicSettingsKindEyesOn', 'KindBasicSettingsKindEntityAnalytics', 'KindBasicSettingsKindUeba' - Kind KindBasicSettings `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for Ueba. @@ -19592,17 +23814,17 @@ func (u Ueba) MarshalJSON() ([]byte, error) { if u.UebaProperties != nil { objectMap["properties"] = u.UebaProperties } - if u.Etag != nil { - objectMap["etag"] = u.Etag - } if u.Kind != "" { objectMap["kind"] = u.Kind } + if u.Etag != nil { + objectMap["etag"] = u.Etag + } return json.Marshal(objectMap) } -// AsIPSyncer is the BasicSettings implementation for Ueba. -func (u Ueba) AsIPSyncer() (*IPSyncer, bool) { +// AsAnomalies is the BasicSettings implementation for Ueba. +func (u Ueba) AsAnomalies() (*Anomalies, bool) { return nil, false } @@ -19649,6 +23871,24 @@ func (u *Ueba) UnmarshalJSON(body []byte) error { } u.UebaProperties = &uebaProperties } + case "kind": + if v != nil { + var kind KindBasicSettings + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + u.Kind = kind + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + u.Etag = &etag + } case "id": if v != nil { var ID string @@ -19676,23 +23916,14 @@ func (u *Ueba) UnmarshalJSON(body []byte) error { } u.Type = &typeVar } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - u.Etag = &etag - } - case "kind": + case "systemData": if v != nil { - var kind KindBasicSettings - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - u.Kind = kind + u.SystemData = &systemData } } } @@ -19710,14 +23941,16 @@ type UebaProperties struct { type URLEntity struct { // URLEntityProperties - Url entity properties *URLEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindURL', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindProcess', 'KindBasicEntityKindMalware', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindIP', 'KindBasicEntityKindIoTDevice', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindHost', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindFile', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindAccount' + Kind KindBasicEntity `json:"kind,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicEntityKindEntity', 'KindBasicEntityKindAccount', 'KindBasicEntityKindAzureResource', 'KindBasicEntityKindCloudApplication', 'KindBasicEntityKindDNSResolution', 'KindBasicEntityKindFile', 'KindBasicEntityKindFileHash', 'KindBasicEntityKindHost', 'KindBasicEntityKindBookmark', 'KindBasicEntityKindSecurityAlert', 'KindBasicEntityKindIP', 'KindBasicEntityKindMailbox', 'KindBasicEntityKindMailCluster', 'KindBasicEntityKindMailMessage', 'KindBasicEntityKindSubmissionMail', 'KindBasicEntityKindMalware', 'KindBasicEntityKindProcess', 'KindBasicEntityKindRegistryKey', 'KindBasicEntityKindRegistryValue', 'KindBasicEntityKindSecurityGroup', 'KindBasicEntityKindURL', 'KindBasicEntityKindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for URLEntity. @@ -19733,53 +23966,53 @@ func (ue URLEntity) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false +// AsURLEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsURLEntity() (*URLEntity, bool) { + return &ue, true } -// AsAzureResourceEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { +// AsSubmissionMailEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { return nil, false } -// AsCloudApplicationEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { +// AsSecurityGroupEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { return nil, false } -// AsDNSEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsDNSEntity() (*DNSEntity, bool) { +// AsSecurityAlert is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsSecurityAlert() (*SecurityAlert, bool) { return nil, false } -// AsFileEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsFileEntity() (*FileEntity, bool) { +// AsRegistryValueEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { return nil, false } -// AsFileHashEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsFileHashEntity() (*FileHashEntity, bool) { +// AsRegistryKeyEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { return nil, false } -// AsHostEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsHostEntity() (*HostEntity, bool) { +// AsProcessEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsProcessEntity() (*ProcessEntity, bool) { return nil, false } -// AsHuntingBookmark is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { +// AsMalwareEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsMalwareEntity() (*MalwareEntity, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMailMessageEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { return nil, false } -// AsIPEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsIPEntity() (*IPEntity, bool) { +// AsMailClusterEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { return nil, false } @@ -19788,53 +24021,53 @@ func (ue URLEntity) AsMailboxEntity() (*MailboxEntity, bool) { return nil, false } -// AsMailClusterEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsMailClusterEntity() (*MailClusterEntity, bool) { +// AsIPEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsIPEntity() (*IPEntity, bool) { return nil, false } -// AsMailMessageEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsMailMessageEntity() (*MailMessageEntity, bool) { +// AsIoTDeviceEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { return nil, false } -// AsSubmissionMailEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsSubmissionMailEntity() (*SubmissionMailEntity, bool) { +// AsHuntingBookmark is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsHuntingBookmark() (*HuntingBookmark, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsHostEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsHostEntity() (*HostEntity, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsFileHashEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsFileHashEntity() (*FileHashEntity, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsFileEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsFileEntity() (*FileEntity, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsDNSEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsDNSEntity() (*DNSEntity, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsCloudApplicationEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsURLEntity() (*URLEntity, bool) { - return &ue, true +// AsAzureResourceEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { + return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsAccountEntity is the BasicEntity implementation for URLEntity. +func (ue URLEntity) AsAccountEntity() (*AccountEntity, bool) { return nil, false } @@ -19866,6 +24099,15 @@ func (ue *URLEntity) UnmarshalJSON(body []byte) error { } ue.URLEntityProperties = &URLEntityProperties } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + ue.Kind = kind + } case "id": if v != nil { var ID string @@ -19893,14 +24135,14 @@ func (ue *URLEntity) UnmarshalJSON(body []byte) error { } ue.Type = &typeVar } - case "kind": + case "systemData": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - ue.Kind = kind + ue.SystemData = &systemData } } } @@ -19948,14 +24190,16 @@ type Watchlist struct { autorest.Response `json:"-"` // WatchlistProperties - Watchlist properties *WatchlistProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for Watchlist. @@ -19988,6 +24232,15 @@ func (w *Watchlist) UnmarshalJSON(body []byte) error { } w.WatchlistProperties = &watchlistProperties } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + w.Etag = &etag + } case "id": if v != nil { var ID string @@ -20015,14 +24268,14 @@ func (w *Watchlist) UnmarshalJSON(body []byte) error { } w.Type = &typeVar } - case "etag": + case "systemData": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - w.Etag = &etag + w.SystemData = &systemData } } } @@ -20035,14 +24288,16 @@ type WatchlistItem struct { autorest.Response `json:"-"` // WatchlistItemProperties - Watchlist Item properties *WatchlistItemProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // ID - READ-ONLY; Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name + // Name - READ-ONLY; The name of the resource Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type + // Type - READ-ONLY; The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` + // SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information. + SystemData *SystemData `json:"systemData,omitempty"` } // MarshalJSON is the custom marshaler for WatchlistItem. @@ -20075,6 +24330,15 @@ func (wi *WatchlistItem) UnmarshalJSON(body []byte) error { } wi.WatchlistItemProperties = &watchlistItemProperties } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + wi.Etag = &etag + } case "id": if v != nil { var ID string @@ -20102,14 +24366,14 @@ func (wi *WatchlistItem) UnmarshalJSON(body []byte) error { } wi.Type = &typeVar } - case "etag": + case "systemData": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var systemData SystemData + err = json.Unmarshal(*v, &systemData) if err != nil { return err } - wi.Etag = &etag + wi.SystemData = &systemData } } } @@ -20513,6 +24777,8 @@ type WatchlistProperties struct { NumberOfLinesToSkip *int32 `json:"numberOfLinesToSkip,omitempty"` // RawContent - The raw content that represents to watchlist items to create. In case of csv/tsv content type, it's the content of the file that will parsed by the endpoint RawContent *string `json:"rawContent,omitempty"` + // ItemsSearchKey - The search key is used to optimize query performance when using watchlists for joins with other data. For example, enable a column with IP addresses to be the designated SearchKey field, then use this field as the key field when joining to other event data by IP address. + ItemsSearchKey *string `json:"itemsSearchKey,omitempty"` // ContentType - The content type of the raw content. Example : text/csv or text/tsv ContentType *string `json:"contentType,omitempty"` // UploadStatus - The status of the Watchlist upload : New, InProgress or Complete. Pls note : When a Watchlist upload status is equal to InProgress, the Watchlist cannot be deleted diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/officeconsents.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/officeconsents.go similarity index 71% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/officeconsents.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/officeconsents.go index b8575394daf9..5a9bc7015d40 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/officeconsents.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/officeconsents.go @@ -33,13 +33,10 @@ func NewOfficeConsentsClientWithBaseURI(baseURI string, subscriptionID string) O // Delete delete the office365 consent. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // consentID - consent ID -func (client OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (result autorest.Response, err error) { +func (client OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, consentID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentsClient.Delete") defer func() { @@ -52,18 +49,17 @@ func (client OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.OfficeConsentsClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, consentID) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, consentID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "Delete", nil, "Failure preparing request") return @@ -86,16 +82,15 @@ func (client OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName } // DeletePreparer prepares the Delete request. -func (client OfficeConsentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (*http.Request, error) { +func (client OfficeConsentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, consentID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "consentId": autorest.Encode("path", consentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "consentId": autorest.Encode("path", consentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -103,7 +98,7 @@ func (client OfficeConsentsClient) DeletePreparer(ctx context.Context, resourceG preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -127,13 +122,10 @@ func (client OfficeConsentsClient) DeleteResponder(resp *http.Response) (result // Get gets an office365 consent. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // consentID - consent ID -func (client OfficeConsentsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (result OfficeConsent, err error) { +func (client OfficeConsentsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, consentID string) (result OfficeConsent, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentsClient.Get") defer func() { @@ -146,18 +138,17 @@ func (client OfficeConsentsClient) Get(ctx context.Context, resourceGroupName st } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.OfficeConsentsClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, consentID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, consentID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "Get", nil, "Failure preparing request") return @@ -180,16 +171,15 @@ func (client OfficeConsentsClient) Get(ctx context.Context, resourceGroupName st } // GetPreparer prepares the Get request. -func (client OfficeConsentsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (*http.Request, error) { +func (client OfficeConsentsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, consentID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "consentId": autorest.Encode("path", consentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "consentId": autorest.Encode("path", consentID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -197,7 +187,7 @@ func (client OfficeConsentsClient) GetPreparer(ctx context.Context, resourceGrou preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -222,12 +212,9 @@ func (client OfficeConsentsClient) GetResponder(resp *http.Response) (result Off // List gets all office365 consents. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result OfficeConsentListPage, err error) { +func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result OfficeConsentListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentsClient.List") defer func() { @@ -240,11 +227,10 @@ func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName s } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -252,7 +238,7 @@ func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName s } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "List", nil, "Failure preparing request") return @@ -279,15 +265,14 @@ func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName s } // ListPreparer prepares the List request. -func (client OfficeConsentsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client OfficeConsentsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -295,7 +280,7 @@ func (client OfficeConsentsClient) ListPreparer(ctx context.Context, resourceGro preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -340,7 +325,7 @@ func (client OfficeConsentsClient) listNextResults(ctx context.Context, lastResu } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client OfficeConsentsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result OfficeConsentListIterator, err error) { +func (client OfficeConsentsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result OfficeConsentListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentsClient.List") defer func() { @@ -351,6 +336,6 @@ func (client OfficeConsentsClient) ListComplete(ctx context.Context, resourceGro tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + result.page, err = client.List(ctx, resourceGroupName, workspaceName) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/operations.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/operations.go similarity index 99% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/operations.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/operations.go index 35f142aad7e8..330509e20c78 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/operations.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/operations.go @@ -71,7 +71,7 @@ func (client OperationsClient) List(ctx context.Context) (result OperationsListP // ListPreparer prepares the List request. func (client OperationsClient) ListPreparer(ctx context.Context) (*http.Request, error) { - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/productsettings.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/productsettings.go similarity index 62% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/productsettings.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/productsettings.go index 41545d1e164e..99141117b03e 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/productsettings.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/productsettings.go @@ -33,13 +33,10 @@ func NewProductSettingsClientWithBaseURI(baseURI string, subscriptionID string) // Delete delete setting of the product. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -// settingsName - the setting name. Supports - EyesOn, EntityAnalytics, Ueba -func (client ProductSettingsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string) (result autorest.Response, err error) { +// settingsName - the setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba +func (client ProductSettingsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ProductSettingsClient.Delete") defer func() { @@ -52,18 +49,17 @@ func (client ProductSettingsClient) Delete(ctx context.Context, resourceGroupNam } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ProductSettingsClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, settingsName) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, settingsName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "Delete", nil, "Failure preparing request") return @@ -86,16 +82,15 @@ func (client ProductSettingsClient) Delete(ctx context.Context, resourceGroupNam } // DeletePreparer prepares the Delete request. -func (client ProductSettingsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string) (*http.Request, error) { +func (client ProductSettingsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "settingsName": autorest.Encode("path", settingsName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "settingsName": autorest.Encode("path", settingsName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -103,7 +98,7 @@ func (client ProductSettingsClient) DeletePreparer(ctx context.Context, resource preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -127,13 +122,10 @@ func (client ProductSettingsClient) DeleteResponder(resp *http.Response) (result // Get gets a setting. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -// settingsName - the setting name. Supports - EyesOn, EntityAnalytics, Ueba -func (client ProductSettingsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string) (result SettingsModel, err error) { +// settingsName - the setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba +func (client ProductSettingsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string) (result SettingsModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ProductSettingsClient.Get") defer func() { @@ -146,18 +138,17 @@ func (client ProductSettingsClient) Get(ctx context.Context, resourceGroupName s } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ProductSettingsClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, settingsName) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, settingsName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "Get", nil, "Failure preparing request") return @@ -180,16 +171,15 @@ func (client ProductSettingsClient) Get(ctx context.Context, resourceGroupName s } // GetPreparer prepares the Get request. -func (client ProductSettingsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string) (*http.Request, error) { +func (client ProductSettingsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "settingsName": autorest.Encode("path", settingsName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "settingsName": autorest.Encode("path", settingsName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -197,7 +187,7 @@ func (client ProductSettingsClient) GetPreparer(ctx context.Context, resourceGro preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -220,16 +210,13 @@ func (client ProductSettingsClient) GetResponder(resp *http.Response) (result Se return } -// GetAll list of all the settings +// List list of all the settings // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -func (client ProductSettingsClient) GetAll(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result SettingList, err error) { +func (client ProductSettingsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SettingList, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ProductSettingsClient.GetAll") + ctx = tracing.StartSpan(ctx, fqdn+"/ProductSettingsClient.List") defer func() { sc := -1 if result.Response.Response != nil { @@ -240,49 +227,47 @@ func (client ProductSettingsClient) GetAll(ctx context.Context, resourceGroupNam } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.ProductSettingsClient", "GetAll", err.Error()) + return result, validation.NewError("securityinsight.ProductSettingsClient", "List", err.Error()) } - req, err := client.GetAllPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "GetAll", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "List", nil, "Failure preparing request") return } - resp, err := client.GetAllSender(req) + resp, err := client.ListSender(req) if err != nil { result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "GetAll", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "List", resp, "Failure sending request") return } - result, err = client.GetAllResponder(resp) + result, err = client.ListResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "GetAll", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "List", resp, "Failure responding to request") return } return } -// GetAllPreparer prepares the GetAll request. -func (client ProductSettingsClient) GetAllPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +// ListPreparer prepares the List request. +func (client ProductSettingsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -290,20 +275,20 @@ func (client ProductSettingsClient) GetAllPreparer(ctx context.Context, resource preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// GetAllSender sends the GetAll request. The method will close the +// ListSender sends the List request. The method will close the // http.Response Body if it receives an error. -func (client ProductSettingsClient) GetAllSender(req *http.Request) (*http.Response, error) { +func (client ProductSettingsClient) ListSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// GetAllResponder handles the response to the GetAll request. The method always +// ListResponder handles the response to the List request. The method always // closes the http.Response Body. -func (client ProductSettingsClient) GetAllResponder(resp *http.Response) (result SettingList, err error) { +func (client ProductSettingsClient) ListResponder(resp *http.Response) (result SettingList, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK), @@ -315,14 +300,11 @@ func (client ProductSettingsClient) GetAllResponder(resp *http.Response) (result // Update updates setting. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -// settingsName - the setting name. Supports - EyesOn, EntityAnalytics, Ueba +// settingsName - the setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba // settings - the setting -func (client ProductSettingsClient) Update(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string, settings BasicSettings) (result SettingsModel, err error) { +func (client ProductSettingsClient) Update(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, settings BasicSettings) (result SettingsModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ProductSettingsClient.Update") defer func() { @@ -335,18 +317,17 @@ func (client ProductSettingsClient) Update(ctx context.Context, resourceGroupNam } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ProductSettingsClient", "Update", err.Error()) } - req, err := client.UpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, settingsName, settings) + req, err := client.UpdatePreparer(ctx, resourceGroupName, workspaceName, settingsName, settings) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "Update", nil, "Failure preparing request") return @@ -369,16 +350,15 @@ func (client ProductSettingsClient) Update(ctx context.Context, resourceGroupNam } // UpdatePreparer prepares the Update request. -func (client ProductSettingsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string, settings BasicSettings) (*http.Request, error) { +func (client ProductSettingsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, settingsName string, settings BasicSettings) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "settingsName": autorest.Encode("path", settingsName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "settingsName": autorest.Encode("path", settingsName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -387,7 +367,7 @@ func (client ProductSettingsClient) UpdatePreparer(ctx context.Context, resource autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", pathParameters), autorest.WithJSON(settings), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/sentinelonboardingstates.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/sentinelonboardingstates.go new file mode 100644 index 000000000000..b17265087b8d --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/sentinelonboardingstates.go @@ -0,0 +1,397 @@ +package securityinsight + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// SentinelOnboardingStatesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource +// provider +type SentinelOnboardingStatesClient struct { + BaseClient +} + +// NewSentinelOnboardingStatesClient creates an instance of the SentinelOnboardingStatesClient client. +func NewSentinelOnboardingStatesClient(subscriptionID string) SentinelOnboardingStatesClient { + return NewSentinelOnboardingStatesClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewSentinelOnboardingStatesClientWithBaseURI creates an instance of the SentinelOnboardingStatesClient client using +// a custom endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign +// clouds, Azure stack). +func NewSentinelOnboardingStatesClientWithBaseURI(baseURI string, subscriptionID string) SentinelOnboardingStatesClient { + return SentinelOnboardingStatesClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// Create create Sentinel onboarding state +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// sentinelOnboardingStateName - the Sentinel onboarding state name. Supports - default +// sentinelOnboardingStateParameter - the Sentinel onboarding state parameter +func (client SentinelOnboardingStatesClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string, sentinelOnboardingStateParameter *SentinelOnboardingState) (result SentinelOnboardingState, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SentinelOnboardingStatesClient.Create") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.SentinelOnboardingStatesClient", "Create", err.Error()) + } + + req, err := client.CreatePreparer(ctx, resourceGroupName, workspaceName, sentinelOnboardingStateName, sentinelOnboardingStateParameter) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "Create", nil, "Failure preparing request") + return + } + + resp, err := client.CreateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "Create", resp, "Failure sending request") + return + } + + result, err = client.CreateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "Create", resp, "Failure responding to request") + return + } + + return +} + +// CreatePreparer prepares the Create request. +func (client SentinelOnboardingStatesClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string, sentinelOnboardingStateParameter *SentinelOnboardingState) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "sentinelOnboardingStateName": autorest.Encode("path", sentinelOnboardingStateName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates/{sentinelOnboardingStateName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + if sentinelOnboardingStateParameter != nil { + preparer = autorest.DecoratePreparer(preparer, + autorest.WithJSON(sentinelOnboardingStateParameter)) + } + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateSender sends the Create request. The method will close the +// http.Response Body if it receives an error. +func (client SentinelOnboardingStatesClient) CreateSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// CreateResponder handles the response to the Create request. The method always +// closes the http.Response Body. +func (client SentinelOnboardingStatesClient) CreateResponder(resp *http.Response) (result SentinelOnboardingState, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Delete delete Sentinel onboarding state +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// sentinelOnboardingStateName - the Sentinel onboarding state name. Supports - default +func (client SentinelOnboardingStatesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string) (result autorest.Response, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SentinelOnboardingStatesClient.Delete") + defer func() { + sc := -1 + if result.Response != nil { + sc = result.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.SentinelOnboardingStatesClient", "Delete", err.Error()) + } + + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, sentinelOnboardingStateName) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "Delete", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "Delete", resp, "Failure sending request") + return + } + + result, err = client.DeleteResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "Delete", resp, "Failure responding to request") + return + } + + return +} + +// DeletePreparer prepares the Delete request. +func (client SentinelOnboardingStatesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "sentinelOnboardingStateName": autorest.Encode("path", sentinelOnboardingStateName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates/{sentinelOnboardingStateName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteSender sends the Delete request. The method will close the +// http.Response Body if it receives an error. +func (client SentinelOnboardingStatesClient) DeleteSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// DeleteResponder handles the response to the Delete request. The method always +// closes the http.Response Body. +func (client SentinelOnboardingStatesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// Get get Sentinel onboarding state +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// sentinelOnboardingStateName - the Sentinel onboarding state name. Supports - default +func (client SentinelOnboardingStatesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string) (result SentinelOnboardingState, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SentinelOnboardingStatesClient.Get") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.SentinelOnboardingStatesClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, sentinelOnboardingStateName) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "Get", resp, "Failure responding to request") + return + } + + return +} + +// GetPreparer prepares the Get request. +func (client SentinelOnboardingStatesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, sentinelOnboardingStateName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "sentinelOnboardingStateName": autorest.Encode("path", sentinelOnboardingStateName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates/{sentinelOnboardingStateName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client SentinelOnboardingStatesClient) GetSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client SentinelOnboardingStatesClient) GetResponder(resp *http.Response) (result SentinelOnboardingState, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// List gets all Sentinel onboarding states +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +func (client SentinelOnboardingStatesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SentinelOnboardingStatesList, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SentinelOnboardingStatesClient.List") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.SentinelOnboardingStatesClient", "List", err.Error()) + } + + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "List", resp, "Failure sending request") + return + } + + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SentinelOnboardingStatesClient", "List", resp, "Failure responding to request") + return + } + + return +} + +// ListPreparer prepares the List request. +func (client SentinelOnboardingStatesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client SentinelOnboardingStatesClient) ListSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client SentinelOnboardingStatesClient) ListResponder(resp *http.Response) (result SentinelOnboardingStatesList, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/sourcecontrol.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/sourcecontrol.go new file mode 100644 index 000000000000..6306657f337a --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/sourcecontrol.go @@ -0,0 +1,165 @@ +package securityinsight + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// SourceControlClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type SourceControlClient struct { + BaseClient +} + +// NewSourceControlClient creates an instance of the SourceControlClient client. +func NewSourceControlClient(subscriptionID string) SourceControlClient { + return NewSourceControlClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewSourceControlClientWithBaseURI creates an instance of the SourceControlClient client using a custom endpoint. +// Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). +func NewSourceControlClientWithBaseURI(baseURI string, subscriptionID string) SourceControlClient { + return SourceControlClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// ListRepositories gets a list of repositories metadata. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// repoType - the repo type. +func (client SourceControlClient) ListRepositories(ctx context.Context, resourceGroupName string, workspaceName string, repoType RepoType) (result RepoListPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SourceControlClient.ListRepositories") + defer func() { + sc := -1 + if result.rl.Response.Response != nil { + sc = result.rl.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.SourceControlClient", "ListRepositories", err.Error()) + } + + result.fn = client.listRepositoriesNextResults + req, err := client.ListRepositoriesPreparer(ctx, resourceGroupName, workspaceName, repoType) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlClient", "ListRepositories", nil, "Failure preparing request") + return + } + + resp, err := client.ListRepositoriesSender(req) + if err != nil { + result.rl.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlClient", "ListRepositories", resp, "Failure sending request") + return + } + + result.rl, err = client.ListRepositoriesResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlClient", "ListRepositories", resp, "Failure responding to request") + return + } + if result.rl.hasNextLink() && result.rl.IsEmpty() { + err = result.NextWithContext(ctx) + return + } + + return +} + +// ListRepositoriesPreparer prepares the ListRepositories request. +func (client SourceControlClient) ListRepositoriesPreparer(ctx context.Context, resourceGroupName string, workspaceName string, repoType RepoType) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPost(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/listRepositories", pathParameters), + autorest.WithJSON(repoType), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListRepositoriesSender sends the ListRepositories request. The method will close the +// http.Response Body if it receives an error. +func (client SourceControlClient) ListRepositoriesSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// ListRepositoriesResponder handles the response to the ListRepositories request. The method always +// closes the http.Response Body. +func (client SourceControlClient) ListRepositoriesResponder(resp *http.Response) (result RepoList, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listRepositoriesNextResults retrieves the next set of results, if any. +func (client SourceControlClient) listRepositoriesNextResults(ctx context.Context, lastResults RepoList) (result RepoList, err error) { + req, err := lastResults.repoListPreparer(ctx) + if err != nil { + return result, autorest.NewErrorWithError(err, "securityinsight.SourceControlClient", "listRepositoriesNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListRepositoriesSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "securityinsight.SourceControlClient", "listRepositoriesNextResults", resp, "Failure sending next results request") + } + result, err = client.ListRepositoriesResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlClient", "listRepositoriesNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListRepositoriesComplete enumerates all values, automatically crossing page boundaries as required. +func (client SourceControlClient) ListRepositoriesComplete(ctx context.Context, resourceGroupName string, workspaceName string, repoType RepoType) (result RepoListIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SourceControlClient.ListRepositories") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.ListRepositories(ctx, resourceGroupName, workspaceName, repoType) + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/sourcecontrols.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/sourcecontrols.go new file mode 100644 index 000000000000..c60deb34e672 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/sourcecontrols.go @@ -0,0 +1,440 @@ +package securityinsight + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// SourceControlsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type SourceControlsClient struct { + BaseClient +} + +// NewSourceControlsClient creates an instance of the SourceControlsClient client. +func NewSourceControlsClient(subscriptionID string) SourceControlsClient { + return NewSourceControlsClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewSourceControlsClientWithBaseURI creates an instance of the SourceControlsClient client using a custom endpoint. +// Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). +func NewSourceControlsClientWithBaseURI(baseURI string, subscriptionID string) SourceControlsClient { + return SourceControlsClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// Create creates a source control. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// sourceControlID - source control Id +// sourceControl - the SourceControl +func (client SourceControlsClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, sourceControl SourceControl) (result SourceControl, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SourceControlsClient.Create") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: sourceControl, + Constraints: []validation.Constraint{{Target: "sourceControl.SourceControlProperties", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "sourceControl.SourceControlProperties.DisplayName", Name: validation.Null, Rule: true, Chain: nil}, + {Target: "sourceControl.SourceControlProperties.ContentTypes", Name: validation.Null, Rule: true, Chain: nil}, + {Target: "sourceControl.SourceControlProperties.Repository", Name: validation.Null, Rule: true, Chain: nil}, + }}}}}); err != nil { + return result, validation.NewError("securityinsight.SourceControlsClient", "Create", err.Error()) + } + + req, err := client.CreatePreparer(ctx, resourceGroupName, workspaceName, sourceControlID, sourceControl) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "Create", nil, "Failure preparing request") + return + } + + resp, err := client.CreateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "Create", resp, "Failure sending request") + return + } + + result, err = client.CreateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "Create", resp, "Failure responding to request") + return + } + + return +} + +// CreatePreparer prepares the Create request. +func (client SourceControlsClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string, sourceControl SourceControl) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "sourceControlId": autorest.Encode("path", sourceControlID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}", pathParameters), + autorest.WithJSON(sourceControl), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateSender sends the Create request. The method will close the +// http.Response Body if it receives an error. +func (client SourceControlsClient) CreateSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// CreateResponder handles the response to the Create request. The method always +// closes the http.Response Body. +func (client SourceControlsClient) CreateResponder(resp *http.Response) (result SourceControl, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Delete delete a source control. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// sourceControlID - source control Id +func (client SourceControlsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string) (result autorest.Response, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SourceControlsClient.Delete") + defer func() { + sc := -1 + if result.Response != nil { + sc = result.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.SourceControlsClient", "Delete", err.Error()) + } + + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, sourceControlID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "Delete", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "Delete", resp, "Failure sending request") + return + } + + result, err = client.DeleteResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "Delete", resp, "Failure responding to request") + return + } + + return +} + +// DeletePreparer prepares the Delete request. +func (client SourceControlsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "sourceControlId": autorest.Encode("path", sourceControlID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteSender sends the Delete request. The method will close the +// http.Response Body if it receives an error. +func (client SourceControlsClient) DeleteSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// DeleteResponder handles the response to the Delete request. The method always +// closes the http.Response Body. +func (client SourceControlsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// Get gets a source control byt its identifier. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +// sourceControlID - source control Id +func (client SourceControlsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string) (result SourceControl, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SourceControlsClient.Get") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.SourceControlsClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, sourceControlID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "Get", resp, "Failure responding to request") + return + } + + return +} + +// GetPreparer prepares the Get request. +func (client SourceControlsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, sourceControlID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "sourceControlId": autorest.Encode("path", sourceControlID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client SourceControlsClient) GetSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client SourceControlsClient) GetResponder(resp *http.Response) (result SourceControl, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// List gets all source controls, without source control items. +// Parameters: +// resourceGroupName - the name of the resource group. The name is case insensitive. +// workspaceName - the name of the workspace. +func (client SourceControlsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result SourceControlListPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SourceControlsClient.List") + defer func() { + sc := -1 + if result.scl.Response.Response != nil { + sc = result.scl.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.SourceControlsClient", "List", err.Error()) + } + + result.fn = client.listNextResults + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.scl.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "List", resp, "Failure sending request") + return + } + + result.scl, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "List", resp, "Failure responding to request") + return + } + if result.scl.hasNextLink() && result.scl.IsEmpty() { + err = result.NextWithContext(ctx) + return + } + + return +} + +// ListPreparer prepares the List request. +func (client SourceControlsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2021-09-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client SourceControlsClient) ListSender(req *http.Request) (*http.Response, error) { + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client SourceControlsClient) ListResponder(resp *http.Response) (result SourceControlList, err error) { + err = autorest.Respond( + resp, + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listNextResults retrieves the next set of results, if any. +func (client SourceControlsClient) listNextResults(ctx context.Context, lastResults SourceControlList) (result SourceControlList, err error) { + req, err := lastResults.sourceControlListPreparer(ctx) + if err != nil { + return result, autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "listNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "listNextResults", resp, "Failure sending next results request") + } + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.SourceControlsClient", "listNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client SourceControlsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result SourceControlListIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/SourceControlsClient.List") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.List(ctx, resourceGroupName, workspaceName) + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/threatintelligenceindicator.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/threatintelligenceindicator.go similarity index 69% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/threatintelligenceindicator.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/threatintelligenceindicator.go index 6bcb54c0ec27..06a55c6ab86b 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/threatintelligenceindicator.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/threatintelligenceindicator.go @@ -35,14 +35,11 @@ func NewThreatIntelligenceIndicatorClientWithBaseURI(baseURI string, subscriptio // AppendTags append tags to a threat intelligence indicator. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // name - threat intelligence indicator name field. // threatIntelligenceAppendTags - the threat intelligence append tags request body -func (client ThreatIntelligenceIndicatorClient) AppendTags(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, name string, threatIntelligenceAppendTags ThreatIntelligenceAppendTags) (result autorest.Response, err error) { +func (client ThreatIntelligenceIndicatorClient) AppendTags(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceAppendTags ThreatIntelligenceAppendTags) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorClient.AppendTags") defer func() { @@ -55,18 +52,17 @@ func (client ThreatIntelligenceIndicatorClient) AppendTags(ctx context.Context, } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ThreatIntelligenceIndicatorClient", "AppendTags", err.Error()) } - req, err := client.AppendTagsPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, name, threatIntelligenceAppendTags) + req, err := client.AppendTagsPreparer(ctx, resourceGroupName, workspaceName, name, threatIntelligenceAppendTags) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ThreatIntelligenceIndicatorClient", "AppendTags", nil, "Failure preparing request") return @@ -89,16 +85,15 @@ func (client ThreatIntelligenceIndicatorClient) AppendTags(ctx context.Context, } // AppendTagsPreparer prepares the AppendTags request. -func (client ThreatIntelligenceIndicatorClient) AppendTagsPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, name string, threatIntelligenceAppendTags ThreatIntelligenceAppendTags) (*http.Request, error) { +func (client ThreatIntelligenceIndicatorClient) AppendTagsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceAppendTags ThreatIntelligenceAppendTags) (*http.Request, error) { pathParameters := map[string]interface{}{ - "name": autorest.Encode("path", name), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "name": autorest.Encode("path", name), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -107,7 +102,7 @@ func (client ThreatIntelligenceIndicatorClient) AppendTagsPreparer(ctx context.C autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}/appendTags", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}/appendTags", pathParameters), autorest.WithJSON(threatIntelligenceAppendTags), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -132,14 +127,11 @@ func (client ThreatIntelligenceIndicatorClient) AppendTagsResponder(resp *http.R // Create update a threat Intelligence indicator. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // name - threat intelligence indicator name field. // threatIntelligenceProperties - properties of threat intelligence indicators to create and update. -func (client ThreatIntelligenceIndicatorClient) Create(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, name string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (result ThreatIntelligenceInformationModel, err error) { +func (client ThreatIntelligenceIndicatorClient) Create(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (result ThreatIntelligenceInformationModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorClient.Create") defer func() { @@ -152,18 +144,17 @@ func (client ThreatIntelligenceIndicatorClient) Create(ctx context.Context, reso } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ThreatIntelligenceIndicatorClient", "Create", err.Error()) } - req, err := client.CreatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, name, threatIntelligenceProperties) + req, err := client.CreatePreparer(ctx, resourceGroupName, workspaceName, name, threatIntelligenceProperties) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ThreatIntelligenceIndicatorClient", "Create", nil, "Failure preparing request") return @@ -186,16 +177,15 @@ func (client ThreatIntelligenceIndicatorClient) Create(ctx context.Context, reso } // CreatePreparer prepares the Create request. -func (client ThreatIntelligenceIndicatorClient) CreatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, name string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (*http.Request, error) { +func (client ThreatIntelligenceIndicatorClient) CreatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (*http.Request, error) { pathParameters := map[string]interface{}{ - "name": autorest.Encode("path", name), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "name": autorest.Encode("path", name), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -204,7 +194,7 @@ func (client ThreatIntelligenceIndicatorClient) CreatePreparer(ctx context.Conte autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}", pathParameters), autorest.WithJSON(threatIntelligenceProperties), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -230,13 +220,10 @@ func (client ThreatIntelligenceIndicatorClient) CreateResponder(resp *http.Respo // CreateIndicator create a new threat intelligence indicator. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // threatIntelligenceProperties - properties of threat intelligence indicators to create and update. -func (client ThreatIntelligenceIndicatorClient) CreateIndicator(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (result ThreatIntelligenceInformationModel, err error) { +func (client ThreatIntelligenceIndicatorClient) CreateIndicator(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (result ThreatIntelligenceInformationModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorClient.CreateIndicator") defer func() { @@ -249,18 +236,17 @@ func (client ThreatIntelligenceIndicatorClient) CreateIndicator(ctx context.Cont } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ThreatIntelligenceIndicatorClient", "CreateIndicator", err.Error()) } - req, err := client.CreateIndicatorPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, threatIntelligenceProperties) + req, err := client.CreateIndicatorPreparer(ctx, resourceGroupName, workspaceName, threatIntelligenceProperties) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ThreatIntelligenceIndicatorClient", "CreateIndicator", nil, "Failure preparing request") return @@ -283,15 +269,14 @@ func (client ThreatIntelligenceIndicatorClient) CreateIndicator(ctx context.Cont } // CreateIndicatorPreparer prepares the CreateIndicator request. -func (client ThreatIntelligenceIndicatorClient) CreateIndicatorPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (*http.Request, error) { +func (client ThreatIntelligenceIndicatorClient) CreateIndicatorPreparer(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceProperties ThreatIntelligenceIndicatorModelForRequestBody) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -300,7 +285,7 @@ func (client ThreatIntelligenceIndicatorClient) CreateIndicatorPreparer(ctx cont autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/createIndicator", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/createIndicator", pathParameters), autorest.WithJSON(threatIntelligenceProperties), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -326,13 +311,10 @@ func (client ThreatIntelligenceIndicatorClient) CreateIndicatorResponder(resp *h // Delete delete a threat intelligence indicator. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // name - threat intelligence indicator name field. -func (client ThreatIntelligenceIndicatorClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, name string) (result autorest.Response, err error) { +func (client ThreatIntelligenceIndicatorClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, name string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorClient.Delete") defer func() { @@ -345,18 +327,17 @@ func (client ThreatIntelligenceIndicatorClient) Delete(ctx context.Context, reso } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ThreatIntelligenceIndicatorClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, name) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, name) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ThreatIntelligenceIndicatorClient", "Delete", nil, "Failure preparing request") return @@ -379,16 +360,15 @@ func (client ThreatIntelligenceIndicatorClient) Delete(ctx context.Context, reso } // DeletePreparer prepares the Delete request. -func (client ThreatIntelligenceIndicatorClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, name string) (*http.Request, error) { +func (client ThreatIntelligenceIndicatorClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, name string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "name": autorest.Encode("path", name), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "name": autorest.Encode("path", name), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -396,7 +376,7 @@ func (client ThreatIntelligenceIndicatorClient) DeletePreparer(ctx context.Conte preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -420,13 +400,10 @@ func (client ThreatIntelligenceIndicatorClient) DeleteResponder(resp *http.Respo // Get view a threat intelligence indicator by name. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // name - threat intelligence indicator name field. -func (client ThreatIntelligenceIndicatorClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, name string) (result ThreatIntelligenceInformationModel, err error) { +func (client ThreatIntelligenceIndicatorClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, name string) (result ThreatIntelligenceInformationModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorClient.Get") defer func() { @@ -439,18 +416,17 @@ func (client ThreatIntelligenceIndicatorClient) Get(ctx context.Context, resourc } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ThreatIntelligenceIndicatorClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, name) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, name) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ThreatIntelligenceIndicatorClient", "Get", nil, "Failure preparing request") return @@ -473,16 +449,15 @@ func (client ThreatIntelligenceIndicatorClient) Get(ctx context.Context, resourc } // GetPreparer prepares the Get request. -func (client ThreatIntelligenceIndicatorClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, name string) (*http.Request, error) { +func (client ThreatIntelligenceIndicatorClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, name string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "name": autorest.Encode("path", name), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "name": autorest.Encode("path", name), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -490,7 +465,7 @@ func (client ThreatIntelligenceIndicatorClient) GetPreparer(ctx context.Context, preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -515,13 +490,10 @@ func (client ThreatIntelligenceIndicatorClient) GetResponder(resp *http.Response // QueryIndicators query threat intelligence indicators as per filtering criteria. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // threatIntelligenceFilteringCriteria - filtering criteria for querying threat intelligence indicators. -func (client ThreatIntelligenceIndicatorClient) QueryIndicators(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria) (result ThreatIntelligenceInformationListPage, err error) { +func (client ThreatIntelligenceIndicatorClient) QueryIndicators(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria) (result ThreatIntelligenceInformationListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorClient.QueryIndicators") defer func() { @@ -534,11 +506,10 @@ func (client ThreatIntelligenceIndicatorClient) QueryIndicators(ctx context.Cont } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -546,7 +517,7 @@ func (client ThreatIntelligenceIndicatorClient) QueryIndicators(ctx context.Cont } result.fn = client.queryIndicatorsNextResults - req, err := client.QueryIndicatorsPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, threatIntelligenceFilteringCriteria) + req, err := client.QueryIndicatorsPreparer(ctx, resourceGroupName, workspaceName, threatIntelligenceFilteringCriteria) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ThreatIntelligenceIndicatorClient", "QueryIndicators", nil, "Failure preparing request") return @@ -573,15 +544,14 @@ func (client ThreatIntelligenceIndicatorClient) QueryIndicators(ctx context.Cont } // QueryIndicatorsPreparer prepares the QueryIndicators request. -func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria) (*http.Request, error) { +func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -590,7 +560,7 @@ func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsPreparer(ctx cont autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/queryIndicators", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/queryIndicators", pathParameters), autorest.WithJSON(threatIntelligenceFilteringCriteria), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -636,7 +606,7 @@ func (client ThreatIntelligenceIndicatorClient) queryIndicatorsNextResults(ctx c } // QueryIndicatorsComplete enumerates all values, automatically crossing page boundaries as required. -func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria) (result ThreatIntelligenceInformationListIterator, err error) { +func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsComplete(ctx context.Context, resourceGroupName string, workspaceName string, threatIntelligenceFilteringCriteria ThreatIntelligenceFilteringCriteria) (result ThreatIntelligenceInformationListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorClient.QueryIndicators") defer func() { @@ -647,20 +617,17 @@ func (client ThreatIntelligenceIndicatorClient) QueryIndicatorsComplete(ctx cont tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.QueryIndicators(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, threatIntelligenceFilteringCriteria) + result.page, err = client.QueryIndicators(ctx, resourceGroupName, workspaceName, threatIntelligenceFilteringCriteria) return } // ReplaceTags replace tags added to a threat intelligence indicator. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // name - threat intelligence indicator name field. // threatIntelligenceReplaceTags - tags in the threat intelligence indicator to be replaced. -func (client ThreatIntelligenceIndicatorClient) ReplaceTags(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, name string, threatIntelligenceReplaceTags ThreatIntelligenceIndicatorModelForRequestBody) (result ThreatIntelligenceInformationModel, err error) { +func (client ThreatIntelligenceIndicatorClient) ReplaceTags(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceReplaceTags ThreatIntelligenceIndicatorModelForRequestBody) (result ThreatIntelligenceInformationModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorClient.ReplaceTags") defer func() { @@ -673,18 +640,17 @@ func (client ThreatIntelligenceIndicatorClient) ReplaceTags(ctx context.Context, } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ThreatIntelligenceIndicatorClient", "ReplaceTags", err.Error()) } - req, err := client.ReplaceTagsPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, name, threatIntelligenceReplaceTags) + req, err := client.ReplaceTagsPreparer(ctx, resourceGroupName, workspaceName, name, threatIntelligenceReplaceTags) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ThreatIntelligenceIndicatorClient", "ReplaceTags", nil, "Failure preparing request") return @@ -707,16 +673,15 @@ func (client ThreatIntelligenceIndicatorClient) ReplaceTags(ctx context.Context, } // ReplaceTagsPreparer prepares the ReplaceTags request. -func (client ThreatIntelligenceIndicatorClient) ReplaceTagsPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, name string, threatIntelligenceReplaceTags ThreatIntelligenceIndicatorModelForRequestBody) (*http.Request, error) { +func (client ThreatIntelligenceIndicatorClient) ReplaceTagsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, name string, threatIntelligenceReplaceTags ThreatIntelligenceIndicatorModelForRequestBody) (*http.Request, error) { pathParameters := map[string]interface{}{ - "name": autorest.Encode("path", name), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "name": autorest.Encode("path", name), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -725,7 +690,7 @@ func (client ThreatIntelligenceIndicatorClient) ReplaceTagsPreparer(ctx context. autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPost(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}/replaceTags", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}/replaceTags", pathParameters), autorest.WithJSON(threatIntelligenceReplaceTags), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/threatintelligenceindicatormetrics.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/threatintelligenceindicatormetrics.go similarity index 76% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/threatintelligenceindicatormetrics.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/threatintelligenceindicatormetrics.go index 4e226430d45e..fd450096533b 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/threatintelligenceindicatormetrics.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/threatintelligenceindicatormetrics.go @@ -36,12 +36,9 @@ func NewThreatIntelligenceIndicatorMetricsClientWithBaseURI(baseURI string, subs // List get threat intelligence indicators metrics (Indicators counts by Type, Threat Type, Source). // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -func (client ThreatIntelligenceIndicatorMetricsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result ThreatIntelligenceMetricsList, err error) { +func (client ThreatIntelligenceIndicatorMetricsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result ThreatIntelligenceMetricsList, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorMetricsClient.List") defer func() { @@ -54,18 +51,17 @@ func (client ThreatIntelligenceIndicatorMetricsClient) List(ctx context.Context, } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.ThreatIntelligenceIndicatorMetricsClient", "List", err.Error()) } - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ThreatIntelligenceIndicatorMetricsClient", "List", nil, "Failure preparing request") return @@ -88,15 +84,14 @@ func (client ThreatIntelligenceIndicatorMetricsClient) List(ctx context.Context, } // ListPreparer prepares the List request. -func (client ThreatIntelligenceIndicatorMetricsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client ThreatIntelligenceIndicatorMetricsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -104,7 +99,7 @@ func (client ThreatIntelligenceIndicatorMetricsClient) ListPreparer(ctx context. preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/metrics", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/metrics", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/threatintelligenceindicators.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/threatintelligenceindicators.go similarity index 77% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/threatintelligenceindicators.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/threatintelligenceindicators.go index 0abecc8f7aba..b5ba61f37a85 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/threatintelligenceindicators.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/threatintelligenceindicators.go @@ -35,18 +35,15 @@ func NewThreatIntelligenceIndicatorsClientWithBaseURI(baseURI string, subscripti // List get all threat intelligence indicators. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // filter - filters the results, based on a Boolean condition. Optional. +// orderby - sorts the results. Optional. // top - returns only the first n results. Optional. // skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response // contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that // specifies a starting point to use for subsequent calls. Optional. -// orderby - sorts the results. Optional. -func (client ThreatIntelligenceIndicatorsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, top *int32, skipToken string, orderby string) (result ThreatIntelligenceInformationListPage, err error) { +func (client ThreatIntelligenceIndicatorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result ThreatIntelligenceInformationListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorsClient.List") defer func() { @@ -59,11 +56,10 @@ func (client ThreatIntelligenceIndicatorsClient) List(ctx context.Context, resou } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -71,7 +67,7 @@ func (client ThreatIntelligenceIndicatorsClient) List(ctx context.Context, resou } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, filter, top, skipToken, orderby) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, filter, orderby, top, skipToken) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ThreatIntelligenceIndicatorsClient", "List", nil, "Failure preparing request") return @@ -98,35 +94,34 @@ func (client ThreatIntelligenceIndicatorsClient) List(ctx context.Context, resou } // ListPreparer prepares the List request. -func (client ThreatIntelligenceIndicatorsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, top *int32, skipToken string, orderby string) (*http.Request, error) { +func (client ThreatIntelligenceIndicatorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } if len(filter) > 0 { queryParameters["$filter"] = autorest.Encode("query", filter) } + if len(orderby) > 0 { + queryParameters["$orderby"] = autorest.Encode("query", orderby) + } if top != nil { queryParameters["$top"] = autorest.Encode("query", *top) } if len(skipToken) > 0 { queryParameters["$skipToken"] = autorest.Encode("query", skipToken) } - if len(orderby) > 0 { - queryParameters["$orderby"] = autorest.Encode("query", orderby) - } preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -171,7 +166,7 @@ func (client ThreatIntelligenceIndicatorsClient) listNextResults(ctx context.Con } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client ThreatIntelligenceIndicatorsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, top *int32, skipToken string, orderby string) (result ThreatIntelligenceInformationListIterator, err error) { +func (client ThreatIntelligenceIndicatorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result ThreatIntelligenceInformationListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ThreatIntelligenceIndicatorsClient.List") defer func() { @@ -182,6 +177,6 @@ func (client ThreatIntelligenceIndicatorsClient) ListComplete(ctx context.Contex tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, filter, top, skipToken, orderby) + result.page, err = client.List(ctx, resourceGroupName, workspaceName, filter, orderby, top, skipToken) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/version.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/version.go similarity index 88% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/version.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/version.go index 409bf48f4919..12d22581ce98 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/version.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/version.go @@ -10,7 +10,7 @@ import "github.com/Azure/azure-sdk-for-go/version" // UserAgent returns the UserAgent string to use when sending http.Requests. func UserAgent() string { - return "Azure-SDK-For-Go/" + Version() + " securityinsight/2019-01-01-preview" + return "Azure-SDK-For-Go/" + Version() + " securityinsight/2021-09-01-preview" } // Version returns the semantic version (see http://semver.org) of the client. diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/watchlistitems.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/watchlistitems.go similarity index 68% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/watchlistitems.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/watchlistitems.go index 90826dc7483a..91f13252cfb0 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/watchlistitems.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/watchlistitems.go @@ -33,15 +33,12 @@ func NewWatchlistItemsClientWithBaseURI(baseURI string, subscriptionID string) W // CreateOrUpdate creates or updates a watchlist item. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // watchlistAlias - watchlist Alias // watchlistItemID - watchlist Item Id (GUID) // watchlistItem - the watchlist item -func (client WatchlistItemsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string, watchlistItemID string, watchlistItem WatchlistItem) (result WatchlistItem, err error) { +func (client WatchlistItemsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, watchlistItem WatchlistItem) (result WatchlistItem, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistItemsClient.CreateOrUpdate") defer func() { @@ -54,11 +51,10 @@ func (client WatchlistItemsClient) CreateOrUpdate(ctx context.Context, resourceG } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, @@ -68,7 +64,7 @@ func (client WatchlistItemsClient) CreateOrUpdate(ctx context.Context, resourceG return result, validation.NewError("securityinsight.WatchlistItemsClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, watchlistAlias, watchlistItemID, watchlistItem) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, watchlistAlias, watchlistItemID, watchlistItem) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.WatchlistItemsClient", "CreateOrUpdate", nil, "Failure preparing request") return @@ -91,17 +87,16 @@ func (client WatchlistItemsClient) CreateOrUpdate(ctx context.Context, resourceG } // CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client WatchlistItemsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string, watchlistItemID string, watchlistItem WatchlistItem) (*http.Request, error) { +func (client WatchlistItemsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string, watchlistItem WatchlistItem) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "watchlistAlias": autorest.Encode("path", watchlistAlias), - "watchlistItemId": autorest.Encode("path", watchlistItemID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "watchlistAlias": autorest.Encode("path", watchlistAlias), + "watchlistItemId": autorest.Encode("path", watchlistItemID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -110,7 +105,7 @@ func (client WatchlistItemsClient) CreateOrUpdatePreparer(ctx context.Context, r autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}", pathParameters), autorest.WithJSON(watchlistItem), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -136,14 +131,11 @@ func (client WatchlistItemsClient) CreateOrUpdateResponder(resp *http.Response) // Delete delete a watchlist item. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // watchlistAlias - watchlist Alias // watchlistItemID - watchlist Item Id (GUID) -func (client WatchlistItemsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string, watchlistItemID string) (result autorest.Response, err error) { +func (client WatchlistItemsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistItemsClient.Delete") defer func() { @@ -156,18 +148,17 @@ func (client WatchlistItemsClient) Delete(ctx context.Context, resourceGroupName } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.WatchlistItemsClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, watchlistAlias, watchlistItemID) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, watchlistAlias, watchlistItemID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.WatchlistItemsClient", "Delete", nil, "Failure preparing request") return @@ -190,17 +181,16 @@ func (client WatchlistItemsClient) Delete(ctx context.Context, resourceGroupName } // DeletePreparer prepares the Delete request. -func (client WatchlistItemsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string, watchlistItemID string) (*http.Request, error) { +func (client WatchlistItemsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "watchlistAlias": autorest.Encode("path", watchlistAlias), - "watchlistItemId": autorest.Encode("path", watchlistItemID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "watchlistAlias": autorest.Encode("path", watchlistAlias), + "watchlistItemId": autorest.Encode("path", watchlistItemID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -208,7 +198,7 @@ func (client WatchlistItemsClient) DeletePreparer(ctx context.Context, resourceG preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -232,14 +222,11 @@ func (client WatchlistItemsClient) DeleteResponder(resp *http.Response) (result // Get gets a watchlist, without its watchlist items. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // watchlistAlias - watchlist Alias // watchlistItemID - watchlist Item Id (GUID) -func (client WatchlistItemsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string, watchlistItemID string) (result WatchlistItem, err error) { +func (client WatchlistItemsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string) (result WatchlistItem, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistItemsClient.Get") defer func() { @@ -252,18 +239,17 @@ func (client WatchlistItemsClient) Get(ctx context.Context, resourceGroupName st } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.WatchlistItemsClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, watchlistAlias, watchlistItemID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, watchlistAlias, watchlistItemID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.WatchlistItemsClient", "Get", nil, "Failure preparing request") return @@ -286,17 +272,16 @@ func (client WatchlistItemsClient) Get(ctx context.Context, resourceGroupName st } // GetPreparer prepares the Get request. -func (client WatchlistItemsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string, watchlistItemID string) (*http.Request, error) { +func (client WatchlistItemsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlistItemID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "watchlistAlias": autorest.Encode("path", watchlistAlias), - "watchlistItemId": autorest.Encode("path", watchlistItemID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "watchlistAlias": autorest.Encode("path", watchlistAlias), + "watchlistItemId": autorest.Encode("path", watchlistItemID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -304,7 +289,7 @@ func (client WatchlistItemsClient) GetPreparer(ctx context.Context, resourceGrou preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -329,13 +314,10 @@ func (client WatchlistItemsClient) GetResponder(resp *http.Response) (result Wat // List gets all watchlist Items. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // watchlistAlias - watchlist Alias -func (client WatchlistItemsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string) (result WatchlistItemListPage, err error) { +func (client WatchlistItemsClient) List(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (result WatchlistItemListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistItemsClient.List") defer func() { @@ -348,11 +330,10 @@ func (client WatchlistItemsClient) List(ctx context.Context, resourceGroupName s } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -360,7 +341,7 @@ func (client WatchlistItemsClient) List(ctx context.Context, resourceGroupName s } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, watchlistAlias) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName, watchlistAlias) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.WatchlistItemsClient", "List", nil, "Failure preparing request") return @@ -387,16 +368,15 @@ func (client WatchlistItemsClient) List(ctx context.Context, resourceGroupName s } // ListPreparer prepares the List request. -func (client WatchlistItemsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string) (*http.Request, error) { +func (client WatchlistItemsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "watchlistAlias": autorest.Encode("path", watchlistAlias), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "watchlistAlias": autorest.Encode("path", watchlistAlias), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -404,7 +384,7 @@ func (client WatchlistItemsClient) ListPreparer(ctx context.Context, resourceGro preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -449,7 +429,7 @@ func (client WatchlistItemsClient) listNextResults(ctx context.Context, lastResu } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client WatchlistItemsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string) (result WatchlistItemListIterator, err error) { +func (client WatchlistItemsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (result WatchlistItemListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistItemsClient.List") defer func() { @@ -460,6 +440,6 @@ func (client WatchlistItemsClient) ListComplete(ctx context.Context, resourceGro tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, watchlistAlias) + result.page, err = client.List(ctx, resourceGroupName, workspaceName, watchlistAlias) return } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/watchlists.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/watchlists.go similarity index 65% rename from vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/watchlists.go rename to vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/watchlists.go index c00c662c55ff..aa476aac3ac4 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight/watchlists.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight/watchlists.go @@ -31,20 +31,16 @@ func NewWatchlistsClientWithBaseURI(baseURI string, subscriptionID string) Watch return WatchlistsClient{NewWithBaseURI(baseURI, subscriptionID)} } -// Create creates a watchlist and its watchlist items (bulk creation, e.g. through text/csv content type). To create a -// Watchlist and its Items, we should call this endpoint twice : the first call will create an empty Watchlist, and the -// second one will create its Items. +// CreateOrUpdate creates or updates a watchlist and its watchlist items (bulk creation, e.g. through text/csv content +// type). To create a Watchlist and its items, we should call this endpoint with rawContent and contentType properties. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // watchlistAlias - watchlist Alias // watchlist - the watchlist -func (client WatchlistsClient) Create(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string, watchlist Watchlist) (result Watchlist, err error) { +func (client WatchlistsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist Watchlist) (result Watchlist, err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistsClient.Create") + ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistsClient.CreateOrUpdate") defer func() { sc := -1 if result.Response.Response != nil { @@ -55,11 +51,10 @@ func (client WatchlistsClient) Create(ctx context.Context, resourceGroupName str } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, @@ -67,43 +62,43 @@ func (client WatchlistsClient) Create(ctx context.Context, resourceGroupName str Constraints: []validation.Constraint{{Target: "watchlist.WatchlistProperties", Name: validation.Null, Rule: false, Chain: []validation.Constraint{{Target: "watchlist.WatchlistProperties.DisplayName", Name: validation.Null, Rule: true, Chain: nil}, {Target: "watchlist.WatchlistProperties.Provider", Name: validation.Null, Rule: true, Chain: nil}, + {Target: "watchlist.WatchlistProperties.ItemsSearchKey", Name: validation.Null, Rule: true, Chain: nil}, }}}}}); err != nil { - return result, validation.NewError("securityinsight.WatchlistsClient", "Create", err.Error()) + return result, validation.NewError("securityinsight.WatchlistsClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, watchlistAlias, watchlist) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, watchlistAlias, watchlist) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.WatchlistsClient", "Create", nil, "Failure preparing request") + err = autorest.NewErrorWithError(err, "securityinsight.WatchlistsClient", "CreateOrUpdate", nil, "Failure preparing request") return } - resp, err := client.CreateSender(req) + resp, err := client.CreateOrUpdateSender(req) if err != nil { result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.WatchlistsClient", "Create", resp, "Failure sending request") + err = autorest.NewErrorWithError(err, "securityinsight.WatchlistsClient", "CreateOrUpdate", resp, "Failure sending request") return } - result, err = client.CreateResponder(resp) + result, err = client.CreateOrUpdateResponder(resp) if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.WatchlistsClient", "Create", resp, "Failure responding to request") + err = autorest.NewErrorWithError(err, "securityinsight.WatchlistsClient", "CreateOrUpdate", resp, "Failure responding to request") return } return } -// CreatePreparer prepares the Create request. -func (client WatchlistsClient) CreatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string, watchlist Watchlist) (*http.Request, error) { +// CreateOrUpdatePreparer prepares the CreateOrUpdate request. +func (client WatchlistsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string, watchlist Watchlist) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "watchlistAlias": autorest.Encode("path", watchlistAlias), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "watchlistAlias": autorest.Encode("path", watchlistAlias), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -112,21 +107,21 @@ func (client WatchlistsClient) CreatePreparer(ctx context.Context, resourceGroup autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}", pathParameters), autorest.WithJSON(watchlist), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } -// CreateSender sends the Create request. The method will close the +// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the // http.Response Body if it receives an error. -func (client WatchlistsClient) CreateSender(req *http.Request) (*http.Response, error) { +func (client WatchlistsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } -// CreateResponder handles the response to the Create request. The method always +// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always // closes the http.Response Body. -func (client WatchlistsClient) CreateResponder(resp *http.Response) (result Watchlist, err error) { +func (client WatchlistsClient) CreateOrUpdateResponder(resp *http.Response) (result Watchlist, err error) { err = autorest.Respond( resp, azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), @@ -138,13 +133,10 @@ func (client WatchlistsClient) CreateResponder(resp *http.Response) (result Watc // Delete delete a watchlist. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // watchlistAlias - watchlist Alias -func (client WatchlistsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string) (result autorest.Response, err error) { +func (client WatchlistsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistsClient.Delete") defer func() { @@ -157,18 +149,17 @@ func (client WatchlistsClient) Delete(ctx context.Context, resourceGroupName str } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.WatchlistsClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, watchlistAlias) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, watchlistAlias) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.WatchlistsClient", "Delete", nil, "Failure preparing request") return @@ -191,16 +182,15 @@ func (client WatchlistsClient) Delete(ctx context.Context, resourceGroupName str } // DeletePreparer prepares the Delete request. -func (client WatchlistsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string) (*http.Request, error) { +func (client WatchlistsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "watchlistAlias": autorest.Encode("path", watchlistAlias), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "watchlistAlias": autorest.Encode("path", watchlistAlias), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -208,7 +198,7 @@ func (client WatchlistsClient) DeletePreparer(ctx context.Context, resourceGroup preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -232,13 +222,10 @@ func (client WatchlistsClient) DeleteResponder(resp *http.Response) (result auto // Get gets a watchlist, without its watchlist items. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. // watchlistAlias - watchlist Alias -func (client WatchlistsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string) (result Watchlist, err error) { +func (client WatchlistsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (result Watchlist, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistsClient.Get") defer func() { @@ -251,18 +238,17 @@ func (client WatchlistsClient) Get(ctx context.Context, resourceGroupName string } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { return result, validation.NewError("securityinsight.WatchlistsClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, watchlistAlias) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, watchlistAlias) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.WatchlistsClient", "Get", nil, "Failure preparing request") return @@ -285,16 +271,15 @@ func (client WatchlistsClient) Get(ctx context.Context, resourceGroupName string } // GetPreparer prepares the Get request. -func (client WatchlistsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, watchlistAlias string) (*http.Request, error) { +func (client WatchlistsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, watchlistAlias string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "watchlistAlias": autorest.Encode("path", watchlistAlias), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "watchlistAlias": autorest.Encode("path", watchlistAlias), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -302,7 +287,7 @@ func (client WatchlistsClient) GetPreparer(ctx context.Context, resourceGroupNam preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -327,12 +312,9 @@ func (client WatchlistsClient) GetResponder(resp *http.Response) (result Watchli // List gets all watchlists, without watchlist items. // Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. +// resourceGroupName - the name of the resource group. The name is case insensitive. // workspaceName - the name of the workspace. -func (client WatchlistsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result WatchlistListPage, err error) { +func (client WatchlistsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result WatchlistListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistsClient.List") defer func() { @@ -345,11 +327,10 @@ func (client WatchlistsClient) List(ctx context.Context, resourceGroupName strin } if err := validation.Validate([]validation.Validation{ {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: resourceGroupName, Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, {TargetValue: workspaceName, Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { @@ -357,7 +338,7 @@ func (client WatchlistsClient) List(ctx context.Context, resourceGroupName strin } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.WatchlistsClient", "List", nil, "Failure preparing request") return @@ -384,15 +365,14 @@ func (client WatchlistsClient) List(ctx context.Context, resourceGroupName strin } // ListPreparer prepares the List request. -func (client WatchlistsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client WatchlistsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2021-09-01-preview" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -400,7 +380,7 @@ func (client WatchlistsClient) ListPreparer(ctx context.Context, resourceGroupNa preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -445,7 +425,7 @@ func (client WatchlistsClient) listNextResults(ctx context.Context, lastResults } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client WatchlistsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result WatchlistListIterator, err error) { +func (client WatchlistsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result WatchlistListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/WatchlistsClient.List") defer func() { @@ -456,6 +436,6 @@ func (client WatchlistsClient) ListComplete(ctx context.Context, resourceGroupNa tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + result.page, err = client.List(ctx, resourceGroupName, workspaceName) return } diff --git a/vendor/modules.txt b/vendor/modules.txt index a29533dadbca..5a22c109c007 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -79,7 +79,7 @@ github.com/Azure/azure-sdk-for-go/services/preview/portal/mgmt/2019-01-01-previe github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2021-06-01-preview/policy github.com/Azure/azure-sdk-for-go/services/preview/security/mgmt/v3.0/security -github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight +github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2021-09-01-preview/securityinsight github.com/Azure/azure-sdk-for-go/services/preview/servicebus/mgmt/2021-06-01-preview/servicebus github.com/Azure/azure-sdk-for-go/services/preview/servicefabricmesh/mgmt/2018-09-01-preview/servicefabricmesh github.com/Azure/azure-sdk-for-go/services/preview/sql/mgmt/2017-03-01-preview/sql diff --git a/website/docs/r/sentinel_alert_rule_scheduled.html.markdown b/website/docs/r/sentinel_alert_rule_scheduled.html.markdown index deb4b40fc8d6..d008cb5b594d 100644 --- a/website/docs/r/sentinel_alert_rule_scheduled.html.markdown +++ b/website/docs/r/sentinel_alert_rule_scheduled.html.markdown @@ -124,9 +124,9 @@ A `grouping` block supports the following: * `reopen_closed_incidents` - (Optional) Whether to re-open closed matching incidents? Defaults to `false`. -* `entity_matching_method` - (Optional) The method used to group incidents. Possible values are `All`, `Custom` and `None`. Defaults to `None`. +* `entity_matching_method` - (Optional) The method used to group incidents. Possible values are `AnyAlert`, `Selected` and `AllEntities`. Defaults to `AnyAlert`. -* `group_by` - (Optional) A list of entity types to group by, only when the `entity_matching_method` is `Custom`. Possible values are `Account`, `Host`, `Url`, `Ip`. +* `group_by` - (Optional) A list of entity types to group by, only when the `entity_matching_method` is `Selected`. Possible values are `Account`, `AzureResource`, `CloudApplication`, `DNS`, `File`, `FileHash`, `Host`, `IP`, `Mailbox`, `MailCluster`, `MailMessage`, `Malware`, `Process`, `RegistryKey`, `RegistryValue`, `SecurityGroup`, `SubmissionMail`, `URL`. ## Attributes Reference