diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py index c619ab787d2f..48bdeb3a34b1 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py @@ -29,6 +29,9 @@ from .ti_data_connector_data_types_indicators_py3 import TIDataConnectorDataTypesIndicators from .ti_data_connector_data_types_py3 import TIDataConnectorDataTypes from .ti_data_connector_py3 import TIDataConnector + from .aws_cloud_trail_data_connector_data_types_logs_py3 import AwsCloudTrailDataConnectorDataTypesLogs + from .aws_cloud_trail_data_connector_data_types_py3 import AwsCloudTrailDataConnectorDataTypes + from .aws_cloud_trail_data_connector_py3 import AwsCloudTrailDataConnector from .alerts_data_type_of_data_connector_alerts_py3 import AlertsDataTypeOfDataConnectorAlerts from .alerts_data_type_of_data_connector_py3 import AlertsDataTypeOfDataConnector from .aad_data_connector_py3 import AADDataConnector @@ -49,6 +52,10 @@ from .toggle_settings_py3 import ToggleSettings from .aggregations_py3 import Aggregations from .aggregations_kind1_py3 import AggregationsKind1 + from .cases_aggregation_by_severity_properties_py3 import CasesAggregationBySeverityProperties + from .cases_aggregation_by_status_properties_py3 import CasesAggregationByStatusProperties + from .cases_aggregation_py3 import CasesAggregation + from .entity_query_py3 import EntityQuery except (SyntaxError, ImportError): from .operation_display import OperationDisplay from .operation import Operation @@ -69,6 +76,9 @@ from .ti_data_connector_data_types_indicators import TIDataConnectorDataTypesIndicators from .ti_data_connector_data_types import TIDataConnectorDataTypes from .ti_data_connector import TIDataConnector + from .aws_cloud_trail_data_connector_data_types_logs import AwsCloudTrailDataConnectorDataTypesLogs + from .aws_cloud_trail_data_connector_data_types import AwsCloudTrailDataConnectorDataTypes + from .aws_cloud_trail_data_connector import AwsCloudTrailDataConnector from .alerts_data_type_of_data_connector_alerts import AlertsDataTypeOfDataConnectorAlerts from .alerts_data_type_of_data_connector import AlertsDataTypeOfDataConnector from .aad_data_connector import AADDataConnector @@ -89,6 +99,10 @@ from .toggle_settings import ToggleSettings from .aggregations import Aggregations from .aggregations_kind1 import AggregationsKind1 + from .cases_aggregation_by_severity_properties import CasesAggregationBySeverityProperties + from .cases_aggregation_by_status_properties import CasesAggregationByStatusProperties + from .cases_aggregation import CasesAggregation + from .entity_query import EntityQuery from .operation_paged import OperationPaged from .alert_rule_paged import AlertRulePaged from .action_paged import ActionPaged @@ -97,6 +111,7 @@ from .data_connector_paged import DataConnectorPaged from .entity_paged import EntityPaged from .office_consent_paged import OfficeConsentPaged +from .entity_query_paged import EntityQueryPaged from .security_insights_enums import ( AlertRuleKind, AlertSeverity, @@ -110,6 +125,7 @@ OSFamily, SettingKind, StatusInMcas, + LicenseStatus, AggregationsKind, ) @@ -133,6 +149,9 @@ 'TIDataConnectorDataTypesIndicators', 'TIDataConnectorDataTypes', 'TIDataConnector', + 'AwsCloudTrailDataConnectorDataTypesLogs', + 'AwsCloudTrailDataConnectorDataTypes', + 'AwsCloudTrailDataConnector', 'AlertsDataTypeOfDataConnectorAlerts', 'AlertsDataTypeOfDataConnector', 'AADDataConnector', @@ -153,6 +172,10 @@ 'ToggleSettings', 'Aggregations', 'AggregationsKind1', + 'CasesAggregationBySeverityProperties', + 'CasesAggregationByStatusProperties', + 'CasesAggregation', + 'EntityQuery', 'OperationPaged', 'AlertRulePaged', 'ActionPaged', @@ -161,6 +184,7 @@ 'DataConnectorPaged', 'EntityPaged', 'OfficeConsentPaged', + 'EntityQueryPaged', 'AlertRuleKind', 'AlertSeverity', 'TriggerOperator', @@ -173,5 +197,6 @@ 'OSFamily', 'SettingKind', 'StatusInMcas', + 'LicenseStatus', 'AggregationsKind', ] diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations.py index 1725d1ad51af..bf1729fe3ce0 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations.py @@ -15,6 +15,9 @@ class Aggregations(Model): """The aggregation. + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: CasesAggregation + Variables are only populated by the server, and will be ignored when sending a request. @@ -44,6 +47,10 @@ class Aggregations(Model): 'kind': {'key': 'kind', 'type': 'str'}, } + _subtype_map = { + 'kind': {'CasesAggregation': 'CasesAggregation'} + } + def __init__(self, **kwargs): super(Aggregations, self).__init__(**kwargs) self.id = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_py3.py index 82ab1d137e2a..11d66372cb42 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_py3.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aggregations_py3.py @@ -15,6 +15,9 @@ class Aggregations(Model): """The aggregation. + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: CasesAggregation + Variables are only populated by the server, and will be ignored when sending a request. @@ -44,6 +47,10 @@ class Aggregations(Model): 'kind': {'key': 'kind', 'type': 'str'}, } + _subtype_map = { + 'kind': {'CasesAggregation': 'CasesAggregation'} + } + def __init__(self, **kwargs) -> None: super(Aggregations, self).__init__(**kwargs) self.id = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector.py new file mode 100644 index 000000000000..efcf4a5c743c --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector.py @@ -0,0 +1,62 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector import DataConnector + + +class AwsCloudTrailDataConnector(DataConnector): + """Represents Amazon Web Services CloudTrail data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar type: Azure resource type + :vartype type: str + :ivar name: Azure resource name + :vartype name: str + :param etag: Etag of the data connector. + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param aws_role_arn: The Aws Role Arn (with CloudTrailReadOnly policy) + that is used to access the Aws account. + :type aws_role_arn: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AwsCloudTrailDataConnectorDataTypes + """ + + _validation = { + 'id': {'readonly': True}, + 'type': {'readonly': True}, + 'name': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'aws_role_arn': {'key': 'properties.awsRoleArn', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AwsCloudTrailDataConnectorDataTypes'}, + } + + def __init__(self, **kwargs): + super(AwsCloudTrailDataConnector, self).__init__(**kwargs) + self.aws_role_arn = kwargs.get('aws_role_arn', None) + self.data_types = kwargs.get('data_types', None) + self.kind = 'AmazonWebServicesCloudTrail' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types.py new file mode 100644 index 000000000000..9da075bd2307 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AwsCloudTrailDataConnectorDataTypes(Model): + """The available data types for Amazon Web Services CloudTrail data connector. + + :param logs: Logs data type. + :type logs: + ~azure.mgmt.securityinsight.models.AwsCloudTrailDataConnectorDataTypesLogs + """ + + _attribute_map = { + 'logs': {'key': 'logs', 'type': 'AwsCloudTrailDataConnectorDataTypesLogs'}, + } + + def __init__(self, **kwargs): + super(AwsCloudTrailDataConnectorDataTypes, self).__init__(**kwargs) + self.logs = kwargs.get('logs', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs.py new file mode 100644 index 000000000000..7f467596af3d --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common import DataConnectorDataTypeCommon + + +class AwsCloudTrailDataConnectorDataTypesLogs(DataConnectorDataTypeCommon): + """Logs data type. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AwsCloudTrailDataConnectorDataTypesLogs, self).__init__(**kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs_py3.py new file mode 100644 index 000000000000..6e45193f2e55 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_logs_py3.py @@ -0,0 +1,28 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_data_type_common_py3 import DataConnectorDataTypeCommon + + +class AwsCloudTrailDataConnectorDataTypesLogs(DataConnectorDataTypeCommon): + """Logs data type. + + :param state: Describe whether this data type connection is enabled or + not. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.securityinsight.models.DataTypeState + """ + + _attribute_map = { + 'state': {'key': 'state', 'type': 'str'}, + } + + def __init__(self, *, state=None, **kwargs) -> None: + super(AwsCloudTrailDataConnectorDataTypesLogs, self).__init__(state=state, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_py3.py new file mode 100644 index 000000000000..14ff8517eba9 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_data_types_py3.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class AwsCloudTrailDataConnectorDataTypes(Model): + """The available data types for Amazon Web Services CloudTrail data connector. + + :param logs: Logs data type. + :type logs: + ~azure.mgmt.securityinsight.models.AwsCloudTrailDataConnectorDataTypesLogs + """ + + _attribute_map = { + 'logs': {'key': 'logs', 'type': 'AwsCloudTrailDataConnectorDataTypesLogs'}, + } + + def __init__(self, *, logs=None, **kwargs) -> None: + super(AwsCloudTrailDataConnectorDataTypes, self).__init__(**kwargs) + self.logs = logs diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_py3.py new file mode 100644 index 000000000000..cae1cca59fb7 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/aws_cloud_trail_data_connector_py3.py @@ -0,0 +1,62 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .data_connector_py3 import DataConnector + + +class AwsCloudTrailDataConnector(DataConnector): + """Represents Amazon Web Services CloudTrail data connector. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar type: Azure resource type + :vartype type: str + :ivar name: Azure resource name + :vartype name: str + :param etag: Etag of the data connector. + :type etag: str + :param kind: Required. Constant filled by server. + :type kind: str + :param aws_role_arn: The Aws Role Arn (with CloudTrailReadOnly policy) + that is used to access the Aws account. + :type aws_role_arn: str + :param data_types: The available data types for the connector. + :type data_types: + ~azure.mgmt.securityinsight.models.AwsCloudTrailDataConnectorDataTypes + """ + + _validation = { + 'id': {'readonly': True}, + 'type': {'readonly': True}, + 'name': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'aws_role_arn': {'key': 'properties.awsRoleArn', 'type': 'str'}, + 'data_types': {'key': 'properties.dataTypes', 'type': 'AwsCloudTrailDataConnectorDataTypes'}, + } + + def __init__(self, *, etag: str=None, aws_role_arn: str=None, data_types=None, **kwargs) -> None: + super(AwsCloudTrailDataConnector, self).__init__(etag=etag, **kwargs) + self.aws_role_arn = aws_role_arn + self.data_types = data_types + self.kind = 'AmazonWebServicesCloudTrail' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case.py index 11c77bf387cb..33dbf62bae2c 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case.py @@ -48,7 +48,7 @@ class Case(Resource): include: 'Critical', 'High', 'Medium', 'Low', 'Informational' :type severity: str or ~azure.mgmt.securityinsight.models.CaseSeverity :param status: Required. The status of the case. Possible values include: - 'Draft', 'Open', 'InProgress', 'Closed' + 'Draft', 'New', 'InProgress', 'Closed' :type status: str or ~azure.mgmt.securityinsight.models.CaseStatus :param close_reason: The reason the case was closed. Possible values include: 'Resolved', 'Dismissed', 'Other' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_py3.py index f76402bae134..63c391882905 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_py3.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/case_py3.py @@ -48,7 +48,7 @@ class Case(Resource): include: 'Critical', 'High', 'Medium', 'Low', 'Informational' :type severity: str or ~azure.mgmt.securityinsight.models.CaseSeverity :param status: Required. The status of the case. Possible values include: - 'Draft', 'Open', 'InProgress', 'Closed' + 'Draft', 'New', 'InProgress', 'Closed' :type status: str or ~azure.mgmt.securityinsight.models.CaseStatus :param close_reason: The reason the case was closed. Possible values include: 'Resolved', 'Dismissed', 'Other' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation.py new file mode 100644 index 000000000000..3c5c96648b12 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation.py @@ -0,0 +1,59 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .aggregations import Aggregations + + +class CasesAggregation(Aggregations): + """Represents aggregations results for cases. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar type: Azure resource type + :vartype type: str + :ivar name: Azure resource name + :vartype name: str + :param kind: Required. Constant filled by server. + :type kind: str + :param aggregation_by_severity: Aggregations results by case severity. + :type aggregation_by_severity: + ~azure.mgmt.securityinsight.models.CasesAggregationBySeverityProperties + :param aggregation_by_status: Aggregations results by case status. + :type aggregation_by_status: + ~azure.mgmt.securityinsight.models.CasesAggregationByStatusProperties + """ + + _validation = { + 'id': {'readonly': True}, + 'type': {'readonly': True}, + 'name': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'aggregation_by_severity': {'key': 'properties.aggregationBySeverity', 'type': 'CasesAggregationBySeverityProperties'}, + 'aggregation_by_status': {'key': 'properties.aggregationByStatus', 'type': 'CasesAggregationByStatusProperties'}, + } + + def __init__(self, **kwargs): + super(CasesAggregation, self).__init__(**kwargs) + self.aggregation_by_severity = kwargs.get('aggregation_by_severity', None) + self.aggregation_by_status = kwargs.get('aggregation_by_status', None) + self.kind = 'CasesAggregation' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties.py new file mode 100644 index 000000000000..81eb7bdbb618 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties.py @@ -0,0 +1,58 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class CasesAggregationBySeverityProperties(Model): + """Aggregative results of cases by severity property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar total_critical_severity: Total amount of open cases with severity + Critical + :vartype total_critical_severity: int + :ivar total_high_severity: Total amount of open cases with severity High + :vartype total_high_severity: int + :ivar total_medium_severity: Total amount of open cases with severity + medium + :vartype total_medium_severity: int + :ivar total_low_severity: Total amount of open cases with severity Low + :vartype total_low_severity: int + :ivar total_informational_severity: Total amount of open cases with + severity Informational + :vartype total_informational_severity: int + """ + + _validation = { + 'total_critical_severity': {'readonly': True}, + 'total_high_severity': {'readonly': True}, + 'total_medium_severity': {'readonly': True}, + 'total_low_severity': {'readonly': True}, + 'total_informational_severity': {'readonly': True}, + } + + _attribute_map = { + 'total_critical_severity': {'key': 'totalCriticalSeverity', 'type': 'int'}, + 'total_high_severity': {'key': 'totalHighSeverity', 'type': 'int'}, + 'total_medium_severity': {'key': 'totalMediumSeverity', 'type': 'int'}, + 'total_low_severity': {'key': 'totalLowSeverity', 'type': 'int'}, + 'total_informational_severity': {'key': 'totalInformationalSeverity', 'type': 'int'}, + } + + def __init__(self, **kwargs): + super(CasesAggregationBySeverityProperties, self).__init__(**kwargs) + self.total_critical_severity = None + self.total_high_severity = None + self.total_medium_severity = None + self.total_low_severity = None + self.total_informational_severity = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties_py3.py new file mode 100644 index 000000000000..301b7e07e299 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_severity_properties_py3.py @@ -0,0 +1,58 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class CasesAggregationBySeverityProperties(Model): + """Aggregative results of cases by severity property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar total_critical_severity: Total amount of open cases with severity + Critical + :vartype total_critical_severity: int + :ivar total_high_severity: Total amount of open cases with severity High + :vartype total_high_severity: int + :ivar total_medium_severity: Total amount of open cases with severity + medium + :vartype total_medium_severity: int + :ivar total_low_severity: Total amount of open cases with severity Low + :vartype total_low_severity: int + :ivar total_informational_severity: Total amount of open cases with + severity Informational + :vartype total_informational_severity: int + """ + + _validation = { + 'total_critical_severity': {'readonly': True}, + 'total_high_severity': {'readonly': True}, + 'total_medium_severity': {'readonly': True}, + 'total_low_severity': {'readonly': True}, + 'total_informational_severity': {'readonly': True}, + } + + _attribute_map = { + 'total_critical_severity': {'key': 'totalCriticalSeverity', 'type': 'int'}, + 'total_high_severity': {'key': 'totalHighSeverity', 'type': 'int'}, + 'total_medium_severity': {'key': 'totalMediumSeverity', 'type': 'int'}, + 'total_low_severity': {'key': 'totalLowSeverity', 'type': 'int'}, + 'total_informational_severity': {'key': 'totalInformationalSeverity', 'type': 'int'}, + } + + def __init__(self, **kwargs) -> None: + super(CasesAggregationBySeverityProperties, self).__init__(**kwargs) + self.total_critical_severity = None + self.total_high_severity = None + self.total_medium_severity = None + self.total_low_severity = None + self.total_informational_severity = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties.py new file mode 100644 index 000000000000..fb46049a7c4e --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties.py @@ -0,0 +1,53 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class CasesAggregationByStatusProperties(Model): + """Aggregative results of cases by status property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar total_new_status: Total amount of open cases with status New + :vartype total_new_status: int + :ivar total_in_progress_status: Total amount of open cases with status + InProgress + :vartype total_in_progress_status: int + :ivar total_resolved_status: Total amount of open cases with status + Resolved + :vartype total_resolved_status: int + :ivar total_dismissed_status: Total amount of open cases with status + Dismissed + :vartype total_dismissed_status: int + """ + + _validation = { + 'total_new_status': {'readonly': True}, + 'total_in_progress_status': {'readonly': True}, + 'total_resolved_status': {'readonly': True}, + 'total_dismissed_status': {'readonly': True}, + } + + _attribute_map = { + 'total_new_status': {'key': 'totalNewStatus', 'type': 'int'}, + 'total_in_progress_status': {'key': 'totalInProgressStatus', 'type': 'int'}, + 'total_resolved_status': {'key': 'totalResolvedStatus', 'type': 'int'}, + 'total_dismissed_status': {'key': 'totalDismissedStatus', 'type': 'int'}, + } + + def __init__(self, **kwargs): + super(CasesAggregationByStatusProperties, self).__init__(**kwargs) + self.total_new_status = None + self.total_in_progress_status = None + self.total_resolved_status = None + self.total_dismissed_status = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties_py3.py new file mode 100644 index 000000000000..40f318fb9e2e --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_by_status_properties_py3.py @@ -0,0 +1,53 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class CasesAggregationByStatusProperties(Model): + """Aggregative results of cases by status property bag. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar total_new_status: Total amount of open cases with status New + :vartype total_new_status: int + :ivar total_in_progress_status: Total amount of open cases with status + InProgress + :vartype total_in_progress_status: int + :ivar total_resolved_status: Total amount of open cases with status + Resolved + :vartype total_resolved_status: int + :ivar total_dismissed_status: Total amount of open cases with status + Dismissed + :vartype total_dismissed_status: int + """ + + _validation = { + 'total_new_status': {'readonly': True}, + 'total_in_progress_status': {'readonly': True}, + 'total_resolved_status': {'readonly': True}, + 'total_dismissed_status': {'readonly': True}, + } + + _attribute_map = { + 'total_new_status': {'key': 'totalNewStatus', 'type': 'int'}, + 'total_in_progress_status': {'key': 'totalInProgressStatus', 'type': 'int'}, + 'total_resolved_status': {'key': 'totalResolvedStatus', 'type': 'int'}, + 'total_dismissed_status': {'key': 'totalDismissedStatus', 'type': 'int'}, + } + + def __init__(self, **kwargs) -> None: + super(CasesAggregationByStatusProperties, self).__init__(**kwargs) + self.total_new_status = None + self.total_in_progress_status = None + self.total_resolved_status = None + self.total_dismissed_status = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_py3.py new file mode 100644 index 000000000000..ae8aa22993c7 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/cases_aggregation_py3.py @@ -0,0 +1,59 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .aggregations_py3 import Aggregations + + +class CasesAggregation(Aggregations): + """Represents aggregations results for cases. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Azure resource Id + :vartype id: str + :ivar type: Azure resource type + :vartype type: str + :ivar name: Azure resource name + :vartype name: str + :param kind: Required. Constant filled by server. + :type kind: str + :param aggregation_by_severity: Aggregations results by case severity. + :type aggregation_by_severity: + ~azure.mgmt.securityinsight.models.CasesAggregationBySeverityProperties + :param aggregation_by_status: Aggregations results by case status. + :type aggregation_by_status: + ~azure.mgmt.securityinsight.models.CasesAggregationByStatusProperties + """ + + _validation = { + 'id': {'readonly': True}, + 'type': {'readonly': True}, + 'name': {'readonly': True}, + 'kind': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'aggregation_by_severity': {'key': 'properties.aggregationBySeverity', 'type': 'CasesAggregationBySeverityProperties'}, + 'aggregation_by_status': {'key': 'properties.aggregationByStatus', 'type': 'CasesAggregationByStatusProperties'}, + } + + def __init__(self, *, aggregation_by_severity=None, aggregation_by_status=None, **kwargs) -> None: + super(CasesAggregation, self).__init__(**kwargs) + self.aggregation_by_severity = aggregation_by_severity + self.aggregation_by_status = aggregation_by_status + self.kind = 'CasesAggregation' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector.py index c07a06bee266..274890991e90 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector.py @@ -16,8 +16,9 @@ class DataConnector(Model): """Data connector. You probably want to use the sub-classes and not this class directly. Known - sub-classes are: OfficeDataConnector, TIDataConnector, AADDataConnector, - ASCDataConnector, MCASDataConnector + sub-classes are: OfficeDataConnector, TIDataConnector, + AwsCloudTrailDataConnector, AADDataConnector, ASCDataConnector, + MCASDataConnector Variables are only populated by the server, and will be ignored when sending a request. @@ -52,7 +53,7 @@ class DataConnector(Model): } _subtype_map = { - 'kind': {'Office365': 'OfficeDataConnector', 'ThreatIntelligence': 'TIDataConnector', 'AzureActiveDirectory': 'AADDataConnector', 'AzureSecurityCenter': 'ASCDataConnector', 'MicrosoftCloudAppSecurity': 'MCASDataConnector'} + 'kind': {'Office365': 'OfficeDataConnector', 'ThreatIntelligence': 'TIDataConnector', 'AmazonWebServicesCloudTrail': 'AwsCloudTrailDataConnector', 'AzureActiveDirectory': 'AADDataConnector', 'AzureSecurityCenter': 'ASCDataConnector', 'MicrosoftCloudAppSecurity': 'MCASDataConnector'} } def __init__(self, **kwargs): diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1.py index acb1391b716b..7853c4afee25 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1.py @@ -17,7 +17,8 @@ class DataConnectorKind1(Model): :param kind: The kind of the data connector. Possible values include: 'AzureActiveDirectory', 'AzureSecurityCenter', - 'MicrosoftCloudAppSecurity', 'ThreatIntelligence', 'Office365' + 'MicrosoftCloudAppSecurity', 'ThreatIntelligence', 'Office365', + 'AmazonWebServicesCloudTrail' :type kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind """ diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1_py3.py index 1fc79470d356..234c5d6bac93 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1_py3.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_kind1_py3.py @@ -17,7 +17,8 @@ class DataConnectorKind1(Model): :param kind: The kind of the data connector. Possible values include: 'AzureActiveDirectory', 'AzureSecurityCenter', - 'MicrosoftCloudAppSecurity', 'ThreatIntelligence', 'Office365' + 'MicrosoftCloudAppSecurity', 'ThreatIntelligence', 'Office365', + 'AmazonWebServicesCloudTrail' :type kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind """ diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_py3.py index bbbcd62d3065..4db1079b137d 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_py3.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/data_connector_py3.py @@ -16,8 +16,9 @@ class DataConnector(Model): """Data connector. You probably want to use the sub-classes and not this class directly. Known - sub-classes are: OfficeDataConnector, TIDataConnector, AADDataConnector, - ASCDataConnector, MCASDataConnector + sub-classes are: OfficeDataConnector, TIDataConnector, + AwsCloudTrailDataConnector, AADDataConnector, ASCDataConnector, + MCASDataConnector Variables are only populated by the server, and will be ignored when sending a request. @@ -52,7 +53,7 @@ class DataConnector(Model): } _subtype_map = { - 'kind': {'Office365': 'OfficeDataConnector', 'ThreatIntelligence': 'TIDataConnector', 'AzureActiveDirectory': 'AADDataConnector', 'AzureSecurityCenter': 'ASCDataConnector', 'MicrosoftCloudAppSecurity': 'MCASDataConnector'} + 'kind': {'Office365': 'OfficeDataConnector', 'ThreatIntelligence': 'TIDataConnector', 'AmazonWebServicesCloudTrail': 'AwsCloudTrailDataConnector', 'AzureActiveDirectory': 'AADDataConnector', 'AzureSecurityCenter': 'ASCDataConnector', 'MicrosoftCloudAppSecurity': 'MCASDataConnector'} } def __init__(self, *, etag: str=None, **kwargs) -> None: diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query.py new file mode 100644 index 000000000000..e13b5f2cdf91 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query.py @@ -0,0 +1,70 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource import Resource + + +class EntityQuery(Resource): + """Specific entity query. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar type: Azure resource type + :vartype type: str + :ivar name: Azure resource name + :vartype name: str + :param query_template: The template query string to be parsed and + formatted + :type query_template: str + :param input_entity_type: The type of the query's source entity + :type input_entity_type: str + :param input_fields: List of the fields of the source entity that are + required to run the query + :type input_fields: list[str] + :param output_entity_types: List of the desired output types to be + constructed from the result + :type output_entity_types: list[str] + :param data_sources: List of the data sources that are required to run the + query + :type data_sources: list[str] + :param display_name: The query display name + :type display_name: str + """ + + _validation = { + 'id': {'readonly': True}, + 'type': {'readonly': True}, + 'name': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'query_template': {'key': 'properties.queryTemplate', 'type': 'str'}, + 'input_entity_type': {'key': 'properties.inputEntityType', 'type': 'str'}, + 'input_fields': {'key': 'properties.inputFields', 'type': '[str]'}, + 'output_entity_types': {'key': 'properties.outputEntityTypes', 'type': '[str]'}, + 'data_sources': {'key': 'properties.dataSources', 'type': '[str]'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(EntityQuery, self).__init__(**kwargs) + self.query_template = kwargs.get('query_template', None) + self.input_entity_type = kwargs.get('input_entity_type', None) + self.input_fields = kwargs.get('input_fields', None) + self.output_entity_types = kwargs.get('output_entity_types', None) + self.data_sources = kwargs.get('data_sources', None) + self.display_name = kwargs.get('display_name', None) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_paged.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_paged.py new file mode 100644 index 000000000000..164d6070e862 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class EntityQueryPaged(Paged): + """ + A paging container for iterating over a list of :class:`EntityQuery ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[EntityQuery]'} + } + + def __init__(self, *args, **kwargs): + + super(EntityQueryPaged, self).__init__(*args, **kwargs) diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_py3.py new file mode 100644 index 000000000000..554129764249 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/entity_query_py3.py @@ -0,0 +1,70 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .resource_py3 import Resource + + +class EntityQuery(Resource): + """Specific entity query. + + Variables are only populated by the server, and will be ignored when + sending a request. + + :ivar id: Azure resource Id + :vartype id: str + :ivar type: Azure resource type + :vartype type: str + :ivar name: Azure resource name + :vartype name: str + :param query_template: The template query string to be parsed and + formatted + :type query_template: str + :param input_entity_type: The type of the query's source entity + :type input_entity_type: str + :param input_fields: List of the fields of the source entity that are + required to run the query + :type input_fields: list[str] + :param output_entity_types: List of the desired output types to be + constructed from the result + :type output_entity_types: list[str] + :param data_sources: List of the data sources that are required to run the + query + :type data_sources: list[str] + :param display_name: The query display name + :type display_name: str + """ + + _validation = { + 'id': {'readonly': True}, + 'type': {'readonly': True}, + 'name': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'query_template': {'key': 'properties.queryTemplate', 'type': 'str'}, + 'input_entity_type': {'key': 'properties.inputEntityType', 'type': 'str'}, + 'input_fields': {'key': 'properties.inputFields', 'type': '[str]'}, + 'output_entity_types': {'key': 'properties.outputEntityTypes', 'type': '[str]'}, + 'data_sources': {'key': 'properties.dataSources', 'type': '[str]'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + } + + def __init__(self, *, query_template: str=None, input_entity_type: str=None, input_fields=None, output_entity_types=None, data_sources=None, display_name: str=None, **kwargs) -> None: + super(EntityQuery, self).__init__(**kwargs) + self.query_template = query_template + self.input_entity_type = input_entity_type + self.input_fields = input_fields + self.output_entity_types = output_entity_types + self.data_sources = data_sources + self.display_name = display_name diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_insights_enums.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_insights_enums.py index b36f9a1e1f89..0f2ca338b9ad 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_insights_enums.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/security_insights_enums.py @@ -45,7 +45,7 @@ class CaseSeverity(str, Enum): class CaseStatus(str, Enum): draft = "Draft" #: Case that wasn't promoted yet to active - open = "Open" #: An active case which isn't handled currently + new = "New" #: An active case which isn't handled currently in_progress = "InProgress" #: An active case which is handled closed = "Closed" #: A non active case @@ -64,6 +64,7 @@ class DataConnectorKind(str, Enum): microsoft_cloud_app_security = "MicrosoftCloudAppSecurity" threat_intelligence = "ThreatIntelligence" office365 = "Office365" + amazon_web_services_cloud_trail = "AmazonWebServicesCloudTrail" class DataTypeState(str, Enum): @@ -99,6 +100,12 @@ class StatusInMcas(str, Enum): disabled = "Disabled" +class LicenseStatus(str, Enum): + + enabled = "Enabled" + disabled = "Disabled" + + class AggregationsKind(str, Enum): cases_aggregation = "CasesAggregation" diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings.py index 40c938b5af44..b06aba3ae82f 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings.py @@ -29,6 +29,8 @@ class Settings(Model): :vartype type: str :ivar name: Azure resource name :vartype name: str + :param etag: Etag of the alert rule. + :type etag: str :param kind: Required. Constant filled by server. :type kind: str """ @@ -44,6 +46,7 @@ class Settings(Model): 'id': {'key': 'id', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, 'kind': {'key': 'kind', 'type': 'str'}, } @@ -56,4 +59,5 @@ def __init__(self, **kwargs): self.id = None self.type = None self.name = None + self.etag = kwargs.get('etag', None) self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_py3.py index cca5858eafb8..1074ce8ea33a 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_py3.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/settings_py3.py @@ -29,6 +29,8 @@ class Settings(Model): :vartype type: str :ivar name: Azure resource name :vartype name: str + :param etag: Etag of the alert rule. + :type etag: str :param kind: Required. Constant filled by server. :type kind: str """ @@ -44,6 +46,7 @@ class Settings(Model): 'id': {'key': 'id', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, 'kind': {'key': 'kind', 'type': 'str'}, } @@ -51,9 +54,10 @@ class Settings(Model): 'kind': {'UebaSettings': 'UebaSettings', 'ToggleSettings': 'ToggleSettings'} } - def __init__(self, **kwargs) -> None: + def __init__(self, *, etag: str=None, **kwargs) -> None: super(Settings, self).__init__(**kwargs) self.id = None self.type = None self.name = None + self.etag = etag self.kind = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings.py index cd5eafbe1a96..cf04febb39c5 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings.py @@ -26,6 +26,8 @@ class ToggleSettings(Settings): :vartype type: str :ivar name: Azure resource name :vartype name: str + :param etag: Etag of the alert rule. + :type etag: str :param kind: Required. Constant filled by server. :type kind: str :param is_enabled: Determines whether the setting is enable or disabled. @@ -43,6 +45,7 @@ class ToggleSettings(Settings): 'id': {'key': 'id', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, 'kind': {'key': 'kind', 'type': 'str'}, 'is_enabled': {'key': 'properties.isEnabled', 'type': 'bool'}, } diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings_py3.py index 9573ec9202e4..df87915ab43e 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings_py3.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/toggle_settings_py3.py @@ -26,6 +26,8 @@ class ToggleSettings(Settings): :vartype type: str :ivar name: Azure resource name :vartype name: str + :param etag: Etag of the alert rule. + :type etag: str :param kind: Required. Constant filled by server. :type kind: str :param is_enabled: Determines whether the setting is enable or disabled. @@ -43,11 +45,12 @@ class ToggleSettings(Settings): 'id': {'key': 'id', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, 'kind': {'key': 'kind', 'type': 'str'}, 'is_enabled': {'key': 'properties.isEnabled', 'type': 'bool'}, } - def __init__(self, *, is_enabled: bool=None, **kwargs) -> None: - super(ToggleSettings, self).__init__(**kwargs) + def __init__(self, *, etag: str=None, is_enabled: bool=None, **kwargs) -> None: + super(ToggleSettings, self).__init__(etag=etag, **kwargs) self.is_enabled = is_enabled self.kind = 'ToggleSettings' diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings.py index b41abbd99b37..9aeec53a7634 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings.py @@ -26,6 +26,8 @@ class UebaSettings(Settings): :vartype type: str :ivar name: Azure resource name :vartype name: str + :param etag: Etag of the alert rule. + :type etag: str :param kind: Required. Constant filled by server. :type kind: str :param is_enabled: Determines whether User and Entity Behavior Analytics @@ -37,8 +39,9 @@ class UebaSettings(Settings): :vartype status_in_mcas: str or ~azure.mgmt.securityinsight.models.StatusInMcas :ivar atp_license_status: Determines whether the tenant has ATP (Advanced - Threat Protection) license. - :vartype atp_license_status: bool + Threat Protection) license. Possible values include: 'Enabled', 'Disabled' + :vartype atp_license_status: str or + ~azure.mgmt.securityinsight.models.LicenseStatus """ _validation = { @@ -54,10 +57,11 @@ class UebaSettings(Settings): 'id': {'key': 'id', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, 'kind': {'key': 'kind', 'type': 'str'}, 'is_enabled': {'key': 'properties.isEnabled', 'type': 'bool'}, 'status_in_mcas': {'key': 'properties.statusInMcas', 'type': 'str'}, - 'atp_license_status': {'key': 'properties.atpLicenseStatus', 'type': 'bool'}, + 'atp_license_status': {'key': 'properties.atpLicenseStatus', 'type': 'str'}, } def __init__(self, **kwargs): diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings_py3.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings_py3.py index 5c8b801a89b3..43858b483b5c 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings_py3.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/ueba_settings_py3.py @@ -26,6 +26,8 @@ class UebaSettings(Settings): :vartype type: str :ivar name: Azure resource name :vartype name: str + :param etag: Etag of the alert rule. + :type etag: str :param kind: Required. Constant filled by server. :type kind: str :param is_enabled: Determines whether User and Entity Behavior Analytics @@ -37,8 +39,9 @@ class UebaSettings(Settings): :vartype status_in_mcas: str or ~azure.mgmt.securityinsight.models.StatusInMcas :ivar atp_license_status: Determines whether the tenant has ATP (Advanced - Threat Protection) license. - :vartype atp_license_status: bool + Threat Protection) license. Possible values include: 'Enabled', 'Disabled' + :vartype atp_license_status: str or + ~azure.mgmt.securityinsight.models.LicenseStatus """ _validation = { @@ -54,14 +57,15 @@ class UebaSettings(Settings): 'id': {'key': 'id', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, + 'etag': {'key': 'etag', 'type': 'str'}, 'kind': {'key': 'kind', 'type': 'str'}, 'is_enabled': {'key': 'properties.isEnabled', 'type': 'bool'}, 'status_in_mcas': {'key': 'properties.statusInMcas', 'type': 'str'}, - 'atp_license_status': {'key': 'properties.atpLicenseStatus', 'type': 'bool'}, + 'atp_license_status': {'key': 'properties.atpLicenseStatus', 'type': 'str'}, } - def __init__(self, *, is_enabled: bool=None, **kwargs) -> None: - super(UebaSettings, self).__init__(**kwargs) + def __init__(self, *, etag: str=None, is_enabled: bool=None, **kwargs) -> None: + super(UebaSettings, self).__init__(etag=etag, **kwargs) self.is_enabled = is_enabled self.status_in_mcas = None self.atp_license_status = None diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py index ae9a8cf31361..b11b9b144e0c 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py @@ -19,6 +19,7 @@ from .office_consents_operations import OfficeConsentsOperations from .product_settings_operations import ProductSettingsOperations from .cases_aggregations_operations import CasesAggregationsOperations +from .entity_queries_operations import EntityQueriesOperations __all__ = [ 'Operations', @@ -31,4 +32,5 @@ 'OfficeConsentsOperations', 'ProductSettingsOperations', 'CasesAggregationsOperations', + 'EntityQueriesOperations', ] diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/entity_queries_operations.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/entity_queries_operations.py new file mode 100644 index 000000000000..813b8c465579 --- /dev/null +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/entity_queries_operations.py @@ -0,0 +1,183 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class EntityQueriesOperations(object): + """EntityQueriesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: API version for the operation. Constant value: "2019-01-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2019-01-01-preview" + + self.config = config + + def list( + self, resource_group_name, operational_insights_resource_provider, workspace_name, custom_headers=None, raw=False, **operation_config): + """Gets all entity queries. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of EntityQuery + :rtype: + ~azure.mgmt.securityinsight.models.EntityQueryPaged[~azure.mgmt.securityinsight.models.EntityQuery] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.EntityQueryPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.EntityQueryPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries'} + + def get( + self, resource_group_name, operational_insights_resource_provider, workspace_name, entity_query_id, custom_headers=None, raw=False, **operation_config): + """Gets an entity query. + + :param resource_group_name: The name of the resource group within the + user's subscription. The name is case insensitive. + :type resource_group_name: str + :param operational_insights_resource_provider: The namespace of + workspaces resource provider- Microsoft.OperationalInsights. + :type operational_insights_resource_provider: str + :param workspace_name: The name of the workspace. + :type workspace_name: str + :param entity_query_id: entity query ID + :type entity_query_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: EntityQuery or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.securityinsight.models.EntityQuery or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'operationalInsightsResourceProvider': self._serialize.url("operational_insights_resource_provider", operational_insights_resource_provider, 'str'), + 'workspaceName': self._serialize.url("workspace_name", workspace_name, 'str', max_length=90, min_length=1), + 'entityQueryId': self._serialize.url("entity_query_id", entity_query_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('EntityQuery', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}'} diff --git a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/security_insights.py b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/security_insights.py index 37efb48bba3d..45f74bbca7ac 100644 --- a/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/security_insights.py +++ b/sdk/azure-mgmt-securityinsight/azure/mgmt/securityinsight/security_insights.py @@ -23,6 +23,7 @@ from .operations.office_consents_operations import OfficeConsentsOperations from .operations.product_settings_operations import ProductSettingsOperations from .operations.cases_aggregations_operations import CasesAggregationsOperations +from .operations.entity_queries_operations import EntityQueriesOperations from . import models @@ -84,6 +85,8 @@ class SecurityInsights(SDKClient): :vartype product_settings: azure.mgmt.securityinsight.operations.ProductSettingsOperations :ivar cases_aggregations: CasesAggregations operations :vartype cases_aggregations: azure.mgmt.securityinsight.operations.CasesAggregationsOperations + :ivar entity_queries: EntityQueries operations + :vartype entity_queries: azure.mgmt.securityinsight.operations.EntityQueriesOperations :param credentials: Credentials needed for the client to connect to Azure. :type credentials: :mod:`A msrestazure Credentials @@ -124,3 +127,5 @@ def __init__( self._client, self.config, self._serialize, self._deserialize) self.cases_aggregations = CasesAggregationsOperations( self._client, self.config, self._serialize, self._deserialize) + self.entity_queries = EntityQueriesOperations( + self._client, self.config, self._serialize, self._deserialize)