Squashed commit of the following:

commit e89cd2f
Author: ziyeqf <[email protected]>
Date:   Thu Feb 9 15:04:29 2023 +0800

    clean code

commit d3334f6
Author: ziyeqf <[email protected]>
Date:   Thu Feb 9 13:35:50 2023 +0800

    enhance azuresdkhacks

commit 3d1043c
Author: ziyeqf <[email protected]>
Date:   Wed Feb 8 20:26:47 2023 +0800

    rename model name

commit bc99cb0
Author: ziyeqf <[email protected]>
Date:   Wed Feb 8 20:23:11 2023 +0800

    add document

commit 958417e
Author: ziyeqf <[email protected]>
Date:   Wed Feb 8 18:53:04 2023 +0800

    golint

commit 49c6359
Author: ziyeqf <[email protected]>
Date:   Wed Feb 8 18:26:55 2023 +0800

    add azuresdkhack for CustomizableObservations, issue tracked on Azure/azure-rest-api-specs#22503

commit dd10608
Author: ziyeqf <[email protected]>
Date:   Wed Feb 8 15:07:22 2023 +0800

    New Resource: `azurerm_sentinel_alert_rule_anomaly_built_in`, New DataSource:`azurerm_sentinel_anomaly_rule`
Merge branch 'tengzh/vanguard/sentinel/analytics_settings_built_in' into tengzh/vanguard/sentinel/analytics_settings

internal/services/sentinel/sentinel_alert_rule_anomaly_built_in_resource.go

@@ -22,7 +22,6 @@ type AlertRuleAnomalyBuiltInModel struct {
 	Name                         string                                  `tfschema:"name"`
 	DisplayName                  string                                  `tfschema:"display_name"`
 	WorkspaceId                  string                                  `tfschema:"log_analytics_workspace_id"`
-	CustomizableObservations     string                                  `tfschema:"customizable_observations"`
 	Enabled                      bool                                    `tfschema:"enabled"`
 	Mode                         string                                  `tfschema:"mode"`
 	AnomalyVersion               string                                  `tfschema:"anomaly_version"`
@@ -103,10 +102,6 @@ func (r AlertRuleAnomalyBuiltInResource) Attributes() map[string]*schema.Schema
 			Type:     pluginsdk.TypeInt,
 			Computed: true,
 		},
-		"customizable_observations": {
-			Type:     pluginsdk.TypeString,
-			Computed: true,
-		},
 		"description": {
 			Type:     pluginsdk.TypeString,
 			Computed: true,
@@ -425,31 +420,22 @@ func (r AlertRuleAnomalyBuiltInResource) Delete() sdk.ResourceFunc {
 			param := securityinsight.AnomalySecurityMLAnalyticsSettings{
 				Kind: securityinsight.KindBasicSecurityMLAnalyticsSettingKindAnomaly,
 				AnomalySecurityMLAnalyticsSettingsProperties: &securityinsight.AnomalySecurityMLAnalyticsSettingsProperties{
-					Description:            existing.Description,
-					DisplayName:            existing.DisplayName,
-					RequiredDataConnectors: existing.RequiredDataConnectors,
-					Tactics:                existing.Tactics,
-					Techniques:             existing.Techniques,
-					AnomalyVersion:         existing.AnomalyVersion,
-					Frequency:              existing.Frequency,
-					IsDefaultSettings:      existing.IsDefaultSettings,
-					AnomalySettingsVersion: existing.AnomalySettingsVersion,
-					SettingsDefinitionID:   existing.SettingsDefinitionID,
-					Enabled:                utils.Bool(false),
-					SettingsStatus:         securityinsight.SettingsStatus(metaModel.Mode),
+					Description:              existing.Description,
+					DisplayName:              existing.DisplayName,
+					RequiredDataConnectors:   existing.RequiredDataConnectors,
+					Tactics:                  existing.Tactics,
+					Techniques:               existing.Techniques,
+					AnomalyVersion:           existing.AnomalyVersion,
+					Frequency:                existing.Frequency,
+					IsDefaultSettings:        existing.IsDefaultSettings,
+					AnomalySettingsVersion:   existing.AnomalySettingsVersion,
+					SettingsDefinitionID:     existing.SettingsDefinitionID,
+					Enabled:                  utils.Bool(false),
+					SettingsStatus:           securityinsight.SettingsStatus(metaModel.Mode),
+					CustomizableObservations: existing.CustomizableObservations,
 				},
 			}
 
-			if metaModel.CustomizableObservations != "" {
-				v, err := pluginsdk.ExpandJsonFromString(metaModel.CustomizableObservations)
-				if err != nil {
-					return fmt.Errorf("expanding `customizable_observations`: %+v", err)
-				}
-				param.AnomalySecurityMLAnalyticsSettingsProperties.CustomizableObservations = v
-			} else {
-				param.AnomalySecurityMLAnalyticsSettingsProperties.CustomizableObservations = existing.CustomizableObservations
-			}
-
 			_, err = client.CreateOrUpdate(ctx, id.ResourceGroup, id.WorkspaceName, id.SecurityMLAnalyticsSettingName, param)
 			if err != nil {
 				return fmt.Errorf("updating %s: %+v", id, err)

internal/services/sentinel/sentinel_alert_rule_anomaly_data_source.go

@@ -77,10 +77,6 @@ func (a AlertRuleAnomalyDataSource) Attributes() map[string]*schema.Schema {
 			Type:     pluginsdk.TypeInt,
 			Computed: true,
 		},
-		"customizable_observations": {
-			Type:     pluginsdk.TypeString,
-			Computed: true,
-		},
 		"description": {
 			Type:     pluginsdk.TypeString,
 			Computed: true,

website/docs/d/sentinel_alert_rule_anomaly.html.markdown

@@ -65,8 +65,6 @@ In addition to the Arguments listed above - the following Attributes are exporte
 
 * `anomaly_version` - The anomaly version of the Anomaly Alert Rule.
 
-* `customizable_observations` - The customizable observations of the Anomaly Alert Rule.
-
 * `description` - The description of the Anomaly Alert Rule.
 
 * `enabled` - Is the Anomaly Alert Rule enabled?

website/docs/r/sentinel_alert_rule_anomaly_built_in.html.markdown

@@ -88,8 +88,6 @@ In addition to the Arguments listed above - the following Attributes are exporte
 
 * `techniques` - A list of techniques of attacks by which to classify the rule.
 
-* `customizable_observations` - The customizable observations of the Built-in Anomaly Alert Rule.
-
 * `multi_select_observation` - A list of `multi_select_observation` blocks as defined below.
 
 * `single_select_observation` - A list of `single_select_observation` blocks as defined below.